Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Horse Hiloti.BB

Started by LaythT , Aug 06 2010 09:45 AM

  • Please log in to reply

#1
LaythT
Posted 06 August 2010 - 09:45 AM

LaythT

    New Member

  • Member
  • Pip
  • 3 posts
Hello

I've got AVG internet Security 9.0.851 on a Sony Vaio laptop running Windown XP. AVG said i've got the above Trojan but everytime I press remove, it appears again on the next scan somewhere else.

I've gone through the malware removal guide. Whilst I was running GMER every now and again, esp when i started something and didn't just leave the program alone, i'd get a BSOD and it would restart without me being able to read the BSOD. Doesn't seem to be happening anymore though which is good. I've posted the scan results here:

GMER log file (ARK.txt)

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-06 16:21:14
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Admin\LOCALS~1\Temp\fwtdypob.sys


---- System - GMER 1.0.15 ----

SSDT spkn.sys ZwCreateKey [0xB9EA70E0]
SSDT spkn.sys ZwEnumerateKey [0xB9EC5CA4]
SSDT spkn.sys ZwEnumerateValueKey [0xB9EC6032]
SSDT spkn.sys ZwOpenKey [0xB9EA70C0]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB38F4670]
SSDT spkn.sys ZwQueryKey [0xB9EC610A]
SSDT spkn.sys ZwQueryValueKey [0xB9EC5F8A]
SSDT spkn.sys ZwSetValueKey [0xB9EC619C]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB38F4720]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB38F47C0]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB38F4860]

INT 0x62 ? 8A854BF8
INT 0x63 ? 8A854BF8
INT 0x84 ? 8A623BF8
INT 0x94 ? 8A623BF8

---- Kernel code sections - GMER 1.0.15 ----

? spkn.sys The system cannot find the file specified. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8D73360, 0x1DD36D, 0xE8000020]
.text USBPORT.SYS!DllUnload B8D2B8AC 5 Bytes JMP 8A6231D8
.text abrnuacn.SYS B893A386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text abrnuacn.SYS B893A3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text abrnuacn.SYS B893A3C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text abrnuacn.SYS B893A3C9 1 Byte [30]
.text abrnuacn.SYS B893A3C9 11 Bytes [30, 00, 00, 00, 5C, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESP; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Winamp Remote\bin\Orb.exe[1224] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes JMP 00402CD0 C:\Program Files\Winamp Remote\bin\Orb.exe (Orb Application/Orb Networks, Inc.)
.text C:\Program Files\Winamp Remote\bin\OrbTray.exe[4088] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes JMP 00413C70 C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb/Orb Networks)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A8531F8

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBPDO-0 8A622500
Device \Driver\usbuhci \Device\USBPDO-1 8A622500
Device \Driver\usbuhci \Device\USBPDO-2 8A622500
Device \Driver\usbuhci \Device\USBPDO-3 8A622500
Device \Driver\usbehci \Device\USBPDO-4 8A5F41F8

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\Ftdisk \Device\HarddiskVolume1 8A7E51F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A7E51F8
Device \Driver\Cdrom \Device\CdRom0 8A53B500
Device \Driver\Ftdisk \Device\HarddiskVolume3 8A7E51F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9E03B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9E03B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9E03B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [B9E03B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [B9E03B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\sptd \Device\46345688 spkn.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 898D7408
Device \Driver\NetBT \Device\NetbiosSmb 898D7408
Device \Driver\PCI_PNP3188 \Device\0000004f spkn.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{2C864084-03AC-40CA-8747-E0AB5ED97FF0} 898D7408

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 8A622500
Device \Driver\usbuhci \Device\USBFDO-1 8A622500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A5E51F8
Device \Driver\usbuhci \Device\USBFDO-2 8A622500
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A5E51F8
Device \Driver\usbuhci \Device\USBFDO-3 8A622500
Device \Driver\usbehci \Device\USBFDO-4 8A5F41F8
Device \Driver\Ftdisk \Device\FtControl 8A7E51F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E111D15B-AD08-4A38-8E83-5E5183E6B4CA} 898D7408
Device \Driver\abrnuacn \Device\Scsi\abrnuacn1 8A4921F8
Device \FileSystem\Cdfs \Cdfs 8A505500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0x76 0x31 0x23 0x09 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0xDB 0xF1 0x4B 0x88 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0x3C 0x86 0xF2 0xAB ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\[email protected] C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\[email protected] 0x76 0x31 0x23 0x09 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0xDB 0xF1 0x4B 0x88 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0x3C 0x86 0xF2 0xAB ...

---- EOF - GMER 1.0.15 ----


OTL:

OTL logfile created on: 06/08/2010 16:29:25 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Admin\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.60 Gb Total Space | 3.51 Gb Free Space | 10.77% Space Free | Partition Type: NTFS
Drive D: | 34.94 Gb Total Space | 7.96 Gb Free Space | 22.79% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SONYVAIO
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/06 16:27:39 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\My Documents\Downloads\OTL.exe
PRC - [2010/07/22 23:02:16 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/06/22 13:38:40 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/06/22 13:37:59 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/06/22 13:37:58 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/06/22 13:34:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/22 13:33:23 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/06/22 13:33:22 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/06/22 13:30:49 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2010/06/22 13:30:13 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/06/22 13:29:55 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/22 13:28:36 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/11/06 17:58:02 | 004,793,088 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boincmgr.exe
PRC - [2009/11/06 17:58:02 | 000,058,112 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boinctray.exe
PRC - [2009/11/06 17:58:00 | 000,783,104 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boinc.exe
PRC - [2009/07/01 17:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2009/04/23 14:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009/03/24 03:00:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/03/09 13:44:12 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/03/04 11:25:12 | 000,621,056 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008/11/26 12:35:00 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008/08/24 11:59:12 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
PRC - [2008/05/30 14:36:32 | 000,102,400 | ---- | M] (Skyscape) -- C:\Program Files\Common Files\Skyscape\Symbian\SkyscapeSymDD.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/01 02:54:06 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe
PRC - [2008/01/30 03:19:32 | 000,073,728 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files\Winamp Remote\bin\Orb.exe
PRC - [2005/06/17 18:54:12 | 000,143,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
PRC - [2005/06/15 11:06:44 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2005/06/15 11:06:44 | 000,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2005/06/15 11:06:42 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2005/06/03 01:49:40 | 000,372,809 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2005/06/03 01:47:44 | 000,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005/06/03 01:46:28 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2005/05/20 17:41:42 | 000,153,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2005/05/15 05:51:24 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2005/03/03 22:47:18 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2004/10/04 04:47:04 | 000,098,304 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
PRC - [2004/10/04 03:40:50 | 000,118,784 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
PRC - [2004/07/06 14:15:38 | 000,040,960 | R--- | M] (Utimaco Safeware AG) -- C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
PRC - [2004/02/20 14:12:34 | 000,032,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2003/11/07 09:21:28 | 000,114,688 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2003/02/26 03:08:42 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2002/03/14 16:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2000/09/08 03:34:38 | 000,167,936 | ---- | M] (ALPS) -- C:\Program Files\Apoint\Apvfb.exe


========== Modules (SafeList) ==========

MOD - [2010/08/06 16:27:39 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\My Documents\Downloads\OTL.exe
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/06/22 13:34:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/22 13:33:22 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/06/22 13:30:49 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/03/04 11:25:12 | 000,621,056 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006/06/12 14:03:34 | 001,957,888 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2006/05/22 12:34:12 | 000,770,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2006/05/17 17:19:26 | 000,155,648 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2005/06/17 20:04:48 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe -- (VAIO Entertainment Task Scheduler)
SRV - [2005/06/17 18:54:12 | 000,143,360 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service)
SRV - [2005/06/15 11:06:44 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/06/15 11:06:44 | 000,118,784 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/06/15 11:06:44 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/06/15 11:06:42 | 000,270,336 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/06/07 04:38:26 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2005/06/07 02:32:54 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2005/06/07 02:28:04 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/06/07 02:22:34 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2005/06/03 06:21:00 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2005/06/03 01:49:40 | 000,372,809 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2005/06/03 01:47:44 | 000,086,016 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2005/06/03 01:46:28 | 000,139,264 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)
SRV - [2005/05/20 17:41:42 | 000,153,600 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2005/04/05 14:06:36 | 000,032,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2004/10/04 04:47:04 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)
SRV - [2004/10/04 03:40:50 | 000,118,784 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -- (PhotoshopElementsDeviceConnect)


========== Driver Services (SafeList) ==========

DRV - [2010/06/22 13:38:28 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/22 13:33:33 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2010/06/22 13:33:33 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2010/06/22 13:33:32 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2010/06/22 13:33:31 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2010/06/22 13:30:14 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/01 18:15:45 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/04 21:03:03 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009/11/01 18:33:03 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2009/11/01 18:33:03 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2009/08/13 12:26:34 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/03/19 13:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/02/09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/02/09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/02/09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/02/09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/03/27 22:27:56 | 000,007,680 | ---- | M] (Philips ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPC520m.sys -- (SPC520m)
DRV - [2007/03/27 22:27:50 | 000,085,504 | ---- | M] (Philips ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPC520.sys -- (SPC520)
DRV - [2007/02/28 14:42:00 | 000,080,896 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
DRV - [2005/06/29 06:35:00 | 003,173,888 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/06/21 18:01:16 | 000,059,648 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/06/20 20:30:46 | 000,044,288 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005/06/17 15:02:32 | 000,098,944 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005/05/27 11:39:40 | 000,034,176 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005/05/27 04:24:00 | 003,191,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/05/23 02:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/05/23 02:30:48 | 000,178,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/05/23 02:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/05/03 07:03:54 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/04/30 16:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2005/04/22 22:35:04 | 000,053,248 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2005/04/06 09:54:44 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005/01/06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/21 11:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004/07/06 14:07:06 | 000,045,627 | R--- | M] (Utimaco Safeware AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\privatediskm.sys -- (PrivateDisk)
DRV - [2003/09/29 05:31:38 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2002/10/16 13:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2002/08/20 03:59:32 | 000,071,961 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyPI.sys -- (SPI)
DRV - [2000/12/05 16:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 11:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/en/
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\extensions\\{B21F2CB0-A112-488C-93F1-7358035F44EC}: C:\Documents and Settings\Admin\Local Settings\Application Data\{B21F2CB0-A112-488C-93F1-7358035F44EC} [2010/07/30 19:36:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/07/27 13:37:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/07/27 13:37:15 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe (Utimaco Safeware AG)
O4 - HKLM..\Run: [PrepareYourVAIO] C:\Program Files\Sony\Prepare your VAIO\PYVAlert.exe (Sony Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Uzojajelehe] C:\WINDOWS\avecesojolo.DLL File not found
O4 - HKLM..\Run: [VAIO Update 4] C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [SkyscapeSymDD] C:\Program Files\Common Files\Skyscape\Symbian\SkyscapeSymDD.exe (Skyscape)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/05 13:54:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{342ba1e1-4899-11df-8059-0013ce6d39bf}\Shell\AutoRun\command - "" = fk.exe
O33 - MountPoints2\{342ba1e1-4899-11df-8059-0013ce6d39bf}\Shell\open\Command - "" = fk.exe
O33 - MountPoints2\{c2485c04-45a7-11df-8056-0013ce6d39bf}\Shell\AutoRun\command - "" = fk.exe
O33 - MountPoints2\{c2485c04-45a7-11df-8056-0013ce6d39bf}\Shell\open\Command - "" = fk.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.avis - C:\WINDOWS\System32\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Hacked With Joy !)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !)
Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010/08/06 13:12:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Malwarebytes
[2010/08/06 13:12:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/06 13:12:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/06 13:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/06 13:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/06 13:06:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/06 13:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/07/30 19:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\{B21F2CB0-A112-488C-93F1-7358035F44EC}
[2010/07/30 16:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\Adobe
[2010/07/29 00:36:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/07/29 00:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/07/29 00:36:16 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/07/29 00:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/07/27 15:56:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/07/27 15:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/07/27 15:53:32 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/07/27 15:52:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/07/27 15:15:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/07/27 13:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/07/27 13:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/07/10 12:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\Sarah
[2010/06/30 17:40:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\Cooliris
[2010/06/22 13:37:59 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/06/18 10:27:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/08 21:40:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\2010_06_08
[2010/06/08 21:39:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/06/06 19:48:24 | 000,000,000 | ---D | C] -- C:\Assignments
[2010/05/11 14:12:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\xfxpxilyi

========== Files - Modified Within 90 Days ==========

[2010/08/06 16:24:50 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2010/08/06 16:23:04 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/08/06 16:22:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/06 16:22:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/06 16:22:29 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/06 16:21:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2546753562-369214622-1263157565-1006UA.job
[2010/08/06 15:21:03 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2546753562-369214622-1263157565-1006Core.job
[2010/08/06 13:23:13 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2010/08/06 13:12:07 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/06 13:06:06 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\NTREGOPT.lnk
[2010/08/06 13:06:06 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\ERUNT.lnk
[2010/08/06 12:24:28 | 063,005,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/05 07:16:35 | 000,608,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010/08/04 00:33:46 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Layth CV.doc
[2010/08/03 23:11:38 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Guide to being the F1 on the Breast firm.doc
[2010/08/03 18:42:13 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Qpayowetohe.dat
[2010/08/03 18:42:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Vyiqo.bin
[2010/08/03 18:36:51 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/02 09:57:25 | 000,063,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/02 09:54:22 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/07/31 10:05:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/29 00:22:40 | 000,002,288 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Google Chrome.lnk
[2010/07/29 00:22:40 | 000,002,266 | ---- | M] () -- C:\Documents and Settings\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/29 00:18:42 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\guest list.xls
[2010/07/28 20:52:32 | 000,295,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/28 19:54:44 | 000,489,078 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/28 19:54:44 | 000,432,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/28 19:54:44 | 000,067,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/28 19:49:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/07/27 18:38:20 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\ITU rota.xls
[2010/07/27 17:31:07 | 000,076,008 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/27 13:36:59 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/07/19 18:33:35 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Mess President Candidates.doc
[2010/07/19 18:32:55 | 000,016,544 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Mess candidates.docx
[2010/07/07 18:25:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/29 20:15:57 | 000,291,375 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\sarah - zanzibar.docx
[2010/06/29 20:15:38 | 000,766,388 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Sarah - Zanzibar ppt.pptx
[2010/06/22 13:38:28 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/06/22 13:37:59 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/06/22 13:33:33 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2010/06/22 13:30:14 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/06/20 17:12:42 | 000,010,326 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\stuff.xlsx
[2010/06/15 12:11:04 | 000,011,349 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\letter to Mr Bell.docx
[2010/06/13 16:49:53 | 000,009,492 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Mess Balll.xlsx
[2010/06/09 22:33:16 | 000,015,932 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\offerletter.docx
[2010/06/02 17:44:16 | 000,011,470 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Headings.docx
[2010/06/02 17:43:36 | 000,078,848 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\portfolio covers.pub
[2010/06/01 18:15:45 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/05/26 10:49:05 | 000,112,788 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Harriet's bank account application.pdf
[2010/05/10 09:51:12 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk

========== Files Created - No Company Name ==========

[2010/08/06 13:28:43 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\gmer.exe
[2010/08/06 13:12:07 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/06 13:06:06 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\NTREGOPT.lnk
[2010/08/06 13:06:06 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\ERUNT.lnk
[2010/08/04 00:12:38 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Layth CV.doc
[2010/08/03 23:11:38 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Guide to being the F1 on the Breast firm.doc
[2010/07/30 19:36:30 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Qpayowetohe.dat
[2010/07/30 19:36:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Vyiqo.bin
[2010/07/29 00:38:01 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/07/29 00:36:21 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/28 19:34:04 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\guest list.xls
[2010/07/27 18:38:19 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\ITU rota.xls
[2010/07/27 13:36:59 | 000,001,608 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/07/19 18:33:33 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Mess President Candidates.doc
[2010/07/19 18:32:40 | 000,016,544 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Mess candidates.docx
[2010/06/29 20:15:56 | 000,291,375 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\sarah - zanzibar.docx
[2010/06/29 20:15:37 | 000,766,388 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Sarah - Zanzibar ppt.pptx
[2010/06/20 17:12:39 | 000,010,326 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\stuff.xlsx
[2010/06/15 12:11:03 | 000,011,349 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\letter to Mr Bell.docx
[2010/06/09 22:33:16 | 000,015,932 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\offerletter.docx
[2010/06/02 17:44:13 | 000,011,470 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Headings.docx
[2010/06/02 17:43:36 | 000,078,848 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\portfolio covers.pub
[2010/05/26 10:49:05 | 000,112,788 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Harriet's bank account application.pdf
[2010/05/11 18:10:18 | 000,009,492 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Mess Balll.xlsx
[2010/02/03 09:08:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/12/24 00:39:46 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/12/24 00:39:46 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/12/24 00:39:13 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/24 00:39:13 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/08/13 12:26:32 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/01/23 20:12:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/23 19:58:33 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/01/23 19:57:11 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2005/08/05 16:32:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/05 15:45:52 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/08/05 15:45:52 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/08/05 15:45:52 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/08/05 15:45:52 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/08/05 15:45:52 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/08/05 15:45:52 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/05 15:43:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/08/05 15:38:22 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/08/05 14:33:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2005/08/05 05:41:07 | 000,001,909 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/06/15 08:59:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/12/02 15:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll

========== LOP Check ==========

[2010/01/19 22:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Canon
[2009/08/13 12:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\DAEMON Tools Lite
[2009/12/26 20:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\ImgBurn
[2009/09/01 22:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\InterVideo
[2009/04/27 00:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Nokia
[2009/04/27 00:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\PC Suite
[2009/08/03 23:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\sony
[2010/04/24 22:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Spotify
[2009/07/31 11:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Thunderbird
[2010/08/06 16:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\uTorrent
[2009/08/17 21:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/07/30 19:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/08/06 16:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOINC
[2010/01/07 21:04:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/06/08 21:39:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/01/19 22:12:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2009/08/03 23:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CCP
[2009/08/13 12:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/07/30 21:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/04/27 00:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/04/27 00:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/07/31 19:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks
[2009/04/27 00:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/11/01 18:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2010/06/18 10:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 21:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2005/08/05 13:54:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/01/23 19:52:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2005/08/05 13:54:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/06 16:22:29 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2005/08/05 13:54:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/08/05 13:54:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/07/30 20:09:20 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/06 16:22:27 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2005/08/05 13:54:04 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/03/17 06:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9X.DLL
[2009/03/17 06:00:00 | 000,070,656 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP9X.DLL
[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2003/06/18 18:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2009/11/06 17:58:00 | 000,803,584 | ---- | M] (Space Sciences Laboratory) -- C:\WINDOWS\boinc.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005/08/05 14:45:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/08/05 14:45:51 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/08/05 14:45:51 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto >

< Update\Results\Install|LastSuccessTime /rs >
< End of report >

Extras:

OTL Extras logfile created on: 06/08/2010 16:29:25 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Admin\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.60 Gb Total Space | 3.51 Gb Free Space | 10.77% Space Free | Partition Type: NTFS
Drive D: | 34.94 Gb Total Space | 7.96 Gb Free Space | 22.79% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SONYVAIO
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe -- File not found
"C:\Program Files\AVG\AVG8\avgdiag.exe" = C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe -- File not found
"C:\Program Files\AVG\AVG8\avgdiagex.exe" = C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify AB)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01AE599F-7B72-4135-8C56-9191F4ACBA88}" = VAIO Edit Components
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{0B3A8956-FAF7-4DB7-897C-86926C5323D2}" = Philips VLounge
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{169C78C0-8C32-4CA1-9602-D8E998ECE96A}" = VAIO Original Screen Saver VAIO Scene HD Wide Contents
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 4.0
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}" = VAIO Original Screen Saver VAIO Scene HD Normal Contents
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{29999594-B540-4C88-A8D3-C99CA43809FC}" = Image Converter 2
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{48E9DE14-39D1-4974-91A6-D4E1836F648D}" = SafeGuard® PrivateDisk 1.00.6 - Try and Buy Version
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D12D805-50B2-4287-B3B9-AD4D74F85693}" = BOINC
"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents
"{531C0C3A-7112-4986-8222-5778FB547D81}" = VAIO Original Screen Saver VAIO Motion HD Normal Contents
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{71249EFF-EFAB-48A0-B967-630F4E70BBC3}" = VAIO Original Screen Saver VAIO Scene SD Normal Contents
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 4.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7998F67D-655B-42E3-B651-18D96DD17268}" = Adobe Premiere Standard
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 4.2
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{805BC1AB-46C5-438C-BCB7-537A1A32290C}" = VAIO Original Screen Saver VAIO Motion SD Normal Contents
"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A43F939E-A863-433D-AC78-0897E44CFEB2}" = VAIO Launcher
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF877D9F-EBA4-4FAA-83D1-6A0C866AF4BD}" = Philips SPC520NC Webcam
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 4.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{BBD4DAC9-DF99-48CA-8F62-AE6F2BD47063}" = VAIO Original Screen Saver VAIO Motion HD Wide Contents
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 1.4
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3B312B7-7158-4E01-9B65-21FE18ADEFA9}" = Philips SPC520NC Webcam
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{D99C322D-C21B-40C7-AE71-EE51AA096B6E}" = Nokia Flashing Cable Driver
"{E365AAB7-F160-4E2F-ACAC-28D487ACF47D}" = VAIO Original Screen Saver VAIO Scene SD Wide Contents
"{E5E6E687-1033-0000-0000-000000000002}" = Adobe Acrobat 7.0 Elements
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.4.10
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}" = VAIO Zone
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"2B0430566DEE7109F019A317398EA7F8DA53B293" = Windows Driver Package - Philips (SPC520) Image (03/27/2007 1.00.2.6000)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"520EB7B13D6313F71239600F750802893CCAE993" = Windows Driver Package - Philips USB (10/01/2007 1.10.03.5790)
"Adobe Acrobat 7.0 Elements" = Adobe Acrobat 7.0 Elements
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG 9.0
"Avi2Dvd" = Avi2Dvd 0.5
"AviSynth" = AviSynth 2.5
"Canon MP270 series User Registration" = Canon MP270 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EasySleep_is1" = EasySleep 3.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ffdshow_is1" = ffdshow [rev 2844] [2009-03-30]
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO Online Registration (English)
"InstallShield_{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marxio Timer_is1" = Marxio Timer 1.10
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MoodLogic" = MoodLogic
"MouseSuite98" = Sony USB Mouse
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Orb" = Winamp Remote
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"RealAlt_is1" = Real Alternative 2.0.1
"Shutdown Timer_is1" = Shutdown Timer 1.1
"Skype_is1" = Skype 1.3
"smARTupdate" = smARTupdate
"Spotify" = Spotify
"Steam App 8510" = EVE Online Demo
"Titan Poker" = Titan Poker
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WinAce Archiver" = WinAce Archiver
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SymReader" = Skyscape Symbian Reader
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05/08/2010 02:42:57 | Computer Name = SONYVAIO | Source = Bonjour Service | ID = 100
Description = 248: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 05/08/2010 02:42:57 | Computer Name = SONYVAIO | Source = Bonjour Service | ID = 100
Description = 396: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 05/08/2010 02:42:57 | Computer Name = SONYVAIO | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 05/08/2010 16:21:45 | Computer Name = SONYVAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 05/08/2010 16:21:45 | Computer Name = SONYVAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2094

Error - 05/08/2010 16:21:45 | Computer Name = SONYVAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2094

Error - 05/08/2010 16:21:48 | Computer Name = SONYVAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 05/08/2010 16:21:48 | Computer Name = SONYVAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4485

Error - 05/08/2010 16:21:48 | Computer Name = SONYVAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4485

Error - 06/08/2010 05:21:05 | Computer Name = SONYVAIO | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 06/08/2010 07:45:22 | Computer Name = SONYVAIO | Source = Service Control Manager | ID = 7034
Description = The VAIO Entertainment UPnP Client Adapter service terminated unexpectedly.
It has done this 1 time(s).

Error - 06/08/2010 07:45:22 | Computer Name = SONYVAIO | Source = Service Control Manager | ID = 7034
Description = The VAIO Entertainment Database Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 06/08/2010 07:45:23 | Computer Name = SONYVAIO | Source = Service Control Manager | ID = 7034
Description = The VAIO Entertainment File Import Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 06/08/2010 07:45:23 | Computer Name = SONYVAIO | Source = Service Control Manager | ID = 7034
Description = The ServiceLayer service terminated unexpectedly. It has done this
1 time(s).

Error - 06/08/2010 07:45:23 | Computer Name = SONYVAIO | Source = Service Control Manager | ID = 7034
Description = The VAIO Entertainment Aggregation and Control Service service terminated
unexpectedly. It has done this 1 time(s).

Error - 06/08/2010 07:45:23 | Computer Name = SONYVAIO | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 06/08/2010 08:26:26 | Computer Name = SONYVAIO | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde

Error - 06/08/2010 09:15:05 | Computer Name = SONYVAIO | Source = System Error | ID = 1003
Description = Error code 000000f4, parameter1 00000003, parameter2 8a16f500, parameter3
8a16f674, parameter4 805c8c7c.

Error - 06/08/2010 09:15:31 | Computer Name = SONYVAIO | Source = System Error | ID = 1003
Description = Error code 000000f4, parameter1 00000003, parameter2 8a1e29a8, parameter3
8a1e2b1c, parameter4 805c8c7c.

Error - 06/08/2010 11:24:40 | Computer Name = SONYVAIO | Source = System Error | ID = 1003
Description = Error code 000000f4, parameter1 00000003, parameter2 8a1f19f8, parameter3
8a1f1b6c, parameter4 805c8c7c.


< End of report >

Any help guys is REALLY appreciated.

Thank you

Layth
  • 0

Advertisements

#2
LaythT
Posted 06 August 2010 - 01:04 PM

LaythT

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Just did a full scan with malware bytes and AVG. It hasn't found it. Maybe it gone?

Is there anything else anyone suggests i should do? Any one know how this might have happened?

Layth
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP