[WildaNdCrazy]

Okay, so one on my friends got a virus from a website, and wont tell me exactly what website it came from so I assume it was from a adult website..I'm trying all in my power to help this girl fix her computer but I can't do anything! I tried to run a Malware scan with malwarebyte's anti virus, but it took so long to startup and stuck to zero that I gave up. I cant even get an error to see whats wrong with this thing! Eventually one of the virus protection programs she had on her computer picked up something..but I don't believe this is the cause of it..because its still running crapishly slow. What was picked up was Adware: Win32/Open Candy..it sounds funny but I good a google search and didn't really find much. As of right now I have the ComboFix log for her laptop (did that yesterday) and right now im working on getting the quick scan info from the OLT, but this thing is taking forever..it took me 10-20mins to click the quick scan button..and its scanning..but this thing will probably take DAYS! its already been at it for over 9 now (or more).


Is there some other type of solution for these type of problems? I've tried in both normal mode and safe mode..AND she never set up a system restore point..so no luck with that either..Is there anything that can be done as of right now?

[Advertisements]

Can you post the Combofix log?

You might want to try the AVG rescue disk:

http://www.geekstogo...ystem-tutorial/

Ron

[RKinner]

Can you post the Combofix log?

You might want to try the AVG rescue disk:

http://www.geekstogo...ystem-tutorial/

Ron

[WildaNdCrazy]

Okay sorry for the delay..Ill do the CD fix when I find a blank CD


During the OLT quick scan I got a blue screen.
The info given:
Driver_IRQL_NOT_LESS_OR_EQUAL
STOP:0x000000D1
iastor.sys
--------------
ComboFix 11-04-26.02 - Owner 04/26/2011 21:17:53.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4014.2568 [GMT -4:00]
Running from: D:\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
.
----- BITS: Possible infected sites -----
.
hxxp://dibs.ddni.net
.
((((((((((((((((((((((((( Files Created from 2011-03-27 to 2011-04-27 )))))))))))))))))))))))))))))))
.
.
2011-04-27 03:39 . 2011-04-27 03:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-26 23:49 . 2011-04-26 23:49 -------- d-----w- c:\users\Owner\AppData\Local\{04C2F87B-D5FC-4545-A341-E218F9AD9380}
2011-04-26 20:42 . 2011-04-26 20:42 -------- d-----w- c:\users\Owner\AppData\Local\{3F90FDFC-9A41-409E-BE4B-FBD6EAEC221F}
2011-04-26 02:19 . 2011-04-26 02:19 -------- d-----w- c:\users\Owner\AppData\Local\{9FACA991-ABFE-4358-9EA1-8EF7E3F1A9B6}
2011-04-26 00:17 . 2011-04-26 00:17 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2011-04-26 00:15 . 2010-12-20 22:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-26 00:15 . 2011-04-26 00:15 -------- d-----w- c:\programdata\Malwarebytes
2011-04-26 00:15 . 2010-12-20 22:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-26 00:15 . 2011-04-26 00:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-25 21:58 . 2011-04-25 21:58 -------- d-----w- c:\users\Owner\AppData\Local\{EBC705C4-5223-4068-AE98-370BA5903FBA}
2011-04-23 15:27 . 2011-04-23 15:28 -------- d-----w- c:\users\Owner\AppData\Local\{16913F6E-0D06-4C7F-B4E8-6C741FEA26E3}
2011-04-23 09:10 . 2011-04-23 09:10 -------- d-----w- c:\users\Owner\AppData\Local\{BDEEA276-1E85-4D8C-A2B0-FB4D148CE6EA}
2011-04-23 00:08 . 2011-04-23 00:08 -------- d-----w- c:\users\Owner\AppData\Local\{F66CFED1-F6A5-4ED4-8548-99C20E066301}
2011-04-22 19:53 . 2011-04-22 19:53 -------- d-----w- c:\users\Owner\AppData\Local\{36007BBB-40F3-4444-8C4B-734DACEC9291}
2011-04-21 23:58 . 2011-04-21 23:58 -------- d-----w- c:\users\Owner\AppData\Local\{04E51E2E-F3FA-4681-9711-D91D0AB79751}
2011-04-21 23:46 . 2011-04-21 23:46 -------- d-----w- c:\program files\iPod
2011-04-21 23:46 . 2011-04-21 23:46 -------- d-----w- c:\program files\iTunes
2011-04-21 23:46 . 2011-04-21 23:46 -------- d-----w- c:\program files (x86)\iTunes
2011-04-21 23:43 . 2011-04-21 23:43 -------- d-----w- c:\program files\Bonjour
2011-04-21 23:43 . 2011-04-21 23:43 -------- d-----w- c:\program files (x86)\Bonjour
2011-04-21 20:52 . 2011-04-21 20:52 -------- d-----w- c:\users\Owner\AppData\Local\{E4F7A088-2BA8-41E8-A93A-6E74505CD0C9}
2011-04-21 00:37 . 2011-04-21 00:38 -------- d-----w- c:\users\Owner\AppData\Local\{E96A73F2-30AC-4440-8FDA-B9214B485526}
2011-04-21 00:37 . 2011-04-21 00:37 -------- d-----w- c:\users\Owner\AppData\Roaming\Intel Corporation
2011-04-21 00:27 . 2010-03-03 23:51 540696 ----a-w- c:\windows\system32\drivers\iaStor.sys
2011-04-21 00:27 . 2011-04-21 00:27 -------- d-----w- c:\users\Owner\AppData\Roaming\InstallShield
2011-04-20 21:54 . 2011-04-20 21:54 -------- d-----w- c:\users\Owner\AppData\Local\{BCF705F9-F664-4E14-A676-69F53F8B0ECC}
2011-04-20 18:03 . 2011-04-20 18:03 -------- d-----w- c:\users\Owner\AppData\Local\{3B5434B3-1E56-4F50-B3D2-864A9E0F8591}
2011-04-19 22:38 . 2011-04-19 22:39 -------- d-----w- c:\users\Owner\AppData\Local\{9CDFC9E5-2486-4915-88EA-97C2756222CF}
2011-04-19 21:06 . 2011-04-19 21:06 -------- d-----w- c:\users\Owner\AppData\Local\{57FF77E7-8737-44CC-BABC-7F0C9B8F78A5}
2011-04-19 01:18 . 2011-04-19 01:18 -------- d-----w- c:\users\Owner\AppData\Local\{3ACE562A-FF5B-498B-B979-DEF613174590}
2011-04-18 22:12 . 2011-04-18 22:12 -------- d-----w- c:\users\Owner\AppData\Local\{343E5E7B-1B1E-4CEB-92C6-6F50E851F132}
2011-04-18 18:05 . 2011-04-18 18:05 -------- d-----w- c:\users\Owner\AppData\Local\{009BA88C-842B-4A85-8965-85ABE932F7F9}
2011-04-18 02:47 . 2011-04-18 02:47 -------- d-----w- c:\users\Owner\AppData\Local\{DF199622-953E-487A-A13E-3956429C13A6}
2011-04-17 22:59 . 2011-04-17 22:59 -------- d-----w- c:\users\Owner\AppData\Local\{D877A591-CB4D-4EAB-A0A2-356372D8A130}
2011-04-17 20:13 . 2011-04-17 20:13 -------- d-----w- c:\users\Owner\AppData\Local\{6CB03FDD-9B16-47AA-A9F2-3EE856293525}
2011-04-17 18:33 . 2011-04-17 18:33 -------- d-----w- c:\users\Owner\AppData\Local\{4726A255-67C0-401C-9F7C-6072521537DC}
2011-04-17 16:22 . 2011-04-17 16:22 -------- d-----w- c:\users\Owner\AppData\Local\{4B241A57-B416-461B-B18E-B679A5DFE6C4}
2011-04-17 05:51 . 2011-04-17 05:51 -------- d-----w- c:\users\Owner\AppData\Local\{C1816774-7D8C-4E8D-9C32-FC402C8A77E6}
2011-04-16 23:43 . 2011-04-16 23:43 -------- d-----w- c:\users\Owner\AppData\Local\{B9A7B57C-58B9-4722-BAC7-BFE70B473D51}
2011-04-16 17:18 . 2011-04-16 17:18 -------- d-----w- c:\users\Owner\AppData\Local\{776372C3-1829-458F-A9D0-D6429E04CA6D}
2011-04-15 22:33 . 2011-04-15 22:33 -------- d-----w- c:\users\Owner\AppData\Local\{EE7A4CF9-03CF-4DF7-A485-E56062B63A72}
2011-04-15 19:52 . 2011-04-15 19:52 -------- d-----w- c:\users\Owner\AppData\Local\{59712447-3038-4472-819D-DB757D51C307}
2011-04-15 04:54 . 2011-04-15 04:54 -------- d-----w- c:\users\Owner\AppData\Local\{9E5B1DED-8227-4083-BFAC-EA0D9F3387DD}
2011-04-15 00:07 . 2011-04-15 00:07 -------- d-----w- c:\users\Owner\AppData\Local\{736361AF-202E-4EA1-81F8-90223DE6E1C4}
2011-04-14 21:17 . 2011-04-14 21:17 -------- d-----w- c:\users\Owner\AppData\Local\{D8A91837-FD92-468A-A0D9-C4D0AF326B7E}
2011-04-14 01:25 . 2011-04-14 01:25 -------- d-----w- c:\users\Owner\AppData\Local\{CA728246-707C-4963-A9BA-3F1ACFAEAEB3}
2011-04-13 18:15 . 2011-04-13 18:15 -------- d-----w- c:\users\Owner\AppData\Local\{C1222C68-3CDA-4C1C-84A9-0133B23C9DA7}
2011-04-13 04:51 . 2011-04-13 04:51 -------- d-----w- C:\461fbad7c3ffb72aa5b823635525d3
2011-04-13 03:51 . 2011-04-13 03:51 -------- d-----w- c:\program files (x86)\Common Files\Software Update Utility
2011-04-12 21:27 . 2011-04-12 21:27 -------- d-----w- c:\users\Owner\AppData\Local\{8DBCEF29-0DAC-4239-A25B-ECCAE17A2613}
2011-04-11 21:29 . 2011-04-11 21:29 -------- d-----w- c:\users\Owner\AppData\Local\{9EA5B3D7-4247-4EED-8F3C-DDCC0CCCC9EC}
2011-04-11 18:07 . 2011-04-11 18:10 -------- d-----w- c:\users\Owner\AppData\Local\{A371A034-5A78-4283-9E04-BA763E557E1D}
2011-04-11 16:12 . 2011-04-11 16:12 -------- d-----w- c:\users\Owner\AppData\Local\{F86D3B27-22EE-4650-ABBB-85A6EA2E8C18}
2011-04-11 01:04 . 2011-04-11 01:05 -------- d-----w- c:\users\Owner\AppData\Local\{51DAECB3-FFDA-4018-8959-D10D03CF83D8}
2011-04-10 13:03 . 2011-04-10 13:03 -------- d-----w- c:\users\Owner\AppData\Local\{C72BD3BD-4AD1-48CD-AA91-8901F78475DF}
2011-04-09 22:47 . 2011-04-09 22:47 -------- d-----w- c:\users\Owner\AppData\Local\{25B31117-3623-4686-942A-B2F7DCED2DC7}
2011-04-09 10:46 . 2011-04-09 10:46 -------- d-----w- c:\users\Owner\AppData\Local\{0CCCBFA1-CCBD-46EF-87A8-BB05B195BF72}
2011-04-09 00:06 . 2011-04-09 00:06 -------- d-----w- c:\users\Owner\AppData\Local\{8A1D3165-6B7C-4286-A094-EED5A33903AC}
2011-04-08 20:00 . 2011-04-08 20:00 -------- d-----w- c:\users\Owner\AppData\Local\{23A5CB5D-FC44-4CAE-B9BB-A0BAE5C35753}
2011-04-08 00:55 . 2011-04-08 00:55 -------- d-----w- c:\users\Owner\AppData\Local\{FDAE3847-25F1-4F80-9C68-FE00B02BD918}
2011-04-07 21:23 . 2011-04-07 21:23 -------- d-----w- c:\users\Owner\AppData\Local\{C52C9098-E526-4BE1-82DA-1EFE816C835A}
2011-04-07 11:34 . 2011-04-07 11:34 -------- d-----w- c:\users\Owner\AppData\Local\{9B9E6ABB-7235-488D-8CA5-C4D91B8EA651}
2011-04-07 00:24 . 2011-04-07 00:25 -------- d-----w- c:\users\Owner\AppData\Local\{FEBCA629-3378-455A-AC7F-5F08D8C9297C}
2011-04-06 20:26 . 2011-04-06 20:26 96544 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:26 . 2011-04-06 20:26 69408 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:26 . 2011-04-06 20:26 237856 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:26 . 2011-04-06 20:26 119584 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 75040 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-04-06 18:09 . 2011-04-06 18:10 -------- d-----w- c:\users\Owner\AppData\Local\{2334B9CD-7EE1-41B1-A75C-ACC83ED9C892}
2011-04-06 00:53 . 2011-04-06 00:54 -------- d-----w- c:\users\Owner\AppData\Local\{29ACFD64-6775-4EB0-B538-E167E7EC3F49}
2011-04-06 00:46 . 2011-04-06 00:46 -------- d-----w- c:\users\Owner\AppData\Local\{437BB1B1-39C6-431E-B574-F6AAFE95960B}
2011-04-06 00:34 . 2011-04-06 00:34 -------- d-----w- c:\users\Owner\AppData\Local\{6C128D13-E03E-46AD-BF1A-45CB446B8990}
2011-04-05 03:17 . 2011-04-05 03:17 -------- d-----w- c:\users\Owner\AppData\Local\{8CA9ED4E-F8C6-4A68-9C25-65B25B8E969B}
2011-04-05 00:17 . 2011-04-05 00:17 -------- d-----w- c:\users\Owner\AppData\Local\{AEA6CD39-BBDE-4E6D-991A-D8C41C7AF5CB}
2011-04-05 00:11 . 2011-04-05 00:11 -------- d-----w- c:\users\Owner\AppData\Local\{A236C9BC-3D83-4B0F-B6EF-A4D2063EFC0B}
2011-04-04 23:49 . 2011-04-04 23:49 -------- d-----w- c:\users\Owner\AppData\Local\{F52C7EC6-65F3-44F1-AA5D-3B2F4AD29AB8}
2011-04-04 17:57 . 2011-04-04 17:57 -------- d-----w- c:\users\Owner\AppData\Local\{B5402621-F1F7-4B3B-A455-249705276D97}
2011-04-03 18:03 . 2011-04-03 18:03 -------- d-----w- c:\users\Owner\AppData\Local\{A4614434-F192-4CEF-BEAC-80AAE29A663F}
2011-04-02 23:12 . 2011-04-02 23:12 -------- d-----w- c:\users\Owner\AppData\Local\{7117FC0C-FEF1-4815-90AB-810BD5130453}
2011-04-01 22:44 . 2011-04-01 22:45 -------- d-----w- c:\users\Owner\AppData\Local\{76ABA775-8CB2-4391-93D7-5C183D0AB624}
2011-04-01 20:17 . 2011-04-01 20:17 -------- d-----w- c:\users\Owner\AppData\Local\{020AA3FF-8E71-428F-A75E-9E54983E8B0B}
2011-03-31 23:59 . 2011-04-01 00:00 -------- d-----w- c:\users\Owner\AppData\Local\{A6306A72-AEE9-4C9B-8C36-A7979657A9EE}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-23 21:24 . 2010-06-24 16:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-23 14:34 . 2011-03-09 04:57 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB12A22B-B4CF-482C-AB1C-400C1D733CBC}\mpengine.dll
2011-02-19 06:37 . 2011-03-09 04:06 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 04:06 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 04:06 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 05:32 . 2011-03-09 04:06 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 04:06 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-18 21:36 . 2011-02-18 21:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 21:36 . 2011-02-18 21:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-03 02:40 . 2011-02-17 01:37 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{59c6f12b-f004-43e5-9997-08f2123119b6}]
2011-01-29 19:54 81920 ----a-w- c:\program files (x86)\oovootoolbar\oovootoolbarX.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 23:17 1487240 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
"{59c6f12b-f004-43e5-9997-08f2123119b6}"= "c:\program files (x86)\oovootoolbar\oovootoolbarX.dll" [2011-01-29 81920]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{59c6f12b-f004-43e5-9997-08f2123119b6}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-11 39408]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-10-05 80384]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-27 320880]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2009-10-26 115560]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-14 421160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
Script execution time was exceeded on script "c:\combofix\lnkread.vbs".
Script execution was terminated.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 03:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 135664]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4924336]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-09-17 167424]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-09-27 303872]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-09-27 864000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-10-25 549168]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2010-06-24 46080]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447848]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 sftfs;sftfs;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftfslh.sys [2009-09-23 712536]
S3 sftplay;sftplay;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys [2009-09-23 261480]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 sftvol;sftvol;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftvollh.sys [2009-09-23 17752]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-12-01 571248]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 13:42]
.
2011-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 13:42]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-02 16395880]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-21 11106408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = proxy.nyit.edu:80
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dtjezeih.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=14196&l=dis
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z015&form=ZGAADF&q=
FF - prefs.js: network.proxy.http - proxy.nyit.edu
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 1
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: AIM Toolbar: {c2f863cd-0429-48c7-bb54-db756a951760} - %profile%\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
FF - Ext: Ask Toolbar: [email protected] - %profile%\extensions\[email protected]
FF - Ext: ooVooToolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - %profile%\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}
FF - Ext: Conduit Engine : [email protected] - %profile%\extensions\[email protected]
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-Symantec Antvirus
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e7,43,9b,df,52,6c,70,43,b8,89,5d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e7,43,9b,df,52,6c,70,43,b8,89,5d,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-04-27 00:30:10
ComboFix-quarantined-files.txt 2011-04-27 04:29
.
Pre-Run: 435,967,307,776 bytes free
Post-Run: 436,166,975,488 bytes free
.
- - End Of File - - 115D82F32398850C89F37E99F1013BEF

[RKinner]

iastor.sys was modified recently which is suspicious. A lot of drivers are missing which may indicate a hard drive problem or it may be that they were killed off by malware.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, All Programs, Accessories, then right click on Command Prompt and Run As Administrator,

Type:
eventvwr.msc
with an Enter after the line to bring up the Event Viewer. (In Vista or 7, next select Windows Logs) Right click on System and Clear All Events. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

sigverif

(Press Start in new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.))


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run As Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Uninstall Ask toolbar, Conduit Engine



Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::


Folder::
c:\users\Owner\AppData\Local\{04C2F87B-D5FC-4545-A341-E218F9AD9380}
c:\users\Owner\AppData\Local\{3F90FDFC-9A41-409E-BE4B-FBD6EAEC221F}
c:\users\Owner\AppData\Local\{9FACA991-ABFE-4358-9EA1-8EF7E3F1A9B6}
c:\users\Owner\AppData\Local\{EBC705C4-5223-4068-AE98-370BA5903FBA}
c:\users\Owner\AppData\Local\{16913F6E-0D06-4C7F-B4E8-6C741FEA26E3}
c:\users\Owner\AppData\Local\{BDEEA276-1E85-4D8C-A2B0-FB4D148CE6EA}
c:\users\Owner\AppData\Local\{F66CFED1-F6A5-4ED4-8548-99C20E066301}
c:\users\Owner\AppData\Local\{36007BBB-40F3-4444-8C4B-734DACEC9291}
c:\users\Owner\AppData\Local\{04E51E2E-F3FA-4681-9711-D91D0AB79751}
c:\users\Owner\AppData\Local\{E4F7A088-2BA8-41E8-A93A-6E74505CD0C9}
c:\users\Owner\AppData\Local\{E96A73F2-30AC-4440-8FDA-B9214B485526}
c:\users\Owner\AppData\Local\{BCF705F9-F664-4E14-A676-69F53F8B0ECC}
c:\users\Owner\AppData\Local\{3B5434B3-1E56-4F50-B3D2-864A9E0F8591}
c:\users\Owner\AppData\Local\{9CDFC9E5-2486-4915-88EA-97C2756222CF}
c:\users\Owner\AppData\Local\{57FF77E7-8737-44CC-BABC-7F0C9B8F78A5}
c:\users\Owner\AppData\Local\{3ACE562A-FF5B-498B-B979-DEF613174590}
c:\users\Owner\AppData\Local\{343E5E7B-1B1E-4CEB-92C6-6F50E851F132}
c:\users\Owner\AppData\Local\{009BA88C-842B-4A85-8965-85ABE932F7F9}
c:\users\Owner\AppData\Local\{DF199622-953E-487A-A13E-3956429C13A6}
c:\users\Owner\AppData\Local\{D877A591-CB4D-4EAB-A0A2-356372D8A130}
c:\users\Owner\AppData\Local\{6CB03FDD-9B16-47AA-A9F2-3EE856293525}
c:\users\Owner\AppData\Local\{4726A255-67C0-401C-9F7C-6072521537DC}
c:\users\Owner\AppData\Local\{4B241A57-B416-461B-B18E-B679A5DFE6C4}
c:\users\Owner\AppData\Local\{C1816774-7D8C-4E8D-9C32-FC402C8A77E6}
c:\users\Owner\AppData\Local\{B9A7B57C-58B9-4722-BAC7-BFE70B473D51}
c:\users\Owner\AppData\Local\{776372C3-1829-458F-A9D0-D6429E04CA6D}
c:\users\Owner\AppData\Local\{EE7A4CF9-03CF-4DF7-A485-E56062B63A72}
c:\users\Owner\AppData\Local\{59712447-3038-4472-819D-DB757D51C307}
c:\users\Owner\AppData\Local\{9E5B1DED-8227-4083-BFAC-EA0D9F3387DD}
c:\users\Owner\AppData\Local\{736361AF-202E-4EA1-81F8-90223DE6E1C4}
c:\users\Owner\AppData\Local\{D8A91837-FD92-468A-A0D9-C4D0AF326B7E}
c:\users\Owner\AppData\Local\{CA728246-707C-4963-A9BA-3F1ACFAEAEB3}
c:\users\Owner\AppData\Local\{C1222C68-3CDA-4C1C-84A9-0133B23C9DA7}
c:\users\Owner\AppData\Local\{8DBCEF29-0DAC-4239-A25B-ECCAE17A2613}
c:\users\Owner\AppData\Local\{9EA5B3D7-4247-4EED-8F3C-DDCC0CCCC9EC}
c:\users\Owner\AppData\Local\{A371A034-5A78-4283-9E04-BA763E557E1D}
c:\users\Owner\AppData\Local\{F86D3B27-22EE-4650-ABBB-85A6EA2E8C18}
c:\users\Owner\AppData\Local\{51DAECB3-FFDA-4018-8959-D10D03CF83D8}
c:\users\Owner\AppData\Local\{C72BD3BD-4AD1-48CD-AA91-8901F78475DF}
c:\users\Owner\AppData\Local\{25B31117-3623-4686-942A-B2F7DCED2DC7}
c:\users\Owner\AppData\Local\{0CCCBFA1-CCBD-46EF-87A8-BB05B195BF72}
c:\users\Owner\AppData\Local\{8A1D3165-6B7C-4286-A094-EED5A33903AC}
c:\users\Owner\AppData\Local\{23A5CB5D-FC44-4CAE-B9BB-A0BAE5C35753}
c:\users\Owner\AppData\Local\{FDAE3847-25F1-4F80-9C68-FE00B02BD918}
c:\users\Owner\AppData\Local\{9B9E6ABB-7235-488D-8CA5-C4D91B8EA651}
c:\users\Owner\AppData\Local\{FEBCA629-3378-455A-AC7F-5F08D8C9297C}
c:\users\Owner\AppData\Local\{2334B9CD-7EE1-41B1-A75C-ACC83ED9C892}
c:\users\Owner\AppData\Local\{29ACFD64-6775-4EB0-B538-E167E7EC3F49}
c:\users\Owner\AppData\Local\{437BB1B1-39C6-431E-B574-F6AAFE95960B}
c:\users\Owner\AppData\Local\{6C128D13-E03E-46AD-BF1A-45CB446B8990}
c:\users\Owner\AppData\Local\{8CA9ED4E-F8C6-4A68-9C25-65B25B8E969B}
c:\users\Owner\AppData\Local\{AEA6CD39-BBDE-4E6D-991A-D8C41C7AF5CB}
c:\users\Owner\AppData\Local\{A236C9BC-3D83-4B0F-B6EF-A4D2063EFC0B}
c:\users\Owner\AppData\Local\{F52C7EC6-65F3-44F1-AA5D-3B2F4AD29AB8}
c:\users\Owner\AppData\Local\{B5402621-F1F7-4B3B-A455-249705276D97}
c:\users\Owner\AppData\Local\{A4614434-F192-4CEF-BEAC-80AAE29A663F}
c:\users\Owner\AppData\Local\{7117FC0C-FEF1-4815-90AB-810BD5130453}
c:\users\Owner\AppData\Local\{76ABA775-8CB2-4391-93D7-5C183D0AB624}
c:\users\Owner\AppData\Local\{020AA3FF-8E71-428F-A75E-9E54983E8B0B}
c:\users\Owner\AppData\Local\{A6306A72-AEE9-4C9B-8C36-A7979657A9EE}

Registry::
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{59c6f12b-f004-43e5-9997-08f2123119b6}]
******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag it over to Combofix and let it start as before.

Post the new log.

IF you haven't already, set up Windows to let you see the hidden system files:

Close all programs so that you are at your desktop.
Open the Control Panel menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK button and exit My Computer.
Now your computer is configured to show all hidden files.

Then open my Computer and look in c:\users\Owner\AppData\Local\ for folders of the same form as the ones in CFScript. If you see any with dates from March or April of this month delete them.

Also look in c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

What do you see besides: Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe

Appears this may be a Dell. I see you are missing a key portion of

Intel® Graphics Media Accelerator HD Driver

I would go to Dell's support and see if you can download a new one and install it.


Ron

[WildaNdCrazy]

quick question.. can this part:

Type:
eventvwr.msc
with an Enter after the line to bring up the Event Viewer. (In Vista or 7, next select Windows Logs) Right click on System and Clear All Events. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.
--------
Can this part be skipped because right now I've typed it in, and waited for about 20 minutes and it still hasn't popped up. I've gotten a Add Snap-in pop up and right now its "Adding snap-in to console"...and I just got a blue screen as I typed this..

Memory_management
STOP:0x0000001A
--------

Btw this is an Vaio, should I contact them about the Intel® Graphics Media Accelerator HD Driver before anything else is done?

[RKinner]

Instead of eventvwr.msc try:

right click on My Computer and select Manage (Continue) then select Event Viewer. That should work the same. Then clear the two event logs. IF it won't work then just go on with the VEW.exe

Ron

[WildaNdCrazy]

Okay, so here is what I've done.

I did the Error-checking and I got the Add-snap problem like stated before and got the blue screen. Computer had to restart, so the error checking went through, it just finished. Computer looks like its going faster (right now)..And I ran the VEW.exe program you and put in everything you said, but when it makes the event log it says, "Cannot find the C:\VEW.txt file. Do you want to create a new file?" Yes, No, Cancel are my options but they all do the same thing, which is nothing. So I have no log to give you.

Ask Toolbar was deleted, Conduit Engine not found.

[WildaNdCrazy]

okay nevermind, i got it to work. give me a second. I will edit my post in a second.

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/04/2011 10:06:19 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/12/2010 4:40:55 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/04/2011 1:39:25 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: SRTSP

Log: 'System' Date/Time: 29/04/2011 1:39:05 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Log: 'System' Date/Time: 29/04/2011 1:38:55 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Symantec Management Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 29/04/2011 1:38:55 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Symantec Management Client service to connect.

Log: 'System' Date/Time: 29/04/2011 1:38:27 AM
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-WER-SystemErrorReporting
The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xffffffffc0000005, 0xfffff880010d057e, 0xfffff8800352b948, 0xfffff8800352b1b0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 042811-28969-01.

Log: 'System' Date/Time: 29/04/2011 1:38:22 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 2:22:15 PM on ?4/?28/?2011 was unexpected.

Log: 'System' Date/Time: 29/04/2011 1:38:10 AM
Type: Error Category: 0
Event: 5 Source: SRTSP
Error loading Symantec real time Anti-Virus driver.

Log: 'System' Date/Time: 29/04/2011 1:38:10 AM
Type: Error Category: 0
Event: 4 Source: SRTSP
Error loading virus definitions.

Log: 'System' Date/Time: 28/04/2011 6:22:09 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:22:04 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:22:00 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:21:59 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:21:54 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:21:49 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:21:44 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:21:39 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:21:34 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:21:29 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:21:24 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 28/04/2011 6:21:19 PM
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/04/2011 2:48:28 AM
Type: Warning Category: 2
Event: 16 Source: Microsoft-Windows-WindowsUpdateClient
Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Log: 'System' Date/Time: 26/04/2011 4:44:42 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 26/04/2011 4:01:33 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 25/04/2011 11:55:35 PM
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume3\Windows\explorer.exe with process id 1372 stopped the removal or ejection for the device USB\VID_0718&PID_0699\07B10403C714B337.

Log: 'System' Date/Time: 25/04/2011 11:54:41 PM
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume3\Windows\explorer.exe with process id 1372 stopped the removal or ejection for the device USB\VID_0718&PID_0699\07B10403C714B337.

Log: 'System' Date/Time: 24/04/2011 9:55:21 PM
Type: Warning Category: 0
Event: 1073 Source: USER32
The attempt by user Owner-VAIO\Owner to restart/shutdown computer OWNER-VAIO failed

Log: 'System' Date/Time: 22/04/2011 10:44:16 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.eastvillagers.org timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 21/04/2011 10:14:28 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.nyit.edu timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/04/2011 6:56:49 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/04/2011 6:38:50 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.nyit.edu timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 7:07:24 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 7:07:12 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.nyit.edu timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 7:03:28 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.nyit.edu timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 7:03:26 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.nyit.edu timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 7:03:19 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.nyit.edu timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 7:01:35 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name graphics8.nytimes.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 6:55:46 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.nyit.edu timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 6:43:36 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.nyit.edu timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 6:42:39 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/04/2011 6:41:51 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Edited by WildaNdCrazy, 28 April 2011 - 08:11 PM.

[RKinner]

See if

http://solutions.uni...timeout-period/

helps the iastor error

Can I see a new OTL Quickscan log?

Ron

[WildaNdCrazy]

Sorry for the delay, had personal matters to attend to. When I went into the Advanced settings tab of the Power Options, PCI wasn't a drop down options...

OTL logfile created on: 5/3/2011 8:18:14 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 51.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.21 Gb Total Space | 406.42 Gb Free Space | 88.89% Space Free | Partition Type: NTFS
Drive D: | 3.74 Gb Total Space | 3.73 Gb Free Space | 99.93% Space Free | Partition Type: FAT32

Computer Name: OWNER-VAIO | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/28 06:15:17 | 001,010,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011/03/06 15:01:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/02 22:40:40 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2launcher.exe
PRC - [2011/02/02 22:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\java.exe
PRC - [2011/01/05 13:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2010/07/14 13:53:51 | 000,484,704 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
PRC - [2010/06/24 17:40:44 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/11/30 23:20:00 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/11/30 23:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/10/26 16:51:48 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
PRC - [2009/10/26 16:51:48 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/10/26 16:51:44 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/10/26 16:51:44 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
PRC - [2009/10/24 07:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/10/24 07:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009/10/05 17:57:46 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
PRC - [2009/10/05 17:42:48 | 000,161,080 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2009/10/05 17:42:48 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
PRC - [2009/10/05 17:42:46 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2009/09/23 16:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/09/23 16:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/09/04 17:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/08/26 23:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2008/09/18 14:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe


========== Modules (SafeList) ==========

MOD - [2011/03/06 15:01:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/10/25 17:55:26 | 000,387,896 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010/10/25 17:26:34 | 000,101,152 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010/10/25 17:12:24 | 000,549,168 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2010/09/27 15:13:22 | 000,303,872 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/30 23:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009/09/17 03:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV:64bit: - [2009/09/04 17:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/02/28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/10/12 15:52:48 | 000,423,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010/09/27 15:13:26 | 000,074,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2010/09/27 15:12:36 | 000,864,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010/09/10 08:47:30 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010/09/10 08:47:30 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010/06/24 17:40:44 | 000,046,080 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe -- (Oasis2Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/11/30 23:20:00 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/10/26 16:51:48 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2009/10/26 16:51:48 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/10/26 16:51:46 | 000,411,976 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC)
SRV - [2009/10/26 16:51:44 | 003,197,256 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/10/26 16:51:44 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/10/24 07:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/09/23 16:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/09/23 16:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/08/31 05:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/08/31 05:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/20 20:10:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/09/18 14:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/18 20:34:04 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009/11/18 16:07:14 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/11/18 16:07:13 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/11/18 16:07:13 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/11/18 16:07:12 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009/11/18 16:06:44 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/11/12 16:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/11/12 16:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/12 16:05:01 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/11/11 16:05:13 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/11/06 16:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009/10/27 16:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/26 16:51:48 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srtspl64.sys -- (SRTSPL)
DRV:64bit: - [2009/10/26 16:51:48 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009/10/26 16:51:48 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2009/10/09 22:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/23 16:04:52 | 000,025,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/09/15 16:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009/08/19 16:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 18:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/04/18 10:06:04 | 001,828,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110503.003\EX64.SYS -- (NAVEX15)
DRV - [2011/04/18 10:06:04 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110503.003\ENG64.SYS -- (NAVENG)
DRV - [2010/06/17 04:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/06/17 04:00:00 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/10/26 16:51:48 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\srtspl64.sys -- (SRTSPL)
DRV - [2009/10/26 16:51:48 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\srtsp64.sys -- (SRTSP)
DRV - [2009/10/26 16:51:48 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\srtspx64.sys -- (SRTSPX)
DRV - [2009/09/23 16:04:42 | 000,261,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009/09/23 16:04:42 | 000,017,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftVollh.sys -- (sftvol)
DRV - [2009/09/23 16:04:38 | 000,712,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftFSlh.sys -- (sftfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=SNNT&bmod=SNNT
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=WLEM
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.nyit.edu:80

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o...?o=14196&l=dis"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.11.3.15590
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {59c6f12b-f004-43e5-9997-08f2123119b6}:2.5.0.3
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - prefs.js..network.proxy.http: "proxy.nyit.edu"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 1


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/28 23:34:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/16 21:37:32 | 000,000,000 | ---D | M]

[2010/01/18 20:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2011/04/28 21:57:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions
[2011/01/29 15:54:59 | 000,000,000 | ---D | M] (ooVoo Toolbar) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}
[2011/03/26 14:39:09 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011/03/26 15:00:34 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/01/21 22:06:22 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2011/04/04 14:11:52 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\DefaultManager@Microsoft
[2011/03/26 11:25:10 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\[email protected]
[2010/01/18 21:00:43 | 000,001,490 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dtjezeih.default\searchplugins\AIM Search.xml
[2010/12/29 19:29:02 | 000,002,396 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dtjezeih.default\searchplugins\askcom.xml
[2011/01/29 15:54:33 | 000,001,919 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dtjezeih.default\searchplugins\bing-zugo.xml
[2010/08/06 20:27:46 | 000,000,881 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dtjezeih.default\searchplugins\conduit.xml
[2011/02/16 21:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/02/16 21:37:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/04/28 23:06:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.35.176.53 64.35.176.54
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/03 18:22:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{98EB6226-1923-41EA-B2A1-FDE5A9ED198A}
[2011/05/03 15:31:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{821DE122-B5DD-4B3F-9D31-EEB2057211DF}
[2011/05/02 21:56:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7A2B3192-9BA1-451D-83FB-ED8ADF701A66}
[2011/05/02 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C9E593A6-4630-43C3-B6B1-4F9BA6EE1520}
[2011/05/01 22:09:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{75F8DB63-B608-4B8D-8640-F9A5B0045A41}
[2011/05/01 10:08:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{246343A8-FAA2-4163-BB26-87D60A815C5E}
[2011/04/30 12:08:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D7F077C7-83BF-4FCE-AEF1-12BD84C736CB}
[2011/04/29 11:38:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F04B1496-5B52-461F-9917-5CC17425EC9B}
[2011/04/28 23:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/04/28 23:46:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/04/28 23:36:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{989E8153-155C-4159-9493-0B89D9AF8EB6}
[2011/04/28 23:33:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/04/28 23:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/04/28 23:08:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CC94715A-494F-43E2-B167-F2E66E777E4D}
[2011/04/28 23:06:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/04/28 22:18:26 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/04/26 20:16:48 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/04/26 20:16:48 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/04/26 20:16:48 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/04/26 20:13:15 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/04/26 19:59:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/04/25 20:17:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2011/04/25 20:15:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/04/25 20:15:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/25 20:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/25 20:15:25 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/04/25 20:15:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/04/21 19:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/21 19:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/21 19:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/21 19:46:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/04/21 19:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/21 19:43:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/04/20 20:37:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Intel Corporation
[2011/04/20 20:29:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2011/04/20 20:27:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\InstallShield
[2011/04/13 00:51:58 | 000,000,000 | ---D | C] -- C:\461fbad7c3ffb72aa5b823635525d3

========== Files - Modified Within 30 Days ==========

[2011/05/03 20:21:00 | 000,821,886 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/03 20:21:00 | 000,692,034 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/03 20:21:00 | 000,131,630 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/03 20:08:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/03 18:27:34 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/03 18:27:34 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/03 18:21:19 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/03 18:19:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/03 18:19:24 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/01 11:09:59 | 000,024,142 | ---- | M] () -- C:\test.xml
[2011/04/29 21:12:07 | 000,000,629 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2011/04/28 23:46:51 | 000,001,080 | -H-- | M] () -- C:\IPH.PH
[2011/04/28 23:46:45 | 000,001,937 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/04/28 23:46:45 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/04/28 23:34:10 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/04/28 23:33:59 | 000,835,732 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/28 23:06:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/04/28 21:38:18 | 215,007,711 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/28 21:37:44 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat
[2011/04/25 20:15:53 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/21 19:48:05 | 000,002,515 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/04/13 20:19:02 | 000,365,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/04/28 23:46:45 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/04/28 23:34:10 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/04/28 23:33:47 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/04/28 21:37:44 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat
[2011/04/26 20:16:48 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/04/26 20:16:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/04/26 20:16:48 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/04/26 20:16:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/04/26 20:16:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/04/25 20:30:22 | 215,007,711 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/04/25 20:15:53 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/19 13:00:00 | 000,011,264 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/18 22:42:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/11 10:12:56 | 000,835,732 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2010/01/18 21:03:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\acccore
[2011/01/20 22:38:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Auslogics
[2011/01/23 02:18:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitTorrent
[2011/03/26 15:06:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DVDVideoSoft
[2011/03/26 15:00:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/12/30 18:48:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FrostWire
[2010/03/13 23:12:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NVD
[2010/01/18 20:54:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details
[2010/06/06 19:32:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\oovooinstaller
[2010/06/03 11:28:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PhotoScape
[2011/01/02 09:29:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SoftGrid Client
[2010/08/17 19:50:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SystemRequirementsLab
[2010/03/13 23:12:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TP
[2011/04/06 14:05:09 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

[RKinner]

/md5start
iastor.sys
/md5stop


:OTL
[2011/05/03 18:22:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{98EB6226-1923-41EA-B2A1-FDE5A9ED198A}
[2011/05/03 15:31:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{821DE122-B5DD-4B3F-9D31-EEB2057211DF}
[2011/05/02 21:56:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7A2B3192-9BA1-451D-83FB-ED8ADF701A66}
[2011/05/02 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C9E593A6-4630-43C3-B6B1-4F9BA6EE1520}
[2011/05/01 22:09:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{75F8DB63-B608-4B8D-8640-F9A5B0045A41}
[2011/05/01 10:08:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{246343A8-FAA2-4163-BB26-87D60A815C5E}
[2011/04/30 12:08:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D7F077C7-83BF-4FCE-AEF1-12BD84C736CB}
[2011/04/29 11:38:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F04B1496-5B52-461F-9917-5CC17425EC9B}
[2011/04/28 23:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/04/28 23:46:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/04/28 23:36:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{989E8153-155C-4159-9493-0B89D9AF8EB6}
[2011/04/28 23:33:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/04/28 23:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/04/28 23:08:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CC94715A-494F-43E2-B167-F2E66E777E4D}
     
:Commands
[purity]
[emptytemp]
[Reboot]

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.

Open OTL again and select either the Use SafeList or All option in the Extra Registry group then the Run Scan button. Post the two logs it produces in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan


On completion of the scan (Note if the Fix button is enabled and tell me) click save log, save it to your desktop and post in your next reply

Ron

[WildaNdCrazy]

Once again sorry for the delay.. here are the scans!

After doing this OTL scan and her computer rebooted, the screen was black and everything took awhile to load up. The mouse showed up then the log eventually opened, and then that's when the the desktop actually showed up.


All processes killed
Error: Unable to interpret </md5start> in the current context!
Error: Unable to interpret <iastor.sys> in the current context!
Error: Unable to interpret </md5stop> in the current context!
========== OTL ==========
C:\Users\Owner\AppData\Local\{98EB6226-1923-41EA-B2A1-FDE5A9ED198A} folder moved successfully.
C:\Users\Owner\AppData\Local\{821DE122-B5DD-4B3F-9D31-EEB2057211DF} folder moved successfully.
C:\Users\Owner\AppData\Local\{7A2B3192-9BA1-451D-83FB-ED8ADF701A66} folder moved successfully.
C:\Users\Owner\AppData\Local\{C9E593A6-4630-43C3-B6B1-4F9BA6EE1520} folder moved successfully.
C:\Users\Owner\AppData\Local\{75F8DB63-B608-4B8D-8640-F9A5B0045A41} folder moved successfully.
C:\Users\Owner\AppData\Local\{246343A8-FAA2-4163-BB26-87D60A815C5E} folder moved successfully.
C:\Users\Owner\AppData\Local\{D7F077C7-83BF-4FCE-AEF1-12BD84C736CB} folder moved successfully.
C:\Users\Owner\AppData\Local\{F04B1496-5B52-461F-9917-5CC17425EC9B} folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM folder moved successfully.
C:\Program Files (x86)\Common Files\Software Update Utility folder moved successfully.
C:\Users\Owner\AppData\Local\{989E8153-155C-4159-9493-0B89D9AF8EB6} folder moved successfully.
C:\Program Files (x86)\Microsoft Security Client\Antimalware\EN-US folder moved successfully.
Folder move failed. C:\Program Files (x86)\Microsoft Security Client\Antimalware scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Microsoft Security Client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Microsoft Security Client\en-us scheduled to be moved on reboot.
C:\Program Files\Microsoft Security Client\Backup\en-us folder moved successfully.
C:\Program Files\Microsoft Security Client\Backup\amd64 folder moved successfully.
C:\Program Files\Microsoft Security Client\Backup folder moved successfully.
C:\Program Files\Microsoft Security Client\Antimalware\EN-US folder moved successfully.
C:\Program Files\Microsoft Security Client\Antimalware\Drivers\mpnwmon folder moved successfully.
C:\Program Files\Microsoft Security Client\Antimalware\Drivers\mpfilter folder moved successfully.
C:\Program Files\Microsoft Security Client\Antimalware\Drivers folder moved successfully.
Folder move failed. C:\Program Files\Microsoft Security Client\Antimalware scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Microsoft Security Client scheduled to be moved on reboot.
C:\Users\Owner\AppData\Local\{CC94715A-494F-43E2-B167-F2E66E777E4D} folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Owner
->Temp folder emptied: 16095401 bytes
->Temporary Internet Files folder emptied: 39543709 bytes
->Java cache emptied: 66785218 bytes
->FireFox cache emptied: 47440641 bytes
->Google Chrome cache emptied: 384076679 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1258897 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1588329 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 620307 bytes
RecycleBin emptied: 10826097 bytes

Total Files Cleaned = 542.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05092011_194001

Files\Folders moved on Reboot...
Folder move failed. C:\Program Files (x86)\Microsoft Security Client\Antimalware scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Microsoft Security Client\Antimalware scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Microsoft Security Client scheduled to be moved on reboot.
C:\Program Files\Microsoft Security Client\en-us folder moved successfully.
Folder move failed. C:\Program Files\Microsoft Security Client\Antimalware scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Microsoft Security Client\Antimalware scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Microsoft Security Client scheduled to be moved on reboot.
C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


---------------------------------------------------
---------------------------------------------------


OTL logfile created on: 5/9/2011 7:57:13 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.21 Gb Total Space | 403.74 Gb Free Space | 88.31% Space Free | Partition Type: NTFS
Drive D: | 3.74 Gb Total Space | 3.73 Gb Free Space | 99.97% Space Free | Partition Type: FAT32

Computer Name: OWNER-VAIO | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/07 20:11:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/06/24 17:40:44 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/11/30 23:20:00 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/11/30 23:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/10/26 16:51:48 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
PRC - [2009/10/26 16:51:48 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/10/26 16:51:44 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/10/26 16:51:44 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
PRC - [2009/10/24 07:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/10/24 07:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009/10/05 17:57:46 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
PRC - [2009/10/05 17:42:48 | 000,161,080 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2009/10/05 17:42:48 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
PRC - [2009/10/05 17:42:46 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2009/09/23 16:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/09/23 16:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/08/26 23:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2008/09/18 14:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe


========== Modules (SafeList) ==========

MOD - [2011/05/07 20:11:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/10/25 17:55:26 | 000,387,896 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010/10/25 17:26:34 | 000,101,152 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010/10/25 17:12:24 | 000,549,168 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2010/09/27 15:13:22 | 000,303,872 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/30 23:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009/09/17 03:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV:64bit: - [2009/09/04 17:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/02/28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/10/12 15:52:48 | 000,423,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010/09/27 15:13:26 | 000,074,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2010/09/27 15:12:36 | 000,864,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010/09/10 08:47:30 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010/09/10 08:47:30 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010/06/24 17:40:44 | 000,046,080 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe -- (Oasis2Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/11/30 23:20:00 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/10/26 16:51:48 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2009/10/26 16:51:48 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/10/26 16:51:46 | 000,411,976 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC)
SRV - [2009/10/26 16:51:44 | 003,197,256 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/10/26 16:51:44 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/10/24 07:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/09/23 16:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/09/23 16:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/08/31 05:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/08/31 05:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/20 20:10:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/09/18 14:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/18 20:34:04 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009/11/18 16:07:14 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/11/18 16:07:13 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/11/18 16:07:13 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/11/18 16:07:12 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009/11/18 16:06:44 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/11/12 16:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/11/12 16:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/12 16:05:01 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/11/11 16:05:13 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/11/06 16:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009/10/27 16:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/26 16:51:48 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srtspl64.sys -- (SRTSPL)
DRV:64bit: - [2009/10/26 16:51:48 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009/10/26 16:51:48 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2009/10/09 22:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/23 16:04:52 | 000,025,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/09/15 16:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009/08/19 16:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 18:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/04/18 10:06:04 | 001,828,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110509.002\EX64.SYS -- (NAVEX15)
DRV - [2011/04/18 10:06:04 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110509.002\ENG64.SYS -- (NAVENG)
DRV - [2010/06/17 04:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/06/17 04:00:00 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/10/26 16:51:48 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\srtspl64.sys -- (SRTSPL)
DRV - [2009/10/26 16:51:48 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\srtsp64.sys -- (SRTSP)
DRV - [2009/10/26 16:51:48 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\srtspx64.sys -- (SRTSPX)
DRV - [2009/09/23 16:04:42 | 000,261,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009/09/23 16:04:42 | 000,017,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftVollh.sys -- (sftvol)
DRV - [2009/09/23 16:04:38 | 000,712,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftFSlh.sys -- (sftfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=SNNT&bmod=SNNT
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=WLEM
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.nyit.edu:80

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o...?o=14196&l=dis"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.11.3.15590
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {59c6f12b-f004-43e5-9997-08f2123119b6}:2.5.0.3
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - prefs.js..network.proxy.http: "proxy.nyit.edu"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 1


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/28 23:34:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/16 21:37:32 | 000,000,000 | ---D | M]

[2010/01/18 20:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2011/04/28 21:57:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions
[2011/01/29 15:54:59 | 000,000,000 | ---D | M] (ooVoo Toolbar) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}
[2011/03/26 14:39:09 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011/03/26 15:00:34 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/01/21 22:06:22 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2011/04/04 14:11:52 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\DefaultManager@Microsoft
[2011/03/26 11:25:10 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dtjezeih.default\extensions\[email protected]
[2010/01/18 21:00:43 | 000,001,490 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dtjezeih.default\searchplugins\AIM Search.xml
[2010/12/29 19:29:02 | 000,002,396 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dtjezeih.default\searchplugins\askcom.xml
[2011/01/29 15:54:33 | 000,001,919 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dtjezeih.default\searchplugins\bing-zugo.xml
[2010/08/06 20:27:46 | 000,000,881 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dtjezeih.default\searchplugins\conduit.xml
[2011/02/16 21:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/02/16 21:37:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/04/28 23:06:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.35.176.53 64.35.176.54
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/09 19:51:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{80298492-0601-4459-95A2-11A0334A4AF3}
[2011/05/09 19:40:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/09 18:28:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{126708BF-365D-4F4E-857F-7AAE31F47504}
[2011/05/08 10:18:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FF7F0C60-469B-4FFF-BCA9-8ADB62629D96}
[2011/05/07 11:05:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9B9F2B96-3D2F-4188-B15B-3C12DE0888B0}
[2011/05/06 20:40:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B84F73BF-CD59-4478-8154-4B016CF67CA1}
[2011/05/06 16:50:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4D4D15A5-FC28-4C5D-8C79-8E56E1D3B548}
[2011/05/05 17:54:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CB3CB219-5546-4D1E-A27C-652268D31EBA}
[2011/05/04 19:23:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{AD0ED217-9758-4098-81B8-C2D8ACA82CCB}
[2011/04/29 15:56:51 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/29 15:56:49 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/04/29 15:56:45 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/04/29 15:56:45 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/04/29 15:55:30 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/04/29 15:55:29 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/04/29 15:55:29 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/04/29 15:55:29 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/04/29 15:55:29 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/04/29 15:55:27 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/04/29 15:55:27 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011/04/29 15:55:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/04/29 15:55:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/04/28 23:33:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/04/28 23:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/04/28 23:33:30 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011/04/28 23:06:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/04/28 22:18:26 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/04/26 20:16:48 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/04/26 20:16:48 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/04/26 20:16:48 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/04/26 20:13:15 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/04/26 19:59:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/04/25 20:17:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2011/04/25 20:15:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/04/25 20:15:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/25 20:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/25 20:15:25 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/04/25 20:15:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/04/21 19:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/21 19:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/21 19:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/21 19:46:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/04/21 19:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/21 19:43:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/04/20 20:37:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Intel Corporation
[2011/04/20 20:29:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2011/04/20 20:27:55 | 000,540,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/04/20 20:27:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\InstallShield
[2011/04/13 00:51:58 | 000,000,000 | ---D | C] -- C:\461fbad7c3ffb72aa5b823635525d3
[2011/04/12 20:15:25 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/04/12 20:15:25 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/04/12 20:15:22 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/04/12 20:15:22 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/04/12 20:15:22 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/04/12 20:15:16 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/04/12 20:15:16 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/04/12 20:15:15 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/04/12 20:15:15 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/04/12 20:15:11 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/04/12 20:15:11 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/04/12 20:15:11 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/04/12 20:15:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/04/12 20:14:39 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/04/12 20:14:39 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/04/12 20:14:39 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/04/12 20:14:39 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/04/12 20:14:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/04/12 20:14:38 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/04/12 20:14:38 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/04/12 20:14:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/04/12 20:14:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/04/12 20:14:38 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/04/12 20:14:37 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/04/12 20:14:37 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/04/12 20:14:37 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/04/12 20:14:37 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/04/12 20:14:24 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/04/12 20:14:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/04/12 20:14:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/04/12 20:14:18 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/04/12 20:14:17 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/04/12 20:14:17 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/04/12 20:14:17 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/04/12 20:14:17 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/04/12 20:14:17 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/04/12 20:14:17 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/04/12 20:14:14 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe

========== Files - Modified Within 30 Days ==========

[2011/05/09 19:56:44 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/09 19:56:44 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/09 19:48:57 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/09 19:48:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/09 19:47:27 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/09 19:38:41 | 000,821,886 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/09 19:38:41 | 000,692,034 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/09 19:38:41 | 000,131,630 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/09 19:08:11 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/04 19:48:18 | 000,025,727 | ---- | M] () -- C:\Users\Owner\Desktop\Delta-Xi-Zeta-Banner.jpg
[2011/05/01 11:09:59 | 000,024,142 | ---- | M] () -- C:\test.xml
[2011/04/29 21:12:07 | 000,000,629 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2011/04/28 23:46:51 | 000,001,080 | -H-- | M] () -- C:\IPH.PH
[2011/04/28 23:46:45 | 000,001,937 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/04/28 23:46:45 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/04/28 23:34:10 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/04/28 23:33:59 | 000,835,732 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/28 23:06:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/04/28 21:38:18 | 215,007,711 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/28 21:37:44 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat
[2011/04/25 20:15:53 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/21 19:48:05 | 000,002,515 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/04/13 20:19:02 | 000,365,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/05/04 19:48:24 | 000,025,727 | ---- | C] () -- C:\Users\Owner\Desktop\Delta-Xi-Zeta-Banner.jpg
[2011/04/28 23:46:45 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/04/28 23:34:10 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/04/28 23:33:47 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/04/28 21:37:44 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat
[2011/04/26 20:16:48 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/04/26 20:16:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/04/26 20:16:48 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/04/26 20:16:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/04/26 20:16:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/04/25 20:30:22 | 215,007,711 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/04/25 20:15:53 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/19 13:00:00 | 000,011,264 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/18 22:42:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/11 10:12:56 | 000,835,732 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >


-------------------------------------------
-------------------------------------------


OTL Extras logfile created on: 5/9/2011 7:57:13 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.21 Gb Total Space | 403.74 Gb Free Space | 88.31% Space Free | Partition Type: NTFS
Drive D: | 3.74 Gb Total Space | 3.73 Gb Free Space | 99.97% Space Free | Partition Type: FAT32

Computer Name: OWNER-VAIO | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C6B6716-84AC-412A-A296-247D41EBB7FB}" = Setup_msm_VCMS_x64
"{20140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java™ 6 Update 17 (64-bit)
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{530992D4-DDBA-4F68-8B0D-FF50AC57531B}" = Symantec Endpoint Protection
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{725D5BA4-E9FA-452B-8CF5-D7E5F8055C71}" = VAIO Content Metadata Intelligent Network Service Manager
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7ECD4ACB-E1B6-425B-B8AA-5761A59B77E0}" = Setup_VEP_x64_Contain_SSDB
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{8FE3CF66-4484-4D39-B47D-DEBBA173619D}" = VAIO Content Metadata Manager Settings
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C58294-36D8-4594-8A49-7AB4AE096504}" = VAIO Content Metadata XML Interface Library
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A1255354-11F3-4D25-95CC-C9B1C2320761}" = VAIO Content Metadata Intelligent Analyzing Manager
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C69A835B-67A5-4542-AD24-FE36E3140BA9}" = Setup_msm_VOFS_x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{DBB823F3-E8BD-4578-9D16-42AF176FD777}" = VAIO Personalization Manager
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00721C5E-5B17-494C-95E5-208415864F62}" =
"{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF}" = VAIO Messenger
"{0489D044-6386-4BDF-9F98-577D60CF79DD}" = VAIO Entertainment Platform
"{04EAE65A-CDCF-480F-B754-5C3A9364239C}" = VAIO Original Function Settings
"{06C05B90-2127-4933-8ABA-61833BDE13FA}" = VAIO Content Monitoring Settings
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play with PlayStation®3
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0931A702-634B-4B1E-B21F-4B5797CB2BA5}" = System Requirements Lab CYRI
"{094378A9-A706-4685-99AE-6D5D1F51B6A9}" = Sony Home Network Library
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F962B79-D0DC-40D9-96BA-ED1355120CBA}" = QuickBooks Financial Center
"{127C8955-B5C5-4682-9428-B8243EC4E6AE}" = Remote Play with PlayStation 3
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Startup Assistant
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20140062-0062-0409-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 (Beta) - English
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 24
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A221E47-E361-45C3-886A-7B2D7AD0E5AA}" = SOHLib Merge Module
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote Keyboard with PlayStation 3
"{6754AE0D-B2E1-45E4-835F-FDFEC373DE8A}" = VAIO Hardware Diagnostics
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Power Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A6B90666-2A1F-49E8-A40E-27EAAD11C096}" = Sony Home Network Library
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA4DA261-CB60-4690-B202-44998DFC6986}" = Microsoft SQL Server 2008 Setup Support Files
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{DB1C9CB7-DF65-4991-BD17-71BF9CD15BA0}" = VAIO Help and Support
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}" = Oasis2Service 1.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F48A53B8-7806-443A-A5A5-A07DF808B745}" = Media Gallery
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Academy of Magic" = GameHouse Games Collection: Academy of Magic
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adventure Inlay" = GameHouse Games Collection: Adventure Inlay
"Adventure Inlay - Safari Edition" = GameHouse Games Collection: Adventure Inlay - Safari Edition
"AIM Toolbar" = AIM Toolbar
"AIM_7" = AIM 7
"Air Strike 3D" = GameHouse Games Collection: Air Strike 3D
"Alien Sky" = GameHouse Games Collection: Alien Sky
"Aloha Solitaire" = GameHouse Games Collection: Aloha Solitaire
"Aloha TriPeaks" = GameHouse Games Collection: Aloha TriPeaks
"Ancient Tri-Jong" = GameHouse Games Collection: Ancient Tri-Jong
"Ancient Tripeaks" = GameHouse Games Collection: Ancient Tripeaks
"Astrobatics" = GameHouse Games Collection: Astrobatics
"Atlantis" = GameHouse Games Collection: Atlantis
"Atlas Of Histology" = Atlas Of Histology
"Atomaders" = GameHouse Games Collection: Atomaders
"Bejeweled 2" = GameHouse Games Collection: Bejeweled 2
"Bejeweled 31.0" = Bejeweled 3
"Bewitched" = GameHouse Games Collection: Bewitched
"Big Kahuna Reef" = GameHouse Games Collection: Big Kahuna Reef
"BitTorrent" = BitTorrent
"Boggle Supreme" = GameHouse Games Collection: Boggle Supreme
"Bounce Out Blitz" = GameHouse Games Collection: Bounce Out Blitz
"Casino Island To Go" = GameHouse Games Collection: Casino Island To Go
"Chainz" = GameHouse Games Collection: Chainz
"Chainz 2: Relinked" = GameHouse Games Collection: Chainz 2 - Relinked
"Charm Solitaire" = GameHouse Games Collection: Charm Solitaire
"Charm Tale" = GameHouse Games Collection: Charm Tale
"Chicktionary" = GameHouse Games Collection: Chicktionary
"Chuzzle Deluxe" = GameHouse Games Collection: Chuzzle Deluxe
"Collapse! Crunch" = GameHouse Games Collection: Collapse! Crunch
"Combo Chaos!" = GameHouse Games Collection: Combo Chaos!
"Crystal Path" = GameHouse Games Collection: Crystal Path
"Cubis Gold 2" = GameHouse Games Collection: Cubis Gold 2
"Digby's Donuts" = GameHouse Games Collection: Digby's Donuts
"Diner Dash" = GameHouse Games Collection: Diner Dash
"Feeding Frenzy" = GameHouse Games Collection: Feeding Frenzy
"Fiber Twig" = GameHouse Games Collection: Fiber Twig
"Five Card Deluxe" = GameHouse Games Collection: Five Card Deluxe
"Flip Words" = GameHouse Games Collection: Flip Words
"Flying Leo" = GameHouse Games Collection: Flying Leo
"Fortune Tiles Gold" = GameHouse Games Collection: Fortune Tiles Gold
"Free Studio_is1" = Free Studio version 5.0.8
"Fresco Wizard" = GameHouse Games Collection: Fresco Wizard
"FrostWire" = FrostWire 4.21.3
"GameHouse Sudoku" = GameHouse Games Collection: GameHouse Sudoku
"Gearz" = GameHouse Games Collection: Gearz
"Google Chrome" = Google Chrome
"Granny in Paradise" = GameHouse Games Collection: Granny in Paradise
"Gutterball" = GameHouse Games Collection: Gutterball
"Gutterball 2" = GameHouse Games Collection: Gutterball 2
"Hamsterball" = GameHouse Games Collection: Hamsterball
"Hello!" = GameHouse Games Collection: Hello!
"Holiday Express" = GameHouse Games Collection: Holiday Express
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Iggle Pop!" = GameHouse Games Collection: Iggle Pop!
"Incadia" = GameHouse Games Collection: Incadia
"Incredible Ink" = GameHouse Games Collection: Incredible Ink
"Insaniquarium Deluxe" = GameHouse Games Collection: Insaniquarium Deluxe
"Inspector Parker" = GameHouse Games Collection: Inspector Parker
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"Invadazoid" = GameHouse Games Collection: Invadazoid
"Jewel Quest" = GameHouse Games Collection: Jewel Quest
"Lemonade Tycoon" = GameHouse Games Collection: Lemonade Tycoon
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Luxor" = GameHouse Games Collection: Luxor
"Mad Caps" = GameHouse Games Collection: Mad Caps
"Magic Ball 2" = GameHouse Games Collection: Magic Ball 2
"Magic Ball 2 - New Worlds" = GameHouse Games Collection: Magic Ball 2 - New Worlds
"Magic Ball Deluxe" = GameHouse Games Collection: Magic Ball
"Magic Inlay" = GameHouse Games Collection: Magic Inlay
"Magic Vines" = GameHouse Games Collection: Magic Vines
"Mah Jong Adventures" = GameHouse Games Collection: Mah Jong Adventures
"Mah Jong Medley" = GameHouse Games Collection: Mah Jong Medley
"Mah Jong Quest" = GameHouse Games Collection: Mah Jong Quest
"Mahjong Garden To Go" = GameHouse Games Collection: Mahjong Garden To Go
"Mahjong Towers Eternity" = GameHouse Games Collection: Mahjong Towers Eternity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maui Wowee" = GameHouse Games Collection: Maui Wowee
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"oovootoolbar" = ooVoo Toolbar
"Phlinx To Go" = GameHouse Games Collection: Phlinx To Go
"PhotoScape" = PhotoScape
"Pin High Country Club Golf" = GameHouse Games Collection: Pin High Country Club Golf
"Pizza Frenzy" = GameHouse Games Collection: Pizza Frenzy
"Platypus" = GameHouse Games Collection: Platypus
"Poker Superstars" = GameHouse Games Collection: Poker Superstars
"Puzzle Express" = GameHouse Games Collection: Puzzle Express
"Puzzle Inlay" = GameHouse Games Collection: Puzzle Inlay
"Puzzle Solitaire" = GameHouse Games Collection: Puzzle Solitaire
"QBz" = GameHouse Games Collection: QBz
"Reader's Digest Super Word Power" = GameHouse Games Collection: Reader's Digest Super Word Power
"Ricochet" = GameHouse Games Collection: Ricochet
"Ricochet Lost Worlds" = GameHouse Games Collection: Ricochet Lost Worlds
"Ricochet Lost Worlds: Recharged" = GameHouse Games Collection: Ricochet Lost Worlds - Recharged
"Roller Rush" = GameHouse Games Collection: Roller Rush
"Saints & Sinners Bingo" = GameHouse Games Collection: Saints & Sinners Bingo
"SCRABBLE" = GameHouse Games Collection: SCRABBLE
"Shape Shifter" = GameHouse Games Collection: Shape Shifter
"ShapeCollage" = Shape Collage
"Slingo Deluxe" = GameHouse Games Collection: Slingo Deluxe
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Spelvin" = GameHouse Games Collection: Spelvin
"Splash" = GameHouse Games Collection: Splash
"Spring Sprang Sprung" = GameHouse Games Collection: Spring Sprang Sprung
"Super 5-Line Slots" = GameHouse Games Collection: Super 5-Line Slots
"Super Blackjack!" = GameHouse Games Collection: Super Blackjack!
"Super Bounce Out!" = GameHouse Games Collection: Super Bounce Out!
"Super Candy Cruncher" = GameHouse Games Collection: Super Candy Cruncher
"Super Collapse!" = GameHouse Games Collection: Super Collapse!
"Super Collapse! II" = GameHouse Games Collection: Super Collapse! II
"Super Collapse! II Platinum" = GameHouse Games Collection: Super Collapse! II Platinum
"Super Fruit Frolic" = GameHouse Games Collection: Super Fruit Frolic
"Super GameHouse Solitaire Vol. 1" = GameHouse Games Collection: Super GameHouse Solitaire Vol. 1
"Super GameHouse Solitaire Vol. 2" = GameHouse Games Collection: Super GameHouse Solitaire Vol. 2
"Super GameHouse Solitaire Vol. 3" = GameHouse Games Collection: Super GameHouse Solitaire Vol. 3
"Super Gem Drop" = GameHouse Games Collection: Super Gem Drop
"Super Glinx!" = GameHouse Games Collection: Super Glinx!
"Super Letter Linker" = GameHouse Games Collection: Super Letter Linker
"Super Mah Jong Solitaire" = GameHouse Games Collection: Super Mah Jong Solitaire
"Super Nisqually" = GameHouse Games Collection: Super Nisqually
"Super PileUp!" = GameHouse Games Collection: Super PileUp!
"Super Pool" = GameHouse Games Collection: Super Pool
"Super Pop & Drop!" = GameHouse Games Collection: Super Pop & Drop!
"Super Rumble Cube" = GameHouse Games Collection: Super Rumble Cube
"Super SpongeBob Collapse!" = GameHouse Games Collection: Super SpongeBob Collapse!
"Super TextTwist" = GameHouse Games Collection: Super TextTwist
"Super WHATword" = GameHouse Games Collection: Super WHATword
"Super Wild Wild Words" = GameHouse Games Collection: Super Wild Wild Words
"Tap a Jam" = GameHouse Games Collection: Tap a Jam
"Ten Pin Championship Bowling Pro" = GameHouse Games Collection: Ten Pin Championship Bowling Pro
"Tennis Titans" = GameHouse Games Collection: Tennis Titans
"Tradewinds 2" = GameHouse Games Collection: Tradewinds 2
"Trivia Machine" = GameHouse Games Collection: Trivia Machine
"Tropical Swaps" = GameHouse Games Collection: Tropical Swaps
"Tumblebugs" = GameHouse Games Collection: Tumblebugs
"Turtle Bay" = GameHouse Games Collection: Turtle Bay
"Twistingo" = GameHouse Games Collection: Twistingo
"Ultimate Dominoes" = GameHouse Games Collection: Ultimate Dominoes
"Uninstall_is1" = Uninstall 1.0.0.1
"VAIO Messenger" = VAIO Messenger
"Varmintz Deluxe" = GameHouse Games Collection: Varmintz Deluxe
"Walls of Jericho, The" = GameHouse Games Collection: Walls of Jericho, The
"Wheel of Fortune" = GameHouse Games Collection: Wheel of Fortune
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Word Jolt" = GameHouse Games Collection: Word Jolt
"Word Slinger" = GameHouse Games Collection: Word Slinger
"WordJong To Go" = GameHouse Games Collection: WordJong To Go
"Zuma Deluxe" = GameHouse Games Collection: Zuma Deluxe

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/6/2011 4:51:08 PM | Computer Name = Owner-VAIO | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 172.16.21.44:5353 4 Owner-VAIO.local.
Addr 172.16.21.44

Error - 5/6/2011 4:51:08 PM | Computer Name = Owner-VAIO | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Reseting to Probing: 4 Owner-VAIO.local.
Addr 172.16.26.39

Error - 5/6/2011 4:51:08 PM | Computer Name = Owner-VAIO | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 172.16.21.44:5353 4 Owner-VAIO.local.
Addr 172.16.21.44

Error - 5/6/2011 4:51:08 PM | Computer Name = Owner-VAIO | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Reseting to Probing: 16 Owner-VAIO.local.
AAAA FE80:0000:0000:0000:24C8:B3FB:1841:94AF

Error - 5/7/2011 11:00:59 AM | Computer Name = Owner-VAIO | Source = Application Virtualization Client | ID = 5009
Description = {hap=14:app=OfficeVirt 2014006204090000:tid=CE0} The Application Virtualization
Client could not connect to stream URL 'http://c2r.microsoft.com/EssentialsC2R/en-us/14.0.4536.1000/EssentialsC2R.en-us_14.0.4545.1000.sft'
(rc 24603A0A-40000194, original rc 24603A0A-40000194).

Error - 5/7/2011 11:00:59 AM | Computer Name = Owner-VAIO | Source = Application Virtualization Client | ID = 3008
Description = {hap=14:app=OfficeVirt 2014006204090000:tid=CE0} The client was unable
to connect to an Application Virtualization Server (rc 24603A0A-40000194)

Error - 5/7/2011 2:49:57 PM | Computer Name = OWNER-VAIO | Source = Application Virtualization Client | ID = 5009
Description = {hap=14:app=OfficeVirt 2014006204090000:tid=1528} The Application Virtualization
Client could not connect to stream URL 'http://c2r.microsoft.com/EssentialsC2R/en-us/14.0.4536.1000/EssentialsC2R.en-us_14.0.4545.1000.sft'
(rc 24603A0A-40000194, original rc 24603A0A-40000194).

Error - 5/7/2011 2:49:57 PM | Computer Name = OWNER-VAIO | Source = Application Virtualization Client | ID = 3008
Description = {hap=14:app=OfficeVirt 2014006204090000:tid=1528} The client was unable
to connect to an Application Virtualization Server (rc 24603A0A-40000194)

Error - 5/9/2011 7:49:39 PM | Computer Name = Owner-VAIO | Source = Application Virtualization Client | ID = 5009
Description = {hap=14:app=OfficeVirt 2014006204090000:tid=D94} The Application Virtualization
Client could not connect to stream URL 'http://c2r.microsoft.com/EssentialsC2R/en-us/14.0.4536.1000/EssentialsC2R.en-us_14.0.4545.1000.sft'
(rc 24603A0A-40000194, original rc 24603A0A-40000194).

Error - 5/9/2011 7:49:39 PM | Computer Name = Owner-VAIO | Source = Application Virtualization Client | ID = 3008
Description = {hap=14:app=OfficeVirt 2014006204090000:tid=D94} The client was unable
to connect to an Application Virtualization Server (rc 24603A0A-40000194)

[ Media Center Events ]
Error - 2/28/2010 7:52:29 PM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 6:52:29 PM - Error connecting to the internet. 6:52:29 PM - Unable
to contact server..

Error - 2/28/2010 7:52:43 PM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 6:52:35 PM - Error connecting to the internet. 6:52:35 PM - Unable
to contact server..

Error - 3/1/2010 9:25:47 PM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 8:25:40 PM - Error connecting to the internet. 8:25:40 PM - Unable
to contact server..

Error - 3/6/2010 8:41:01 PM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 7:40:54 PM - Error connecting to the internet. 7:40:54 PM - Unable
to contact server..

Error - 3/11/2010 4:53:56 PM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 3:53:56 PM - Error connecting to the internet. 3:53:56 PM - Unable
to contact server..

Error - 3/11/2010 4:54:09 PM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 3:54:01 PM - Error connecting to the internet. 3:54:01 PM - Unable
to contact server..

Error - 3/15/2010 4:27:16 PM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 4:27:16 PM - Error connecting to the internet. 4:27:16 PM - Unable
to contact server..

Error - 3/15/2010 4:27:29 PM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 4:27:22 PM - Error connecting to the internet. 4:27:22 PM - Unable
to contact server..

Error - 3/19/2010 8:33:38 AM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 8:33:38 AM - Error connecting to the internet. 8:33:38 AM - Unable
to contact server..

Error - 3/19/2010 8:33:49 AM | Computer Name = Owner-VAIO | Source = MCUpdate | ID = 0
Description = 8:33:43 AM - Error connecting to the internet. 8:33:43 AM - Unable
to contact server..

[ System Events ]
Error - 5/8/2011 10:17:30 AM | Computer Name = Owner-VAIO | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:10:11 PM on ?5/?7/?2011 was unexpected.

Error - 5/8/2011 10:18:22 AM | Computer Name = Owner-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Upnp Server 10 service to connect.

Error - 5/9/2011 6:26:39 PM | Computer Name = Owner-VAIO | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:25:19 AM on ?5/?8/?2011 was unexpected.

Error - 5/9/2011 6:27:51 PM | Computer Name = Owner-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Oasis2Service
service to connect.

Error - 5/9/2011 6:27:51 PM | Computer Name = Owner-VAIO | Source = Service Control Manager | ID = 7000
Description = The Oasis2Service service failed to start due to the following error:
%%1053

Error - 5/9/2011 6:27:53 PM | Computer Name = Owner-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Upnp Server 10 service to connect.

Error - 5/9/2011 7:40:01 PM | Computer Name = Owner-VAIO | Source = Service Control Manager | ID = 7031
Description = The Symantec Event Manager service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 200 milliseconds:
Restart the service.

Error - 5/9/2011 7:40:01 PM | Computer Name = Owner-VAIO | Source = Service Control Manager | ID = 7031
Description = The Symantec Settings Manager service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 100
milliseconds: Restart the service.

Error - 5/9/2011 7:48:13 PM | Computer Name = Owner-VAIO | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:46:18 PM on ?5/?9/?2011 was unexpected.

Error - 5/9/2011 7:49:03 PM | Computer Name = Owner-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Upnp Server 10 service to connect.


< End of report >

[WildaNdCrazy]

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-09 20:11:20
-----------------------------
20:11:20.887 OS Version: Windows x64 6.1.7600
20:11:20.887 Number of processors: 4 586 0x2502
20:11:20.889 ComputerName: OWNER-VAIO UserName: Owner
20:11:22.520 Initialize success
20:11:24.369 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:11:24.373 Disk 0 Vendor: ST950032 0004 Size: 476940MB BusType: 3
20:11:24.379 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006d
20:11:24.384 Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0
20:11:24.389 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000006e
20:11:24.395 Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0
20:11:24.414 Disk 0 MBR read successfully
20:11:24.420 Disk 0 MBR scan
20:11:24.427 Disk 0 Windows 7 default MBR code
20:11:24.434 Service scanning
20:11:25.731 Disk 0 trace - called modules:
20:11:25.788 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
20:11:25.798 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800671a060]
20:11:25.807 3 CLASSPNP.SYS[fffff8800114f43f] -> nt!IofCallDriver -> [0xfffffa80046f1640]
20:11:25.818 5 ACPI.sys[fffff88000f2d781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046f6050]
20:11:25.828 Scan finished successfully
20:11:55.628 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
20:11:55.642 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

[RKinner]

I'm kicking myself for not seeing this earlier but you have Symantec and MSSE installed. They are fighting each other. Uninstall both of them.
Run the removal tool:
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

Replace with the free Avast!
http://www.avast.com...ivirus-download

Download, Save, and right click and Run As Administrator.

Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows.

[WildaNdCrazy]

Nah, I don't think it was always there. Someone else probably put it on there thinking they were doing something. Anyway thank you for your assistance, ill have to remember this process for next time.