Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"System Security 2012" Holding My Computer For Ransom Please H


  • This topic is locked This topic is locked

#16
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
You don't need to backup your data for OTL fix and VRT scan. But I recommend you to backup your valuable data on regular basis. You will never know when your hard disk will fail.

Leave all other setting as default.
  • 0

Advertisements


#17
Kennman

Kennman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Understand back-up (more in theory than practice); your question about Microsoft Office had me concerned about the fix but I pondered further and now assume it had to do with my outlook auto launch.

Will run the fix and scan tonight when I get home.

Thanks for your patience,

Kenn
  • 0

#18
Kennman

Kennman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Step one from above OTL fix and OTL quick scan logs.
VRT after I run it.
Kennman sends.

All processes killed
========== OTL ==========
C:\Documents and Settings\Master\Application Data\pvUJ1scHq folder moved successfully.
C:\Documents and Settings\Master\Application Data\gQAX5jQXymZtOrI folder moved successfully.
C:\Documents and Settings\Master\Application Data\P2edvJ1sY0aT9R8 folder moved successfully.
C:\Documents and Settings\Master\Application Data\NZ4tnL3fI2dUwY folder moved successfully.
C:\Documents and Settings\Master\Application Data\ZB8olFBoEViW folder moved successfully.
C:\Documents and Settings\Master\Application Data\OAX5ymP4nLrb2v1 folder moved successfully.
C:\Documents and Settings\Master\Application Data\UTNpR8E7WCuQ5Q5 folder moved successfully.
C:\Documents and Settings\Master\Application Data\xL3rfIKevJw folder moved successfully.
C:\Documents and Settings\Master\Application Data\DGN9pRF8lD7kCjX folder moved successfully.
C:\Documents and Settings\Master\Application Data\cgnOLrfI3fI2v1c folder moved successfully.
C:\Documents and Settings\Master\Application Data\YyhmP4gO3fI2v folder moved successfully.
C:\Documents and Settings\Master\Application Data\VnOL3Kv1s folder moved successfully.
C:\Documents and Settings\Master\Application Data\r4tgO3rbKevJsHa folder moved successfully.
C:\Documents and Settings\Master\Application Data\ElEFBolD7kS6Q5m folder moved successfully.
C:\Documents and Settings\Master\Application Data\BV7iS6uQXym4n3b folder moved successfully.
C:\Documents and Settings\Master\Application Data\HOL3rbI2fI2 folder moved successfully.
C:\Documents and Settings\Master\Application Data\NwscY0qxG9zFoD folder moved successfully.
C:\Documents and Settings\Master\Application Data\fgnOLtgO3fKeU folder moved successfully.
C:\Documents and Settings\Master\Application Data\BujQA5ymZtnLf folder moved successfully.
C:\Documents and Settings\Master\Application Data\JkWSCikS6jA5m4n folder moved successfully.
C:\Documents and Settings\Master\Application Data\z4tgnL3fI2dUwYq folder moved successfully.
C:\Documents and Settings\Master\Application Data\n8olEViW6jA5m4n folder moved successfully.
C:\Documents and Settings\Master\Application Data\jFB8oED7kS6jXPt folder moved successfully.
C:\Documents and Settings\Master\Application Data\KnOL3fbKrb folder moved successfully.
C:\Documents and Settings\Master\Application Data\hlD7iWS7kSuQ5m4 folder moved successfully.
C:\Documents and Settings\Master\Application Data\B8VEk6A5hPOKJcq folder moved successfully.
C:\Documents and Settings\Master\Application Data\jSC6uAXyZg3n3 folder moved successfully.
C:\Documents and Settings\Master\Application Data\DXym4gtLf2JsaGz folder moved successfully.
C:\Documents and Settings\Master\Application Data\r7ikWC6jA5hPtOr folder moved successfully.
C:\Documents and Settings\Master\Application Data\CxTGNpzF8lD folder moved successfully.
C:\Documents and Settings\Master\Application Data\u4tnfedUwcHqT9R folder moved successfully.
C:\Documents and Settings\Master\Application Data\UikWS6uQXymZgL folder moved successfully.
C:\{E4F98A39-9238-4533-A697-849CA473868A} moved successfully.
C:\{ECDB780B-1F56-4281-895F-7564678799C3} moved successfully.
C:\{755E84F9-BA0A-4642-A911-C0A0C13A075E} moved successfully.
C:\{4D7B2171-6C0F-40BC-965E-2F94AEFE2628} moved successfully.
C:\{52D1077B-565F-4795-8100-9EE7F638D569} moved successfully.
C:\{EF20FA85-E5E2-4BB0-94F0-75E394882A2A} moved successfully.
C:\{D13AD4D8-E9F6-4C42-BDD6-CD9DCC7B0B5D} moved successfully.
C:\{11F85857-A17D-40BD-8405-1DE1D15CED7A} moved successfully.
C:\{925ADB1A-73F8-47D2-89C0-E3425BA2B0EC} moved successfully.
C:\{047A39B3-68A9-408E-AC83-F613C74A846F} moved successfully.
C:\{6169566C-31EB-41A7-99B5-BDDE2BE3DCF6} moved successfully.
C:\{2A0DD5A0-5A3C-4745-8E31-1935DC3B937F} moved successfully.
C:\{E601309A-60D9-4CE0-A38F-506D400DD2C6} moved successfully.
C:\{132E73FA-5EE4-4E30-BE99-853A87AFDC14} moved successfully.
C:\{B88FDC18-95E4-4587-98F3-342200DA2942} moved successfully.
C:\{CF8F422B-442F-45FF-8330-AC0A1F87D283} moved successfully.
C:\{0D8712D4-B08C-4724-A3F3-4AF590282D6F} moved successfully.
C:\{A117FCBD-D698-4689-BBC9-D5F331B1CE2F} moved successfully.
C:\{A987ED71-8836-4D1D-9811-BFC50DA0F955} moved successfully.
C:\{55459539-6714-44B3-878B-8C487A3CC485} moved successfully.
C:\{A053E252-95C0-4E12-9EDA-ED3D46F93715} moved successfully.
C:\{2897AA25-8201-4BD3-9425-2A7D29BF29F2} moved successfully.
C:\{4F35E1EC-59E2-4A3B-AE7C-CF604C2CD533} moved successfully.
C:\{DA62E0B4-B167-45C4-801A-AA40823616F4} moved successfully.
C:\{36B769E7-162D-4099-A97D-02E8D7AF765F} moved successfully.
C:\{984B3819-E2C0-42EE-A63D-5A950CDC5374} moved successfully.
C:\{CC6DD585-3CEC-4B57-8E97-17016186DAB7} moved successfully.
C:\{4EA88700-BC29-4D9E-B7B9-A40BF2515B43} moved successfully.
C:\{D888FE9F-EF68-463C-A530-642FD4DAD660} moved successfully.
C:\{84DD3F56-806A-4469-A802-5BF17CADBC1E} moved successfully.
C:\{187640F1-E4B3-449C-8078-F78CC170F32F} moved successfully.
C:\{F4B0E654-1E47-4C65-8BCB-950CA5D8D1A0} moved successfully.
C:\{1C24970D-9E9B-44E5-A518-060201AA04B7} moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Master\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Master\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\Master\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Master\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\Master\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Master\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\Master\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Master\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\Master\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Master\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Master
->Temp folder emptied: 48729949 bytes
->Temporary Internet Files folder emptied: 82397234 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 3165619 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 38897 bytes

User: Owner

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 39097 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 135333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 128.00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: Master
->Java cache emptied: 0 bytes

User: NetworkService

User: Owner

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: Master
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Owner

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.31.0 log created on 11212011_172221

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


*********


Quick scan log:


OTL logfile created on: 11/21/2011 5:36:23 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Master\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.80 Mb Total Physical Memory | 87.09 Mb Available Physical Memory | 17.05% Memory free
1.22 Gb Paging File | 0.78 Gb Available in Paging File | 63.87% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 42.94 Gb Total Space | 28.47 Gb Free Space | 66.29% Space Free | Partition Type: NTFS
Drive D: | 19.86 Gb Total Space | 12.97 Gb Free Space | 65.31% Space Free | Partition Type: NTFS

Computer Name: MOBILEONE | User Name: Master | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/18 12:54:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Master\Desktop\OTL.exe
PRC - [2008/09/30 14:06:50 | 000,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/08 14:18:04 | 000,995,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/10/08 14:13:36 | 001,101,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/10/08 14:09:26 | 000,659,456 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/02/23 11:41:02 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2004/03/12 16:32:38 | 000,086,098 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
PRC - [2004/02/20 14:12:34 | 000,032,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2004/02/19 18:51:36 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKWnd.exe
PRC - [2004/02/12 23:01:24 | 000,098,304 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKServ.exe
PRC - [2004/01/17 03:36:44 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
PRC - [2003/12/11 23:03:06 | 000,167,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2003/12/05 12:32:56 | 000,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\shwserv.exe
PRC - [2003/12/05 12:32:06 | 000,090,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe
PRC - [2003/11/07 17:21:28 | 000,114,688 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2003/10/06 19:26:10 | 000,229,376 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\usbsircs\USBsircs.exe
PRC - [2003/09/19 17:42:00 | 000,974,848 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2003/09/19 17:42:00 | 000,061,440 | ---- | M] () -- C:\WINDOWS\ATK0100\Hcontrol.exe
PRC - [2003/06/25 10:24:48 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
PRC - [2003/02/26 11:08:42 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2002/08/20 10:29:26 | 000,040,960 | ---- | M] (Easy Systems Japan Ltd.) -- C:\WINDOWS\system32\ezSP_Px.exe
PRC - [2002/03/14 16:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe


========== Modules (No Company Name) ==========

MOD - [2008/03/24 20:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2007/10/08 14:03:22 | 000,245,760 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/05/17 14:42:26 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2004/03/03 12:29:58 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.dll
MOD - [2003/12/05 12:32:06 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony\Giga Pocket\RM_SVps.dll
MOD - [2003/09/19 17:42:00 | 000,974,848 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
MOD - [2003/09/19 17:42:00 | 000,061,440 | ---- | M] () -- C:\WINDOWS\ATK0100\Hcontrol.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2006/02/23 11:41:02 | 002,045,632 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/02/23 11:41:02 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2004/11/02 16:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe -- (SymWSC)
SRV - [2004/03/12 16:33:54 | 000,118,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service)
SRV - [2004/03/12 16:32:38 | 000,086,098 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -- (VAIO Entertainment File Import Service)
SRV - [2004/03/12 16:11:34 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2004/03/12 15:57:42 | 000,278,528 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -- (VAIO Entertainment UPnP Client Adapter)
SRV - [2004/03/12 11:20:34 | 001,691,648 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2004/03/05 12:35:34 | 000,184,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2004/02/25 04:22:06 | 000,737,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP)
SRV - [2004/02/25 04:22:06 | 000,737,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2004/02/25 04:12:38 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP)
SRV - [2004/02/25 04:12:38 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2004/02/04 13:29:58 | 000,118,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Giga Pocket\halsv.exe -- (Sony TV Tuner Controller)
SRV - [2003/12/09 05:38:14 | 000,065,625 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe -- (PACSPTISVR)
SRV - [2003/12/09 05:32:58 | 000,065,622 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe -- (SPTISRV)
SRV - [2003/12/05 12:32:56 | 000,077,824 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Giga Pocket\shwserv.exe -- (Giga Pocket Hardware Detector)
SRV - [2003/12/05 12:32:06 | 000,090,112 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe -- (Sony TV Tuner Manager)
SRV - [2003/10/30 11:48:10 | 001,286,144 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer)
SRV - [2003/08/11 00:07:38 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2009/10/20 10:10:08 | 000,040,552 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2007/08/27 11:10:36 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/07/25 17:44:28 | 002,210,048 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/10/07 17:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/03/19 18:10:54 | 000,224,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SONYTVC.sys -- (SONYTVC)
DRV - [2004/03/04 12:51:20 | 000,064,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
DRV - [2004/03/03 12:31:22 | 000,679,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/02/13 18:40:16 | 000,610,796 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/09 14:58:06 | 000,401,408 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2004/01/02 02:52:00 | 001,646,720 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w22n51.sys -- (w22n51) Intel®
DRV - [2003/10/14 16:08:22 | 000,197,120 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2003/10/14 16:05:48 | 000,679,808 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/10/14 16:04:16 | 001,043,072 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/29 13:31:38 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/09/19 17:42:00 | 000,005,786 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2003/03/14 10:12:50 | 000,279,680 | ---- | M] (OPEN INTERFACE.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oivmvcom.sys -- (oibtvcom)
DRV - [2003/01/06 17:20:14 | 000,015,616 | ---- | M] (OPEN INTERFACE.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oivmctrl.sys -- (oivmctrl)
DRV - [2002/11/18 17:20:44 | 000,030,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gv3.sys -- (gv3)
DRV - [2002/06/28 18:21:40 | 000,017,251 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2001/08/17 04:51:22 | 000,037,040 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyPI.sys -- (SPI)
DRV - [2001/07/24 10:34:34 | 000,007,520 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PELUSBlf.SYS -- (pelusblf)
DRV - [2000/12/05 16:18:02 | 000,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 19:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Master\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Master\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.02\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/12/28 10:35:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.02\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011/06/29 06:48:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Master\Application Data\Move Networks [2009/11/25 19:05:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.02\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/12/28 10:35:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.02\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011/06/29 06:48:11 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/11/21 17:22:43 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" irprops.cpl,,BluetoothAuthenticationAgent File not found
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe ()
O4 - HKLM..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe (Sony Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIO Update 2] C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk = C:\Program Files\Sony\usbsircs\USBsircs.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} http://supportsoft.a...ad/tgctlins.cab (Support.com Installer)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://activation.rr...ads/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternati.../00/alttiff.cab (AlternaTIFF ActiveX)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1193877428180 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1238513359353 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {A305FBA3-4A87-483D-A53B-138F9F635357} http://ciscdb.sel.so...tect/PCInfo.CAB (PCInfo.CMClass)
O16 - DPF: {C77FB8C0-8B6D-440E-AC26-2BD39E97E8F2} http://speedtest.ade...TESTACTIVEX.CAB (SpdTCtl Class)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8ECCEF79-9DEE-4EE4-9179-745645BF2969}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Master\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Master\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/03/26 18:11:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/21 17:22:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/18 12:54:08 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Master\Desktop\OTL.exe
[2011/11/18 12:29:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Application Data\Malwarebytes
[2011/11/18 12:28:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/18 12:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/18 12:28:45 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/18 12:28:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/18 12:26:39 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Master\Desktop\mbam-setup-1.51.2.1300.exe
[2011/11/17 17:40:52 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Master\Desktop\tdsskiller.exe
[2011/11/14 20:46:09 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/11/14 20:16:29 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Master\Desktop\aswMBR.exe
[2011/11/14 19:14:09 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/11/14 19:11:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/11/14 19:11:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/11/14 19:11:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/11/14 19:10:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/14 19:10:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Master\Start Menu\Programs\Administrative Tools
[2011/11/14 19:08:29 | 004,293,495 | R--- | C] (Swearware) -- C:\Documents and Settings\Master\Desktop\ComboFix.exe
[2011/11/13 11:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Start Menu\Programs\HiJackThis
[2011/11/08 16:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Local Settings\Application Data\NPE
[2011/11/08 16:39:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Application Data\Tific
[2011/11/08 16:38:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Local Settings\Application Data\Symantec
[2011/11/07 21:35:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\My Documents\Symantec
[2011/11/07 21:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/11/07 21:13:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/11/07 21:13:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/11/07 20:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2011/11/07 20:57:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2011/11/07 20:50:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2011/11/07 16:44:12 | 000,000,000 | ---D | C] -- C:\NBRT

========== Files - Modified Within 30 Days ==========

[2011/11/21 17:33:36 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/21 17:33:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/21 17:33:23 | 535,678,976 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/21 17:22:43 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/11/18 12:54:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Master\Desktop\OTL.exe
[2011/11/18 12:28:50 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/18 12:26:53 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Master\Desktop\mbam-setup-1.51.2.1300.exe
[2011/11/17 17:41:13 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Master\Desktop\tdsskiller.exe
[2011/11/17 17:36:31 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Master\Application Data\Microsoft\Internet Explorer\Quick Launch\Lori email.lnk
[2011/11/14 21:41:21 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Lori email.lnk
[2011/11/14 20:40:45 | 000,000,525 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\MBR.zip
[2011/11/14 20:16:38 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Master\Desktop\aswMBR.exe
[2011/11/14 19:22:42 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/14 19:14:29 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/11/14 19:08:29 | 004,293,495 | R--- | M] (Swearware) -- C:\Documents and Settings\Master\Desktop\ComboFix.exe
[2011/11/13 11:26:29 | 000,002,449 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\HiJackThis.lnk
[2011/11/11 08:49:46 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Master\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/11/09 22:26:48 | 000,001,470 | ---- | M] () -- C:\Documents and Settings\Master\Application Data\SMRResults210.dat
[2011/11/09 22:09:36 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/11/09 22:08:24 | 000,001,260 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2011/11/07 18:42:36 | 606,076,928 | -HS- | M] () -- C:\NBRTPage.sys
[2011/11/06 17:14:40 | 000,445,082 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/06 17:14:40 | 000,072,792 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2011/11/18 12:28:50 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 20:40:45 | 000,000,525 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\MBR.zip
[2011/11/14 19:14:29 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/11/14 19:14:17 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/11/14 19:11:04 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/11/14 19:11:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/11/14 19:11:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/14 19:11:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/11/14 19:11:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/11/09 22:26:47 | 000,001,470 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\SMRResults210.dat
[2011/11/08 16:09:48 | 535,678,976 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/07 21:15:28 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/07 16:44:11 | 606,076,928 | -HS- | C] () -- C:\NBRTPage.sys
[2011/09/05 09:39:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2011/08/21 14:23:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2011/06/01 21:10:22 | 000,000,007 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/04/25 13:03:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010/02/21 09:19:57 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Multipressor
[2010/02/21 09:19:57 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Master\Application Data\Mallets
[2010/02/21 08:08:44 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\MediaFolder
[2010/02/21 08:08:44 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Master\Application Data\Machines
[2008/06/21 15:47:07 | 000,034,468 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2008/06/21 15:47:07 | 000,028,922 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2007/05/28 11:04:12 | 000,000,188 | ---- | C] () -- C:\WINDOWS\guitar.ini
[2007/03/22 18:11:06 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/03/07 22:08:13 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006/05/22 15:09:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/04/07 16:15:32 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\pnpchk.exe
[2006/04/07 16:10:11 | 000,000,008 | ---- | C] () -- C:\WINDOWS\usrwiz.ini
[2005/10/29 12:51:08 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2005/10/29 12:51:08 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2004/10/02 13:10:10 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/10/02 12:36:11 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/09/18 19:51:20 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Master\Local Settings\Application Data\fusioncache.dat
[2004/09/11 11:18:08 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Master\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/04/12 21:02:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\System32\Sony XBRITE.ini
[2004/04/12 21:02:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/04/12 20:55:42 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Px.ini
[2004/04/12 20:49:20 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/04/12 20:49:20 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/04/12 20:49:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/04/12 20:49:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/04/12 20:49:20 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/04/12 20:49:20 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/03/29 13:32:10 | 000,000,921 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/03/29 13:30:11 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2004/03/29 13:24:04 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2004/03/29 13:23:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pxhpinst.exe
[2004/03/29 13:22:38 | 000,090,832 | ---- | C] () -- C:\WINDOWS\NSUninst.exe
[2004/03/29 13:22:34 | 000,009,192 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2004/03/29 11:05:09 | 001,137,512 | ---- | C] () -- C:\WINDOWS\q323183_wxp_sp2_x86_enu.exe
[2004/03/29 10:53:40 | 000,526,184 | ---- | C] () -- C:\WINDOWS\q329692.exe
[2004/03/29 10:46:52 | 000,236,392 | ---- | C] () -- C:\WINDOWS\q329112.exe
[2004/03/29 10:44:37 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/03/29 10:38:10 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\elcric.dat
[2004/03/26 18:43:26 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/03/26 18:23:07 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/03/26 18:18:00 | 000,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/03/26 18:13:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/03/26 18:09:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/03/26 16:59:46 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2004/03/26 16:59:42 | 000,372,428 | ---- | C] () -- C:\WINDOWS\System32\drivers\SNYTVC6.DAT
[2004/03/26 16:59:42 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/03/26 16:59:28 | 000,005,786 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004/03/26 16:59:20 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/03/26 16:59:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/03/26 16:59:02 | 000,000,730 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/26 16:58:41 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/03/26 16:58:41 | 000,445,082 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/03/26 16:58:41 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/03/26 16:58:41 | 000,072,792 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/03/26 16:58:41 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/03/26 16:58:41 | 000,004,530 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/03/26 16:58:40 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/03/26 16:58:38 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/03/26 16:58:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/03/26 16:58:34 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/03/26 16:58:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/03/26 10:04:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/03/26 10:03:53 | 000,188,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/08/11 00:07:40 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2003/07/23 08:53:30 | 000,373,967 | ---- | C] () -- C:\WINDOWS\ml-uninstall-v10.exe
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/08/06 11:55:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\ml-WA3Shutdown.exe
[2002/06/12 12:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2002/04/02 17:08:34 | 000,311,108 | ---- | C] () -- C:\WINDOWS\ml-cleanup.exe
[2002/04/02 17:08:32 | 000,036,868 | ---- | C] () -- C:\WINDOWS\ml-winamp-shutdown.exe

========== LOP Check ==========

[2010/02/21 08:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Automatic Filter
[2010/02/21 09:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bubble Noise
[2010/08/07 13:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/06/03 12:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/08/07 14:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\copypart
[2010/02/21 09:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2010/08/07 14:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\explauncher
[2010/08/07 14:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\launcher
[2010/02/21 08:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2004/09/18 11:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2010/08/07 14:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\redistpart
[2010/02/21 09:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2008/03/21 15:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/12/28 11:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2006/01/29 18:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\.bittorrent
[2005/05/14 11:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Common Files
[2010/08/07 10:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\GARMIN
[2006/06/30 15:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\InterVideo
[2004/09/11 11:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Leadertech
[2010/04/25 12:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Nikon
[2006/12/31 14:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Roni Music
[2004/09/21 20:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Template
[2011/11/08 16:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Tific
[2008/03/21 15:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Viewpoint
[2004/10/01 17:50:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job

========== Purity Check ==========



< End of report >
  • 0

#19
Kennman

Kennman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Kapersky scan log and zip:

Can't find anything under "Deleted Threats"



<?xml version="1.0" encoding="windows-1251" ?>
- <!-- AVZ XML Report
-->
- <AVZ Version="4.35" LogDate="22.11.2011 03:19:48" WinDir="C:\WINDOWS\" OS_MjVer="5" OS_MiVer="1" OS_Build="2600" BootMode="0" OS_CSDV="Service Pack 3" ProfileDir="C:\Documents and Settings\Master" Session="Console" IsWow64="False" IsAdmin="True" IsSRDisabled="False" MainDBDate="12/30/1899" CompHash="5C89086A347DFD16FCB6FB8468652196">
- <PROCESS>
<ITEM PID="3312" File="c:\program files\ati technologies\ati control panel\atiptaxx.exe" CheckResult="0" Descr="ATI Desktop Control Panel" LegalCopyright="Copyright © 1998-2004 ATI Technologies Inc." Hidden="0" CmdLine=""C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"" Size="335872" Attr="rsAh" CreateDate="26.03.2004 18:21:50" ChageDate="03.03.2004 12:00:00" MD5="5440E45C77059566C1E78D0582639AFA" />
<ITEM PID="3364" File="c:\program files\sony\hotkey utility\hkserv.exe" CheckResult="0" Descr="" LegalCopyright="Copyright 1998-2004 Sony Corp." Hidden="0" CmdLine=""C:\Program Files\Sony\HotKey Utility\HKserv.exe"" Size="98304" Attr="rsAh" CreateDate="29.03.2004 13:18:39" ChageDate="12.02.2004 23:01:24" MD5="5B410BA2ED39AF022FB7C448FCDECDA7" />
<ITEM PID="464" File="c:\program files\sony\hotkey utility\hkwnd.exe" CheckResult="0" Descr="" LegalCopyright="Copyright 2003, 2004 Sony Corp." Hidden="0" CmdLine=""C:\Program Files\Sony\HotKey Utility\HKWnd.exe"" Size="274432" Attr="rsAh" CreateDate="29.03.2004 13:18:39" ChageDate="19.02.2004 18:51:36" MD5="E43B959F3293A64FD53F078316130D1F" />
<ITEM PID="3880" File="c:\program files\hp\digital imaging\bin\hpqtra08.exe" CheckResult="0" Descr="HP Digital Imaging Monitor (CUE)" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" Hidden="0" CmdLine=""C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"" Size="233472" Attr="rsAh" CreateDate="07.07.2003 00:20:40" ChageDate="07.07.2003 00:20:40" MD5="5DC79FA6E8A946B425DCBFC2447807F0" />
<ITEM PID="3392" File="c:\program files\sony\isb utility\isbmgr.exe" CheckResult="0" Descr="" LegalCopyright="Copyright 2004 Sony Corp." Hidden="0" CmdLine=""C:\Program Files\Sony\ISB Utility\ISBMgr.exe"" Size="32768" Attr="rsAh" CreateDate="29.03.2004 13:19:20" ChageDate="20.02.2004 14:12:34" MD5="93EEFBC237ADFC406F52EE56D97F784B" />
<ITEM PID="716" File="c:\program files\sony\giga pocket\rm_sv.exe" CheckResult="0" Descr="RM_SV Module" LegalCopyright="Copyright 2002, 2003 Sony Corp." Hidden="0" CmdLine=""C:\Program Files\Sony\Giga Pocket\RM_SV.exe"" Size="90112" Attr="rsAh" CreateDate="12.04.2004 20:52:09" ChageDate="05.12.2003 12:32:06" MD5="ADA8BEE8E6C174AAE5EE2F593CB0AAB6" />
<ITEM PID="268" File="c:\program files\sony\giga pocket\shwserv.exe" CheckResult="0" Descr="shwserv Module" LegalCopyright="Copyright 2003 Sony Corp." Hidden="0" CmdLine=""C:\Program Files\Sony\Giga Pocket\shwserv.exe"" Size="77824" Attr="rsAh" CreateDate="12.04.2004 20:52:09" ChageDate="05.12.2003 12:32:56" MD5="8439AA0BF4943E982AE5121DB8526A04" />
<ITEM PID="3352" File="c:\program files\sony\vaio power management\spmgr.exe" CheckResult="0" Descr="SPM Module" LegalCopyright="© Sony Corporation. All rights reserved." Hidden="0" CmdLine=""C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"" Size="167936" Attr="rsAh" CreateDate="29.03.2004 11:20:59" ChageDate="11.12.2003 23:03:06" MD5="59B4C0570B1CD8378E200840490EC80F" />
<ITEM PID="3916" File="c:\program files\sony\usbsircs\usbsircs.exe" CheckResult="0" Descr="remote commander driver" LegalCopyright="Copyright 1999, 2000, 2001, 2002, 2003, 2004 Sony Corp." Hidden="0" CmdLine=""C:\Program Files\sony\usbsircs\usbsircs.exe"" Size="229376" Attr="rsAh" CreateDate="12.04.2004 20:51:57" ChageDate="06.10.2003 19:26:10" MD5="1C4942AC15FBA6EEEE45E711EF02B9AF" />
<ITEM PID="3408" File="c:\program files\sony\vaio update 2\vaioupdt.exe" CheckResult="0" Descr="" LegalCopyright="Copyright 2004 Sony Corp." Hidden="0" CmdLine=""C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary" Size="135168" Attr="rsAh" CreateDate="29.03.2004 13:22:17" ChageDate="17.01.2004 03:36:44" MD5="87B844A6AC351768232E07AC9D856499" />
<ITEM PID="628" File="c:\program files\common files\sony shared\vaio entertainment\vzcdb\vzfw.exe" CheckResult="0" Descr="VAIO Entertainment File Import Service" LegalCopyright="Copyright 2004 Sony Corp." Hidden="0" CmdLine=""C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe"" Size="86098" Attr="rsAh" CreateDate="12.04.2004 20:50:29" ChageDate="12.03.2004 16:32:38" MD5="CF28864EF4C5A4E48081C1F5DAC64771" />
</PROCESS>
- <DLL>
<ITEM File="C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.ENU" CheckResult="-1" Descr="ATI Desktop Control Panel" LegalCopyright="Copyright © 1998-2004 ATI Technologies Inc." UsedBy="3312" Hidden="0" Size="143360" Attr="rsAh" CreateDate="26.03.2004 18:21:50" ChageDate="03.03.2004 12:00:00" MD5="3F880C261C6C7B648BBF9E6F9D2CCBCE" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll" CheckResult="-1" Descr="SnyUtils.DLL" LegalCopyright="Copyright 1999, 2000, 2001, 2002, 2003 Sony Corporation" UsedBy="3364,464,3392,3352" Hidden="0" Size="147456" Attr="rsAh" CreateDate="29.03.2004 11:15:16" ChageDate="11.02.2004 22:41:30" MD5="ECF86360F585D0C4A610C3C935C3B422" />
<ITEM File="C:\Program Files\Sony\HotKey Utility\SuEvent.dll" CheckResult="-1" Descr="" LegalCopyright="Copyright 2004 Sony Corp." UsedBy="3364" Hidden="0" Size="36864" Attr="rsAh" CreateDate="29.03.2004 13:18:39" ChageDate="17.02.2004 18:12:32" MD5="7B8BB36C35DD70D2DD41DACE84FDA800" />
<ITEM File="C:\Program Files\Sony\HotKey Utility\HKRes.dll" CheckResult="-1" Descr="" LegalCopyright="Copyright 2000-2004 Sony Corp." UsedBy="464" Hidden="0" Size="176128" Attr="rsAh" CreateDate="29.03.2004 13:18:39" ChageDate="12.02.2004 23:00:26" MD5="132A7E9DBAB8DAB848D2E6BF95C5DF23" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll" CheckResult="-1" Descr="HP U/I Objects (CUE)" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="90112" Attr="rsAh" CreateDate="07.07.2003 00:20:18" ChageDate="07.07.2003 00:20:18" MD5="DD99D67399C1CE999D237681DB917BBD" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc" CheckResult="-1" Descr="CUE TrayApp Combined resource DLL" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="45056" Attr="rsAh" CreateDate="07.07.2003 01:16:56" ChageDate="07.07.2003 01:16:56" MD5="E8A6B00EE2056BD87D718D5B012DDC43" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll" CheckResult="-1" Descr="HP Digital Imaging Monitor Objects (CUE)" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="61440" Attr="rsAh" CreateDate="07.07.2003 00:20:26" ChageDate="07.07.2003 00:20:26" MD5="3F4C4CF222C7A31D227BB2421AFC82AC" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll" CheckResult="-1" Descr="HP All-in-One TrayAppPlugin" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="192512" Attr="rsAh" CreateDate="11.08.2003 16:45:12" ChageDate="11.08.2003 16:45:12" MD5="0F8AB2E5FB7849BCFE387BD6EB21A148" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc" CheckResult="-1" Descr="AiO TrayAppPlugIn Combined resource DLL" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="28672" Attr="rsAh" CreateDate="11.08.2003 17:38:16" ChageDate="11.08.2003 17:38:16" MD5="592837331889B8895E4BCFEB1EC64C6A" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll" CheckResult="-1" Descr="HP OfficeJet COM Device IO Objects (CUE)" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="577536" Attr="rsAh" CreateDate="11.08.2003 16:42:56" ChageDate="11.08.2003 16:42:56" MD5="E543125E68BD8CCD58A943D448362974" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll" CheckResult="-1" Descr="TAPAS Link Server" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="53248" Attr="rsAh" CreateDate="07.07.2003 00:20:58" ChageDate="07.07.2003 00:20:58" MD5="A3D79401EC4270CAFA5A6B7778E0CC9D" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpoSTD08.rsc" CheckResult="-1" Descr="Combined resource DLL" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="245760" Attr="rsAh" CreateDate="11.08.2003 16:59:50" ChageDate="11.08.2003 16:59:50" MD5="42462329AA680451C05FE36D0737AB36" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll" CheckResult="-1" Descr="HP CUE/AiO Context Information Objects" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="262144" Attr="rsAh" CreateDate="11.08.2003 17:11:26" ChageDate="11.08.2003 17:11:26" MD5="DF002BBF00D0C3126F1035B2B422C493" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll" CheckResult="-1" Descr="HP OfficeJet COM Common Objects" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="53248" Attr="rsAh" CreateDate="11.08.2003 16:41:12" ChageDate="11.08.2003 16:41:12" MD5="DD973D5E5B3B24ECCAFB83FD28614F74" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpodev08.dll" CheckResult="-1" Descr="HP All-in-One COM Device Object" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="69632" Attr="rsAh" CreateDate="11.08.2003 16:44:18" ChageDate="11.08.2003 16:44:18" MD5="90B72E21BE9BAA774F1F3D8B411B6A2A" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpodeb08.dll" CheckResult="-1" Descr="HP OfficeJet COM Base Device Objects" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="200704" Attr="rsAh" CreateDate="11.08.2003 16:42:10" ChageDate="11.08.2003 16:42:10" MD5="20A57E6E1C9EBBFBF0BF134531280A04" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hposcn08.dll" CheckResult="-1" Descr="HP AiO Fax Scanner" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="114688" Attr="rsAh" CreateDate="11.08.2003 17:09:40" ChageDate="11.08.2003 17:09:40" MD5="2447447185DDCE2678F3917151F06368" />
<ITEM File="C:\Program Files\HP\Digital Imaging\bin\hpoSCN08.rsc" CheckResult="-1" Descr="Fax Scanner resource DLL" LegalCopyright="Copyright © Hewlett-Packard Co. 1995-2001" UsedBy="3880" Hidden="0" Size="24576" Attr="rsAh" CreateDate="11.08.2003 17:19:20" ChageDate="11.08.2003 17:19:20" MD5="9C8DF2E81783C7E74AAEE7788D3E947E" />
<ITEM File="C:\Program Files\Sony\ISB Utility\ISBRes.dll" CheckResult="-1" Descr="" LegalCopyright="Copyright © 2004" UsedBy="3392" Hidden="0" Size="12288" Attr="rsAh" CreateDate="29.03.2004 13:19:20" ChageDate="20.02.2004 14:12:34" MD5="DE85B4CF33F1CBE1E209AA490C0B0C5A" />
<ITEM File="C:\PROGRA~1\Sony\GIGAPO~1\shwrdb.dll" CheckResult="-1" Descr="Hardware Resource Database" LegalCopyright="Copyright 2003 Sony Corp." UsedBy="716" Hidden="0" Size="77824" Attr="rsAh" CreateDate="12.04.2004 20:52:09" ChageDate="05.12.2003 12:32:50" MD5="41E15DF7F27AE98092440793C8E26C6B" />
<ITEM File="C:\PROGRA~1\Sony\GIGAPO~1\halrpv.dll" CheckResult="-1" Descr="SGPHAL_PV Module" LegalCopyright="Copyright 2004 Sony Corp." UsedBy="716" Hidden="0" Size="184320" Attr="rsAh" CreateDate="12.04.2004 20:52:02" ChageDate="11.03.2004 16:09:20" MD5="915640DED6A11EB7777E137140C8EAEB" />
<ITEM File="C:\PROGRA~1\Sony\GIGAPO~1\sgppq.dll" CheckResult="-1" Descr="sgppq" LegalCopyright="Copryright 2002, 2003 Sony Corp." UsedBy="716" Hidden="0" Size="254031" Attr="rsAh" CreateDate="12.04.2004 20:52:01" ChageDate="04.02.2004 13:29:44" MD5="9276E44889913F1ECACA44F60C1A9CBE" />
<ITEM File="C:\PROGRA~1\Sony\GIGAPO~1\RM_SVps.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="716,268" Hidden="0" Size="24576" Attr="rsAh" CreateDate="12.04.2004 20:52:09" ChageDate="05.12.2003 12:32:06" MD5="07A6C43B6A06B1FC968471CB78EF3D71" />
<ITEM File="C:\Program Files\Sony\Giga Pocket\SGPDB.dll" CheckResult="-1" Descr="SGPDB.DLL" LegalCopyright="Copyright 1999, 2000, 2001, 2002, 2003, 2004 Sony Corp." UsedBy="268" Hidden="0" Size="483328" Attr="rsAh" CreateDate="12.04.2004 20:52:09" ChageDate="04.02.2004 13:41:52" MD5="1F15BFFA2C269C70BE22F945A995E965" />
<ITEM File="C:\Program Files\Sony\Giga Pocket\sgppq.dll" CheckResult="-1" Descr="sgppq" LegalCopyright="Copryright 2002, 2003 Sony Corp." UsedBy="268,3916" Hidden="0" Size="254031" Attr="rsAh" CreateDate="12.04.2004 20:52:01" ChageDate="04.02.2004 13:29:44" MD5="9276E44889913F1ECACA44F60C1A9CBE" />
<ITEM File="C:\PROGRA~1\Sony\GIGAPO~1\rm.dll" CheckResult="-1" Descr="rm Module" LegalCopyright="Copyright 2002, 2003 Sony Corp." UsedBy="268" Hidden="0" Size="90112" Attr="rsAh" CreateDate="12.04.2004 20:52:09" ChageDate="05.12.2003 12:32:12" MD5="4857C084F8A81AABE1607A03C337BE64" />
<ITEM File="C:\Program Files\Sony\VAIO Power Management\SPMDAM.dll" CheckResult="-1" Descr="SPM Data Access Manager" LegalCopyright="© Sony Corporation. All rights reserved." UsedBy="3352" Hidden="0" Size="61440" Attr="rsAh" CreateDate="29.03.2004 11:20:59" ChageDate="05.12.2003 18:20:38" MD5="27E451D087DD46AB8469B176EB82EAC0" />
<ITEM File="C:\Program Files\Sony\VAIO Power Management\SPMRes.dll" CheckResult="-1" Descr="SPM Module" LegalCopyright="© Sony Corporation. All rights reserved." UsedBy="3352" Hidden="0" Size="131072" Attr="rsAh" CreateDate="29.03.2004 11:20:59" ChageDate="13.02.2004 10:56:46" MD5="BC13A229D41AB050F312C88DCCBF479C" />
<ITEM File="C:\Program Files\Sony\VAIO Power Management\SPMDrv.dll" CheckResult="-1" Descr="SPM driver" LegalCopyright="© Sony Corporation. All rights reserved." UsedBy="3352" Hidden="0" Size="53248" Attr="rsAh" CreateDate="29.03.2004 11:20:59" ChageDate="17.02.2004 22:51:48" MD5="C581B7C904E0FB867A83A4C4FA412532" />
<ITEM File="C:\Program Files\sony\usbsircs\usbres.dll" CheckResult="-1" Descr="usbRes DLL (US)" LegalCopyright="Copyright 2003 Sony Corp." UsedBy="3916" Hidden="0" Size="626688" Attr="rsAh" CreateDate="12.04.2004 20:51:58" ChageDate="06.10.2003 19:26:16" MD5="6DDCD4FDFB100731BEBA238867636E39" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\UILibrary\UILib.dll" CheckResult="-1" Descr="User Interface Library Module (ANSI)" LegalCopyright="Copyright 1999, 2000, 2001, 2002, 2003 Sony Corp." UsedBy="3916" Hidden="0" Size="1515520" Attr="rsAh" CreateDate="12.04.2004 20:52:37" ChageDate="08.04.2003 18:01:14" MD5="8C18E7910659A5E20DE6571FFFDA34DD" />
<ITEM File="C:\PROGRA~1\Sony\GIGAPO~1\chdb.dll" CheckResult="-1" Descr="chdb Module" LegalCopyright="Copyright © 2003, 2004 Sony Corp." UsedBy="3916" Hidden="0" Size="139264" Attr="rsAh" CreateDate="12.04.2004 20:52:09" ChageDate="05.12.2003 12:27:46" MD5="B77E38A153021BD011A7183AA68CCF72" />
<ITEM File="C:\Program Files\sony\usbsircs\VolWnd.dll" CheckResult="-1" Descr="VolWnd DLL" LegalCopyright="Copyright 2003,2004 Sony Corp." UsedBy="3916" Hidden="0" Size="208996" Attr="rsAh" CreateDate="12.04.2004 20:51:57" ChageDate="06.10.2003 19:26:26" MD5="2C3BF662E22D469B048F74427B152EC0" />
<ITEM File="C:\Program Files\sony\usbsircs\RemWRes.dll" CheckResult="-1" Descr="RemWRes_0409 DLL" LegalCopyright="Copyright 2003 Sony Corp." UsedBy="3916" Hidden="0" Size="8675328" Attr="rsAh" CreateDate="12.04.2004 20:51:58" ChageDate="06.10.2003 19:24:56" MD5="588B8E094CBA191CFEDF7F90B4B585CF" />
<ITEM File="C:\Program Files\sony\usbsircs\WKBHook.dll" CheckResult="-1" Descr="PCV-W lKBHook DLL" LegalCopyright="Copyight. 2003 Sony Corporation" UsedBy="3916" Hidden="0" Size="28672" Attr="rsAh" CreateDate="12.04.2004 20:51:57" ChageDate="06.10.2003 19:24:42" MD5="4311DCEDFB1BAC1D187A4864D50170C4" />
<ITEM File="C:\Program Files\Sony\VAIO Update 2\VURes.dll" CheckResult="-1" Descr="" LegalCopyright="Copyright 2004 Sony Corp." UsedBy="3408" Hidden="0" Size="57344" Attr="rsAh" CreateDate="29.03.2004 13:22:17" ChageDate="17.01.2004 03:36:46" MD5="334DB1231C3D2D444DA0139044DEE8FE" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFwImport.dll" CheckResult="-1" Descr="VAIO Entertainment File Importer" LegalCopyright="Copyright 2004 Sony Corp." UsedBy="628" Hidden="0" Size="73822" Attr="rsAh" CreateDate="12.04.2004 20:50:28" ChageDate="12.03.2004 16:34:56" MD5="A91B7E39E4EA79D939C1D9606EFA3A16" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzCdb.dll" CheckResult="-1" Descr="VAIO Entertainment Common Database" LegalCopyright="Copyright 2003 Sony Corp." UsedBy="628" Hidden="0" Size="102400" Attr="rsAh" CreateDate="12.04.2004 20:50:28" ChageDate="12.03.2004 16:34:56" MD5="1BDE81AB117CEF8B136FAEDDC81DB5A6" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzCs.dll" CheckResult="-1" Descr="VzCs Manager" LegalCopyright="Copyright 2004 Sony Corp." UsedBy="628" Hidden="0" Size="135168" Attr="rsAh" CreateDate="12.04.2004 20:50:29" ChageDate="12.03.2004 16:34:54" MD5="71FA906F1B004BE3E1155F8120D6B39A" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\MSVCR71.dll" CheckResult="-1" Descr="Microsoft® C Runtime Library" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="628" Hidden="0" Size="348160" Attr="rsAh" CreateDate="12.04.2004 20:50:29" ChageDate="12.03.2004 16:34:54" MD5="A61C3429C3B0704497AAE9F3166213DC" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\MSVCP71.dll" CheckResult="-1" Descr="Microsoft® C++ Runtime Library" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="628" Hidden="0" Size="499712" Attr="rsAh" CreateDate="12.04.2004 20:50:29" ChageDate="12.03.2004 16:34:54" MD5="1FED31B41130D3C0624ACDDA15B45931" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzCdbLocalDB.dll" CheckResult="-1" Descr="Local Database Adaptor" LegalCopyright="Copyright 2004 Sony Corp." UsedBy="628" Hidden="0" Size="139264" Attr="rsAh" CreateDate="12.04.2004 20:50:28" ChageDate="12.03.2004 16:34:56" MD5="260346C53B0308FDD8A9A98CD77757F5" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\AvLib\Metallic.dll" CheckResult="-1" Descr="Metallic Database Library" LegalCopyright="Copyright 1999,2004 Sony Corp." UsedBy="628" Hidden="0" Size="229376" Attr="rsAh" CreateDate="29.03.2004 13:25:39" ChageDate="16.02.2004 22:17:16" MD5="347B257CF55E4C6C83926A951410EE6A" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzCdbSsDb.dll" CheckResult="-1" Descr="SonicStage Database Adaptor" LegalCopyright="Copyright 2004 Sony Corp." UsedBy="628" Hidden="0" Size="184320" Attr="rsAh" CreateDate="12.04.2004 20:50:28" ChageDate="12.03.2004 16:34:56" MD5="B1EC58001CF0B0C49BBCE4C466324BE5" />
</DLL>
- <KERNELOBJ>
<ITEM File="C:\WINDOWS\System32\Drivers\dump_atapi.sys" CheckResult="-1" Base="B1765000" MemSize="018000" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS" CheckResult="-1" Base="F8A5E000" MemSize="002000" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\System32\Drivers\hiber_WMILIB.SYS" CheckResult="-1" Base="F8A66000" MemSize="002000" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\System32\Drivers\oivmctrl.sys" CheckResult="-1" Base="F82A4000" MemSize="004000" Descr="VCOMM Driver Controller" LegalCopyright="Copyright © 2002 OPEN INTERFACE. All rights reserved." Size="15616" Attr="rsAh" CreateDate="29.03.2004 11:52:43" ChageDate="06.01.2003 17:20:14" MD5="DB7E57A6A6E82CE11482E7C72C4CA7EC" />
<ITEM File="C:\WINDOWS\System32\Drivers\oivmvcom.sys" CheckResult="-1" Base="F7194000" MemSize="045000" Descr="Bluetooth Virtual COM Port Driver for MS Stack" LegalCopyright="Copyright © 2002 OPEN INTERFACE. All rights reserved." Size="279680" Attr="rsAh" CreateDate="29.03.2004 11:52:43" ChageDate="14.03.2003 10:12:50" MD5="F10F7D357E3ED67156E67A33945666EB" />
<ITEM File="C:\WINDOWS\system32\Drivers\PxHelp20.sys" CheckResult="-1" Base="F8746000" MemSize="005000" Descr="Px Engine Device Driver for Windows 2000/XP" LegalCopyright="Copyright © Sonic Solutions" Size="20016" Attr="rsAh" CreateDate="29.03.2004 13:23:18" ChageDate="29.03.2004 13:23:18" MD5="25639BA81C01A3E0508901829479954F" />
</KERNELOBJ>
- <Service>
<ITEM File="C:\Program Files\Sony\Giga Pocket\halsv.exe" Name="Sony TV Tuner Controller" CheckResult="-1" Type="16" State="1" Size="118784" Attr="rsAh" CreateDate="12.04.2004 20:52:02" ChageDate="04.02.2004 13:29:58" MD5="2FFD199E6ED76801F9B2A9CDC3CBE529" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe" Name="VAIO Entertainment Aggregation and Control Service" CheckResult="-1" Type="16" State="1" Size="118784" Attr="rsAh" CreateDate="12.04.2004 20:50:30" ChageDate="12.03.2004 16:33:54" MD5="3E88B9F069C9499631D66271F8D815F2" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe" Name="VAIO Entertainment TV Device Arbitration Service" CheckResult="-1" Type="16" State="1" Size="69632" Attr="rsAh" CreateDate="12.04.2004 20:50:29" ChageDate="12.03.2004 16:11:34" MD5="F090676FB51BE34B99BA097F244ACC6D" />
<ITEM File="C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe" Name="VAIO Entertainment UPnP Client Adapter" CheckResult="-1" Type="16" State="1" Size="278528" Attr="rsAh" CreateDate="12.04.2004 20:50:28" ChageDate="12.03.2004 15:57:42" MD5="7252D3BA83A854099E44CBE173D5269A" />
<ITEM File="C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" Name="VAIOMediaPlatform-Mobile-Gateway" CheckResult="-1" Type="288" State="1" Size="184320" Attr="rsAh" CreateDate="12.04.2004 20:50:46" ChageDate="05.03.2004 12:35:34" MD5="EC132689FC8B43347D46D3B85E2F79EC" />
</Service>
- <Drivers>
<ITEM File="C:\WINDOWS\system32\Drivers\oivmvcom.sys" Name="oibtvcom" CheckResult="-1" Type="1" State="4" Size="279680" Attr="rsAh" CreateDate="29.03.2004 11:52:43" ChageDate="14.03.2003 10:12:50" MD5="F10F7D357E3ED67156E67A33945666EB" />
<ITEM File="C:\WINDOWS\system32\Drivers\oivmctrl.sys" Name="oivmctrl" CheckResult="-1" Type="1" State="4" Size="15616" Attr="rsAh" CreateDate="29.03.2004 11:52:43" ChageDate="06.01.2003 17:20:14" MD5="DB7E57A6A6E82CE11482E7C72C4CA7EC" />
<ITEM File="C:\WINDOWS\System32\Drivers\PxHelp20.sys" Name="PxHelp20" CheckResult="-1" Type="1" State="4" Size="20016" Attr="rsAh" CreateDate="29.03.2004 13:23:18" ChageDate="29.03.2004 13:23:18" MD5="25639BA81C01A3E0508901829479954F" />
<ITEM File="Abiosdsk.sys" Name="Abiosdsk" CheckResult="-1" Type="1" State="1" />
<ITEM File="abp480n5.sys" Name="abp480n5" CheckResult="-1" Type="1" State="1" />
<ITEM File="adpu160m.sys" Name="adpu160m" CheckResult="-1" Type="1" State="1" />
<ITEM File="Aha154x.sys" Name="Aha154x" CheckResult="-1" Type="1" State="1" />
<ITEM File="aic78u2.sys" Name="aic78u2" CheckResult="-1" Type="1" State="1" />
<ITEM File="aic78xx.sys" Name="aic78xx" CheckResult="-1" Type="1" State="1" />
<ITEM File="AliIde.sys" Name="AliIde" CheckResult="-1" Type="1" State="1" />
<ITEM File="amsint.sys" Name="amsint" CheckResult="-1" Type="1" State="1" />
<ITEM File="asc.sys" Name="asc" CheckResult="-1" Type="1" State="1" />
<ITEM File="asc3350p.sys" Name="asc3350p" CheckResult="-1" Type="1" State="1" />
<ITEM File="asc3550.sys" Name="asc3550" CheckResult="-1" Type="1" State="1" />
<ITEM File="Atdisk.sys" Name="Atdisk" CheckResult="-1" Type="1" State="1" />
<ITEM File="C:\ComboFix\catchme.sys" Name="catchme" CheckResult="-1" Type="1" State="1" />
<ITEM File="cd20xrnt.sys" Name="cd20xrnt" CheckResult="-1" Type="1" State="1" />
<ITEM File="Changer.sys" Name="Changer" CheckResult="-1" Type="1" State="1" />
<ITEM File="CmdIde.sys" Name="CmdIde" CheckResult="-1" Type="1" State="1" />
<ITEM File="Cpqarray.sys" Name="Cpqarray" CheckResult="-1" Type="1" State="1" />
<ITEM File="dac960nt.sys" Name="dac960nt" CheckResult="-1" Type="1" State="1" />
<ITEM File="dpti2o.sys" Name="dpti2o" CheckResult="-1" Type="1" State="1" />
<ITEM File="hpn.sys" Name="hpn" CheckResult="-1" Type="1" State="1" />
<ITEM File="i2omgmt.sys" Name="i2omgmt" CheckResult="-1" Type="1" State="1" />
<ITEM File="i2omp.sys" Name="i2omp" CheckResult="-1" Type="1" State="1" />
<ITEM File="ini910u.sys" Name="ini910u" CheckResult="-1" Type="1" State="1" />
<ITEM File="lbrtfdc.sys" Name="lbrtfdc" CheckResult="-1" Type="1" State="1" />
<ITEM File="C:\WINDOWS\system32\drivers\mbamswissarmy.sys" Name="MBAMSwissArmy" CheckResult="-1" Type="1" State="1" />
<ITEM File="mraid35x.sys" Name="mraid35x" CheckResult="-1" Type="1" State="1" />
<ITEM File="PCIDump.sys" Name="PCIDump" CheckResult="-1" Type="1" State="1" />
<ITEM File="PDCOMP.sys" Name="PDCOMP" CheckResult="-1" Type="1" State="1" />
<ITEM File="PDFRAME.sys" Name="PDFRAME" CheckResult="-1" Type="1" State="1" />
<ITEM File="PDRELI.sys" Name="PDRELI" CheckResult="-1" Type="1" State="1" />
<ITEM File="PDRFRAME.sys" Name="PDRFRAME" CheckResult="-1" Type="1" State="1" />
<ITEM File="perc2.sys" Name="perc2" CheckResult="-1" Type="1" State="1" />
<ITEM File="perc2hib.sys" Name="perc2hib" CheckResult="-1" Type="1" State="1" />
<ITEM File="ql1080.sys" Name="ql1080" CheckResult="-1" Type="1" State="1" />
<ITEM File="Ql10wnt.sys" Name="Ql10wnt" CheckResult="-1" Type="1" State="1" />
<ITEM File="ql12160.sys" Name="ql12160" CheckResult="-1" Type="1" State="1" />
<ITEM File="ql1240.sys" Name="ql1240" CheckResult="-1" Type="1" State="1" />
<ITEM File="ql1280.sys" Name="ql1280" CheckResult="-1" Type="1" State="1" />
<ITEM File="Simbad.sys" Name="Simbad" CheckResult="-1" Type="1" State="1" />
<ITEM File="Sparrow.sys" Name="Sparrow" CheckResult="-1" Type="1" State="1" />
<ITEM File="sym_hi.sys" Name="sym_hi" CheckResult="-1" Type="1" State="1" />
<ITEM File="sym_u3.sys" Name="sym_u3" CheckResult="-1" Type="1" State="1" />
<ITEM File="symc810.sys" Name="symc810" CheckResult="-1" Type="1" State="1" />
<ITEM File="symc8xx.sys" Name="symc8xx" CheckResult="-1" Type="1" State="1" />
<ITEM File="TosIde.sys" Name="TosIde" CheckResult="-1" Type="1" State="1" />
<ITEM File="ultra.sys" Name="ultra" CheckResult="-1" Type="1" State="1" />
<ITEM File="ViaIde.sys" Name="ViaIde" CheckResult="-1" Type="1" State="1" />
<ITEM File="WDICA.sys" Name="WDICA" CheckResult="-1" Type="1" State="1" />
</Drivers>
- <AUTORUN>
<ITEM File="C:\Documents and Settings\Master\Local Settings\temp\_uninst_77403475.bat" CheckResult="-1" Enabled="1" Type="LNK" Size="345" Attr="rsAh" CreateDate="21.11.2011 21:06:42" ChageDate="21.11.2011 21:06:42" MD5="53E14F192D5DD308502CD0460E0FEFD3" X1="C:\Documents and Settings\Master\Start Menu\Programs\Startup\" X2="C:\Documents and Settings\Master\Start Menu\Programs\Startup\_uninst_77403475.lnk" X3="" />
<ITEM File="C:\Program Files\Sony\VAIO Power Management\SPMPanel.dll" CheckResult="-1" Enabled="1" Type="REG" Size="208896" Attr="rsAh" CreateDate="29.03.2004 11:20:59" ChageDate="11.12.2003 23:06:10" MD5="9F5CA0DDD1BE1B034237AA4012974A23" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" X3="{ED58A35B-B554-42AF-A26C-6F3D424200D3}" />
<ITEM File="C:\Program Files\sony\vaio media integrated server\Platform\UPnPFrameworkMsg.dll" CheckResult="-1" Enabled="-1" Type="REG" Size="12288" Attr="rsAh" CreateDate="12.04.2004 20:50:43" ChageDate="25.02.2004 04:24:38" MD5="B892A9E470766D70E92AA3B93D5B19B2" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\UPnPFramework" X3="EventMessageFile" />
<ITEM File="C:\Program Files\sony\vaio media integrated server\Platform\VmGateway.exe" CheckResult="-1" Enabled="-1" Type="REG" Size="184320" Attr="rsAh" CreateDate="12.04.2004 20:50:46" ChageDate="05.03.2004 12:35:34" MD5="EC132689FC8B43347D46D3B85E2F79EC" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\VAIO Media Gateway Server" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\Drivers\AliIde.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\aliide" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\Drivers\CmdIde.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\cmdide" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\Drivers\TosIde.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\toside" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\Drivers\ViaIde.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\viaide" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\Drivers\lbrtfdc.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\lbrtfdc" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\PrintFilterPipelineSvc.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\PrintFilterPipelineSvc" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\appmgmts.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\AppMgmt\Parameters" X3="ServiceDll" />
<ITEM File="C:\WINDOWS\System32\appmgmts.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Application Management" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\appmgr.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Software Installation" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\fdeploy.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\File Deployment" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\fdeploy.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Folder Redirection" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\igmpv2.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IGMPv2" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\ipbootp.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IPBOOTP" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\iprip2.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IPRIP2" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\ntbackup.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\ntbackup" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\ospf.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPF" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\ospfmib.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPFMib" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\polagent.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\PolicyAgent" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\System32\tssdis.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\TermServSessDir" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\system32\MsSip1.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 1" X3="$DLL" />
<ITEM File="C:\WINDOWS\system32\MsSip2.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 2" X3="$DLL" />
<ITEM File="C:\WINDOWS\system32\MsSip3.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 3" X3="$DLL" />
<ITEM File="C:\WINDOWS\system32\VSINIT.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\TrueVector Service" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\system32\asr_fmt.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\Asr\Commands" X3="ASR format utility for volumes" />
<ITEM File="C:\WINDOWS\system32\asr_ldm.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\Asr\Commands" X3="ASR utility for Logical Disk Manager" />
<ITEM File="C:\WINDOWS\system32\asr_pfu.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\Asr\Commands" X3="ASR protected file utility" />
<ITEM File="C:\WINDOWS\system32\psxss.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="System\CurrentControlSet\Control\Session Manager\SubSystems" X3="Posix" />
<ITEM File="C:\WINDOWS\system32\stisvc.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System" X3="EventMessageFile" />
<ITEM File="C:\WINDOWS\system32\vsdatant.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\vsdatant" X3="EventMessageFile" />
<ITEM File="D:\CA\CA Internet Security Suite\CA Anti-Virus Plus\caamsvc.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\CAAMSvc" X3="EventMessageFile" />
<ITEM File="LCODCCMP.DLL" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\Drivers32" X3="vidc.LEAD" />
<ITEM File="appmgmts.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}" X3="DLLName" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2=".DEFAULT\Control Panel\IOProcs" X3="MVB" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-19\Control Panel\IOProcs" X3="MVB" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-20\Control Panel\IOProcs" X3="MVB" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-18\Control Panel\IOProcs" X3="MVB" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-21-196185971-3809120377-2976720987-1005\Control Panel\IOProcs" X3="MVB" />
<ITEM File="vgafix.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="fixedfon.fon" />
<ITEM File="vgaoem.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="oemfonts.fon" />
<ITEM File="vgasys.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="fonts.fon" />
</AUTORUN>
- <BHO>
<ITEM File="" CheckResult="-1" Enabled="1" BHOType="5" RegKey="HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars" CLSID="{32683183-48a0-441b-a342-7c2a440a9478}" Descr="" LegalCopyright="" />
</BHO>
- <ExplorerExt>
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Display Panning CPL Extension" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{42071714-76d4-11d1-8b24-00a0c9068ff3}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Shell extensions for file compression" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{764BF0E1-F219-11ce-972D-00AA00A14F56}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Encryption Context Menu" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Taskbar and Start Menu" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{0DF44EAA-FF21-4412-828E-260A8728E7F1}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Media Band" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{32683183-48a0-441b-a342-7c2a440a9478}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="User Accounts" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{7A9D77BD-5403-11d2-8785-2E0420524153}" Descr="" LegalCopyright="" />
<ITEM File="C:\Program Files\Sony\VAIO Power Management\SPMPanel.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Sony Power Management Extensiond" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{ED58A35B-B554-42AF-A26C-6F3D424200D3}" Descr="SPM Module" LegalCopyright="© Sony Corporation. All rights reserved." Size="208896" Attr="rsAh" CreateDate="29.03.2004 11:20:59" ChageDate="11.12.2003 23:06:10" MD5="9F5CA0DDD1BE1B034237AA4012974A23" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Window Washer Shredding Utility" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{6EE51AA0-77A0-11D7-B4E1-000347126E46}" Descr="" LegalCopyright="" />
</ExplorerExt>
<PrintEXT />
<TaskScheduler />
- <SPI>
<ITEM File="C:\WINDOWS\System32\mswsock.dll" CheckResult="-1" SPIType="1" SPINaim="Tcpip" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\System32\winrnr.dll" CheckResult="-1" SPIType="1" SPINaim="NTDS" Descr="LDAP RnR Provider DLL" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="16896" Attr="rsAh" CreateDate="26.03.2004 16:58:48" ChageDate="13.04.2008 16:12:09" MD5="D72B9EC3337B247A666F098F3D6B43DE" />
<ITEM File="C:\WINDOWS\System32\mswsock.dll" CheckResult="-1" SPIType="1" SPINaim="Network Location Awareness (NLA) Namespace" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\Program Files\Bonjour\mdnsNSP.dll" CheckResult="-1" SPIType="1" SPINaim="mdnsNSP" Descr="Bonjour Namespace Provider" LegalCopyright="Copyright © 2003-2008 Apple Inc." Size="147456" Attr="rsAh" CreateDate="29.08.2008 09:53:50" ChageDate="29.08.2008 09:53:50" MD5="0E3E56064E162EE9CC48698355098301" />
<ITEM File="C:\WINDOWS\system32\wshbth.dll" CheckResult="-1" SPIType="1" SPINaim="Bluetooth Namespace" Descr="Windows Sockets Helper DLL" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="108032" Attr="rsAh" CreateDate="24.09.2002 12:56:10" ChageDate="13.04.2008 16:12:10" MD5="46C55935FA730144449C884A472827E0" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [TCP/IP]" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [UDP/IP]" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [RAW/IP]" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="RSVP UDP Service Provider" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="RSVP TCP Service Provider" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD RfComm [Bluetooth]" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{6D2C0B84-2556-482B-B3A1-303FC830D71D}] SEQPACKET 2" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{6D2C0B84-2556-482B-B3A1-303FC830D71D}] DATAGRAM 2" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{8ECCEF79-9DEE-4EE4-9179-745645BF2969}] SEQPACKET 1" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{8ECCEF79-9DEE-4EE4-9179-745645BF2969}] DATAGRAM 1" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{C59B61E7-AA4A-41DC-AC4A-794D978CFD15}] SEQPACKET 0" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{C59B61E7-AA4A-41DC-AC4A-794D978CFD15}] DATAGRAM 0" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{6FBCB067-E39E-4FF0-8C15-766E239073F1}] SEQPACKET 3" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{6FBCB067-E39E-4FF0-8C15-766E239073F1}] DATAGRAM 3" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{0A5E1B8F-CFB0-46C5-83BB-2603291D0DCE}] SEQPACKET 4" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{0A5E1B8F-CFB0-46C5-83BB-2603291D0DCE}] DATAGRAM 4" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{DB6F6A70-F8FD-466B-B6E0-B042D9FD6743}] SEQPACKET 5" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
<ITEM File="C:\WINDOWS\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{DB6F6A70-F8FD-466B-B6E0-B042D9FD6743}] DATAGRAM 5" Descr="Microsoft Windows Sockets 2.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="245248" Attr="rsAh" CreateDate="26.03.2004 16:58:39" ChageDate="20.06.2008 08:02:47" MD5="943337D786A56729263071623BBB9DE5" />
</SPI>
- <DPF>
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="Garmin Communicator Plug-In" CodeBase="https://static.garmi...nAxControl.CAB" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="Microsoft XML Parser for Java" CodeBase="file://C:\WINDOWS\Java\classes\xmldso.cab" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\Downloaded Program Files\tgctlins.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{01111F00-3E00-11D2-8470-0060089874ED}" CodeBase="http://supportsoft.a...d/tgctlins.cab" Descr="Support.com Installer Plugin" LegalCopyright="Copyright 1997-2069 Support.com" Size="1724416" Attr="rsAh" CreateDate="22.09.2003 14:14:48" ChageDate="22.09.2003 14:14:48" MD5="4E57AB12F586B4B02074F6C93172967C" />
<ITEM File="C:\WINDOWS\Downloaded Program Files\tgctlcm.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{01113300-3E00-11D2-8470-0060089874ED}" CodeBase="http://activation.rr...ds/tgctlcm.cab" Descr="tgctlcm Module" LegalCopyright="Copyright 1997-2069 SupportSoft" Size="217088" Attr="rsAh" CreateDate="08.04.2004 06:28:06" ChageDate="08.04.2004 06:28:06" MD5="ABBA7079C17795BD59FB47D6FCF6FF28" />
<ITEM File="C:\WINDOWS\Downloaded Program Files\PCInfo.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{A305FBA3-4A87-483D-A53B-138F9F635357}" CodeBase="http://ciscdb.sel.so...ect/PCInfo.CAB" Descr="" LegalCopyright="" Size="28672" Attr="rsAh" CreateDate="27.08.2003 10:45:56" ChageDate="27.08.2003 10:45:56" MD5="780E27205C240E19CB25130555D1BADF" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}" CodeBase="http://www.adobe.com...bat/nos/gp.cab" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" CodeBase="http://platformdl.ad...lus/1.6/gp.cab" Descr="" LegalCopyright="" />
</DPF>
- <CPL>
<ITEM File="C:\WINDOWS\system32\tvtuner.cpl" CheckResult="-1" Enabled="1" Descr="sctrlpnl cpl" LegalCopyright="Copyright © 2003 Sony Corp." Size="118784" Attr="rsAh" CreateDate="12.04.2004 20:52:09" ChageDate="05.12.2003 12:33:12" MD5="0DBC04A5ABD7BB5CF163F1DBBB24A6F4" />
</CPL>
<ActiveSetup />
- <HOSTS>
<ITEM Line="яю1" />
</HOSTS>
- <ProtocolExt>
<ITEM File="mscoree.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream" CLSID="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}" Descr="Microsoft .NET Runtime Execution Engine" LegalCopyright="© Microsoft Corporation. All rights reserved." />
<ITEM File="mscoree.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus" CLSID="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}" Descr="Microsoft .NET Runtime Execution Engine" LegalCopyright="© Microsoft Corporation. All rights reserved." />
<ITEM File="mscoree.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload" CLSID="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}" Descr="Microsoft .NET Runtime Execution Engine" LegalCopyright="© Microsoft Corporation. All rights reserved." />
</ProtocolExt>
- <IPU>
<ITEM Code="1" X1="TermService" X2="Terminal Services" />
<ITEM Code="1" X1="SSDPSRV" X2="SSDP Discovery Service" />
<ITEM Code="1" X1="TlntSvr" />
<ITEM Code="1" X1="Schedule" X2="Task Scheduler" />
<ITEM Code="1" X1="mnmsrvc" X2="NetMeeting Remote Desktop Sharing" />
<ITEM Code="1" X1="RDSessMgr" X2="Remote Desktop Help Session Manager" />
<ITEM Code="2" />
<ITEM Code="3" />
<ITEM Code="5" />
<ITEM Code="8" X1="1" />
</IPU>
- <WIZARD-TSW>
<ITEM ID="58" Level="3" Fixed="0" />
<ITEM ID="59" Level="3" Fixed="0" />
<ITEM ID="60" Level="1" Fixed="0" />
<ITEM ID="61" Level="2" Fixed="0" />
<ITEM ID="66" Level="1" Fixed="0" />
</WIZARD-TSW>
</AVZ>
  • 0

#20
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK. What problems remains?
  • 0

#21
Kennman

Kennman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Kaspersky did delete about 30 items, many of them definitely identified as malware, just never let me click on the button to the right of the sprocket and save the "deleted threats" report.

No signs of malware on computer. I'm ready to reload Norton 360 when you give the go-ahead.

Thanks

Kenn
  • 0

#22
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK. Enable your AV now.

Your logs shows that your system is clean. If you have no further issues with your computer, then please proceed with the following housekeeping procedures outlined below.

Removing the tools we used:

Uninstall ComboFix

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now copy/paste this: ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /Uninstall, it needs to be there.

    Posted Image

  • Please follow the prompts to uninstall Combofix.
  • This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

NEXT...

OTL Clean-Up:

  • Reopen Posted Image on your desktop.
  • Click on Posted Image
  • You will be prompted to reboot your system. Please do so.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.


There are a few things I recommend you to do once your computer is completely clean:

Updates for Windows - One of the essentials is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically.

How to turn on Automatic Updates for Windows:

Updates for other installed software

A common attack method for hacking attempts and malware installs is to exploit known vulnerabilities in programs that are commonly installed on a person's computer. These vulnerabilities could allow a remote user or malware developer to install malware, keyloggers, and backdoors on to your computer without your knowledge or permission.
Some of the programs that are commonly exploited include Adobe Shockwave, Adobe Reader, Sun Java, Adobe Flash, and even Windows itself. Therefore it is crucial that everyone remain vigilant as to when a security vulnerability is found in our installed programs and to update it when a security update is released. Unfortunately, no one has the time to stay on top of these updates, which can happen frequently.

I highly recommend you to install Secunia Personal Software Inspector (PSI) that can be used to scan your computer for known vulnerable programs, provide information on the vulnerability, and provide a location to an update for the vulnerable program. A tutorial on how to use Secunia Personal Software Inspector (PSI) can be found here: Keep Software Updated with Secunia PSI.

Web Browsers - Picking the right internet browser is very important. You need to find one that suits your needs but that is also safe. All browsers listed below are far more secure than Internet Explorer, immune to almost all known browser hijackers, and also have the best built-in pop up blockers.

Although, if you prefer staying with Internet Explorer I highly recommend you do this :

Make Internet Explorer more secure:
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the options Download signed and unsigned ActiveX controls to Prompt, and Initialize and Script ActiveX controls not marked as safe to Disable.
  • Next click OK, then Apply button and then OK to exit the Internet Properties page.

Tips to protect yourself against malware and reduce the potential for re-infection:

Now after all these steps, your PC will be more secure. However it is important to note that you can still get infected if you are not careful. One of the best security programs you can have is common sense. As malware gets more sophisticated, you need to be more wary. If you do get caught though and the above steps can't help prevent it, we will be here to help you out.

Stay secure and thank you for choosing GeeksToGo.
  • 0

#23
Kennman

Kennman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Just "paypaled" a little thanks.
Kennman
  • 0

#24
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Thank you very much for your donation. I really appreciate it! :thumbsup:
  • 0

#25
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP