Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop running painfully slow but no notable signs of infection

Started by Stuart Crighton , Feb 05 2012 04:40 PM

  • Please log in to reply

#1
Stuart Crighton
Posted 05 February 2012 - 04:40 PM

Stuart Crighton

    New Member

  • Member
  • Pip
  • 1 posts
I have an old Sony Vaio VGN-N31S that is running painfully slow. I have removed all unwanted programmes. There are no obvious signs of any virus or malware and I am usually pretty careful with any unknown links or files.

I would like for my step son to use the laptop but even basic tsks take forever to happen like opening programmes and searching in google.

Below is the log from the scan I ran on OTL

Any help would be greatly appreciated.


OTL logfile created on: 05/02/2012 21:41:15 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kryton\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1013.45 Mb Total Physical Memory | 290.34 Mb Available Physical Memory | 28.65% Memory free
2.91 Gb Paging File | 1.41 Gb Available in Paging File | 48.59% Paging File free
Paging file location(s): c:\pagefile.sys 2000 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83.85 Gb Total Space | 33.35 Gb Free Space | 39.78% Space Free | Partition Type: NTFS
Drive F: | 76.76 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KRYTON-PC | User Name: Kryton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Processes (SafeList) ==========

PRC - [2012/02/05 18:59:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Kryton\Downloads\OTL.exe
PRC - [2012/02/05 18:47:50 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Kryton\AppData\Local\Temp\GUM7148.tmp\GoogleUpdate.exe
PRC - [2012/02/05 18:47:47 | 000,733,096 | ---- | M] (Google Inc.) -- C:\Users\Kryton\AppData\Local\Google\Update\Install\{C6286D82-0BE6-4E76-A912-DBD91E883C29}\GoogleUpdateSetup.exe
PRC - [2012/02/05 18:47:42 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Windows\Temp\GUM5437.tmp\GoogleUpdate.exe
PRC - [2012/02/05 18:47:40 | 000,733,096 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\Install\{FE884F14-36EB-49C6-ABD1-4CE68D02CF07}\GoogleUpdateSetup.exe
PRC - [2011/11/23 12:52:17 | 003,495,256 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
PRC - [2011/09/06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/09/06 21:45:27 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2010/06/28 09:53:16 | 001,142,784 | ---- | M] () -- C:\Program Files\Sapido\AU4912\RtWLan.exe
PRC - [2010/04/16 16:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files\Sapido\AU4912\RtlService.exe
PRC - [2009/06/26 16:21:00 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 07:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 07:38:32 | 000,319,544 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2008/01/19 07:33:23 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
PRC - [2007/02/13 23:19:48 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe
PRC - [2007/02/13 23:19:48 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/02/09 18:54:42 | 000,923,768 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\VAIO Power Management\SPMgr.exe
PRC - [2007/02/05 19:20:16 | 000,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007/01/23 04:39:32 | 000,321,656 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\ISB Utility\ISBMgr.exe
PRC - [2007/01/12 05:52:25 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2007/01/12 05:52:24 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2007/01/12 05:52:23 | 000,042,544 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2007/01/12 02:36:34 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2006/11/29 03:27:46 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2006/11/29 03:09:58 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2006/11/29 03:09:46 | 000,172,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/15 05:39:54 | 000,420,920 | ---- | M] () -- C:\Users\Kryton\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
MOD - [2011/11/15 05:39:53 | 003,702,840 | ---- | M] () -- C:\Users\Kryton\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/15 05:38:16 | 000,122,952 | ---- | M] () -- C:\Users\Kryton\AppData\Local\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/15 05:38:15 | 000,222,280 | ---- | M] () -- C:\Users\Kryton\AppData\Local\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/15 05:38:14 | 001,746,504 | ---- | M] () -- C:\Users\Kryton\AppData\Local\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/11/15 02:36:18 | 008,593,056 | ---- | M] () -- C:\Users\Kryton\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011/11/15 02:36:18 | 008,593,056 | ---- | M] () -- C:\Users\Kryton\AppData\Local\Google\Chrome\APPLIC~1\150874~1.121\gcswf32.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/01/24 09:04:22 | 000,061,440 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2007/01/24 09:02:24 | 000,077,824 | ---- | M] () -- C:\Windows\System32\hccutils.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/06 21:45:27 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2010/04/16 16:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\Sapido\AU4912\RtlService.exe -- (WirelessUSB)
SRV - [2008/01/19 07:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/13 23:19:48 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/01/10 18:43:24 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2006/11/29 03:27:46 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2006/11/29 03:09:58 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2006/11/29 03:09:46 | 000,172,032 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 21:38:54 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011/09/06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 21:37:39 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011/09/06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 21:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 21:10:01 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2010/06/09 05:40:34 | 000,596,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192cu.sys -- (RTL8192cu)
DRV - [2009/11/04 16:59:38 | 000,112,640 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/11/04 16:59:38 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/11/04 16:59:38 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009/06/26 16:21:02 | 001,956,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2009/04/11 04:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/01/17 22:26:20 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/05/07 06:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007/02/08 03:53:57 | 000,807,424 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/02/06 05:54:39 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)
DRV - [2007/01/12 05:52:24 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/01/10 11:09:12 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/12/29 03:40:08 | 000,509,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006/10/18 19:56:30 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2006/09/28 13:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pnetmdm.sys -- (pnetmdm)
DRV - [2005/08/17 07:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 07:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)


[2010/06/22 22:43:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kryton\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kryton\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kryton\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Users\Kryton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.5.7_0\
CHR - Extension: Entanglement = C:\Users\Kryton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: AT_Porsche = C:\Users\Kryton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0\
CHR - Extension: Poppit = C:\Users\Kryton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2009/10/20 12:19:03 | 000,000,793 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeBridge] File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B077067-F50A-4F85-9A41-8F96FE4A45C1}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBF8FEFA-EF04-4275-AE4E-8A75800054EE}: DhcpNameServer = 192.168.1.254 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Kryton\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kryton\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/09/16 08:56:00 | 000,000,000 | ---D | M] - F:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2008/10/16 04:22:52 | 002,834,432 | R--- | M] () - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010/09/01 04:25:30 | 000,000,029 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{32f37b15-3be0-11de-81d8-0013a9c81c63}\Shell - "" = AutoRun
O33 - MountPoints2\{32f37b15-3be0-11de-81d8-0013a9c81c63}\Shell\AutoRun\command - "" = G:\AUTORUN.EXE
O33 - MountPoints2\{32f37b17-3be0-11de-81d8-0013a9c81c63}\Shell - "" = AutoRun
O33 - MountPoints2\{32f37b17-3be0-11de-81d8-0013a9c81c63}\Shell\AutoRun\command - "" = G:\AUTORUN.EXE
O33 - MountPoints2\{32f37d4b-3be0-11de-81d8-0013a9c81c63}\Shell - "" = AutoRun
O33 - MountPoints2\{32f37d4b-3be0-11de-81d8-0013a9c81c63}\Shell\AutoRun\command - "" = G:\AUTORUN.EXE
O33 - MountPoints2\{32f37d4e-3be0-11de-81d8-0013a9c81c63}\Shell - "" = AutoRun
O33 - MountPoints2\{32f37d4e-3be0-11de-81d8-0013a9c81c63}\Shell\AutoRun\command - "" = G:\AUTORUN.EXE
O33 - MountPoints2\{3628f956-618c-11de-9644-0013a9c81c63}\Shell - "" = AutoRun
O33 - MountPoints2\{3628f956-618c-11de-9644-0013a9c81c63}\Shell\AutoRun\command - "" = G:\AUTORUN.EXE
O33 - MountPoints2\{3628f96d-618c-11de-9644-0013a9c81c63}\Shell - "" = AutoRun
O33 - MountPoints2\{3628f96d-618c-11de-9644-0013a9c81c63}\Shell\AutoRun\command - "" = G:\AUTORUN.EXE
O33 - MountPoints2\{45efcc0b-f17f-11dc-b28a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{45efcc0b-f17f-11dc-b28a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2008/10/16 04:22:52 | 002,834,432 | R--- | M] ()
O33 - MountPoints2\{5f6f0ffc-3ba8-11de-9a46-0013a9c81c63}\Shell - "" = AutoRun
O33 - MountPoints2\{5f6f0ffc-3ba8-11de-9a46-0013a9c81c63}\Shell\AutoRun\command - "" = G:\AUTORUN.EXE
O33 - MountPoints2\{6ca13590-e917-11df-8f98-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6ca13590-e917-11df-8f98-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6ca135ec-e917-11df-8f98-001e101f9843}\Shell - "" = AutoRun
O33 - MountPoints2\{6ca135ec-e917-11df-8f98-001e101f9843}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a4a0d97d-6384-11dd-9fbd-0013a9c81c63}\Shell\AutoRun\command - "" = p.exe
O33 - MountPoints2\{a4a0d97d-6384-11dd-9fbd-0013a9c81c63}\Shell\open\Command - "" = p.exe
O33 - MountPoints2\{a4a0d981-6384-11dd-9fbd-0013a9c81c63}\Shell\AutoRun\command - "" = p.exe
O33 - MountPoints2\{a4a0d981-6384-11dd-9fbd-0013a9c81c63}\Shell\open\Command - "" = p.exe
O33 - MountPoints2\{d73901bc-ee44-11df-ba88-0013a9c81c63}\Shell - "" = AutoRun
O33 - MountPoints2\{d73901bc-ee44-11df-ba88-0013a9c81c63}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e231d14c-08c0-11de-8bca-0013a9c81c63}\Shell\AutoRun\command - "" = wdsync.exe
O33 - MountPoints2\{e231d179-08c0-11de-8bca-0013a9c81c63}\Shell - "" = AutoRun
O33 - MountPoints2\{e231d179-08c0-11de-8bca-0013a9c81c63}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AUTORUN.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 360 Days ==========

[2012/02/05 21:45:05 | 000,000,000 | ---D | C] -- C:\17e76bec2c686222352a8eb577a2796b
[2011/11/25 14:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/23 13:06:34 | 000,111,320 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011/11/23 13:03:22 | 000,195,416 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011/11/23 13:03:20 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/11/23 13:02:52 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011/11/23 12:51:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011/10/31 13:41:04 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/31 13:41:04 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/31 13:41:04 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/31 13:41:04 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/31 13:41:02 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/10/31 13:40:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/31 13:40:48 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/31 13:40:21 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/10/31 13:40:20 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/10/31 13:40:20 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/10/31 13:40:20 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/10/31 13:40:20 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/10/31 13:40:19 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/10/31 13:40:19 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/31 13:40:19 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/10/31 13:40:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/10/31 13:40:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/10/31 13:40:18 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/10/31 13:40:18 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/10/31 13:40:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/10/31 13:40:13 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/31 13:40:13 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/10/31 13:40:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/10/31 13:39:31 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/31 13:39:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/09/02 12:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/09/02 12:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/09/02 11:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/09/02 11:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/28 18:46:17 | 000,000,000 | ---D | C] -- C:\Users\Kryton\Desktop\August2011
[2011/08/26 19:32:37 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/08/26 19:32:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/08/26 19:28:46 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/08/26 19:28:46 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/07/28 09:42:40 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/07/22 13:16:34 | 000,000,000 | ---D | C] -- C:\Users\Kryton\Desktop\Jen Blackd_files
[2011/07/13 11:09:11 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/07/05 17:37:00 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2011/07/05 17:37:00 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2011/05/10 07:06:08 | 004,517,664 | ---- | C] (Apple, Inc.) -- C:\Windows\System32\usbaaplrc.dll
[2011/05/05 11:44:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/05/05 11:44:37 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/05/05 11:44:15 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/04/16 18:44:49 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/16 18:44:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/16 18:42:59 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/16 18:42:58 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/16 18:42:41 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/05 08:48:57 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/04/05 08:48:53 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/09 12:35:40 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2011/03/08 21:34:10 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/08 21:34:09 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/08 21:34:08 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/08 21:34:08 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/02/26 03:09:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/02/26 03:05:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/02/26 03:05:17 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/02/26 03:05:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/02/26 03:05:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/02/26 03:05:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/02/26 03:05:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/02/26 03:05:11 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/02/26 03:05:11 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/02/26 03:05:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/02/26 03:05:11 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/02/26 03:05:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/02/26 03:04:49 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/02/26 03:04:48 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/02/26 03:04:48 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/02/26 03:04:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/02/26 03:04:47 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/02/16 03:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 360 Days ==========

[2012/02/05 22:01:11 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/02/05 21:56:24 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/05 21:47:12 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2282740083-138792991-1604271240-1003UA.job
[2012/02/05 21:47:12 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2282740083-138792991-1604271240-1003Core.job
[2012/02/05 21:40:56 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/05 21:40:54 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/05 21:32:10 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2282740083-138792991-1604271240-1005UA.job
[2012/02/05 21:31:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/05 18:46:58 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/11/30 11:50:32 | 000,012,868 | ---- | M] () -- C:\Users\Kryton\Desktop\chicco-talking-driver-A111P_SP707_61_UT1HH.jpg
[2011/11/29 22:03:22 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/11/29 21:29:10 | 000,057,186 | ---- | M] () -- C:\Users\Kryton\Desktop\firewood.JPG
[2011/11/29 14:57:32 | 000,001,746 | ---- | M] () -- C:\Users\Kryton\Desktop\license.avastlic
[2011/11/28 18:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/11/28 18:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/11/28 17:54:38 | 000,111,320 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011/11/28 17:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/11/28 17:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/11/28 17:53:22 | 000,195,416 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011/11/28 17:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/11/28 17:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/11/28 17:52:07 | 000,055,128 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/11/28 17:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/11/25 14:26:35 | 000,659,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/25 14:26:35 | 000,128,202 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/25 14:11:00 | 000,000,862 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2282740083-138792991-1604271240-1005Core.job
[2011/11/25 14:08:51 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/23 12:51:19 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011/11/01 04:26:25 | 002,317,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/09/30 23:06:08 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/09/30 23:03:05 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/09/30 23:02:36 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/09/30 23:02:36 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/09/30 23:02:06 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/09/30 23:01:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/09/30 23:01:51 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/09/30 23:01:34 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/09/30 23:01:34 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/09/30 23:01:34 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/09/30 23:01:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/09/30 23:01:33 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/09/30 23:01:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/09/30 22:07:25 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/09/30 21:29:54 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/09/30 21:29:44 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/09/30 21:29:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/09/30 21:28:36 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/09/06 21:10:01 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011/09/06 13:30:12 | 002,043,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/09/02 12:01:31 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/25 16:15:04 | 000,555,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/08/25 13:31:01 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/07/29 16:01:34 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/07/29 16:01:33 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/07/29 16:00:14 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/07/29 16:00:05 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/07/28 17:51:43 | 001,058,772 | ---- | M] () -- C:\Users\Kryton\Documents\iTunes Diagnostics.spx
[2011/07/28 17:51:43 | 000,004,050 | ---- | M] () -- C:\Users\Kryton\Documents\iTunes Diagnostics.rtf
[2011/07/28 10:36:03 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/07/28 10:36:03 | 000,001,854 | ---- | M] () -- C:\Users\Kryton\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/07/22 13:16:34 | 000,515,093 | ---- | M] () -- C:\Users\Kryton\Desktop\Jen Blackd.htm
[2011/07/22 12:07:39 | 000,000,632 | RHS- | M] () -- C:\Users\Kryton\ntuser.pol
[2011/07/21 12:54:53 | 001,441,030 | ---- | M] () -- C:\Users\Kryton\Desktop\IMG_2120.JPG
[2011/07/11 13:25:35 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/07/10 13:10:27 | 000,027,382 | ---- | M] () -- C:\Users\Kryton\Desktop\baby_mother.jpg
[2011/07/05 17:37:00 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2011/07/05 17:37:00 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2011/06/20 08:54:36 | 003,602,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/06/20 08:54:36 | 003,550,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/06/17 16:03:18 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/05/10 07:06:08 | 004,517,664 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\usbaaplrc.dll
[2011/04/20 15:50:31 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/04/16 17:57:12 | 000,047,616 | ---- | M] () -- C:\Users\Kryton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/12 21:55:52 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/03/10 17:03:51 | 001,162,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/03/10 17:03:51 | 001,136,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/03/03 15:40:13 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/03/03 13:35:36 | 004,240,384 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/02/22 14:13:01 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/02/22 13:33:12 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/02/16 16:16:37 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/02/16 14:02:23 | 000,292,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/02/14 20:26:50 | 000,000,162 | -H-- | M] () -- C:\Users\Kryton\Desktop\~$ramid template 1.jpg
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/30 11:50:32 | 000,012,868 | ---- | C] () -- C:\Users\Kryton\Desktop\chicco-talking-driver-A111P_SP707_61_UT1HH.jpg
[2011/11/29 21:29:19 | 000,057,186 | ---- | C] () -- C:\Users\Kryton\Desktop\firewood.JPG
[2011/11/29 15:03:13 | 000,001,746 | ---- | C] () -- C:\Users\Kryton\Desktop\license.avastlic
[2011/11/25 14:08:51 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/23 12:51:19 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011/09/02 12:01:31 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/07/28 17:51:43 | 001,058,772 | ---- | C] () -- C:\Users\Kryton\Documents\iTunes Diagnostics.spx
[2011/07/28 17:51:42 | 000,004,050 | ---- | C] () -- C:\Users\Kryton\Documents\iTunes Diagnostics.rtf
[2011/07/28 09:42:58 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/07/22 13:16:28 | 000,515,093 | ---- | C] () -- C:\Users\Kryton\Desktop\Jen Blackd.htm
[2011/07/21 12:44:04 | 001,441,030 | ---- | C] () -- C:\Users\Kryton\Desktop\IMG_2120.JPG
[2011/07/10 13:10:48 | 000,027,382 | ---- | C] () -- C:\Users\Kryton\Desktop\baby_mother.jpg
[2011/02/26 03:04:52 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/02/26 03:04:52 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/02/26 03:04:52 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/02/14 20:26:50 | 000,000,162 | -H-- | C] () -- C:\Users\Kryton\Desktop\~$ramid template 1.jpg
[2010/11/22 18:36:10 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2010/06/22 21:53:42 | 000,000,047 | ---- | C] () -- C:\Windows\WinInit.Ini
[2010/06/14 19:07:48 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2010/01/19 11:49:54 | 000,466,944 | ---- | C] () -- C:\Windows\System32\RemoveDevice.dll
[2010/01/19 11:49:54 | 000,466,944 | ---- | C] () -- C:\Windows\RemoveDevice.dll
[2009/09/12 10:47:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/12 10:47:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/08 12:16:02 | 000,000,000 | ---- | C] () -- C:\Windows\DbgOut.INI
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/26 16:21:02 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini
[2009/06/24 07:19:54 | 000,103,835 | ---- | C] () -- C:\Windows\hpqins05.dat.temp
[2009/05/11 12:31:31 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/03/09 12:13:55 | 000,000,680 | ---- | C] () -- C:\Users\Kryton\AppData\Local\d3d9caps.dat
[2009/01/17 22:26:38 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009/01/17 22:08:55 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/12/14 13:48:53 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/10/08 17:27:36 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/08/11 07:19:48 | 000,103,835 | ---- | C] () -- C:\Windows\hpqins05.dat
[2008/08/11 07:14:45 | 000,104,000 | ---- | C] () -- C:\Windows\hpqins01.dat
[2008/08/08 13:41:31 | 000,134,188 | ---- | C] () -- C:\Windows\hpwins10.dat.temp
[2008/08/08 13:41:31 | 000,001,042 | ---- | C] () -- C:\Windows\hpwmdl10.dat.temp
[2008/08/08 12:47:32 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hpzids01.dll
[2008/08/08 12:38:00 | 000,010,385 | ---- | C] () -- C:\Windows\hpwscr10.dat
[2008/08/06 09:45:50 | 000,047,616 | ---- | C] () -- C:\Users\Kryton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/10 07:00:00 | 000,430,080 | ---- | C] () -- C:\Windows\System32\ZSHP1018.EXE
[2007/09/19 20:11:52 | 000,041,472 | ---- | C] () -- C:\Windows\System32\cam1690.dll
[2007/06/05 14:29:52 | 000,060,416 | ---- | C] () -- C:\Windows\System32\stid1690.exe
[2007/03/23 15:34:42 | 001,597,440 | ---- | C] () -- C:\Windows\System32\stic1690.exe
[2007/02/27 01:02:01 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2007/02/26 22:06:01 | 000,163,840 | ---- | C] () -- C:\Windows\System32\WLANDLL.DLL
[2007/02/26 21:14:49 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1151.dll
[2007/02/26 21:14:49 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/02/26 21:14:49 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/02/26 21:14:49 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 002,317,384 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,659,912 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,128,202 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:A18D1A5B
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:8C35AEA7

< End of report >


OTL Extras logfile created on: 05/02/2012 21:41:15 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kryton\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1013.45 Mb Total Physical Memory | 290.34 Mb Available Physical Memory | 28.65% Memory free
2.91 Gb Paging File | 1.41 Gb Available in Paging File | 48.59% Paging File free
Paging file location(s): c:\pagefile.sys 2000 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83.85 Gb Total Space | 33.35 Gb Free Space | 39.78% Space Free | Partition Type: NTFS
Drive F: | 76.76 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KRYTON-PC | User Name: Kryton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{099443DA-3CBC-4A6A-9200-517B51D03ECE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0FBD303D-8229-4554-86B5-3855100AFE98}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0FCD5C68-3849-434E-91A2-AB4BDB41E41E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{162CD02A-80C9-4588-AE53-BDA0EF087E3C}" = lport=3390 | protocol=6 | dir=in | app=system |
"{17797218-7D55-4B4A-AB90-3412D0A3535E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1851A5F7-E81E-420E-BB3C-270FC8F65136}" = lport=10243 | protocol=6 | dir=in | app=system |
"{18F1B2D0-559B-46B3-AC39-A3DC3C83155D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D0C0B73-3F6A-4AF2-942F-916FB6812F4B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3880B1FE-4F28-47CA-8875-80E9FBD9D530}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{40F772D8-20AA-42C6-B2DC-784C441928A0}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{415BF522-BBCE-4CFE-B621-991ADC6EF4C1}" = lport=3390 | protocol=6 | dir=in | app=system |
"{4D8639DA-533E-43DB-9A62-6105C85D712A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56391971-3A3D-4B7A-B897-CF8AE594C45E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CE655D5-7172-4717-9322-9C7EBECCDBDB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5D6C1C58-9FB2-48BC-9163-7C67FD811F63}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6CC44C37-81C1-4A87-823F-A486C359DC56}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6DA8471F-AD35-4A2E-8436-537584ED183C}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{7206C623-736D-4178-AD89-E1D978D9856A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7A5A8A98-1DFB-44B4-9FE1-82A3A2F6D9C8}" = lport=10244 | protocol=6 | dir=in | app=system |
"{7D58D322-9BEE-415B-BE6E-25C8D6856C97}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{8D6DD8B4-DC8F-456E-8794-8855AD520271}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8FD75D49-09AE-4622-8FD6-BAE7F98DBDEB}" = rport=10244 | protocol=6 | dir=out | app=system |
"{9191C88A-5E7C-466E-BF69-ABCAF13119C8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{990E1475-42B0-4BC5-BC89-AAEF87F8B0F8}" = lport=49152 | protocol=17 | dir=in | name=bitcomet 49152 udp |
"{9B2C5851-F519-44A0-BF1F-B02C90123E84}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{9D729D4D-2707-44D8-9FD1-3F24A4CFE640}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{9E22B0C1-D25E-4E7C-A8FE-D5347F3575FB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{AA298965-F359-427C-981A-BFE2316DB40B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B36DB0E0-B512-41FD-B4E6-F7B4B4DBA735}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9CEE8E3-534A-4372-AED7-A48CF5492989}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{BAAB078A-2D47-4B24-BE4B-2CC81BB15EDD}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{C29D892A-3762-4941-841A-19D8644358BB}" = lport=49152 | protocol=17 | dir=in | name=bitcomet 49152 udp |
"{C4EACF48-9DCA-4940-9221-F94E5CD9FD7F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CBE0FDA9-7440-43DB-A476-A44F41D59C88}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D3C0D049-D475-4322-A5B0-2C09DFEDE911}" = lport=49152 | protocol=6 | dir=in | name=bitcomet 49152 tcp |
"{D50E8152-71F8-4800-8662-E6FC20762B65}" = rport=10244 | protocol=6 | dir=out | app=system |
"{D9076B58-BFFA-4908-B6E1-6C2E413C1065}" = lport=10244 | protocol=6 | dir=in | app=system |
"{DA14ECEE-87F7-4DEF-BEB2-26B9438801B6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E58E1D07-CFCE-447F-AB65-82B060206143}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F3662816-51DF-45C4-8FA4-54785221A065}" = lport=49152 | protocol=6 | dir=in | name=bitcomet 49152 tcp |
"{F698DFF2-6744-45BB-8FAB-1C7B3FE0FDAE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F7C97B0D-43E4-416F-92D7-37D892AD96DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A078E0-0981-445F-A6EE-5C5648CC2C9F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{0A9DF380-E990-4775-BAA9-39856D1F2BD3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0E7A6B69-C071-43A4-B100-8DF73B56EAFF}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{13D63AF7-E784-4A0F-A4D8-272FC4A896D8}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{15040CB2-B5A9-480C-ABB5-80E2D6B22C0B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{173DBF9A-A105-4C71-9901-D39FBEC64632}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1B3CB0A6-AB8C-43C2-B9F2-9E7557E1DC6F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1B6F554B-9170-4B43-86C1-8C5CB68723EC}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{21C62D6D-54F3-449E-BE97-C8A98FD57CFD}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{227A759C-A815-4AA7-A14F-57E8B52DAAF2}" = protocol=6 | dir=in | app=c:\program files\sapido\au4912\rtwlan.exe |
"{2CC96978-3E82-4EAC-846F-9C890118F3FD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{334CBB9B-F123-4E0A-A79D-1685AB5662BD}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{3F05E7A6-5C74-4B3B-AE0C-8C72DE06A4A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3FEE8B0F-ACA7-4939-B969-86F6F9C2A502}" = protocol=6 | dir=out | app=system |
"{40604F00-DC26-49C1-B8EB-F85CD0087FE5}" = protocol=17 | dir=in | app=c:\program files\sapido\au4912\rtwlan.exe |
"{468E01E1-1FC2-4228-A065-54C3AB77E2AA}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{4804D362-DAE0-4736-9B36-85B7F0BACEE2}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{6552D375-A167-4273-923A-91B21741D310}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6AFEFC7F-A7B8-4EF5-907A-6170CD3086CD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{70154FBC-549F-4E18-9E7B-9EDE8C45169F}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{7393AAED-7757-4B6B-9DD9-B8F5ADEA8242}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{7855D73E-E1B1-4062-BC38-5357F884B36D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8AB00CFB-47EF-41A6-8922-DDE867034BB8}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{8EB35478-10AC-47D0-A25C-9EEE2C8374CC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{95092D77-0533-42A0-853B-43DD4DF91459}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{A1E2A998-7630-4943-B05E-A0B08121DBFB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2945845-3B64-4696-B7D0-F46AF3A351A5}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{A6DBA1EC-0EA9-4E27-90F3-7D7A0B3BA1B6}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{A83034E4-59C0-4A4E-97ED-ABE255EA4E76}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{AA7D8C57-D7CF-4224-85CE-A4027E4B68B2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B5581A59-CF6F-42BF-BAA0-79A3E6765A39}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{BF9E59DB-9A4B-4ECA-9D9E-D3342A68B10D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C206DBEB-2286-440F-8625-831813E1A88D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6DE20C3-2089-48A5-9A99-38984B5BB384}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9F77D43-CFC3-44F0-AA37-2755E28967EE}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{CD9A0A8F-6623-4B18-965B-E02D80FE3BA1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1AF0D8B-BF33-435A-8E04-647D40BC5766}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{D82D1A81-31AC-4452-81B5-80A4B7C6EF59}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E5EF21B1-0130-4748-BBB3-AFBC2743CCA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E629B4AA-E9C6-41DA-A36B-F476D440579C}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{E924E610-84EA-485C-9C60-06595626D7A2}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{E94A3424-550F-487F-BC0C-5A34E9499C56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ECAF249A-EAAE-4C2B-A687-9A2EEDFB694B}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{FB4895AD-1F7E-46D6-9501-A15171E35940}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{003DE28C-0236-410B-8D03-91D8843E2FF8}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{22644CE9-1390-4597-89F1-79A1E8DE5220}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{41DD4AA5-C712-4C34-BD21-BDD044BAEBE6}C:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe |
"TCP Query User{4EEBC039-8D36-4734-8611-20BF2BFD9A8A}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{62737BDB-B412-49FA-838F-EAAAF56FC997}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{A9EF5195-302C-4172-BE3D-EF3099ECE120}C:\program files\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"TCP Query User{DB63CA09-CEEA-481D-96E9-296D5F7C289B}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{E43EF746-4299-4BEC-8D7B-449F8FDE3D3A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{1D9FE6DA-9DF6-425F-BBB5-F57F1B6C0EB0}C:\program files\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"UDP Query User{22B7A27F-2961-4F95-95D8-2BBBF4B26C8E}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{313B3C1D-D8F8-4F7A-A9D1-1D636EBF9AB0}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8BEE485A-F5F4-4435-B439-2CB3A1FA908B}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{9F18A1F6-ACB9-41F4-9B7F-33D62037575B}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{EA6F3C70-C616-49FB-9EA8-AEBE38E4E9FA}C:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe |
"UDP Query User{ECE387B8-6164-4023-8632-3935B3EED6A6}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{FD7D3551-477A-4D27-A066-8C25AF1B58CD}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 17
"{27F00C63-449B-2FAB-CBE8-24AB80E17449}" = Acrobat.com
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BA976E-38B8-4C63-990C-50999C8C3521}" = BPD_Scan
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{500C3FDC-5E5F-485F-BDF5-2C445839CBE0}" =
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{55B781F0-060E-11D4-99D7-00C04FCCB775}" =
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D12314F45EB}" = AU4912 Utility
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{C183A21C-395A-490F-99D4-CCAB35E32859}" =
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Wireless Card
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Internet Security
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/04/2010 13:25:11 | Computer Name = Kryton-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10/04/2010 13:25:11 | Computer Name = Kryton-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10/04/2010 13:25:12 | Computer Name = Kryton-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10/04/2010 13:25:12 | Computer Name = Kryton-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10/04/2010 13:25:12 | Computer Name = Kryton-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10/04/2010 14:06:41 | Computer Name = Kryton-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 12/04/2010 15:58:00 | Computer Name = Kryton-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 12/04/2010 16:43:29 | Computer Name = Kryton-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12/04/2010 17:20:24 | Computer Name = Kryton-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 13/04/2010 15:53:33 | Computer Name = Kryton-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

[ Media Center Events ]
Error - 28/01/2009 17:35:53 | Computer Name = Kryton-PC | Source = Mcx2Dvcs | ID = 401
Description =

Error - 29/05/2009 15:52:15 | Computer Name = Kryton-PC | Source = McrMgr | ID = 107
Description =

Error - 21/11/2009 19:27:34 | Computer Name = Kryton-PC | Source = Mcx2Svc | ID = 301
Description =

Error - 21/11/2009 20:48:32 | Computer Name = Kryton-PC | Source = McrMgr | ID = 100
Description =

Error - 22/11/2009 13:44:30 | Computer Name = Kryton-PC | Source = McrMgr | ID = 100
Description =

Error - 25/11/2009 17:39:09 | Computer Name = Kryton-PC | Source = McrMgr | ID = 107
Description =

Error - 25/11/2009 17:39:12 | Computer Name = Kryton-PC | Source = McrMgr | ID = 109
Description =

Error - 25/11/2009 17:44:17 | Computer Name = Kryton-PC | Source = McrMgr | ID = 109
Description =

[ OSession Events ]
Error - 15/08/2008 03:44:58 | Computer Name = Kryton-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4230
seconds with 3420 seconds of active time. This session ended with a crash.

Error - 19/06/2009 04:27:07 | Computer Name = Kryton-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.

Error - 14/08/2009 03:22:43 | Computer Name = Kryton-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 68
seconds with 0 seconds of active time. This session ended with a crash.

Error - 28/08/2009 03:38:56 | Computer Name = Kryton-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 84532
seconds with 2820 seconds of active time. This session ended with a crash.

Error - 25/10/2009 13:10:13 | Computer Name = Kryton-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1087
seconds with 540 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 04/12/2011 11:10:59 | Computer Name = Kryton-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:29:12 on 30/11/2011 was unexpected.

Error - 04/12/2011 11:12:41 | Computer Name = Kryton-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 04/12/2011 11:12:41 | Computer Name = Kryton-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 04/12/2011 11:12:41 | Computer Name = Kryton-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 05/12/2011 15:10:39 | Computer Name = Kryton-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 15:25:45 on 04/12/2011 was unexpected.

Error - 05/02/2012 14:32:57 | Computer Name = Kryton-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:10:39 on 05/12/2011 was unexpected.

Error - 05/02/2012 14:34:11 | Computer Name = Kryton-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 05/02/2012 14:34:36 | Computer Name = Kryton-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 05/02/2012 14:41:30 | Computer Name = Kryton-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 05/02/2012 17:33:14 | Computer Name = Kryton-PC | Source = Service Control Manager | ID = 7011
Description =


< End of report >

Edited by Stuart Crighton, 05 February 2012 - 04:44 PM.

  • 0

Advertisements

#2
WhiteHat
Posted 06 February 2012 - 05:38 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hello Stuart Crighton and welcome to GeeksToGo :)

I'm GLeobas and I'm going to help you fix your problem.

Please note that I'm currently in training and my posts have to be approved by an expert before I reply.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • Please do not try to fix anything without being asked
  • I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread.
  • I am currently reviewing your logs.

  • 0

#3
WhiteHat
Posted 07 February 2012 - 05:30 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
# Step 1 #

Posted Image Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be
    prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2
prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


# Step 2 #


Download aswMBR.exe ( 1.8mB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP