Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Seekmo


  • Please log in to reply

#1
fac3plant

fac3plant

    New Member

  • Member
  • Pip
  • 1 posts
I've followed the instructions you provide on malware - I'd run malwarebytes earlier today which found and removed 5 malicious items, but the hijack remains. When I ran Malwarebytes as part of the process you suggested nothing was found. Here is the log:

Malwarebytes' Anti-Malware 1.36
Database version: 2099
Windows 5.1.2600 Service Pack 3

09/05/2009 19:41:18
mbam-log-2009-05-09 (19-41-18).txt

Scan type: Quick Scan
Objects scanned: 156959
Time elapsed: 1 hour(s), 22 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Here is my Rooter log:


Microsoft Windows XP Professional (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:76300 Mo/Free:1840 Mo)
D:\ [Fixed] - NTFS - (Total:69170 Mo/Free:1215 Mo)
E:\ [Removable] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
G:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

09/05/2009|19:48

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
---------- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
---------- C:\WINDOWS\system32\CTsvcCDA.exe
---------- C:\WINDOWS\eHome\ehRecvr.exe
---------- C:\WINDOWS\eHome\ehSched.exe
---------- C:\Program Files\Google\Update\GoogleUpdate.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Kontiki\KService.exe
---------- C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
---------- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
---------- C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
---------- C:\Program Files\Spyware Doctor\pctsAuxs.exe
---------- C:\Program Files\Spyware Doctor\pctsSvc.exe
---------- C:\Program Files\Spyware Doctor\pctsTray.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
---------- C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
---------- C:\WINDOWS\ehome\mcrdsvc.exe
---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
---------- C:\WINDOWS\system32\dllhost.exe
---------- C:\Program Files\Apoint\Apoint.exe
---------- C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
---------- C:\WINDOWS\ehome\ehtray.exe
---------- C:\WINDOWS\eHome\ehmsas.exe
---------- C:\Program Files\Apoint\Apntex.exe
---------- C:\Program Files\Apoint\Apvfb.exe
---------- C:\WINDOWS\system32\ICO.EXE
---------- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
---------- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
---------- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
---------- C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
---------- C:\Program Files\DAEMON Tools\daemon.exe
---------- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\Eraser\eraser.exe
---------- C:\PROGRA~1\Yahoo!\browser\ycommon.exe
---------- C:\Program Files\Skype\Phone\Skype.exe
---------- C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
---------- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Program Files\Creative\MediaSource5\MtdAcqu.exe
---------- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
---------- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
---------- C:\Program Files\Skype\Plugin Manager\SkypePM.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
---------- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
---------- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
---------- C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
---------- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
---------- C:\WINDOWS\explorer.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeCrack.zip
C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeCrack1.zip
C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeCrack2.zip
C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeCrack3.zip
C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeCrack4.zip


1 - "C:\Rooter$\Rooter_1.txt" - 09/05/2009|19:51

----------------------\\ Scan completed at 19:51


Here is the OTList log:

OTListIt logfile created on: 09/05/2009 19:59:59 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.4 Folder = C:\Documents and Settings\Paul Williams\Desktop\malware
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.11 Mb Total Physical Memory | 147.26 Mb Available Physical Memory | 14.41% Memory free
2.40 Gb Paging File | 0.81 Gb Available in Paging File | 33.87% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.51 Gb Total Space | 13.80 Gb Free Space | 18.51% Space Free | Partition Type: NTFS
Drive D: | 67.55 Gb Total Space | 25.19 Gb Free Space | 37.29% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CRADV
Current User Name: Paul Williams
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
PRC - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe (Tech Mahindra- PUNE)
PRC - C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\Apoint\Apntex.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\Apvfb.exe (ALPS)
PRC - C:\WINDOWS\system32\ICO.EXE (Primax Electronics Ltd.)
PRC - C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
PRC - C:\Program Files\Yahoo!\browser\ybrwicon.exe (Yahoo! Inc.)
PRC - C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Eraser\eraser.exe (-)
PRC - C:\Program Files\Yahoo!\browser\ycommon.exe (Yahoo!, Inc.)
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Creative\MediaSource5\MtdAcqu.exe (Creative Technology Ltd)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Skype\Plugin Manager\SkypePM.exe (Skype Technologies)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe (Adobe Systems, Incorporated)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe (TOSHIBA CORPORATION.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Documents and Settings\Paul Williams\Desktop\malware\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (AdobeActiveFileMonitor4.0 [Disabled | Stopped]) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [Auto | Running]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Creative Service for CDROM Access [Auto | Running]) -- C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Running]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (GoogleDesktopManager [On_Demand | Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (gupdate1c9c50efc319984 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hpqcxs08 [On_Demand | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (hpqddsvc [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (HPSLPSVC [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL (Hewlett-Packard Co.)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment [On_Demand | Stopped]) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (KService [Auto | Running]) -- C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
SRV - (McrdSvc [Auto | Running]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (MSSQL$VAIO_VEDB [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 3 [Auto | Running]) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
SRV - (Net Driver HPZ12 [Auto | Stopped]) -- C:\WINDOWS\system32\HPZinw12.dll (Hewlett-Packard)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (Norton Internet Security [Auto | Running]) -- C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (Symantec Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (Pml Driver HPZ12 [Auto | Stopped]) -- C:\WINDOWS\system32\HPZipm12.dll (Hewlett-Packard)
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (Roxio UPnP Renderer 9 [On_Demand | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe (Sonic Solutions)
SRV - (Roxio Upnp Server 9 [Auto | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe (Sonic Solutions)
SRV - (RoxLiveShare9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (Sonic Solutions)
SRV - (RoxMediaDB9 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (RoxWatch9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (sdAuxService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (sdCoreService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SQLAgent$VAIO_VEDB [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (SSScsiSV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (Symantec RemoteAssist [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
SRV - (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VAIO Event Service [Auto | Running]) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VCI [Auto | Stopped]) -- C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe (Sony Corporation)
SRV - (Vcsw [On_Demand | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzCdbSvc [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (Wireless Adapter Configurator [Auto | Running]) -- C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe (Tech Mahindra- PUNE)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (YPCService [On_Demand | Stopped]) -- C:\WINDOWS\system32\YPcservice.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (ApfiltrService [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (Aspi32 [System | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (BHDrvx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys (Symantec Corporation)
DRV - (ccHP [System | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys (Symantec Corporation)
DRV - (cdrbsdrv [System | Running]) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (cdrbsvsd [System | Running]) -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys (B.H.A Corporation)
DRV - (DMICall [System | Running]) -- C:\WINDOWS\system32\DRIVERS\DMICall.sys (Sony Corporation)
DRV - (dtscsi [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\dtscsi.sys ()
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (e1express [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (HSFHWAZL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (IDSxpx86 [System | Running]) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090508.002\IDSxpx86.sys (Symantec Corporation)
DRV - (IKFileSec [Boot | Running]) -- C:\WINDOWS\system32\drivers\ikfilesec.sys (PCTools Research Pty Ltd.)
DRV - (IKSysFlt [System | Running]) -- C:\WINDOWS\system32\drivers\iksysflt.sys (PCTools Research Pty Ltd.)
DRV - (IKSysSec [System | Running]) -- C:\WINDOWS\system32\drivers\iksyssec.sys (PCTools Research Pty Ltd.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (NAVENG [On_Demand | Running]) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090509.003\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090509.003\NAVEX15.SYS (Symantec Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NwlnkIpx [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys (Microsoft Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RimUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\RimUsb.sys (Research In Motion Limited)
DRV - (RimVSerPort [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\RimSerial.sys (Research in Motion Ltd)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (s115bus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\s115bus.sys (MCCI Corporation)
DRV - (s115mdfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\s115mdfl.sys (MCCI Corporation)
DRV - (s115mdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\s115mdm.sys (MCCI Corporation)
DRV - (s115mgmt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\s115obex.sys (MCCI Corporation)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SI3132 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\SI3132.sys (Silicon Image, Inc.)
DRV - (SiFilter [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (SiRemFil [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\SiRemFil.sys (Silicon Image, Inc.)
DRV - (SNC [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SonyNC.sys (Sony Corporation)
DRV - (SndTDriverV32 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\SndTDriverV32.sys (Windows ® 2000/XP)
DRV - (SonyImgF [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SonyImgF.sys (Sony Corporation)
DRV - (SONYPVU1 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS (Sony Corporation)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (SRTSP [System | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS (Symantec Corporation)
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (StillCam [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (SymEFA [Boot | Running]) -- C:\WINDOWS\system32\drivers\NIS\1005000.087\SYMEFA.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS (Symantec Corporation)
DRV - (SymIM [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SymIM.sys (Symantec Corporation)
DRV - (SymIMMP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SymIM.sys (Symantec Corporation)
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (SYMNDIS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS (Symantec Corporation)
DRV - (ti21sony [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ti21sony.sys (Texas Instruments)
DRV - (tmcomm [Auto | Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (toshidpt [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
DRV - (tosporte [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfbd [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfbnp [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (Tosrfcom [System | Running]) -- C:\WINDOWS\System32\Drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (Tosrfhid [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfnds [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (TosRfSnd [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (Tosrfusb [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (usbvm321 [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\usbvm321.sys (Vimicro Corporation)
DRV - (w39n51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys (Intel® Corporation)
DRV - (wceusbsh [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wceusbsh.sys (Microsoft Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (MBAMSwissArmy [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.client...fo/bt_side.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {FFBC0836-1BCF-4FE5-9B2B-E2E6F53CBDE7}:2.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.19
FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.1
FF - prefs.js..extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0
FF - prefs.js..extensions.enabledItems: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/10 20:44:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/05/09 14:57:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/04 19:36:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/04 19:36:33 | 00,000,000 | ---D | M]

[2008/07/03 11:40:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Extensions
[2008/07/03 11:40:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/09 16:04:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions
[2009/01/11 14:29:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/12/24 11:28:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
[2009/04/14 21:47:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/04/14 21:47:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/04/14 21:47:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/11/07 10:09:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2007/09/19 22:00:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\{FFBC0836-1BCF-4FE5-9B2B-E2E6F53CBDE7}
[2007/09/19 22:00:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\[email protected]
[2008/09/15 16:18:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\[email protected]
[2009/04/27 21:24:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Paul Williams\Application Data\mozilla\Firefox\Profiles\vjkjz91g.default\extensions\[email protected]
[2009/05/09 16:04:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/03/17 16:39:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/05/04 19:36:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/09/21 19:37:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/22 15:50:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/21 21:43:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/08/21 21:17:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/11/22 17:16:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/03/10 20:45:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/04 16:52:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/05/04 19:36:03 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/05/04 19:36:03 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/06/30 13:44:08 | 00,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2009/05/04 19:36:22 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/05/04 19:36:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/05/04 19:36:22 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/05/04 19:36:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/05/04 19:36:22 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/05/04 19:36:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/20 19:17:34 | 00,002,221 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SafeSearch.xml
[2009/05/04 19:36:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/05/04 19:36:22 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (941 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google AFE\GoogleAFE.dll (Google)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ALDI Photo Service] "C:\Program Files\ALDI Photo Service\ALDI_Photo_Service\FotoSuite.exe" /autorun File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 (DT Soft Ltd.)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" (Sonic Solutions)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary (Sony Corporation)
O4 - HKLM..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" (Sony Corporation)
O4 - HKLM..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" ()
O4 - HKCU..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide (-)
O4 - HKCU..\Run: [eyeBeam SIP Client] File not found
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" (Microsoft Corporation)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [MtdAcqu] "C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s (Creative Technology Ltd)
O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [] C:\Program Files\Mozilla Firefox\firefox.exe http://www.symantec....000030.0000010e (Mozilla Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2008/03/26 21:21:03 | 00,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL (Microsoft Corporation)
O9 - Extra Button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative....026/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish...shUKActivia.cab (Snapfish Activia)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Reg Error: Value error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1155070790015 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius....tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} http://help.broadban...tivePreQual.cab (PreQualifier Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Reg Error: Key error.)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.bl...re/AxLoader.cab (RIM AxLoader)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative....15028/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\system32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/16 13:14:20 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[37 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/09 19:48:46 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/09 18:07:08 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/09 17:00:11 | 00,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D9A409E6-1321-46C5-BBE5-0C224C1C2D1F}.job
[2009/05/09 16:28:07 | 17,278,464 | ---- | C] () -- C:\DOCUME~1\PAULWI~1\Desktop\InstallScorch.msi
[2009/05/09 16:20:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/05/09 16:17:06 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/05/09 16:09:53 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/05/09 14:49:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/05/09 14:49:21 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/05/09 14:48:24 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/05/09 14:44:18 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/05/09 14:44:17 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/05/09 14:44:17 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/05/09 14:44:16 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/05/09 14:44:16 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/05/09 14:44:15 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/05/09 14:44:15 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/05/09 14:38:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/05/09 09:56:57 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2009/05/09 09:56:57 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2009/05/09 09:56:57 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2009/05/09 09:56:57 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2009/05/09 09:56:57 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2009/05/08 14:35:42 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/05/08 14:35:33 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF24486.exe
[2009/05/07 20:56:14 | 00,000,000 | ---D | C] -- C:\DOCUME~1\PAULWI~1\Desktop\116OLYMP
[2009/05/04 11:04:41 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/05/04 11:04:25 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/05/04 11:04:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/04 11:00:59 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/05/01 21:49:55 | 34,406,050 | ---- | C] () -- C:\DOCUME~1\PAULWI~1\Desktop\Adobe Photoshop CS4 Bible.pdf
[2009/04/30 19:02:58 | 00,167,777 | ---- | C] () -- C:\DOCUME~1\PAULWI~1\Desktop\performance.htm
[2009/04/30 18:45:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2009/04/24 20:00:51 | 00,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/04/17 15:45:59 | 00,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2009/04/16 07:27:54 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 07:27:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/16 07:27:43 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 07:27:36 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 07:27:27 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 07:27:25 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 07:27:23 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 07:27:16 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 07:27:14 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 07:27:11 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/15 18:18:50 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/15 18:18:44 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/15 18:18:42 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/03/24 17:44:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009/03/05 15:53:23 | 03,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2009/03/05 15:53:23 | 03,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2009/03/05 15:53:23 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/05 15:53:23 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008/11/20 19:15:19 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/09/19 22:57:34 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/19 22:55:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/19 22:55:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/09/19 22:54:18 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/08/28 20:48:38 | 00,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008/08/28 20:46:58 | 00,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/08/17 12:08:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2008/04/23 22:21:00 | 00,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2008/03/22 20:00:53 | 00,000,079 | ---- | C] () -- C:\WINDOWS\rspca.ini
[2007/09/03 21:40:37 | 00,000,024 | ---- | C] () -- C:\WINDOWS\pstudio.ini
[2007/09/03 21:40:37 | 00,000,011 | ---- | C] () -- C:\WINDOWS\album.ini
[2007/05/25 21:21:50 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/05/19 19:01:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2007/04/15 14:15:54 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/04/13 16:03:54 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/01/29 22:18:36 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2007/01/09 21:53:02 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2006/11/06 16:38:48 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/09/06 20:05:21 | 00,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2006/06/17 21:59:01 | 00,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2006/06/17 21:53:35 | 00,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006/06/17 21:53:35 | 00,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd6973.sys
[2006/06/08 10:41:20 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/06/04 13:30:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2006/06/04 13:08:33 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2006/06/04 13:00:47 | 00,000,510 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/04 12:50:33 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2006/06/04 12:46:48 | 00,000,320 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/03/17 12:41:23 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/16 18:53:23 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/03/16 18:53:23 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/03/16 18:53:23 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/03/16 18:53:23 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/03/16 18:53:23 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/03/16 18:53:23 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/03/16 18:44:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2006/03/16 03:55:47 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/03/16 03:55:42 | 00,003,822 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/03/16 03:54:55 | 00,000,740 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/03/16 03:54:52 | 00,000,264 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/11/01 09:53:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/09/02 14:44:08 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/08/05 15:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/22 21:30:20 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/07/20 17:04:02 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/25 12:00:10 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\HWINV.DLL
[2001/07/25 12:00:10 | 00,026,572 | ---- | C] () -- C:\WINDOWS\System32\INV16.DLL
[2001/07/06 15:30:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Files - Modified Within 30 Days ==========

[37 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/09 19:15:04 | 00,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/05/09 17:19:43 | 00,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D9A409E6-1321-46C5-BBE5-0C224C1C2D1F}.job
[2009/05/09 17:01:58 | 00,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/05/09 16:59:06 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Paul Williams\My Documents\desktop.ini
[2009/05/09 16:56:55 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Paul Williams\Local Settings\desktop.ini
[2009/05/09 16:56:50 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/09 16:56:23 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/09 16:55:26 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/09 16:55:05 | 10,718,28992 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/09 16:44:33 | 00,570,718 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/09 16:44:33 | 00,488,406 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/09 16:44:33 | 00,091,390 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/09 16:30:59 | 17,278,464 | ---- | M] () -- C:\DOCUME~1\PAULWI~1\Desktop\InstallScorch.msi
[2009/05/09 16:16:25 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/09 15:51:39 | 02,275,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/09 13:40:31 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/08 15:00:01 | 00,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Paul Williams.job
[2009/05/05 22:05:01 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/05 18:18:36 | 00,462,848 | -HS- | M] () -- C:\DOCUME~1\PAULWI~1\Desktop\Thumbs.db
[2009/05/04 20:00:00 | 00,000,638 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Gill Williams.job
[2009/05/04 11:08:50 | 00,058,368 | ---- | M] () -- C:\Documents and Settings\Paul Williams\My Documents\Vilma Letter.doc
[2009/05/04 10:42:59 | 00,000,740 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/02 14:45:33 | 00,051,200 | ---- | M] () -- C:\DOCUME~1\PAULWI~1\Desktop\pubcrawl30.xls
[2009/05/01 21:49:58 | 34,406,050 | ---- | M] () -- C:\DOCUME~1\PAULWI~1\Desktop\Adobe Photoshop CS4 Bible.pdf
[2009/04/30 19:05:16 | 00,167,777 | ---- | M] () -- C:\DOCUME~1\PAULWI~1\Desktop\performance.htm
[2009/04/25 06:30:39 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/04/18 21:35:12 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:66E02052
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

and finally the extras log;

OTListIt Extras logfile created on: 09/05/2009 19:59:59 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.4 Folder = C:\Documents and Settings\Paul Williams\Desktop\malware
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.11 Mb Total Physical Memory | 147.26 Mb Available Physical Memory | 14.41% Memory free
2.40 Gb Paging File | 0.81 Gb Available in Paging File | 33.87% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.51 Gb Total Space | 13.80 Gb Free Space | 18.51% Space Free | Partition Type: NTFS
Drive D: | 67.55 Gb Total Space | 25.19 Gb Free Space | 37.29% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CRADV
Current User Name: Paul Williams
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE:*:Enabled:Connection Manager (Microsoft Corporation)
C:\Documents and Settings\Paul Williams\Desktop\Unused Desktop Shortcuts\utorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\Sony\Click to DVD 2\CtoDvd.exe:*:Enabled:Click to DVD (Sony Corporation)
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 (Adobe Systems Incorporated)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00F8608F-BA6A-4B32-843A-1A568ACD1198}" = VAIO Sea Wallpaper
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{08E4AE58-748D-4983-9B8A-495E2341769F}" = Garmin POI Loader new
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0D048BE8-AE02-4CB5-A428-616B9848E4A7}" = BlackBerry Desktop Software 4.3
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11C98E1A-EC91-4B38-B44C-C562292D8453}" = Adobe Premiere Elements 2.0
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 13
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.1
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2FD94FBC-07AE-475C-B522-BFE899B9048E}" = Garmin WebUpdater
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{348054A0-6F9A-4EF9-BBB0-827C14C20D86}" = Media Center Karaoke Plug-in
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Google AFE
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{43C0C354-A185-4D2D-A057-67C9160460E1}" = PS_AIO_04_C4580_Software_Min
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4D719053-5593-11D3-8F25-0060085C1758}" = Microsoft AutoRoute 2001
"{4E10E7FC-36CD-4C22-AC20-9E15692E8C2F}" = Virtual Sound Canvas DXi
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{548EAC70-EE00-11DD-908C-005056806466}" = Google Earth
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 5.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5EED93A8-33AD-46A7-A6AC-4DEAFBEFEEE1}" = Roxio Media Manager
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6F4AF3CA-A2EE-4013-8D75-99BE5A081033}" = Nero 8 Essentials
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7641710F-A4AD-4EAE-889C-4958BE3F169C}" = C4580
"{776EA8AC-D8D6-4528-92A2-0235F2B511F1}" = OLYMPUS Studio
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
"{795AF20A-51C5-4BAF-9EF5-AA38105C6141}" = Norton Security Scan
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7D25A304-C82D-41C3-85A8-3BEF84E04887}" = Garmin WebUpdater
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{AA4F2610-5FF1-4DCD-A6FB-BCA2D09A6443}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{EA35370F-586C-45E1-AC6C-A4E275C6B762}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E158BB9-37B9-464B-837E-CC1D5766291B}" = VAIO Update 3
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.2
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6A195F5-BCAB-4F38-8459-DF693303CD8D}" = PS_AIO_04_C4580_ProductContext
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{ABBD2A2E-2424-4078-966F-F319A88D5F21}" = VAIO Starfish Wallpaper
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.1
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.1
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{BA63612E-0458-416A-ADCD-B2349194F20F}" = Creative ZEN Nano Plus
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}" = HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 2.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C27BF761-C499-488D-A964-A3718BC6EC3E}" = DSD Direct
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{C89EB8CD-675F-44F4-9729-4C9A8FAC2D4F}" = DSD Playback Plug-in 1.0
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D23E2520-0EAA-4AC3-A47E-A551C70D4FED}" = C4580_Help
"{D4278897-1541-493E-9D39-59CC6AB0FC09}" = PS_AIO_04_C4580_Software
"{D466F3D9-510C-4729-B7D4-2E70490E4CDF}" = BBC iPlayer Download Manager
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2008
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E3F90083-80D4-4B5A-87C7-E97E12F5516D}" = HPProductAssistant
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E5E6E687-1033-0000-0000-000000000002}" = Adobe Acrobat 7.0 Elements
"{E68C446D-D95A-4160-AC39-DE7062422985}" = OLYMPUS Master 2
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.5.32
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{E9A46F5F-1E5C-4023-87CF-37787D021931}" = OpenMind
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F04CAFE3-D52F-4EFC-A1E8-316BD4C525D6}" = NTI Shadow
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95F178B-56AD-4fab-87F8-FA81E66C7D68}" = Network
"{F996DEB7-4AD7-4F15-84AA-114B8BE45911}" = Polar UpLink Tool
"{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 7.0 Elements" = Adobe Acrobat 7.0 Elements
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AviSplit Classic (Freeware)_is1" = AviSplit Classic Version 1.43
"BatteryWatch" = BatteryWatch
"BBC iPlayer Download Manager" = BBC iPlayer Download Manager
"BlackBerry_{0D048BE8-AE02-4CB5-A428-616B9848E4A7}" = BlackBerry Desktop Software 4.3
"BT Home Hub" = BT Home Hub
"BT Yahoo! Applications" = BT Yahoo! Applications
"Cakewalk Audio FX Pack 1 Demo" = Cakewalk Audio FX Pack 1 Demo
"Cakewalk Audio FX Pack 2 Demo" = Cakewalk Audio FX Pack 2 Demo
"Cakewalk Music Creator 2003" = Cakewalk Music Creator 2003
"Canon ScanGear Toolbox 3.0" = Canon ScanGear Toolbox 3.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Creative Problem Management" = Creative Problem Management
"DreamStation DXi2" = DreamStation DXi2
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Eraser_is1" = Eraser
"ERUNT_is1" = ERUNT 1.1j
"Facebook" = Facebook Desktop
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO Online Registration (English)
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"IrfanView" = IrfanView (remove only)
"Landlords PTM Professional" = Landlords PTM Professional 2007
"Magic Button" = Magic Button
"Magic DVD Ripper_is1" = Magic DVD Ripper V4.2.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"My Club VAIO Media Center Edition_is1" = My Club VAIO MCE 1.0.0
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSSSetup.{795AF20A-51C5-4BAF-9EF5-AA38105C6141}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"ophcrack" = ophcrack 3.1.0
"Picasa 3" = Picasa 3
"PremElem20" = Adobe Premiere Elements 2.0
"PremElem40" = Adobe Premiere Elements 4.0
"ProInst" = Intel® PROSet/Wireless Software
"Property Tax Calculator" = Property Tax Calculator 2007
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer
"SONAR6Producer_is1" = SONAR 6 Producer Edition
"SoundTaxi_is1" = SoundTaxi 1.3.5
"Spyware Doctor" = Spyware Doctor 6.0
"SysInfo" = Creative System Information
"Trend Micro HouseCall 6.6" = HouseCall 6.6
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VideoLAN VLC media player 0.8.5
"WIC" = Windows Imaging Component
"Windows CE Services" = Microsoft ActiveSync 3.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25/04/2009 09:25:40 | Computer Name = CRADV | Source = Application Error | ID = 1000
Description = Faulting application photoshop.exe, version 11.0.0.0, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x0001b21a.

Error - 30/04/2009 12:49:20 | Computer Name = CRADV | Source = Application Hang | ID = 1002
Description = Hanging application Photoshop.exe, version 11.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 30/04/2009 12:53:32 | Computer Name = CRADV | Source = Application Hang | ID = 1001
Description = Fault bucket 495098057.

Error - 04/05/2009 05:52:15 | Computer Name = CRADV | Source = Application Hang | ID = 1002
Description = Hanging application PhotoshopElementsEditor.exe, version 4.0.0.0,
hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 04/05/2009 05:53:40 | Computer Name = CRADV | Source = Application Hang | ID = 1002
Description = Hanging application PhotoshopElementsEditor.exe, version 4.0.0.0,
hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 08/05/2009 09:11:51 | Computer Name = CRADV | Source = Google Update | ID = 20
Description =

Error - 09/05/2009 11:43:32 | Computer Name = CRADV | Source = MsiInstaller | ID = 11500
Description = Product: Sibelius Scorch (all browsers) -- Error 1500. Another installation
is in progress. You must complete that installation before continuing this one.

Error - 09/05/2009 12:53:32 | Computer Name = CRADV | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x03944680.

Error - 09/05/2009 13:01:18 | Computer Name = CRADV | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3399, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2009 13:02:57 | Computer Name = CRADV | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3399, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 09/05/2009 04:03:28 | Computer Name = CRADV | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 09/05/2009 04:05:19 | Computer Name = CRADV | Source = Service Control Manager | ID = 7024
Description = The Routing and Remote Access service terminated with service-specific
error 2147483720 (0x80000048).

Error - 09/05/2009 06:51:56 | Computer Name = CRADV | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 09/05/2009 06:54:40 | Computer Name = CRADV | Source = Service Control Manager | ID = 7024
Description = The Routing and Remote Access service terminated with service-specific
error 2147483720 (0x80000048).

Error - 09/05/2009 10:54:26 | Computer Name = CRADV | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 09/05/2009 10:54:26 | Computer Name = CRADV | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SI3132

Error - 09/05/2009 10:57:45 | Computer Name = CRADV | Source = Service Control Manager | ID = 7024
Description = The Routing and Remote Access service terminated with service-specific
error 2147483720 (0x80000048).

Error - 09/05/2009 12:02:04 | Computer Name = CRADV | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 09/05/2009 12:15:15 | Computer Name = CRADV | Source = System Error | ID = 1003
Description = Error code 10000050, parameter1 e6c0e000, parameter2 00000000, parameter3
86f693de, parameter4 00000001.

Error - 09/05/2009 12:57:08 | Computer Name = CRADV | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the RemoteAccess service.


< End of report >

Look forward to your response!

fac3plant
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP