Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange Popups/Trojan/Redirected Google Links?


  • This topic is locked This topic is locked
25 replies to this topic

#1 Asada

Asada

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 10 February 2009 - 05:31 PM

To start off this started a few weeks ago but now its a pain. Most google links are now sending me to strange random sites (some porn). Also i'm getting random pop ups that are also random/some porn. My virus scanner (AVG AntiVirus 8.0) deteced a HUGE number of trojans which i had put into the virus vault but they keep coming back more then the last time.One last thing starting today i keep getting a blue screen when i start my computer i can't read what it says cause it passes by to fast. After that i i started in safe mode did system restore which fixed problem but i still have the pop ups , Trojans , and such. I'm sorry i cannot post all the Trojan names theres simple to many of them but they all have Generic or Backdoor in there name? I don't know if this is related but when i finish scanning my computer with AVG it says a driver is hidden by a rootkit or this-
"C:\WINDOWS\System32\Drivers\acxz0ooc.SYS";"Hidden driver";"Object is hidden"
Whenever i try to remove it, it says its been healed and i restart my computer do scan again and its back.

DDS REPORT


DDS (Ver_09-02-01.01) - NTFSx86
Run by Asad at 17:08:12.08 on Tue 02/10/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.237 [GMT -5:00]

AV: AVG Anti-Virus *On-access scanning enabled* (Updated)
FW: ZoneAlarm Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Documents and Settings\Asad\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.sony.com/vaiopeople
uInternet Connection Wizard,ShellNext = hxxp://update.spysubtract.com/tmuninstall.php?220=
uURLSearchHooks: AOLSearchHook Class: {54eb34ea-e6be-4cfd-9f4f-c4a0c2eafa22} - c:\program files\aol\aol search enhancement\AOLSearch.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar1.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AOLSearchHook Class: {54eb34ea-e6be-4cfd-9f4f-c4a0c2eafa22} - c:\program files\aol\aol search enhancement\AOLSearch.dll
BHO: {73b3e088-9a00-7858-40d4-b9b9ec343375}: {573343ce-9b9b-4d04-8587-00a9880e3b37} - c:\windows\system32\fudrsj.dll
{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {b0a3fb07-b465-4bb0-beb2-3d33719a1762} - c:\windows\system32\jKaWQhHy.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar1.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [BitTorrent] "c:\program files\bittorrent\bittorrent.exe"
mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe
mRun: [SonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"
mRun: [VAIO Update 2] "c:\program files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Switcher.exe] c:\program files\sony\wireless switch setting utility\Switcher.exe
mRun: [<NO NAME>]
mRun: [VAIOSurvey] c:\program files\sony\vaio survey\surveysa.exe
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [PartSeal] c:\windows\sonysys\vaio recovery\PartSeal.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [PC Pitstop Optimize Reminder] c:\program files\pcpitstop\optimize2\Reminder.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Transfer by Image Converter 2 Plus - c:\program files\sony\image converter 2\menu.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
Trusted Zone: trymedia.com
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230924796245
DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} - hxxp://www.acclaim.com/cabs/acclaim_v4.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230928914780
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
Notify: iiFYpmLC - iiFYpmLC.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: fudrsj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}
LSA: Authentication Packages = msv1_0 c:\windows\system32\jKaWQhHy

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\asad\applic~1\mozilla\firefox\profiles\uemx8kla.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-2-2 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-2 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-2 27656]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-2 107272]
S0 ewfhcnpk;ewfhcnpk;c:\windows\system32\drivers\fbelbjpl.sys --> c:\windows\system32\drivers\fbelbjpl.sys [?]

=============== Created Last 30 ================

2009-02-10 16:41 13,952 a------- c:\windows\system32\eohoymav.dll
2009-02-10 16:36 126,464 a------- c:\windows\system32\fudrsj.dll
2009-02-10 16:36 126,464 a------- c:\windows\system32\ifsgvtnu.dll
2009-02-09 23:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PCPitstop
2009-02-09 23:23 <DIR> --d----- c:\program files\PCPitstop
2009-02-07 15:34 <DIR> --d----- c:\docume~1\asad\applic~1\uTorrent
2009-02-07 15:14 <DIR> --d----- c:\program files\PFConfig
2009-02-06 23:50 44,045 a--sh--- c:\windows\system32\yHhQWaKj.ini2
2009-02-06 23:50 44,045 a--sh--- c:\windows\system32\yHhQWaKj.ini
2009-02-06 23:50 302,080 a------- c:\windows\system32\jKaWQhHy.dll
2009-02-06 23:45 13,038 a------- c:\windows\system32\geBqRHYq.dll
2009-02-06 23:29 <DIR> --d----- c:\docume~1\asad\applic~1\Windows Search
2009-02-06 21:27 <DIR> --d----- c:\program files\SystemRequirementsLab
2009-02-05 21:43 22,328 a------- c:\docume~1\asad\applic~1\PnkBstrK.sys
2009-02-05 21:14 319 a------- c:\windows\game.ini
2009-02-05 20:58 <DIR> --dsh--- c:\windows\ftpcache
2009-02-04 18:31 <DIR> --d----- c:\windows\system32\XPSViewer
2009-02-04 18:30 575,488 a------- c:\windows\system32\xpsshhdr.dll
2009-02-04 18:30 117,760 a------- c:\windows\system32\prntvpt.dll
2009-02-04 18:30 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-02-04 18:30 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll
2009-02-04 18:30 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-02-04 18:30 1,676,288 a------- c:\windows\system32\xpssvcs.dll
2009-02-04 18:30 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll
2009-02-04 18:30 <DIR> --d----- C:\ab84a2a94cbd2ce2d52d3765
2009-02-04 18:30 <DIR> --d----- c:\windows\SxsCaPendDel
2009-02-04 18:23 <DIR> --d----- c:\docume~1\asad\applic~1\Windows Desktop Search
2009-02-04 18:23 <DIR> --d----- c:\program files\Windows Desktop Search
2009-02-04 18:03 647,766 a------- c:\windows\system32\ms98.cab
2009-02-04 18:03 18,902 a------- c:\windows\system32\phidmou.inf
2009-02-04 18:03 13,558 a------- c:\windows\system32\ms99.cat
2009-02-04 16:57 <DIR> --d----- c:\program files\CCleaner
2009-02-02 18:21 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-02-02 18:10 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-02 18:10 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-02-02 18:10 12,552 a------- c:\windows\system32\drivers\avgrkx86.sys
2009-02-02 18:10 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-02 18:10 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-02-02 18:09 <DIR> --d----- c:\program files\AVG
2009-02-02 18:09 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-02-02 17:14 73,728 a------- c:\windows\system32\javacpl.cpl
2009-02-02 17:02 <DIR> --d----- c:\documents and settings\asad\.SunDownloadManager
2009-01-31 16:23 <DIR> --d----- c:\docume~1\asad\applic~1\Mount&Blade
2009-01-31 16:21 <DIR> --d----- c:\program files\Mount&Blade
2009-01-31 14:28 361,600 a------- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-01-30 22:41 <DIR> --d-h--- C:\TEMP
2009-01-30 17:08 <DIR> --d----- c:\program files\common files\SWFEXE
2009-01-30 17:08 <DIR> --d----- c:\program files\ApecSoft
2009-01-29 16:52 64,512 ac------ c:\windows\system32\dllcache\ehtray.exe
2009-01-29 14:50 250 a------- c:\windows\gmer.ini
2009-01-28 23:03 <DIR> --d----- c:\windows\pss
2009-01-28 22:43 4,096 a------- c:\windows\d3dx.dat
2009-01-28 22:43 <DIR> --d----- c:\program files\Harpooned
2009-01-27 15:59 <DIR> --d----- c:\program files\Lionhead Studios
2009-01-26 22:52 272 a------- c:\windows\maketorrent.ini
2009-01-26 22:52 <DIR> --d----- c:\program files\Maketorrent 2
2009-01-26 16:03 <DIR> --d----- c:\program files\LucasArts
2009-01-26 16:02 <DIR> --d----- c:\docume~1\asad\applic~1\Xfire
2009-01-26 16:02 <DIR> --ds---- c:\program files\Xfire
2009-01-22 20:38 <DIR> --d----- c:\program files\MSECache
2009-01-20 16:44 230 a------- c:\windows\GTA-SA_Trn_Keys.gtk
2009-01-20 16:40 917 a------- c:\windows\GTA-SA_Trn_Settings.ini
2009-01-20 16:35 <DIR> --d----- c:\windows\San Andreas Mod Installer
2009-01-20 16:30 22,528 a------- c:\windows\system32\drivers\nhcDriver.sys
2009-01-20 16:30 <DIR> --d----- c:\program files\Notebook Hardware Control
2009-01-19 01:33 98,304 a------- c:\windows\system32\CmdLineExt.dll
2009-01-19 01:23 <DIR> --d----- c:\program files\Rockstar Games
2009-01-17 22:16 <DIR> --d----- c:\windows\system32\appmgmt
2009-01-17 16:17 <DIR> --d----- C:\Spiele
2009-01-17 14:57 <DIR> --d----- c:\program files\AskBarDis
2009-01-15 19:17 <DIR> --d----- c:\documents and settings\asad\.housecall6.6
2009-01-11 23:23 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Age of Empires 3
2009-01-11 22:51 <DIR> --d----- c:\program files\Microsoft Games

==================== Find3M ====================

2009-02-10 16:34 98,304 a------- c:\windows\DUMPb3bf.tmp
2009-02-05 22:08 22,328 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-02-05 22:08 103,736 a------- c:\windows\system32\PnkBstrB.exe
2009-02-05 22:08 66,872 a------- c:\windows\system32\PnkBstrA.exe
2009-02-02 17:14 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-31 14:32 361,600 a------- c:\windows\system32\drivers\TCPIP.SYS
2009-01-07 20:28 717,296 a------- c:\windows\system32\drivers\sptd.sys
2009-01-02 17:38 4,212 a---h--- c:\windows\system32\zllictbl.dat
2009-01-02 16:02 86,811 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-02 14:13 0 a---hr-- c:\windows\system32\drivers\Sony_VGN-FE770G.mrk
2009-01-02 14:02 10,344 a------- c:\windows\system32\drivers\symlcbrd.sys
2008-11-13 15:18 1,221,008 a------- c:\windows\system32\zpeng25.dll

============= FINISH: 17:12:12.90 ===============

Attached Files


Edited by Asada, 10 February 2009 - 05:46 PM.


BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:40 PM

Posted 11 February 2009 - 06:48 AM

Please download Malwarebytes' Anti-Malware from HERE or HERE

Note: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.




NEXT


Please download RSIT by random/random and save it to your Desktop.
  • Double click on RSIT.exe to run RSIT
  • Before you click "Continue", make sure you change the List files/folders created or modified in the last 3 months
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.



NEXT


Please download GMER and unzip it to your Desktop.
  • Open the program and click on the Rootkit tab.
  • Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
  • Click on Scan.
  • When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.


Post me these logs in your next reply.. Post each log in separate post..

1. Malwarebytes'
2. RSIT log.txt
3. RSIT info.txt
4. Attach GMER result..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 Asada

Asada
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 11 February 2009 - 08:03 AM

ok i'll try that and post the results once i get them (could take awhile since i have school)

#4 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:40 PM

Posted 11 February 2009 - 09:03 AM

Ok.. will wait for you :thumbup2:

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#5 Asada

Asada
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 11 February 2009 - 06:00 PM

Malwarebytes' Anti-Malware 1.34
Database version: 1750
Windows 5.1.2600 Service Pack 3

2/11/2009 5:39:47 PM
mbam-log-2009-02-11 (17-39-47).txt

Scan type: Full Scan (C:\|)
Objects scanned: 149936
Time elapsed: 48 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 15
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 10

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\jKaWQhHy.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\dmixevtd.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pphrwy.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ac1d8c8-79b8-48fa-9447-fc11a711d7af} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{1ac1d8c8-79b8-48fa-9447-fc11a711d7af} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3444a2b-6857-45bd-a12b-bb954fb7707c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3444a2b-6857-45bd-a12b-bb954fb7707c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ac1d8c8-79b8-48fa-9447-fc11a711d7af} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c3444a2b-6857-45bd-a12b-bb954fb7707c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\jkawqhhy -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\jkawqhhy -> Delete on reboot.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\jKaWQhHy.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yHhQWaKj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yHhQWaKj.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphrwy.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\dmixevtd.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Documents and Settings\Asad\Local Settings\Temporary Internet Files\Content.IE5\4ATSY2QO\index[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Asad\Local Settings\Temporary Internet Files\Content.IE5\AF73EJMN\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBqRHYq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\efpnebea.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eohoymav.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

#6 Asada

Asada
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 11 February 2009 - 06:01 PM

Logfile of random's system information tool 1.05 (written by random/random)
Run by Asad at 2009-02-11 16:51:11
Microsoft Windows XP Professional Service Pack 3
System drive C: has 54 GB (50%) free of 107 GB
Total RAM: 1014 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:51:28 PM, on 2/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\DOCUME~1\Asad\LOCALS~1\Temp\Rar$EX00.375\gmer.exe
C:\Documents and Settings\Asad\Desktop\RSIT.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\Asad.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.spysubtract.com/tmuninstall.php?220=
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1AC1D8C8-79B8-48FA-9447-FC11A711D7AF} - C:\WINDOWS\system32\jKaWQhHy.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: {c7077bf4-59bb-b21a-db54-7586b2a4443c} - {c3444a2b-6857-45bd-a12b-bb954fb7707c} - C:\WINDOWS\system32\pphrwy.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIOSurvey] c:\program files\sony\vaio survey\surveysa.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [PC Pitstop Optimize Reminder] C:\Program Files\PCPitstop\Optimize2\Reminder.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1230924796245
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1230928914780
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: pphrwy.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: iiFYpmLC - iiFYpmLC.dll (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 12445 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1AC1D8C8-79B8-48FA-9447-FC11A711D7AF}]
C:\WINDOWS\system32\jKaWQhHy.dll [2009-02-06 302080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar1.dll [2008-11-06 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-02-02 1078552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22}]
AOLSearchHook Class - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll [2005-10-14 102400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-02 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3444a2b-6857-45bd-a12b-bb954fb7707c}]
C:\WINDOWS\system32\pphrwy.dll [2009-02-11 125440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-02 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-02 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar1.dll [2008-11-06 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VAIO Recovery"=C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe [2003-04-19 28672]
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2006-06-27 217088]
"VAIO Update 2"=C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe [2005-10-11 151552]
"Mouse Suite 98 Daemon"=C:\WINDOWS\system32\ICO.EXE [2002-03-14 45056]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-05-08 7561216]
"Switcher.exe"=C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2006-02-14 176128]
""= []
"VAIOSurvey"=c:\program files\sony\vaio survey\surveysa.exe [2005-06-13 258048]
"VAIOCameraUtility"=C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe [2005-12-27 69632]
"PartSeal"=C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe [2003-04-19 28672]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-11-13 981904]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-02-02 1601304]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2004-11-17 118784]
"PC Pitstop Optimize Reminder"=C:\Program Files\PCPitstop\Optimize2\Reminder.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2008-10-21 50472]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"BitTorrent"=C:\Program Files\BitTorrent\bittorrent.exe [2009-01-29 637232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
C:\Program Files\AIM6\aim6.exe [2008-10-21 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DISCover]
C:\Program Files\DISC\DISCover.exe [2006-06-01 1077248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]
C:\Program Files\Napster\napster.exe [2006-06-29 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-01 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Asad^Start Menu^Programs^Startup^ChkDisk.dll]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Asad^Start Menu^Programs^Startup^ChkDisk.lnk]
C:\DOCUME~1\Asad\STARTM~1\Programs\Startup\ChkDisk.dll []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="pphrwy.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-02-02 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iiFYpmLC]
iiFYpmLC.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\WINDOWS\system32\VESWinlogon.dll [2006-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\jKaWQhHy

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=8

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DISC\DISCover.exe"="C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System"
"C:\Program Files\DISC\DiscStreamHub.exe"="C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub"
"C:\Program Files\DISC\myFTP.exe"="C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 3 months======

2009-02-11 16:51:11 ----D---- C:\rsit
2009-02-11 16:44:10 ----D---- C:\Documents and Settings\Asad\Application Data\Malwarebytes
2009-02-11 16:43:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-11 16:43:57 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-11 16:40:43 ----A---- C:\WINDOWS\system32\efpnebea.dll
2009-02-11 16:37:53 ----A---- C:\WINDOWS\system32\pphrwy.dll
2009-02-11 16:37:43 ----A---- C:\WINDOWS\system32\dmixevtd.dll
2009-02-10 16:41:45 ----A---- C:\WINDOWS\system32\eohoymav.dll
2009-02-10 16:36:31 ----A---- C:\WINDOWS\system32\fudrsj.dll
2009-02-10 16:36:30 ----A---- C:\WINDOWS\system32\ifsgvtnu.dll
2009-02-10 16:35:17 ----D---- C:\WINDOWS\CSC
2009-02-10 16:34:58 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-09 23:24:59 ----D---- C:\Documents and Settings\All Users\Application Data\PCPitstop
2009-02-09 23:23:57 ----D---- C:\Program Files\PCPitstop
2009-02-07 15:34:37 ----D---- C:\Documents and Settings\Asad\Application Data\uTorrent
2009-02-07 15:14:25 ----D---- C:\Program Files\PFConfig
2009-02-06 23:51:31 ----A---- C:\WINDOWS\system32\ef31166f-.txt
2009-02-06 23:50:49 ----ASH---- C:\WINDOWS\system32\yHhQWaKj.ini2
2009-02-06 23:50:48 ----ASH---- C:\WINDOWS\system32\yHhQWaKj.ini
2009-02-06 23:50:33 ----A---- C:\WINDOWS\system32\jKaWQhHy.dll
2009-02-06 23:45:29 ----A---- C:\WINDOWS\system32\geBqRHYq.dll
2009-02-06 23:29:05 ----D---- C:\Documents and Settings\Asad\Application Data\Windows Search
2009-02-06 21:27:02 ----D---- C:\Program Files\SystemRequirementsLab
2009-02-06 21:26:55 ----D---- C:\Documents and Settings\Asad\Application Data\SystemRequirementsLab
2009-02-05 21:14:31 ----A---- C:\WINDOWS\game.ini
2009-02-05 20:58:03 ----SHD---- C:\WINDOWS\ftpcache
2009-02-04 18:31:34 ----D---- C:\WINDOWS\system32\XPSViewer
2009-02-04 18:31:30 ----D---- C:\Program Files\MSBuild
2009-02-04 18:31:24 ----D---- C:\Program Files\Reference Assemblies
2009-02-04 18:30:47 ----A---- C:\WINDOWS\system32\xpsshhdr.dll
2009-02-04 18:30:47 ----A---- C:\WINDOWS\system32\prntvpt.dll
2009-02-04 18:30:46 ----A---- C:\WINDOWS\system32\xpssvcs.dll
2009-02-04 18:30:45 ----D---- C:\ab84a2a94cbd2ce2d52d3765
2009-02-04 18:30:16 ----D---- C:\WINDOWS\SxsCaPendDel
2009-02-04 18:24:11 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2009-02-04 18:24:06 ----D---- C:\Program Files\Microsoft Silverlight
2009-02-04 18:23:49 ----D---- C:\Documents and Settings\Asad\Application Data\Windows Desktop Search
2009-02-04 18:23:22 ----D---- C:\Program Files\Windows Desktop Search
2009-02-04 18:23:05 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-02-04 18:22:54 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-02-04 18:22:11 ----A---- C:\WINDOWS\imsins.BAK
2009-02-04 18:22:00 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-02-04 18:03:47 ----A---- C:\WINDOWS\Model.txt
2009-02-04 16:57:06 ----D---- C:\Program Files\CCleaner
2009-02-04 16:56:41 ----D---- C:\Program Files\Recuva
2009-02-02 18:21:35 ----HD---- C:\$AVG8.VAULT$
2009-02-02 18:10:09 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-02-02 18:09:53 ----D---- C:\Program Files\AVG
2009-02-02 18:09:52 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-02-02 17:14:57 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-02 17:14:57 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-02 17:14:57 ----A---- C:\WINDOWS\system32\java.exe
2009-01-31 16:23:22 ----D---- C:\Documents and Settings\Asad\Application Data\Mount&Blade
2009-01-31 16:21:44 ----D---- C:\Program Files\Mount&Blade
2009-01-30 22:41:11 ----HD---- C:\TEMP
2009-01-30 17:08:50 ----D---- C:\Program Files\Common Files\SWFEXE
2009-01-30 17:08:49 ----D---- C:\Program Files\ApecSoft
2009-01-29 14:50:29 ----A---- C:\WINDOWS\gmer.ini
2009-01-29 14:50:26 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2009-01-29 14:50:26 ----A---- C:\WINDOWS\gmer.exe
2009-01-29 14:50:26 ----A---- C:\WINDOWS\gmer.dll
2009-01-28 23:03:04 ----D---- C:\WINDOWS\pss
2009-01-28 22:43:32 ----D---- C:\Program Files\Harpooned
2009-01-27 15:59:28 ----D---- C:\Program Files\Lionhead Studios
2009-01-26 22:52:21 ----A---- C:\WINDOWS\maketorrent.ini
2009-01-26 22:52:06 ----D---- C:\Program Files\Maketorrent 2
2009-01-26 16:03:09 ----D---- C:\Program Files\LucasArts
2009-01-26 16:02:30 ----D---- C:\Documents and Settings\Asad\Application Data\Xfire
2009-01-26 16:02:29 ----SD---- C:\Program Files\Xfire
2009-01-22 20:38:50 ----D---- C:\Program Files\MSECache
2009-01-20 16:40:09 ----A---- C:\WINDOWS\GTA-SA_Trn_Settings.ini
2009-01-20 16:35:49 ----D---- C:\WINDOWS\San Andreas Mod Installer
2009-01-20 16:30:00 ----D---- C:\Program Files\Notebook Hardware Control
2009-01-19 14:04:27 ----D---- C:\WINDOWS\Minidump
2009-01-19 01:33:19 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-01-19 01:23:37 ----D---- C:\Program Files\Rockstar Games
2009-01-17 22:16:29 ----D---- C:\WINDOWS\system32\appmgmt
2009-01-17 16:17:25 ----D---- C:\Spiele
2009-01-17 15:02:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-17 15:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-17 14:57:28 ----D---- C:\Program Files\AskBarDis
2009-01-11 23:23:07 ----D---- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
2009-01-11 23:10:07 ----D---- C:\Documents and Settings\Asad\Application Data\Sonic
2009-01-11 23:09:59 ----D---- C:\Documents and Settings\Asad\Application Data\Leadertech
2009-01-11 22:58:28 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-01-11 22:51:02 ----D---- C:\Program Files\Microsoft Games
2009-01-11 22:27:00 ----D---- C:\Documents and Settings\Asad\Application Data\WinRAR
2009-01-11 22:25:32 ----D---- C:\Program Files\WinRAR
2009-01-09 22:09:07 ----D---- C:\Documents and Settings\All Users\Application Data\SonicStage
2009-01-09 18:34:26 ----D---- C:\Documents and Settings\Asad\Application Data\Viewpoint
2009-01-09 17:04:06 ----A---- C:\WINDOWS\sierra.ini
2009-01-09 16:54:04 ----A---- C:\WINDOWS\PingTool.INI
2009-01-08 19:45:52 ----D---- C:\SAVE
2009-01-08 19:38:07 ----D---- C:\Sierra
2009-01-08 19:37:15 ----D---- C:\Documents and Settings\Asad\Application Data\DAEMON Tools Pro
2009-01-08 19:37:15 ----D---- C:\Documents and Settings\Asad\Application Data\DAEMON Tools
2009-01-08 19:36:25 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-01-08 19:36:21 ----D---- C:\Program Files\DAEMON Tools Lite
2009-01-08 18:41:26 ----D---- C:\Program Files\Common Files\L&H
2009-01-08 18:40:11 ----D---- C:\Program Files\Microsoft Visual Studio
2009-01-07 20:27:58 ----D---- C:\Documents and Settings\Asad\Application Data\DAEMON Tools Lite
2009-01-04 21:02:26 ----D---- C:\Documents and Settings\Asad\Application Data\AdobeUM
2009-01-04 21:02:06 ----D---- C:\Program Files\Savage 2 - A Tortured Soul
2009-01-04 16:46:48 ----A---- C:\WINDOWS\system32\d3dx9.dll
2009-01-04 16:46:48 ----A---- C:\WINDOWS\system32\D3DX81ab.dll
2009-01-04 16:46:47 ----D---- C:\Program Files\Cheat Engine
2009-01-04 16:27:04 ----D---- C:\Program Files\Acclaim
2009-01-04 13:29:33 ----D---- C:\games
2009-01-03 22:42:54 ----A---- C:\WINDOWS\NSGSLampPost.INI
2009-01-03 22:27:38 ----D---- C:\Program Files\Truck Dismount
2009-01-03 17:59:03 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-01-03 17:58:58 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2009-01-03 17:11:52 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
2009-01-03 13:49:46 ----HD---- C:\WINDOWS\PIF
2009-01-03 13:44:55 ----D---- C:\Documents and Settings\Asad\Application Data\QQ Games Plugin
2009-01-03 13:20:54 ----D---- C:\Documents and Settings\Asad\Application Data\acccore
2009-01-03 13:17:53 ----D---- C:\Documents and Settings\Asad\Application Data\Tencent
2009-01-03 13:17:53 ----D---- C:\Documents and Settings\Asad\Application Data\QQ Games
2009-01-03 13:17:46 ----D---- C:\Program Files\Tencent
2009-01-03 13:14:19 ----D---- C:\Program Files\AIMTunes
2009-01-03 13:13:09 ----D---- C:\Documents and Settings\All Users\Application Data\AOL Downloads
2009-01-03 13:13:05 ----A---- C:\WINDOWS\atid.ini
2009-01-03 13:12:05 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-01-03 13:12:04 ----D---- C:\Program Files\Viewpoint
2009-01-03 13:12:04 ----D---- C:\Documents and Settings\All Users\Application Data\acccore
2009-01-03 13:11:57 ----D---- C:\Documents and Settings\All Users\Application Data\AOL OCP
2009-01-03 13:11:22 ----D---- C:\Program Files\AIM6
2009-01-02 23:35:02 ----D---- C:\Program Files\Common Files\INCA Shared
2009-01-02 23:04:09 ----D---- C:\Program Files\9Dragons
2009-01-02 19:46:25 ----D---- C:\Documents and Settings\Asad\Application Data\BitTorrent
2009-01-02 19:46:16 ----D---- C:\Program Files\DNA
2009-01-02 19:46:16 ----D---- C:\Program Files\BitTorrent
2009-01-02 19:46:16 ----D---- C:\Documents and Settings\Asad\Application Data\DNA
2009-01-02 18:49:11 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-01-02 18:49:10 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-01-02 17:52:56 ----D---- C:\Program Files\Unlocker
2009-01-02 17:47:23 ----D---- C:\Documents and Settings\All Users\Application Data\PMB Files
2009-01-02 17:46:12 ----D---- C:\Program Files\Pando Networks
2009-01-02 17:38:31 ----A---- C:\WINDOWS\system32\vsregexp.dll
2009-01-02 17:38:30 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2009-01-02 17:38:30 ----A---- C:\WINDOWS\system32\zlcomm.dll
2009-01-02 17:38:27 ----A---- C:\WINDOWS\system32\zpeng25.dll
2009-01-02 17:38:27 ----A---- C:\WINDOWS\system32\vswmi.dll
2009-01-02 17:38:26 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-01-02 17:38:26 ----D---- C:\Program Files\Zone Labs
2009-01-02 17:38:26 ----A---- C:\WINDOWS\system32\vsxml.dll
2009-01-02 17:38:26 ----A---- C:\WINDOWS\system32\vspubapi.dll
2009-01-02 17:38:26 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2009-01-02 17:37:50 ----A---- C:\WINDOWS\system32\vsutil.dll
2009-01-02 17:37:50 ----A---- C:\WINDOWS\system32\vsinit.dll
2009-01-02 17:37:50 ----A---- C:\WINDOWS\system32\vsdata.dll
2009-01-02 17:27:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-02 17:27:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-02 17:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-02 17:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-02 17:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-02 17:26:34 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-01-02 17:26:31 ----D---- C:\Program Files\MSXML 4.0
2009-01-02 17:26:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-02 17:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-02 17:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-02 17:26:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-02 17:25:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-02 17:25:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-02 17:25:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-02 17:22:50 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-02 17:21:50 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-02 17:21:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-02 17:21:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-02 17:21:32 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-02 17:21:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-02 17:21:17 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2009-01-02 17:20:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-01-02 17:19:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-01-02 17:16:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-01-02 17:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-01-02 17:15:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-01-02 17:12:48 ----D---- C:\WINDOWS\ie7updates
2009-01-02 17:12:10 ----D---- C:\WINDOWS\WBEM
2009-01-02 17:10:38 ----HDC---- C:\WINDOWS\ie7
2009-01-02 17:10:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-01-02 17:10:11 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-01-02 17:08:31 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-02 17:05:00 ----HD---- C:\WINDOWS\system32\GroupPolicy
2009-01-02 17:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-01-02 17:01:52 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-01-02 16:06:18 ----D---- C:\WINDOWS\Prefetch
2009-01-02 16:05:50 ----A---- C:\WINDOWS\DUMPb3bf.tmp
2009-01-02 15:59:16 ----D---- C:\WINDOWS\system32\en-us
2009-01-02 15:59:15 ----D---- C:\WINDOWS\system32\scripting
2009-01-02 15:59:13 ----D---- C:\WINDOWS\l2schemas
2009-01-02 15:59:13 ----D---- C:\Program Files\msn
2009-01-02 15:59:12 ----D---- C:\WINDOWS\system32\en
2009-01-02 15:59:12 ----D---- C:\WINDOWS\system32\bits
2009-01-02 15:56:08 ----D---- C:\WINDOWS\ServicePackFiles
2009-01-02 15:52:52 ----D---- C:\WINDOWS\network diagnostic
2009-01-02 15:48:47 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-01-02 15:48:30 ----D---- C:\Program Files\Microsoft Office
2009-01-02 15:47:15 ----D---- C:\Program Files\Microsoft Works
2009-01-02 15:47:02 ----D---- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
2009-01-02 15:47:01 ----D---- C:\Program Files\DISC
2009-01-02 15:44:31 ----D---- C:\Program Files\Trend Micro
2009-01-02 15:44:31 ----A---- C:\WINDOWS\system32\tmmute.ini
2009-01-02 15:44:04 ----A---- C:\WINDOWS\system32\SonyAIwo.dll
2009-01-02 15:44:04 ----A---- C:\WINDOWS\system32\SonyAIwd.dll
2009-01-02 15:44:04 ----A---- C:\WINDOWS\system32\SonyAIds.dll
2009-01-02 15:42:19 ----A---- C:\WINDOWS\system32\CDDBUISony.dll
2009-01-02 15:42:19 ----A---- C:\WINDOWS\system32\CddbPlaylist2Sony.dll
2009-01-02 15:42:19 ----A---- C:\WINDOWS\system32\CddbMusicIDSony.dll
2009-01-02 15:42:19 ----A---- C:\WINDOWS\system32\CddbLinkSony.dll
2009-01-02 15:42:19 ----A---- C:\WINDOWS\system32\CDDBControlSony.dll
2009-01-02 15:35:41 ----D---- C:\WINDOWS\Temp
2009-01-02 15:20:22 ----D---- C:\WINDOWS\Internet Logs
2009-01-02 15:11:59 ----D---- C:\Program Files\a-squared Free
2009-01-02 15:06:31 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-01-02 15:06:20 ----D---- C:\Intel
2009-01-02 14:59:08 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-01-02 14:57:14 ----A---- C:\WINDOWS\system32\difxapi.dll
2009-01-02 14:48:06 ----D---- C:\WINDOWS\system32\LogFiles
2009-01-02 14:44:41 ----D---- C:\Program Files\Uniblue
2009-01-02 14:44:41 ----D---- C:\Documents and Settings\Asad\Application Data\Uniblue
2009-01-02 14:44:41 ----D---- C:\Documents and Settings\All Users\Application Data\DriverScanner
2009-01-02 14:43:20 ----D---- C:\Documents and Settings\Asad\Application Data\Adobe
2009-01-02 14:42:12 ----HDC---- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-01-02 14:40:27 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-01-02 14:40:27 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-01-02 14:40:27 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-01-02 14:40:27 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-01-02 14:40:27 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-01-02 14:40:27 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-01-02 14:40:26 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-01-02 14:40:26 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-01-02 14:40:26 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-01-02 14:40:26 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-01-02 14:40:26 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-01-02 14:40:26 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-01-02 14:40:25 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-01-02 14:40:25 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-01-02 14:40:25 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-01-02 14:40:25 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-01-02 14:40:25 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-01-02 14:40:24 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-01-02 14:40:24 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-01-02 14:40:24 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-01-02 14:40:24 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-01-02 14:40:23 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-01-02 14:40:23 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-01-02 14:40:23 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-01-02 14:40:23 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-01-02 14:40:23 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-01-02 14:40:22 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-01-02 14:40:22 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-01-02 14:40:22 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-01-02 14:40:22 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-01-02 14:40:21 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-01-02 14:40:21 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-01-02 14:40:21 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-01-02 14:40:21 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-01-02 14:40:21 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-02 14:40:21 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-02 14:40:21 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-01-02 14:40:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-01-02 14:40:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-01-02 14:40:20 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-01-02 14:40:20 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-01-02 14:40:20 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-01-02 14:40:20 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-01-02 14:40:19 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-01-02 14:40:19 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-01-02 14:40:18 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-01-02 14:40:18 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-01-02 14:40:18 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-01-02 14:40:18 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-01-02 14:40:18 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-01-02 14:40:18 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-01-02 14:40:17 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-01-02 14:40:17 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-01-02 14:40:17 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-01-02 14:40:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-01-02 14:40:14 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-01-02 14:40:14 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-01-02 14:40:14 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-01-02 14:40:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-01-02 14:40:13 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-01-02 14:40:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-01-02 14:40:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-01-02 14:40:11 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-01-02 14:40:10 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-01-02 14:40:09 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-01-02 14:38:10 ----D---- C:\WINDOWS\system32\PreInstall
2009-01-02 14:38:09 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-01-02 14:34:24 ----A---- C:\WINDOWS\system32\wups2.dll
2009-01-02 14:34:23 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-01-02 14:34:23 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-01-02 14:34:23 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-01-02 14:34:23 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-01-02 14:32:00 ----D---- C:\Documents and Settings\Asad\Application Data\Macromedia
2009-01-02 14:30:33 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-02 14:29:20 ----HD---- C:\WINDOWS\msdownld.tmp
2009-01-02 14:29:16 ----D---- C:\WINDOWS\Logs
2009-01-02 14:28:45 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-01-02 14:26:55 ----D---- C:\WINDOWS\Sun
2009-01-02 14:26:55 ----D---- C:\Documents and Settings\Asad\Application Data\Sun
2009-01-02 14:22:45 ----D---- C:\Documents and Settings\Asad\Application Data\Mozilla
2009-01-02 14:22:39 ----D---- C:\Program Files\Mozilla Firefox
2009-01-02 14:18:19 ----A---- C:\WINDOWS\system32\LuResult.txt
2009-01-02 14:13:43 ----D---- C:\Documents and Settings\Asad\Application Data\Intuit
2009-01-02 14:13:43 ----D---- C:\Documents and Settings\Asad\Application Data\Identities
2009-01-02 14:13:43 ----ASH---- C:\Documents and Settings\Asad\Application Data\desktop.ini
2009-01-02 14:13:42 ----SD---- C:\Documents and Settings\Asad\Application Data\Microsoft
2009-01-02 14:13:42 ----D---- C:\Documents and Settings\Asad\Application Data\Sony Corporation
2009-01-02 14:05:14 ----D---- C:\Program Files\Common Files\InterVideo
2009-01-02 14:05:14 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2009-01-02 14:05:14 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2009-01-02 14:05:14 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2009-01-02 14:05:14 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2009-01-02 14:05:14 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2009-01-02 14:05:14 ----A---- C:\WINDOWS\system32\IVIresize.dll
2009-01-02 14:05:10 ----D---- C:\Program Files\InterVideo
2009-01-02 14:03:51 ----D---- C:\Program Files\Microsoft Digital Image 2006
2009-01-02 14:02:57 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2009-01-02 14:02:40 ----D---- C:\Program Files\Common Files\AOL
2009-01-02 14:02:38 ----D---- C:\Program Files\AOL
2009-01-02 13:58:01 ----D---- C:\Program Files\Symantec
2009-01-02 13:58:01 ----A---- C:\WINDOWS\system32\capicom.dll
2009-01-02 13:57:57 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-01-02 13:57:47 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-01-02 13:55:00 ----D---- C:\Documents and Settings\All Users\Application Data\VAIO Media Platform
2009-01-02 13:54:33 ----A---- C:\WINDOWS\system32\iplw7.dll
2009-01-02 13:54:33 ----A---- C:\WINDOWS\system32\iplpx.dll
2009-01-02 13:54:32 ----A---- C:\WINDOWS\system32\iplp6.dll
2009-01-02 13:54:32 ----A---- C:\WINDOWS\system32\iplm6.dll
2009-01-02 13:54:32 ----A---- C:\WINDOWS\system32\iplm5.dll
2009-01-02 13:54:32 ----A---- C:\WINDOWS\system32\ipla6.dll
2009-01-02 13:54:32 ----A---- C:\WINDOWS\system32\ipl.dll
2009-01-02 13:54:32 ----A---- C:\WINDOWS\system32\Cpuinf32.dll
2009-01-02 13:53:49 ----D---- C:\WINDOWS\Downloaded Installations
2009-01-02 13:53:20 ----A---- C:\WINDOWS\system32\cdintf250.dll
2009-01-02 13:53:10 ----D---- C:\Program Files\Common Files\Palo Alto Software
2009-01-02 13:53:01 ----D---- C:\Program Files\Common Files\Intuit
2009-01-02 13:52:58 ----D---- C:\Program Files\Quicken
2009-01-02 13:52:56 ----A---- C:\WINDOWS\QUICKEN.INI
2009-01-02 13:52:54 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit
2009-01-02 13:51:02 ----A---- C:\WINDOWS\ODBC.INI
2009-01-02 13:50:50 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-01-02 13:50:22 ----D---- C:\Program Files\Microsoft ActiveSync
2009-01-02 13:50:19 ----D---- C:\Program Files\Common Files\DESIGNER
2009-01-02 13:50:07 ----D---- C:\WINDOWS\SHELLNEW
2009-01-02 13:49:53 ----D---- C:\Program Files\Microsoft.NET
2009-01-02 13:49:32 ----RHD---- C:\MSOCache

======List of files/folders modified in the last 3 months======

2009-02-11 16:45:17 ----D---- C:\WINDOWS\system32\drivers
2009-02-11 16:43:57 ----RD---- C:\Program Files
2009-02-11 16:40:44 ----D---- C:\WINDOWS\system32
2009-02-11 16:31:35 ----D---- C:\WINDOWS\Registration
2009-02-11 16:30:44 ----D---- C:\WINDOWS
2009-02-11 08:10:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-11 08:10:00 ----A---- C:\WINDOWS\ModemLog_HDAUDIO SoftV92 Data Fax Modem with SmartCP.txt
2009-02-09 23:24:56 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-09 23:18:02 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-08 16:46:55 ----HD---- C:\WINDOWS\inf
2009-02-07 15:14:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-05 22:24:22 ----SHD---- C:\WINDOWS\Installer
2009-02-05 22:22:06 ----D---- C:\WINDOWS\system32\DirectX
2009-02-05 22:09:55 ----RSD---- C:\WINDOWS\assembly
2009-02-05 21:14:16 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-04 18:53:04 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-04 18:36:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-04 18:36:18 ----D---- C:\WINDOWS\WinSxS
2009-02-04 18:31:27 ----RSD---- C:\WINDOWS\Fonts
2009-02-04 18:31:01 ----D---- C:\WINDOWS\system32\spool
2009-02-04 18:27:53 ----D---- C:\Program Files\Internet Explorer
2009-02-04 18:24:13 ----D---- C:\WINDOWS\system32\wbem
2009-02-04 18:23:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-04 18:22:06 ----D---- C:\WINDOWS\ehome
2009-02-04 18:20:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-02-04 17:09:19 ----D---- C:\Program Files\Apoint
2009-02-04 16:58:55 ----D---- C:\WINDOWS\Debug
2009-02-03 18:40:42 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-02 16:53:09 ----A---- C:\WINDOWS\WININIT.INI
2009-02-02 16:26:11 ----RASH---- C:\boot.ini
2009-02-02 16:26:11 ----A---- C:\WINDOWS\win.ini
2009-02-02 16:26:11 ----A---- C:\WINDOWS\system.ini
2009-01-30 17:08:50 ----D---- C:\Program Files\Common Files
2009-01-29 20:02:16 ----D---- C:\WINDOWS\system32\config
2009-01-29 16:07:50 ----D---- C:\WINDOWS\system32\Restore
2009-01-28 23:12:36 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2009-01-22 20:39:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-01-17 15:02:37 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-17 14:53:25 ----D---- C:\Program Files\CONEXANT
2009-01-11 22:59:18 ----D---- C:\WINDOWS\RegisteredPackages
2009-01-08 18:39:52 ----D---- C:\WINDOWS\Help
2009-01-08 18:36:58 ----D---- C:\WINDOWS\system
2009-01-02 17:21:33 ----D---- C:\Program Files\Messenger
2009-01-02 17:12:04 ----D---- C:\WINDOWS\Media
2009-01-02 16:05:49 ----D---- C:\WINDOWS\system32\Setup
2009-01-02 16:05:48 ----D---- C:\WINDOWS\AppPatch
2009-01-02 16:05:09 ----D---- C:\WINDOWS\security
2009-01-02 16:03:46 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-02 15:59:32 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-02 15:59:32 ----D---- C:\WINDOWS\ime
2009-01-02 15:59:16 ----D---- C:\WINDOWS\system32\usmt
2009-01-02 15:59:12 ----D---- C:\WINDOWS\PeerNet
2009-01-02 15:59:12 ----D---- C:\Program Files\Movie Maker
2009-01-02 15:55:55 ----D---- C:\WINDOWS\system32\npp
2009-01-02 15:55:55 ----D---- C:\WINDOWS\mui
2009-01-02 15:55:53 ----D---- C:\WINDOWS\msagent
2009-01-02 15:55:51 ----D---- C:\WINDOWS\srchasst
2009-01-02 15:55:51 ----D---- C:\Program Files\NetMeeting
2009-01-02 15:55:49 ----D---- C:\WINDOWS\system32\Com
2009-01-02 15:55:46 ----D---- C:\Program Files\Windows NT
2009-01-02 15:55:46 ----D---- C:\Program Files\Outlook Express
2009-01-02 15:55:43 ----D---- C:\Program Files\Common Files\System
2009-01-02 15:55:26 ----D---- C:\WINDOWS\system32\oobe
2009-01-02 15:41:17 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-02 15:04:43 ----D---- C:\Program Files\Intel
2009-01-02 14:30:18 ----D---- C:\Program Files\Java
2009-01-02 14:26:38 ----SHD---- C:\RECYCLER
2009-01-02 14:17:51 ----SD---- C:\WINDOWS\Tasks
2009-01-02 14:13:42 ----D---- C:\Documents and Settings
2009-01-02 14:13:21 ----SHD---- C:\System Volume Information
2009-01-02 14:06:44 ----D---- C:\WINDOWS\repair
2009-01-02 14:04:50 ----D---- C:\Program Files\Sony
2009-01-02 14:02:39 ----D---- C:\Program Files\Online Services
2009-01-02 13:56:41 ----D---- C:\WINDOWS\SONYSYS
2009-01-02 13:55:42 ----D---- C:\Program Files\Common Files\Sony Shared
2008-12-13 01:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-02-02 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-02 27656]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-02-02 107272]
R1 DMICall;Sony DMI Call service; C:\WINDOWS\system32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-11-13 353680]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-07-24 21275]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2007-06-20 12672]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-22 108767]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
R3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2009-01-29 85969]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-06-20 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-06-20 209664]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 NETw5x32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-08-28 3632384]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\SonyNC.sys [2000-11-09 48896]
R3 SonyImgF;Sony Image Conversion Filter Driver; C:\WINDOWS\system32\DRIVERS\SonyImgF.sys [2006-03-06 30080]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-05-26 1177032]
R3 ti21sony;ti21sony; C:\WINDOWS\system32\drivers\ti21sony.sys [2006-02-21 226304]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvm321;Sony Visual Communication Camera VGP-VCC1; C:\WINDOWS\System32\Drivers\usbvm321.sys [2005-12-29 234496]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-06-20 730112]
S1 seneka;seneka; C:\WINDOWS\system32\drivers\seneka.sys []
S3 anrvxuve;anrvxuve; C:\WINDOWS\system32\drivers\anrvxuve.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-07-06 176128]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\WINDOWS\system32\drivers\nhcDriver.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-05-08 3661312]
S3 pelmouse;Mouse Suite Driver; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2002-06-28 17251]
S3 pelusblf;USB Mouse Low Filter Driver; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2001-07-24 7520]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-03 108928]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-02-02 903960]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-02-02 298264]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-02 152984]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 7520337]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-02-05 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-02-05 103736]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 SonicStageMonitoring;SonicStageMonitoring; C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe [2005-03-11 135168]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2006-04-13 176128]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-11-13 2405776]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2005-11-28 167936]
R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2005-11-28 135168]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2006-04-04 274432]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-05-08 143428]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment; C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-14 32768]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-04-27 53337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-04-27 49241]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-04-27 69718]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 311872]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2006-05-08 69632]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-01-02 1120960]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2005-11-25 73728]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2006-06-13 2084864]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2006-05-18 57344]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2006-05-18 770048]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2006-06-07 155648]
S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-11 483328]
S3 WmcCdsLs;Windows Media Connect (WMC) Helper; C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-10 28160]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#7 Asada

Asada
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 11 February 2009 - 06:02 PM

info.txt logfile of random's system information tool 1.05 2009-02-11 16:51:38

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->Dummy
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2MOONS-->MsiExec.exe /I{688E07FE-9832-4FB9-8666-FB198D86ADC6}
9Dragons-->MsiExec.exe /I{EB0508A0-162A-4996-85A1-00C07D33445A}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.7-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
AIM 6-->C:\Program Files\AIM6\uninst.exe
Aim Plugin for QQ Games-->C:\Program Files\Tencent\QQ Games\Plugin\Uninstall.EXE
AIMTunes-->C:\Program Files\AIMTunes\Uninstall.exe
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Black & White® 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe" -l0x9 -removeonly
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cheat Engine 5.4-->"C:\Program Files\Cheat Engine\unins000.exe"
Click to DVD 2.5.30-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B82682E-C555-45DA-8E2C-CE6525427AC9}\setup.exe" -l0x9 -removeonly
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
DISCover-->"C:\Program Files\DISC\uninstall.exe"
DSD Direct-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C27BF761-C499-488D-A964-A3718BC6EC3E}\setup.exe" -l0x9 -removeonly
DSD Playback Plug-in 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C89EB8CD-675F-44F4-9729-4C9A8FAC2D4F}\Setup.exe" -l0x9
DVgate Plus-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{685BCC47-B8EC-45EC-BBCE-77DF2451502C}\Setup.exe" -l0x9
Graphical Enhancement Textures 2.5-->C:\Program Files\Mount&Blade\uninstall_texture_pack.exe
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Half-Life-->C:\Sierra\HALF-L~1\UNWISE.EXE C:\Sierra\HALF-L~1\INSTALL.LOG
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRX5.inf
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003\HXFSETUP.EXE -U -ISnyHDANk.inf
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Image Converter 2 Plus-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63B8FB69-A1B6-425D-B67D-5257B7A1F663}\setup.exe" -l0x9 /CONPANE
ImageStation-->MsiExec.exe /I{A87EBA79-93DB-4A87-B9BA-62F8FB12D993}
Intel® Network Connections 13.0.42.0-->MsiExec.exe /i{2223FC2F-B862-4F83-BC9E-DDF2DADF2859} ARPREMOVE=1
Intel® PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
InterVideo WinDVD for VAIO-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
LAN Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5958CAC6-373E-402F-84FE-0A699AA920B9}\setup.exe" -l0x9
LiveUpdate 2.7 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia Flash Player 8 Plugin-->MsiExec.exe /X{E3D278BD-FC97-4F87-BB1F-689AE0CB9122}
Macromedia Flash Player 8-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Macromedia Flash Player 8-->MsiExec.exe /X{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}
MakeTorrent v2.1-->"C:\Program Files\Maketorrent 2\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Memory Stick Formatter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27337663-2619-11D4-99DC-0000F49094C7}\setup.exe" -l0x9 /UNINSTALL
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Digital Image Starter Edition 2006-->"C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=11
Microsoft Halo-->"C:\Program Files\Microsoft Games\Halo\UNINSTAL.EXE" /runtemp /addremove
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Desktop Engine (VAIO_VEDB)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mount&Blade-->C:\Program Files\Mount&Blade\uninstall.exe
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Napster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe" -l0x9 -removeonly
Notebook Hardware Control 2.0 Pre-Release-06 Bugfix-->C:\Program Files\Notebook Hardware Control\uninst.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
OpenMG Limited Patch 4.5-06-05-12-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.5-06-05-12-01\HotFixSetup\setup.exe /u
OpenMG Metadata Extractor for Windows Media Player-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B953606-000E-491C-B74D-78ECFDD520A0}\setup.exe" -l0x9
Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe
PFConfig 1.0.231-->C:\Program Files\PFConfig\uninst.exe
QQ Games-->C:\Program Files\Tencent\QQ Games\Uninstall.EXE
Quicken 2006-->MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
Recuva (remove only)-->"C:\Program Files\Recuva\uninst.exe"
Roxio DigitalMedia Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio DigitalMedia Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio DigitalMedia Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Savage 2 - A Tortured Soul-->C:\Program Files\Savage 2 - A Tortured Soul\uninstall.exe
Search Enhancement by AOL Search-->C:\Program Files\AOL\AOL Search Enhancement\uninst.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Setting Utility Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59452470-A902-477F-9338-9B88101681BD}\setup.exe" -l0x9 UNINSTALL -removeonly
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
SonicStage 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly
SonicStage Mastering Studio 2.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF3B304B-8A18-452D-A19F-6012CA8418D7}\Setup.exe" -l0x9
SonicStage Mastering Studio Audio Filter Custom Preset-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}\Setup.exe" -l0x9
SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB467B85-4F52-48C2-AEED-0673D00417B0}\Setup.exe" -l0x9
SonicStage Mastering Studio Plugins-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}\Setup.exe" -l0x9
Sony Certificate PCH-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0448678-1203-4158-A58F-B3D0B616BF9E}\setup.exe"
Sony MP4 Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe" -l0x9 -removeonly
Sony USB Mouse-->Pmuninst.exe MouseSuite98
Sony Utilities DLL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\setup.exe" -l0x9
Sony Video Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}\setup.exe" -l0x9 -removeonly
Star Wars Battlefront II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x9 -removeonly
SWF2EXE Converter V1.0-->"C:\Program Files\ApecSoft\SWF2EXE\unins000.exe"
Symantec KB-DocID:2003093015493306-->MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Uniblue DriverScanner 2009-->"C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue DriverScanner 2009-->C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
VAIO Backup Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9952D4E-766C-4CD3-BF2E-A2C3D8B15EF3}\setup.exe" -l0x9 -removeonly
VAIO Camera Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1417F599-1DBD-4499-9375-B2813E9F890C}\Setup.exe" -l0x9
VAIO Central-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E993095-28F2-4060-9101-99C1FD1195C0}\setup.exe" -l0x9 -removeonly
VAIO Entertainment Platform-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe" -l0x9 -removeonly
VAIO Event Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\setup.exe" -l0x9
VAIO Hardware Diagnostics-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A947C2B3-7445-42C4-9063-EE704CACCB22}\setup.exe" -l0x9
VAIO Light Flo Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}\setup.exe" -l0x9
VAIO Media 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}\setup.exe" -l0x9 UNINSTALL -removeonly
VAIO Media AC3 Decoder 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\Setup.exe" -l0x9 UNINSTALL
VAIO Media Integrated Server 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{785EB1D4-ECEC-4195-99B4-73C47E187721}\setup.exe" -l0x9 UNINSTALL -removeonly
VAIO Media Redistribution 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}\setup.exe" -l0x9 UNINSTALL -removeonly
VAIO Media Registration Tool 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x9 UNINSTALL -removeonly
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}\setup.exe" -l0x9
VAIO Original Screen Saver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}\setup.exe" -l0x9
VAIO Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E319E96-ED8E-4B01-9775-C521A1869A25}\setup.exe" -l0x9 UNINSTALL -removeonly
VAIO Registration-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{315BA29D-2644-4760-B5FD-5AC04A52B8C5}
VAIO Security Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FE3BF611-9B8B-44DC-A424-F8C4BA122A1D}\setup.exe" -l0x9 -removeonly
VAIO Support Central-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82081533-F045-469E-BD53-F16839E445C3}\setup.exe" -l0x9 -removeonly
VAIO Update 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\setup.exe" -l0x9
VAIO Wireless LAN Setup Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DF00135-D5A7-476A-BFB3-EDFF2840076A}\setup.exe" -l0x9
VAIOSurveySA-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{BA46CCF2-2C59-4DEB-93DC-7000B7C53B4E}
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Connect-->msiexec.exe /I {F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Windows Media Connect-->MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10 Hotfix [See KB886612 for more information]-->C:\WINDOWS\$NtUninstallKB886612$\spuninst\spuninst.exe
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\Setup.exe" -l0x9
Wolfenstein - Enemy Territory-->C:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\WOLFEN~1\Uninstall\Install.log
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Security center information======

AV: AVG Anti-Virus
FW: ZoneAlarm Firewall

System event log

Computer Name: FAMILYCOMPUTER
Event Code: 7036
Message: The Telephony service entered the running state.

Record Number: 1215
Source Name: Service Control Manager
Time Written: 20090112192312.000000-300
Event Type: information
User:

Computer Name: FAMILYCOMPUTER
Event Code: 7036
Message: The Fast User Switching Compatibility service entered the running state.

Record Number: 1214
Source Name: Service Control Manager
Time Written: 20090112192311.000000-300
Event Type: information
User:

Computer Name: FAMILYCOMPUTER
Event Code: 7035
Message: The Fast User Switching Compatibility service was successfully sent a start control.

Record Number: 1213
Source Name: Service Control Manager
Time Written: 20090112192311.000000-300
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: FAMILYCOMPUTER
Event Code: 7036
Message: The Terminal Services service entered the running state.

Record Number: 1212
Source Name: Service Control Manager
Time Written: 20090112192311.000000-300
Event Type: information
User:

Computer Name: FAMILYCOMPUTER
Event Code: 4201
Message: The system detected that network adapter \DEVICE\TCPIP_{1570ACC2-9E0D-4D4C-AF1B-0D176BCA97FA} was connected to the network,
and has initiated normal operation over the network adapter.

Record Number: 1211
Source Name: Tcpip
Time Written: 20090112192258.000000-300
Event Type: information
User:

Application event log

Computer Name: FAMILYCOMPUTER
Event Code: 0
Message:
Record Number: 287
Source Name: EvtEng
Time Written: 20090103171717.000000-300
Event Type: information
User:

Computer Name: FAMILYCOMPUTER
Event Code: 4097
Message: The application, C:\Documents and Settings\Asad\Desktop\Perfect_World_International.exe, generated an application error
The error occurred on 01/03/2009 @ 14:27:48.894
The exception generated was c0000005 at address 00417DC2 (Perfect_World_International)

Record Number: 286
Source Name: DrWatson
Time Written: 20090103142748.000000-300
Event Type: information
User:

Computer Name: FAMILYCOMPUTER
Event Code: 1000
Message: Faulting application perfect_world_international.exe, version 0.0.0.0, faulting module , version 0.0.0.0, fault address 0x00000000.

Record Number: 285
Source Name: Application Error
Time Written: 20090103142744.000000-300
Event Type: error
User:

Computer Name: FAMILYCOMPUTER
Event Code: 4097
Message: The application, C:\Documents and Settings\Asad\Desktop\Perfect_World_International.exe.exe, generated an application error
The error occurred on 01/03/2009 @ 14:26:59.414
The exception generated was c0000005 at address 00417DC2 (Perfect_World_International.exe)

Record Number: 284
Source Name: DrWatson
Time Written: 20090103142659.000000-300
Event Type: information
User:

Computer Name: FAMILYCOMPUTER
Event Code: 1000
Message: Faulting application perfect_world_international.exe.exe, version 0.0.0.0, faulting module , version 0.0.0.0, fault address 0x00000000.

Record Number: 283
Source Name: Application Error
Time Written: 20090103142657.000000-300
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Intel\DMIX
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"tvdumpflags"=8

-----------------EOF-----------------

#8 Asada

Asada
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 11 February 2009 - 06:07 PM

GMER Results

Attached Files



#9 Asada

Asada
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 11 February 2009 - 06:10 PM

There you go everything you asked for.
Also i think i should let you know this, during all scans AVG Antivirus was constantly sending me a warning about a bunch of trojans suddenly "attacking or open" so i jsut put each one that came into the vault. In total after all the scanning was done there was 54 files in vault and most where trojans found in system 32 while others seem to have been in my documents and settings and a few where in my restore files.

Thank you once again, hope you can help

#10 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:40 PM

Posted 11 February 2009 - 10:22 PM

Uh... you have MBR rootkit, lets do one step at a time...

Download this tool directly to your C:\Windows folder:

http://www2.gmer.net/mbr/mbr.exe

Double click it & post the log it creates on desktop. (C:\Windows\mbr.log)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#11 Asada

Asada
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 12 February 2009 - 04:49 PM

Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
MBR rootkit code detected !
malicious code @ sector 0xdf937c1 size 0x1af !
copy of MBR has been found in sector 62 !
MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.

Edited by Asada, 12 February 2009 - 08:35 PM.


#12 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:40 PM

Posted 13 February 2009 - 01:43 AM

Ok.. go to Start >> Run >> copy/paste below >> Press Enter

mbr -f

Then a logfile (mbr.log) will be created on your screen (find it at C:\Windows\mbr.log)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#13 Asada

Asada
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 13 February 2009 - 04:50 PM

um i tried doing that but there's no log in my windows folder

#14 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:40 PM

Posted 13 February 2009 - 05:18 PM

run mbr.exe again as you did first time and post the log here :thumbup2:

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#15 Asada

Asada
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 14 February 2009 - 12:23 PM

Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users