Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack Log Help


  • Please log in to reply
11 replies to this topic

#1 Ms Keo

Ms Keo

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:03 AM

Posted 19 March 2009 - 04:55 PM

Hello,


I still need help with getting rid of "junk" that's in my computer. My first post since Feb 26 and I havent received any help from anywhere except for one attempt from here. (Thanks Tea!) Hopefully, I can get some help asap this time. Please!

Thank You!

Here's a copy of my Hijack Log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:23:34 AM, on 2/26/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Protector Suite QL\menusw.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Sony\SmartWi Connection Utility\WCULauncher.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWi.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWiTogglet.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Sprint Instinct Applications\MEMonitor.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\igfxsrvc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Biomenu] "C:\Program Files\Protector Suite QL\menusw.exe"
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [WCULauncher] C:\Program Files\Sony\SmartWi Connection Utility\WCULauncher.exe
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - Startup: Sprint media monitor.lnk = C:\WINDOWS\RM.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SmartWiService - Sony Electronics, Inc - C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:03 AM

Posted 19 March 2009 - 04:59 PM

Hello! :thumbup2:
My name is Sam and I will be helping you.


I don't really see any indication of a malware issue in your log. What kind of problems are you having?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 Ms Keo

Ms Keo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:03 AM

Posted 19 March 2009 - 05:12 PM

Thanks for the fast response Sam!

Well my computer has gotten really slow for the past few months now. I ran the AVAST! scanner and it said something about a virus on my computer in the volume (???) of my laptop. My boss from work recommended I run Hijack on my laptop and see if there's anything on here that doesn't belong. But, since I don't know what the heck all these processes mean, I'm not sure what to look for.

#4 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:03 AM

Posted 19 March 2009 - 05:19 PM

It sounds like Avast picked up on something in your system restore. That's easy enough to flush out.

Flush your system restore, this will delete any restore points that you have but it will also make sure that any malware hiding in system restore will be booted off.

Turn off System Restore:
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • Check Turn off System Restore.
  • Click Apply, and then click OK.
Restart your computer, turn it back on and create a restore point.

Create a restore point:
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • UN-Check Turn off System Restore.
  • Click Apply, and then click OK.


Let's take a look at a more detailed log just to be certain that we're not dealing with malware here.

We need to create an OTListIt2 Report
  • Please download OTListIt2 from here
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the "Run Scan" button.
  • The scan should take just a few minutes.
  • Copy the log that opens up and paste it back here in your next reply.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#5 Ms Keo

Ms Keo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:03 AM

Posted 19 March 2009 - 05:52 PM

ok thanks, i'll try that right now.

#6 Ms Keo

Ms Keo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:03 AM

Posted 19 March 2009 - 06:12 PM

OTListIt logfile created on: 3/19/2009 4:08:52 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.6.0 Folder = C:\Documents and Settings\Kaneca Keo\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 416.28 Mb Available Physical Memory | 40.73% Memory free
2.40 Gb Paging File | 1.81 Gb Available in Paging File | 75.48% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.78 Gb Total Space | 55.87 Gb Free Space | 52.82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ENOSHENT
Current User Name: Kaneca Keo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2006/02/28 14:16:08 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/02/28 14:18:10 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2008/01/04 14:27:08 | 00,587,096 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2008/07/19 07:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/07/19 07:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2004/10/15 13:54:14 | 00,100,016 | ---- | M] (America Online, Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2004/10/15 13:54:12 | 00,046,768 | ---- | M] (America Online Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
PRC - [2008/10/22 03:51:36 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
PRC - [2009/01/29 15:09:14 | 00,578,920 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe
PRC - [2003/05/31 18:02:32 | 07,544,916 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
PRC - [2006/06/20 17:45:00 | 00,143,428 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2006/02/28 14:15:30 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007/09/22 09:37:30 | 01,247,600 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2006/04/13 13:36:36 | 00,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006/04/04 14:55:18 | 00,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007/01/04 14:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/11/28 13:39:30 | 00,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
PRC - [2006/02/07 20:29:04 | 00,094,208 | ---- | M] (Sony Electronics, Inc) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
PRC - [2005/11/28 13:39:32 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2006/03/30 10:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2006/02/28 14:25:20 | 00,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
PRC - [2006/02/28 14:25:48 | 00,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
PRC - [2006/06/13 10:22:20 | 00,217,088 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2004/02/20 14:12:34 | 00,032,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2006/02/22 18:10:16 | 01,354,240 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\menusw.exe
PRC - [2005/12/27 13:58:10 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
PRC - [2006/02/28 14:22:50 | 00,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/02/07 20:28:44 | 00,073,728 | ---- | M] (Sony Electronics Corporation) -- C:\Program Files\Sony\SmartWi Connection Utility\WCULauncher.exe
PRC - [2007/01/04 14:38:18 | 00,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2004/11/17 20:47:16 | 00,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2007/10/14 21:17:32 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2006/02/11 18:30:38 | 00,425,984 | ---- | M] (Sony Electronics Corporation) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2006/02/07 20:28:44 | 00,172,032 | ---- | M] (Sony Electronics Corporation) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWiTogglet.exe
PRC - [2008/06/10 04:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/07/19 07:38:34 | 00,078,008 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008/11/20 14:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2004/08/19 09:40:08 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apntex.exe
PRC - [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2007/04/27 14:17:26 | 00,050,736 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe
PRC - [2006/10/18 21:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
PRC - [2006/09/25 17:52:48 | 00,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\AIM6\aolsoftware.exe
PRC - [2006/04/07 16:37:00 | 01,773,568 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2007/10/14 21:38:52 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2007/02/05 16:40:46 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/28 11:20:00 | 00,415,072 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2008/06/12 08:36:06 | 01,226,072 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Sprint Instinct Applications\MEMonitor.exe
PRC - [2008/07/19 07:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2006/04/07 17:36:00 | 00,290,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2008/07/23 07:25:45 | 00,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2006/01/23 21:47:00 | 00,073,728 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2006/01/27 18:17:00 | 00,221,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2006/02/28 05:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2007/10/19 20:46:08 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2007/11/02 18:44:16 | 00,610,304 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2007/11/02 21:12:50 | 00,262,144 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008/04/13 17:12:40 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/03/07 00:39:53 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/03/19 16:07:57 | 00,498,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kaneca Keo\Desktop\OTListIt2.exe
PRC - [2008/06/10 04:27:03 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/01/04 14:27:08 | 00,587,096 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2008/05/10 11:29:22 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2004/10/15 13:54:14 | 00,100,016 | ---- | M] (America Online, Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor [Auto | Running])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/07/19 07:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2008/07/19 07:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2008/07/19 07:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2008/07/23 07:25:45 | 00,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2006/03/30 10:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/02/28 14:16:08 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2008/10/22 03:51:36 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Running])
SRV - [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/11/06 21:16:54 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2007/11/06 22:16:54 | 00,139,264 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2007/10/14 21:15:52 | 00,663,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL -- (HPSLPSVC [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2005/07/14 19:10:16 | 00,032,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment [On_Demand | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/01/29 15:09:14 | 00,578,920 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe -- (MrHealthyService [Auto | Running])
SRV - [2006/04/27 17:35:16 | 00,053,337 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV [On_Demand | Stopped])
SRV - [2003/05/31 18:02:32 | 07,544,916 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe -- (MSSQL$MICROSOFTBCM [Auto | Running])
SRV - [2002/12/17 15:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
SRV - [2008/01/16 19:14:18 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2006/06/20 17:45:00 | 00,143,428 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/04/27 17:27:06 | 00,049,241 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR [On_Demand | Stopped])
SRV - [2008/01/16 19:14:20 | 00,053,760 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2006/02/28 14:15:30 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2006/02/28 14:18:10 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2006/02/07 20:29:04 | 00,094,208 | ---- | M] (Sony Electronics, Inc) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe -- (SmartWiService [Auto | Running])
SRV - [2006/04/27 17:16:28 | 00,069,718 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV [On_Demand | Stopped])
SRV - [2002/12/17 15:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTBCM [On_Demand | Stopped])
SRV - [2006/05/08 04:24:54 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV [On_Demand | Stopped])
SRV - [2007/09/22 09:37:30 | 01,247,600 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Auto | Running])
SRV - [2005/11/25 13:08:54 | 00,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])
SRV - [2006/04/13 13:36:36 | 00,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service [Auto | Running])
SRV - [2006/06/13 08:03:42 | 02,084,864 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped])
SRV - [2006/05/18 10:22:26 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped])
SRV - [2006/05/18 10:22:26 | 00,770,048 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped])
SRV - [2006/06/07 09:51:50 | 00,155,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
SRV - [2006/04/04 14:55:18 | 00,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw [On_Demand | Running])
SRV - [2007/01/04 14:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2005/11/28 13:39:30 | 00,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc [Auto | Running])
SRV - [2005/11/28 13:39:32 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw [Auto | Running])
SRV - [2004/08/11 00:46:56 | 00,483,328 | ---- | M] (Microsoft Corporation) -- c:\program files\windows media connect\mswmccds.exe -- (WmcCds [Unknown | Stopped])
SRV - [2004/08/10 21:50:42 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Connect\mswmcls.exe -- (WmcCdsLs [On_Demand | Stopped])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2008/07/19 07:32:15 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2006/07/22 12:45:27 | 00,021,275 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2004/11/22 13:31:10 | 00,108,767 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\system32\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
DRV - [2008/07/19 07:37:42 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2008/07/19 07:37:21 | 00,094,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2008/07/19 07:33:42 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2008/07/19 07:35:18 | 00,078,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2008/07/19 07:32:36 | 00,042,912 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2000/12/05 16:18:02 | 00,003,952 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\DMICall.sys -- (DMICall [System | Running])
DRV - [2006/02/22 18:13:12 | 00,013,440 | ---- | M] (UPEK Inc.) -- C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys -- (FdRedir [Auto | Running])
DRV - [2006/02/22 18:13:04 | 00,033,024 | ---- | M] (UPEK Inc.) -- C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys -- (FileDisk2 [Auto | Running])
DRV - [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/04/13 09:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007/11/01 04:28:06 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2007/11/01 04:28:06 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2007/11/01 04:28:07 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2005/10/18 17:52:34 | 00,202,112 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2005/10/18 17:53:24 | 00,998,656 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2005/12/17 12:08:00 | 01,353,820 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Stopped])
DRV - [2005/10/21 12:19:34 | 00,036,352 | ---- | M] (Infineon Technologies AG) -- C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS -- (IFXTPM [On_Demand | Running])
DRV - [2005/10/05 17:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2005/12/29 00:28:08 | 00,055,680 | ---- | M] (Micro Vision Co.,Ltd) -- C:\WINDOWS\System32\Drivers\Mvc25U870.sys -- (Mvc25U870_VID_1262&PID_25FD [On_Demand | Running])
DRV - [2005/08/02 22:10:12 | 00,032,512 | ---- | M] (CACE Technologies) -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF [On_Demand | Stopped])
DRV - [2006/06/20 17:45:00 | 03,662,400 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2007/11/08 00:20:10 | 00,016,694 | ---- | M] (PalmSource, Inc.) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD [On_Demand | Stopped])
DRV - [2004/01/14 12:51:06 | 00,017,359 | ---- | M] (PCTEL Inc.) -- C:\WINDOWS\system32\PCTINDIS5.SYS -- (PCTINDIS5 [On_Demand | Stopped])
DRV - [2006/02/28 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/01/04 14:58:46 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006/02/28 05:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Stopped])
DRV - [2006/02/28 15:35:56 | 00,013,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])
DRV - [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2005/01/03 00:32:42 | 00,114,944 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\GCXX.sys -- (SEMWModem [On_Demand | Stopped])
DRV - [2005/01/03 00:32:42 | 00,053,248 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\GCXXNet.sys -- (SEMWWNIC [On_Demand | Stopped])
DRV - [2005/11/21 15:06:02 | 00,009,216 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\shpf.sys -- (shpf [Boot | Running])
DRV - [2000/11/09 20:15:08 | 00,048,896 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\Drivers\SonyNC.sys -- (SNC [On_Demand | Running])
DRV - [2006/03/06 19:39:00 | 00,030,080 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SonyImgF.sys -- (SonyImgF [On_Demand | Running])
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2003/06/18 17:12:50 | 00,071,961 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SonyPI.sys -- (SPI [On_Demand | Running])
DRV - [2006/12/14 02:16:14 | 00,058,352 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\sscdbus.sys -- (sscdbus [On_Demand | Stopped])
DRV - [2006/12/14 02:16:13 | 00,008,272 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped])
DRV - [2006/12/14 02:16:13 | 00,093,872 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped])
DRV - [2006/12/14 02:16:13 | 00,073,696 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\sscdserd.sys -- (sscdserd [On_Demand | Stopped])
DRV - [2006/05/26 07:59:12 | 01,177,032 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA [On_Demand | Running])
DRV - [2001/08/17 13:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\serscan.sys -- (StillCam [On_Demand | Stopped])
DRV - [2006/09/17 14:02:29 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])
DRV - [2006/02/22 18:05:44 | 00,028,800 | ---- | M] (UPEK Inc.) -- C:\WINDOWS\System32\Drivers\tcusb.sys -- (TcUsb [On_Demand | Running])
DRV - [2006/02/21 19:32:32 | 00,226,304 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\ti21sony.sys -- (ti21sony [On_Demand | Running])
DRV - [2005/07/11 18:58:00 | 00,003,712 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt [On_Demand | Stopped])
DRV - [2006/02/10 11:17:00 | 00,047,488 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\DRIVERS\tosporte.sys -- (tosporte [On_Demand | Running])
DRV - [2006/04/13 20:00:00 | 00,108,928 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\System32\Drivers\tosrfbd.sys -- (Tosrfbd [On_Demand | Stopped])
DRV - [2006/03/16 10:45:00 | 00,037,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\Drivers\tosrfbnp.sys -- (Tosrfbnp [On_Demand | Stopped])
DRV - [2005/08/01 16:45:00 | 00,064,896 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\Drivers\tosrfcom.sys -- (Tosrfcom [System | Running])
DRV - [2006/02/08 17:33:00 | 00,062,848 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys -- (Tosrfhid [On_Demand | Stopped])
DRV - [2005/01/06 13:42:00 | 00,018,612 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\DRIVERS\tosrfnds.sys -- (tosrfnds [On_Demand | Stopped])
DRV - [2006/03/15 10:52:00 | 00,052,864 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd [On_Demand | Stopped])
DRV - [2006/02/24 01:37:00 | 00,040,192 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\System32\Drivers\tosrfusb.sys -- (Tosrfusb [On_Demand | Stopped])
DRV - [2008/11/07 15:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2007/04/09 09:53:24 | 00,012,672 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\DRIVERS\lgusbbus.sys -- (usbbus [On_Demand | Stopped])
DRV - [2007/04/09 09:56:22 | 00,021,248 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys -- (UsbDiag [On_Demand | Stopped])
DRV - [2007/04/09 09:55:08 | 00,022,912 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys -- (USBModem [On_Demand | Stopped])
DRV - [2006/02/26 04:43:00 | 01,428,480 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys -- (w39n51 [On_Demand | Running])
DRV - [2003/01/10 13:13:04 | 00,033,588 | R--- | M] (America Online, Inc.) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Stopped])
DRV - [2005/10/18 17:52:30 | 00,721,280 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2005/10/17 09:43:00 | 00,241,408 | ---- | M] (Marvell) -- C:\WINDOWS\system32\DRIVERS\yk51x86.sys -- (yukonwxp [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\S-1-5-21-3555143062-239369610-1032275651-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\S-1-5-21-3555143062-239369610-1032275651-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: OberonGameHost@OberonGames.com:1.0.5.1116
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/07 00:39:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/11 13:56:00 | 00,000,000 | ---D | M]

[2009/01/01 13:44:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaneca Keo\Application Data\mozilla\Extensions
[2008/12/20 04:47:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaneca Keo\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/01/01 13:44:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaneca Keo\Application Data\mozilla\Extensions\mozswing@mozswing.org
[2009/03/19 00:04:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaneca Keo\Application Data\mozilla\Firefox\Profiles\65r3ad0c.default\extensions
[2009/03/10 14:43:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaneca Keo\Application Data\mozilla\Firefox\Profiles\65r3ad0c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/01/24 05:07:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaneca Keo\Application Data\mozilla\Firefox\Profiles\65r3ad0c.default\extensions\OberonGameHost@OberonGames.com
[2009/03/19 00:04:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/07 00:39:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/08/16 00:30:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/08/15 01:59:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/07 00:39:52 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/07 00:39:52 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2004/07/02 14:51:00 | 00,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\components\np32asw.dll
[2008/12/02 01:04:40 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/12/02 01:04:40 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/12/02 01:04:40 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/12/02 01:04:40 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/12/02 01:04:40 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/12/02 01:04:40 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/12/02 01:04:40 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll (America Online, Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (America Online, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (America Online, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (America Online, Inc.)
O3 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Biomenu] "C:\Program Files\Protector Suite QL\menusw.exe" (UPEK Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" (Intel Corporation)
O4 - HKLM..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe (America Online, Inc.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" (Sony Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" (Sony Corporation)
O4 - HKLM..\Run: [WCULauncher] C:\Program Files\Sony\SmartWi Connection Utility\WCULauncher.exe (Sony Electronics Corporation)
O4 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe File not found
O4 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (AOL LLC)
O4 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\Kaneca Keo\Start Menu\Programs\Startup\Sprint media monitor.lnk = C:\WINDOWS\RM.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8
O7 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (America Online, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Sites: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Sites: trymedia.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\..Trusted Domains: csulb.edu ([beachboard] https in Trusted sites)
O15 - HKU\S-1-5-21-3555143062-239369610-1032275651-1006\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\psfus: DllName - fusstub.dll - C:\WINDOWS\system32\fusstub.dll (UPEK Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\system32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {03A80B1D-5C6A-42c2-9DFB-81B6005D8023} - C:\Program Files\Trend Micro\Tmas\sshook.dll (Trend Micro Incorporated)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/22 11:47:29 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{012bf02c-c978-11dc-a72c-0002c7fa2756}\Shell\AutoRun\command - "" = G:\WD_Windows_Tools\setup.exe -- File not found
O33 - MountPoints2\{aaa7558c-0dde-11de-a97b-0013a93fa8c8}\Shell - "" = AutoRun
O33 - MountPoints2\{aaa7558c-0dde-11de-a97b-0013a93fa8c8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{aaa7558c-0dde-11de-a97b-0013a93fa8c8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{f4cc7b7c-03bd-11de-a968-0002c7fa2756}\Shell - "" = AutoRun
O33 - MountPoints2\{f4cc7b7c-03bd-11de-a968-0002c7fa2756}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f4cc7b7c-03bd-11de-a968-0002c7fa2756}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2009/03/19 16:07:57 | 00,498,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kaneca Keo\Desktop\OTListIt2.exe
[2009/03/19 16:03:42 | 00,000,000 | R-SD | C] -- C:\Documents and Settings\Kaneca Keo\My Documents\My Safe
[2009/03/19 14:32:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kaneca Keo\Desktop\Misc
[2009/03/11 13:57:38 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[2009/03/11 13:57:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/03/11 13:56:00 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/11 00:02:39 | 01,273,488 | ---- | C] (Malwarebytes Corporation) -- C:\Documents and Settings\Kaneca Keo\My Documents\mbam.exe
[2009/03/10 23:59:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kaneca Keo\My Documents\Spring 2009
[2009/03/10 23:58:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kaneca Keo\My Documents\Fall 2008
[2009/03/10 19:00:08 | 00,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2009/03/10 18:59:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kaneca Keo\My Documents\WDC
[2009/03/08 12:02:37 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/03/06 09:13:50 | 00,122,041 | ---- | C] () -- C:\Documents and Settings\Kaneca Keo\Desktop\TYLN_faq.pdf
[2009/02/28 20:58:52 | 00,000,755 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton PC Checkup.lnk
[2009/02/26 10:22:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kaneca Keo\Desktop\Hijack Logs
[2009/02/26 10:05:14 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Kaneca Keo\Desktop\HijackThis.lnk
[2009/02/26 03:54:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kaneca Keo\Application Data\Malwarebytes
[2009/02/26 03:54:51 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/02/26 03:54:51 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/02/26 03:54:48 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/26 03:54:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/02/26 03:54:46 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/02/25 21:32:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kaneca Keo\Desktop\Virus & Malware Cures
[2009/02/25 21:28:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kaneca Keo\Application Data\U3
[2009/02/19 11:43:51 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/02/19 11:42:44 | 00,000,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2009/02/19 11:40:18 | 00,164,906 | ---- | C] () -- C:\WINDOWS\hpoins21.dat.temp
[2009/02/19 11:40:17 | 00,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat.temp

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/03/19 16:07:57 | 00,498,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kaneca Keo\Desktop\OTListIt2.exe
[2009/03/19 16:03:30 | 00,050,868 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/19 16:03:23 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/19 16:02:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/19 16:02:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/19 16:02:26 | 10,716,97920 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/16 23:41:06 | 01,573,000 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/13 13:28:45 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/11 21:57:01 | 00,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Norton PC Checkup Weekday Scanner.job
[2009/03/11 13:57:38 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[2009/03/11 13:56:00 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/11 00:02:40 | 01,273,488 | ---- | M] (Malwarebytes Corporation) -- C:\Documents and Settings\Kaneca Keo\My Documents\mbam.exe
[2009/03/08 12:25:48 | 00,046,592 | ---- | M] () -- C:\Documents and Settings\Kaneca Keo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/08 10:15:29 | 00,539,448 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/08 10:15:29 | 00,450,016 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/08 10:15:29 | 00,080,150 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/06 09:13:50 | 00,122,041 | ---- | M] () -- C:\Documents and Settings\Kaneca Keo\Desktop\TYLN_faq.pdf
[2009/03/03 14:49:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/02/28 20:59:09 | 00,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Norton PC Checkup Weekend Scanner.job
[2009/02/28 20:58:52 | 00,000,755 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton PC Checkup.lnk
[2009/02/27 11:48:34 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009/02/27 11:48:33 | 00,000,754 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/02/27 11:48:33 | 00,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/02/26 10:05:15 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Kaneca Keo\Desktop\HijackThis.lnk
[2009/02/26 03:54:51 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/02/25 12:55:00 | 24,768,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/02/19 11:49:41 | 00,164,812 | ---- | M] () -- C:\WINDOWS\hpoins21.dat
[2009/02/19 11:44:46 | 00,000,112 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2009/02/19 11:43:51 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/02/19 11:42:44 | 00,000,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
< End of report >

#7 Ms Keo

Ms Keo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:03 AM

Posted 19 March 2009 - 06:25 PM

Sorry i have an "extras" log that popped out as well. It doesn't look exactly the same as the other log. Here's a copy:

OTListIt Extras logfile created on: 3/19/2009 4:08:52 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.6.0 Folder = C:\Documents and Settings\Kaneca Keo\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 416.28 Mb Available Physical Memory | 40.73% Memory free
2.40 Gb Paging File | 1.81 Gb Available in Paging File | 75.48% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.78 Gb Total Space | 55.87 Gb Free Space | 52.82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ENOSHENT
Current User Name: Kaneca Keo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] --
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2006/06/01 17:55:30 | 01,077,248 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System
[2006/06/01 17:54:30 | 00,057,344 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub
[2006/06/01 17:54:24 | 00,098,304 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP
[2008/12/19 13:49:41 | 00,139,776 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2006/10/10 10:53:46 | 00,010,800 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
[2006/05/09 17:24:16 | 00,050,760 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1158527065\ee\aolsoftware.exe:*:Enabled:AOL Services
[2006/08/28 13:22:24 | 00,050,768 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1158527065\ee\aim6.exe:*:Enabled:AIM
File not found -- C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Enabled:Orb
File not found -- C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Enabled:OrbTray
File not found -- C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client
[2008/05/21 05:54:40 | 01,022,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote
File not found -- C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
File not found -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
[2005/07/11 22:17:51 | 00,037,464 | ---- | M] (America Online, Inc.) -- C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
[2004/10/15 13:54:14 | 00,100,016 | ---- | M] (America Online, Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon
[2004/10/15 13:54:12 | 00,046,768 | ---- | M] (America Online Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed
[2005/04/05 17:06:43 | 00,140,888 | ---- | M] (America Online Inc.) -- C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL
File not found -- C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL
File not found -- C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL
File not found -- C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL
[2004/06/09 15:27:34 | 00,471,040 | ---- | M] (PalmSource, Inc) -- C:\Program Files\Palm\Hotsync.exe:*:Enabled:HotSync® Manager Application
File not found -- C:\WINDOWS\system32\lxcrcoms.exe:*:Enabled:Lexmark Communications System
File not found -- E:\setup\HPZNUI01.EXE:*:Enabled:hpznui01.exe
[2008/05/27 21:58:12 | 04,269,296 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/04/27 14:17:26 | 00,050,736 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
[2008/11/20 14:20:48 | 14,294,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2009/02/15 14:19:13 | 00,270,128 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
[2007/10/14 21:38:52 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
[2007/10/19 20:46:08 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
[2007/11/02 18:44:16 | 00,283,992 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
[2007/11/02 18:44:16 | 00,053,248 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
[2007/11/29 23:04:40 | 00,107,864 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
[2007/11/02 18:44:16 | 00,566,616 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
[2005/11/11 09:09:40 | 00,421,888 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
[2005/11/11 09:15:26 | 00,733,184 | ---- | M] ( ) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
[2007/11/29 23:04:40 | 00,075,096 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
[2007/12/20 11:05:54 | 01,421,312 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe
[2007/10/31 14:45:22 | 00,147,456 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
File not found -- G:\WD Sync Data\Kaneca Keo\Temp\uTorrent.exe:*:Enabled:µTorrent

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0DF00135-D5A7-476A-BFB3-EDFF2840076A}" = VAIO Wireless LAN Setup Utility
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{19FDB8E4-59AD-4330-9667-E8DCAF018DD3}" = Unload
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2EA7CF7E-0C76-44A5-B0CF-A1D171476E42}" = VAIO Breeze Wallpaper
"{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{319D9385-EEC1-4ae5-BFD1-C5DE1E063F30}" = Trend Micro Anti-Spyware
"{320C1A09-6F4E-4995-9CFA-74D66701996E}" = Cingular Connection Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3A7BF905-F37D-4DFB-8308-EC3AA4617B36}" = Garmin Communicator Plugin
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4E993095-28F2-4060-9101-99C1FD1195C0}" = VAIO Central
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
"{565F04D0-11FA-487E-8A92-F9D11CC011B3}" = VAIO Power Management
"{582D2A53-F426-4C5E-A2E6-43C1AB36B907}" = Safari
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 5.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5B82682E-C555-45DA-8E2C-CE6525427AC9}" = Click to DVD 2.5.30
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}" = Macromedia Flash Player 8
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
"{66563AD8-637B-407F-BCA7-0233A16891AB}" = Business Contact Manager for Outlook 2003
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{80EE18E6-F16C-11D4-8BE8-006097C9A3ED}" = ISScript
"{82081533-F045-469E-BD53-F16839E445C3}" = VAIO Support Central
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8912A802-1DD4-41F3-8450-B3209081BDB9}" = Sprint media manager
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8DF4C627-4AF3-4245-9F13-3518FC8584DC}" = Protector Suite QL 5.3
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A005B38F-D5AB-4E35-93DD-9886E449FAF1}" = Palm
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.0
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{ACDE260A-602B-4cfb-A650-D0DBA6FFAD85}" = NetDeviceManager
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1881AB8-8149-4523-A44F-518A144091FB}" = Brother MFL-Pro Suite
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BA46CCF2-2C59-4DEB-93DC-7000B7C53B4E}" = VAIOSurveySA
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 2.2
"{C27BF761-C499-488D-A964-A3718BC6EC3E}" = DSD Direct
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C518C7BF-A345-4019-815B-FFDF32EBCAD9}" = VAIO HDD Protection
"{c600ab3d-8b64-41df-bf36-b3d87ce0706b}" = C7200_Help
"{C89EB8CD-675F-44F4-9729-4C9A8FAC2D4F}" = DSD Playback Plug-in 1.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}" = WinZip 11.2
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CECEB0FF-5C45-4b50-9A00-C596E36D88F4}" = C7200
"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D9952D4E-766C-4CD3-BF2E-A2C3D8B15EF3}" = VAIO Backup Utility
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{EF7BB06C-5D95-4C7C-8B9B-E1B1E37E8692}" = Fingerprint Tutorial
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect
"{F6D24DE1-6894-452D-A714-FDA0929714EC}" = TPM Tutorial
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE3BF611-9B8B-44DC-A424-F8C4BA122A1D}" = VAIO Security Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AIM_6" = AIM 6
"AOL Search Enhancement" = Search Enhancement by AOL Search
"AOL Uninstaller" = AOL Uninstaller
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.2 (Unicode)
"avast!" = avast! Antivirus
"Bewitched" = Bewitched (remove only)
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CSCLIB" = Canon Camera Support Core Library
"DISCover" = DISCover
"Easy WiFi Radar" = Easy WiFi Radar 1.0.5
"EOS Utility" = Canon Utilities EOS Utility
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"InstallShield_{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"InstallShield_{BA46CCF2-2C59-4DEB-93DC-7000B7C53B4E}" = VAIOSurveySA
"IntelligentAdvisor" = IntelligentAdvisor
"IrfanView" = IrfanView (remove only)
"JEOPARDY!" = JEOPARDY! (remove only)
"LimeWire" = LimeWire 5.0.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Medical Terminology for Health Professions_is1" = Medical Terminology for Health Professions Version 1.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.0.7)" = Mozilla Firefox (3.0.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Music Rescue_is1" = Music Rescue 3.1.6
"Norton PC Checkup" = Norton PC Checkup
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.5-06-05-10-01" = OpenMG Limited Patch 4.5-06-05-12-01
"PhotoStitch" = Canon Utilities PhotoStitch
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"ProInst" = Intel® PROSet/Wireless Software
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer Basic
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"Shop for HP Supplies" = Shop for HP Supplies
"Sony Ericsson Wireless Modem" = Sony Ericsson Wireless Modem
"The Da Vinci Code" = The Da Vinci Code (remove only)
"V CAST Music with Rhapsody" = V CAST Music with Rhapsody
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WGA" = Windows Genuine Advantage Validation Tool
"Wheel of Fortune" = Wheel of Fortune (remove only)
"Windows Media Connect" = Windows Media Connect
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3555143062-239369610-1032275651-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 1/16/2009 8:47:07 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}\DEFAULTS\PREFERENCES\ADBLOCKPLUS.JS
failed, 00000005.

Error - 1/16/2009 8:47:09 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\PREFS.JS
failed, 00000005.

Error - 1/16/2009 8:47:10 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\SESSIONSTORE.JS
failed, 00000005.

Error - 1/17/2009 7:53:29 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\PREFS.JS
failed, 00000005.

Error - 1/17/2009 7:53:29 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\SESSIONSTORE.JS
failed, 00000005.

Error - 2/3/2009 8:27:28 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}\DEFAULTS\PREFERENCES\ADBLOCKPLUS.JS
failed, 00000005.

Error - 2/3/2009 8:27:28 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\PREFS.JS
failed, 00000005.

Error - 2/3/2009 8:27:28 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\SESSIONSTORE.JS
failed, 00000005.

Error - 2/7/2009 7:44:32 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}\DEFAULTS\PREFERENCES\ADBLOCKPLUS.JS
failed, 00000005.

Error - 2/7/2009 7:44:33 PM | Computer Name = ENOSHENT | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\DOCUMENTS AND SETTINGS\KANECA KEO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\65R3AD0C.DEFAULT\PREFS.JS
failed, 00000005.

[ Application Events ]
Error - 2/26/2009 10:47:15 PM | Computer Name = ENOSHENT | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module hpslpsvc32.dll, version 100.0.170.0, fault address 0x000410c9.

Error - 2/27/2009 3:00:27 PM | Computer Name = ENOSHENT | Source = MsiInstaller | ID = 10005
Description = Product: Adobe Setup -- Please install Adobe Setup using Setup.exe

Error - 3/9/2009 5:26:59 PM | Computer Name = ENOSHENT | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module hpslpsvc32.dll, version 100.0.170.0, fault address 0x000410c9.

Error - 3/10/2009 2:05:41 PM | Computer Name = ENOSHENT | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module HPZinw12.dll, version 12.1.2.51, fault address 0x00006e1c.

Error - 3/10/2009 2:12:56 PM | Computer Name = ENOSHENT | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module HPZinw12.dll, version 12.1.2.51, fault address 0x00006e1c.

Error - 3/12/2009 4:38:05 AM | Computer Name = ENOSHENT | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.6331.5000, stamp 48fa27b4,
faulting module hpz3r5ha.dll, version 61.71.244.0, stamp 45f91d42, debug? 0, fault
address 0x000467e8.

Error - 3/17/2009 3:23:45 PM | Computer Name = ENOSHENT | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module HPZinw12.dll, version 12.1.2.51, fault address 0x00006e1c.

Error - 3/17/2009 4:24:02 PM | Computer Name = ENOSHENT | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.6331.5000, stamp 48fa27b4,
faulting module hpz3r5ha.dll, version 61.71.244.0, stamp 45f91d42, debug? 0, fault
address 0x000467e8.

Error - 3/19/2009 10:47:34 AM | Computer Name = ENOSHENT | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.6331.5000, stamp 48fa27b4,
faulting module hpz3r5ha.dll, version 61.71.244.0, stamp 45f91d42, debug? 0, fault
address 0x000467e8.

Error - 3/19/2009 5:42:34 PM | Computer Name = ENOSHENT | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.6331.5000, stamp 48fa27b4,
faulting module hpz3r5ha.dll, version 61.71.244.0, stamp 45f91d42, debug? 0, fault
address 0x000467e8.

[ OSession Events ]
Error - 2/23/2008 3:00:15 AM | Computer Name = ENOSHENT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 21831
seconds with 1800 seconds of active time. This session ended with a crash.

Error - 10/15/2008 7:48:37 PM | Computer Name = ENOSHENT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2151
seconds with 1140 seconds of active time. This session ended with a crash.

Error - 11/12/2008 8:29:01 PM | Computer Name = ENOSHENT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 168362
seconds with 7260 seconds of active time. This session ended with a crash.

Error - 2/15/2009 7:48:51 PM | Computer Name = ENOSHENT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 93120
seconds with 600 seconds of active time. This session ended with a crash.

Error - 3/3/2009 5:54:38 PM | Computer Name = ENOSHENT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6070
seconds with 1260 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 3/19/2009 1:50:06 PM | Computer Name = ENOSHENT | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.47 for the Network Card with network
address 001302CB3E57 has been denied by the DHCP server 192.168.24.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/19/2009 1:50:13 PM | Computer Name = ENOSHENT | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 3/19/2009 1:51:41 PM | Computer Name = ENOSHENT | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 3/19/2009 3:50:07 PM | Computer Name = ENOSHENT | Source = DCOM | ID = 10010
Description = The server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} did not register
with DCOM within the required timeout.

Error - 3/19/2009 3:50:15 PM | Computer Name = ENOSHENT | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.24.110 for the Network Card with network
address 001302CB3E57 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/19/2009 5:23:52 PM | Computer Name = ENOSHENT | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.47 for the Network Card with network
address 001302CB3E57 has been denied by the DHCP server 10.49.4.2 (The DHCP Server
sent a DHCPNACK message).

Error - 3/19/2009 5:24:01 PM | Computer Name = ENOSHENT | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 3/19/2009 5:25:29 PM | Computer Name = ENOSHENT | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 3/19/2009 7:02:45 PM | Computer Name = ENOSHENT | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 3/19/2009 7:04:16 PM | Computer Name = ENOSHENT | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.


< End of report >

#8 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:03 AM

Posted 20 March 2009 - 09:08 AM

I don't really see any signs of malware in your logs, but there are some programs that you should uninstall.

Click Start -> Control Panel -> Add Remove Programs and uninstall these programs:

Viewpoint Manager
ViewpointMediaPlayer
J2SE Runtime Environment 5.0 Update 7
J2SE Runtime Environment 5.0 Update 10
Java™ 6 Update 3



==============


Run an online scan at Secunia Online Software Inspector
  • Click on the red button at the bottom of the screen that says Start Scanner.
  • Follow the prompts to install the scanning software.
  • Do not check the box for Enable thorough system inspection
  • Click the Start button.
  • The program will scan your system and identify insecure versions of software and missing security updates.
  • Using the links provided in the scan, download and install any current and secure versions that are needed.


How is your computer behaving now?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#9 Ms Keo

Ms Keo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:03 AM

Posted 24 March 2009 - 12:08 PM

sorry for taking so long to reply.. i did the scan and it says to install new versions of some programs. what I'm really having an issue with now is that theres a window that pops up and says that generic host win32 has to close. what does that mean?

#10 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:03 AM

Posted 24 March 2009 - 02:01 PM

Can you give me some more info on that error? When does it happen? What programs are running when it happens? What additional information is contained in the error message itself?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#11 Ms Keo

Ms Keo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:03 AM

Posted 25 March 2009 - 02:33 PM

Whenever I have the internet open, I'll get this message:

Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience.

Error Message:
szAppName : svchost.exe szAppVer : 5.1.2600.5512
szModName : hpslpsvc32.dll szModVer : 100.0.170.0 offset : 000410c9

#12 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:03 AM

Posted 25 March 2009 - 06:53 PM

Let's try this:

Click Start -> Run -> services.msc
Look for "HP Network Devices Support"
Double click on it to bring up Properties
Set Startup type to Manual.
Click Ok and reboot.

Let me know if you still get that error.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users