Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE and Firefox stop working after a few minutes


  • Please log in to reply
5 replies to this topic

#1 chernobylgoo

chernobylgoo

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 15 April 2009 - 11:38 AM

IE and Firefox freeze up and are not closing properly after a few minutes of surfing on-line. I'm running Vista and I run AdAware and Avast! Anti-Virus on a regular basis but they haven't picked up anything. I also run Ashampoo WinOptimizer 6 to speed up my computer when it starts to run sluggish. Here is the HiJackThis logfile.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:27:26 AM, on 4/15/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Users\dunbarg\Program Files\DNA\btdna.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Users\dunbarg\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [VAIO Help and Support Demo] "C:\Program Files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe"
O4 - HKLM\..\Run: [VWLASU] "C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\dunbarg\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Unknown owner - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11377 bytes

BC AdBot (Login to Remove)

 


#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:05:22 PM

Posted 28 April 2009 - 10:53 AM

Hi chernobylgoo and welcome to Bleeping Computer.

Sorry for the delay in response to your thread.

If you still need help:
  • Download OTListIt2 to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
    Copy the lines in the codebox below.
    drivers32
  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

    Posted Image
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
Thanks

BBPP6nz.png


#3 chernobylgoo

chernobylgoo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 29 April 2009 - 09:21 AM

here are the files you wanted.

OTListIt Extras logfile created on: 4/29/2009 8:15:32 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Users\dunbarg\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 99.08% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.82 Gb Total Space | 52.26 Gb Free Space | 37.11% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 106.64 Gb Free Space | 71.55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ENDER
Current User Name: dunbarg
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DisableNotifications" = 0
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2000
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09A84598-E18A-4E7B-A49A-E19BB8D5C648}" = AppMon Utility
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{28549656-3CB3-44B6-9FAB-925A18DAC796}" = VAIO Movie Story
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{4203C377-8F5B-4B3C-9096-6FC7C2CB9BC5}" = VAIO Content Metadata XML Interface Library
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4AA0CF6F-2C23-4A29-9A3B-CF68207755B4}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{55502C49-F061-428C-BF26-06ECDFB3AC29}" = Sid Meier's Civilization 4 Gold
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{56345504-DE57-4528-A18B-A567D1E52928}" = ArcSoft Magic-i Visual Effects
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69351E9E-23ED-41D5-B146-EDBF83C63B66}" = VAIO Content Metadata Manager Setting
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.2
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{85EBB283-65AF-4C53-9EBE-7C0A232762F7}" = AGEIA PhysX v7.03.21
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AA346790-8BF2-4826-9E30-18E9BB547663}" = VAIO Content Metadata Manager Setting
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B5E2DF30-1061-4DB4-AF28-08996C8E5680}" = VAIO Content Metadata XML Interface Library
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BCED773C-99EE-48DD-8915-25733F69F0A8}" = VAIO PC Wireless LAN Wizard
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CC85B598-5643-4FD0-9AD9-B7B551D2F435}" = VAIO Content Metadata Intelligent Analyzing Manager
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc
"{D36E4755-83B9-4B10-BE51-0AC5B9F43C1F}" = VAIO Media
"{D47FE987-EA3D-424B-9886-B752501D7CE7}" = VAIO Help and Support
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6651810-8439-4F25-BACC-5FB66D4B1A63}" = VAIO Media Registration Tool
"{D937DD80-3928-4617-876F-538A25AECB17}" = LocationFree Player
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E74F7423-77CB-4F6A-A44D-604E1010FE50}" = VAIO Entertainment Center
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AIM_6" = AIM 6
"Any Video Converter_is1" = Any Video Converter 2.7.2
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.23
"Ask Toolbar_is1" = ZoneAlarm Spy Blocker Toolbar
"avast!" = avast! Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EADM" = EA Download Manager
"ENTERPRISER" = Microsoft Office Enterprise 2007
"File Shredder_is1" = File Shredder 2.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"MediaMonkey_is1" = MediaMonkey 3.0
"Mozilla Firefox (3.0.9)" = Mozilla Firefox (3.0.9)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Service Utility" = VAIO Service Utility
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6h
"World of Warcraft" = World of Warcraft
"Yahoo! Messenger" = Yahoo! Messenger
"ZoneAlarm" = ZoneAlarm

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent 6.0.2
"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 8/3/2008 10:12:33 PM | Computer Name = Ender | Source = avast! | ID = 33554522
Description = Internal error has occurred in module basEncodeFileToRootkitSubmit
failed! , function 00000002.

Error - 8/3/2008 10:13:47 PM | Computer Name = Ender | Source = avast! | ID = 33554522
Description = Internal error has occurred in module basEncodeFileToRootkitSubmit
failed! , function 00000002.

[ Application Events ]
Error - 4/8/2009 6:12:49 AM | Computer Name = Ender | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 4/8/2009 8:10:14 PM | Computer Name = Ender | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 4/8/2009 8:10:28 PM | Computer Name = Ender | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/8/2009 8:10:28 PM | Computer Name = Ender | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/8/2009 8:10:28 PM | Computer Name = Ender | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/8/2009 8:10:28 PM | Computer Name = Ender | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/8/2009 8:10:28 PM | Computer Name = Ender | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/8/2009 8:10:28 PM | Computer Name = Ender | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/8/2009 8:10:28 PM | Computer Name = Ender | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/9/2009 6:26:13 PM | Computer Name = Ender | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

[ System Events ]
Error - 8/14/2008 4:27:17 AM | Computer Name = Ender | Source = Service Control Manager | ID = 7000
Description =

Error - 8/14/2008 4:27:34 AM | Computer Name = Ender | Source = Service Control Manager | ID = 7009
Description =

Error - 8/14/2008 4:27:34 AM | Computer Name = Ender | Source = Service Control Manager | ID = 7000
Description =

Error - 8/14/2008 4:30:07 AM | Computer Name = Ender | Source = Service Control Manager | ID = 7009
Description =

Error - 8/14/2008 4:30:07 AM | Computer Name = Ender | Source = Service Control Manager | ID = 7000
Description =

Error - 8/14/2008 4:30:25 AM | Computer Name = Ender | Source = Service Control Manager | ID = 7009
Description =

Error - 8/14/2008 4:30:25 AM | Computer Name = Ender | Source = Service Control Manager | ID = 7000
Description =

Error - 8/14/2008 4:52:26 AM | Computer Name = Ender | Source = HTTP | ID = 15016
Description =

Error - 8/14/2008 1:05:34 PM | Computer Name = Ender | Source = Service Control Manager | ID = 7000
Description =

Error - 8/14/2008 1:05:34 PM | Computer Name = Ender | Source = Service Control Manager | ID = 7000
Description =


< End of report >

OTListIt logfile created on: 4/29/2009 8:15:32 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Users\dunbarg\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 99.08% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.82 Gb Total Space | 52.26 Gb Free Space | 37.11% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 106.64 Gb Free Space | 71.55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ENDER
Current User Name: dunbarg
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe (Sony Electronics, Inc.)
PRC - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Users\dunbarg\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Windows\system32\PSIService.exe ()
PRC - C:\Windows\system32\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Windows\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Users\dunbarg\Downloads\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ASKService [Auto | Running]) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLTNetCnService [Auto | Stopped]) -- File not found
SRV - (DfSdkS [On_Demand | Stopped]) -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe (mst software GmbH, Germany)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (IviRegMgr [Auto | Running]) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (LBTServ [On_Demand | Stopped]) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (nmservice [Auto | Stopped]) -- File not found
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (ProtexisLicensing [Auto | Running]) -- C:\Windows\system32\PSIService.exe ()
SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (STacSV [Auto | Running]) -- C:\Windows\system32\stacsv.exe (IDT, Inc.)
SRV - (uCamMonitor [Auto | Running]) -- C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VAIO Event Service [Auto | Running]) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VcmIAlzMgr [On_Demand | Stopped]) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (Vcsw [On_Demand | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (vsmon [Auto | Running]) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (VzCdbSvc [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (XAudioService [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)

========== Driver Services (SafeList) ==========

DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (ArcSoftKsUFilter [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (aswFsBlk [Auto | Running]) -- C:\Windows\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt [Auto | Running]) -- C:\Windows\system32\DRIVERS\aswMonFlt.sys (ALWIL Software)
DRV - (aswRdr [System | Running]) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (btwaudio [On_Demand | Stopped]) -- C:\Windows\system32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwavdt [On_Demand | Stopped]) -- C:\Windows\system32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwl2cap [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\btwl2cap.sys (Broadcom Corporation.)
DRV - (btwrchid [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\btwrchid.sys (Broadcom Corporation.)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (DMICall [System | Running]) -- C:\Windows\system32\DRIVERS\DMICall.sys (Sony Corporation)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (HSFHWAZL [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (iaStor [Boot | Running]) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\system32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (LHidFilt [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (mdmxsdk [Auto | Running]) -- C:\Windows\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (NETw4v32 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\NETw4v32.sys (Intel Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (nvlddmkm [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (R5U870FLx86 [On_Demand | Running]) -- C:\Windows\System32\Drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86 [On_Demand | Running]) -- C:\Windows\System32\Drivers\R5U870FUx86.sys (Ricoh)
DRV - (regi [Auto | Running]) -- C:\Windows\system32\drivers\regi.sys (InterVideo)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SFEP [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\SFEP.sys (Sony Corporation)
DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (slim [On_Demand | Stopped]) -- C:\Windows\system32\drivers\slim.sys (Sony Corporation)
DRV - (STHDA [On_Demand | Running]) -- C:\Windows\system32\drivers\stwrt.sys (IDT, Inc.)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (ti21sony [On_Demand | Running]) -- C:\Windows\system32\drivers\ti21sony.sys (Texas Instruments)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (USBCCID [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\usbccid.sys (Microsoft Corporation)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (Vsdatant [System | Running]) -- C:\Windows\system32\DRIVERS\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (WimFltr [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\wimfltr.sys (Microsoft Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (XAudio [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.sys (Conexant Systems, Inc.)
DRV - (yukonwlh [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\yk60x86.sys (Marvell)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.9

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/24 16:33:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/24 16:33:18 | 00,000,000 | ---D | M]

[2009/04/13 16:09:01 | 00,000,000 | ---D | M] -- C:\Users\dunbarg\AppData\Roaming\mozilla\Extensions
[2009/04/13 16:09:01 | 00,000,000 | ---D | M] -- C:\Users\dunbarg\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/13 16:09:01 | 00,000,000 | ---D | M] -- C:\Users\dunbarg\AppData\Roaming\mozilla\Firefox\Profiles\f6r763d1.default\extensions
[2009/04/23 05:52:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/24 16:33:18 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/15 19:40:10 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2008/05/01 20:21:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/07/09 20:18:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/04/24 16:33:14 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/24 16:33:14 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 12:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 12:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 12:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 12:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 12:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 12:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 12:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start (Sony Corporation)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] Skytel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [VAIO Help and Support Demo] "C:\Program Files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" ()
O4 - HKLM..\Run: [VWLASU] "C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe" (Sony Electronics, Inc.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [BitTorrent DNA] "C:\Users\dunbarg\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent (Electronic Arts)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [Bluetooth Namespace] - C:\Windows\system32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - Reg Error: Key error. File not found
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\autoexec.bat () - [ NTFS ]
O33 - MountPoints2\{53a9ff0c-e899-11dc-b0cd-001a80b5f76b}\Shell - "" = AutoRun
O33 - MountPoints2\{53a9ff0c-e899-11dc-b0cd-001a80b5f76b}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c08a814c-e7c5-11dc-9500-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c08a814c-e7c5-11dc-9500-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
Drivers32: aux - C:\Windows\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\system32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\system32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\system32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\system32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\system32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\system32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\system32\VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\system32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.i420 - C:\Windows\system32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\system32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\system32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\system32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\system32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\Windows\system32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\Windows\system32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\system32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\system32\msacm32.drv (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2009/04/28 11:00:20 | 00,033,632 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\System32\DfSdkBt.exe
[2009/04/21 17:41:53 | 00,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/04/21 17:41:08 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/04/16 17:43:00 | 00,000,000 | ---D | C] -- C:\Users\dunbarg\Documents\Any Video Converter
[2009/04/16 17:42:55 | 00,000,853 | ---- | C] () -- C:\Users\dunbarg\Desktop\Any Video Converter.lnk
[2009/04/16 17:42:51 | 00,000,000 | ---D | C] -- C:\Users\dunbarg\AppData\Roaming\Any Video Converter
[2009/04/16 17:42:48 | 00,000,000 | ---D | C] -- C:\Program Files\Any Video Converter
[2009/04/16 17:06:19 | 00,000,000 | ---D | C] -- C:\Users\dunbarg\AppData\Roaming\Apple Computer
[2009/04/16 17:06:19 | 00,000,000 | ---D | C] -- C:\Users\dunbarg\AppData\Local\Apple Computer
[2009/04/16 17:06:15 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/16 17:06:10 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2009/04/16 17:05:43 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/16 17:05:42 | 00,000,000 | ---D | C] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/16 17:05:42 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/16 17:05:16 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/04/16 17:04:52 | 00,001,732 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/04/16 17:04:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/04/16 17:04:26 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/04/16 17:04:07 | 00,000,000 | ---D | C] -- C:\Users\dunbarg\AppData\Local\Apple
[2009/04/16 17:04:04 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/04/16 17:03:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2009/04/16 17:03:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple
[2009/04/16 16:56:41 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/04/15 21:24:21 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/04/15 21:24:19 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/04/15 21:24:19 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/04/15 21:24:10 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/04/15 21:24:09 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/04/15 21:24:09 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/04/15 21:24:07 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/04/15 21:24:06 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/04/15 21:24:06 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/04/15 21:24:06 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/04/15 21:24:06 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/04/15 21:24:06 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/04/15 21:24:05 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/04/15 21:24:02 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/04/15 21:24:01 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/04/15 21:24:00 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/04/15 21:24:00 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/04/15 21:24:00 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/04/15 21:23:54 | 03,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/04/15 21:23:52 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/04/15 21:23:50 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/04/15 21:23:49 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/04/15 21:23:49 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/04/15 21:23:48 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/04/15 21:23:48 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/04/15 21:23:46 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/04/15 21:23:46 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/04/15 21:23:46 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/04/15 21:23:46 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/04/15 21:23:45 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/04/15 21:23:44 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/04/15 21:23:43 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/04/15 21:23:42 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/04/15 19:40:49 | 00,000,000 | ---D | C] -- C:\Users\dunbarg\AppData\Roaming\Skype
[2009/04/15 19:40:11 | 00,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2009/04/15 19:40:10 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009/04/15 19:40:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Skype
[2009/04/13 16:08:54 | 00,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/04 15:31:05 | 00,001,819 | ---- | C] () -- C:\Users\Public\Desktop\1-Click-Optimizer.lnk
[2009/04/04 15:31:05 | 00,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 6.lnk
[2009/04/04 15:31:04 | 00,039,776 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\System32\DfSdkBt64.exe
[2009/04/04 15:30:50 | 00,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2009/04/02 14:12:02 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/04/02 11:30:36 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/04/02 11:30:14 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2009/04/02 11:30:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2009/04/02 11:29:24 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2009/04/02 11:28:46 | 00,350,192 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2009/04/02 11:28:46 | 00,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs
[2008/03/15 17:48:13 | 00,002,672 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/03/15 17:48:13 | 00,000,088 | RHS- | C] () -- C:\Windows\System32\9362E34BF3.sys
[2008/01/08 00:41:30 | 00,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2008/01/08 00:40:15 | 00,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2007/11/30 12:09:29 | 00,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2007/11/29 12:50:06 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/08/28 20:03:14 | 00,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007/03/26 09:45:18 | 00,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2007/02/20 13:59:08 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007/02/20 13:59:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007/02/20 13:59:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007/02/20 13:59:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007/02/20 13:59:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007/02/20 13:59:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007/02/20 13:59:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007/02/20 13:59:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/02/20 13:59:04 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2006/11/02 06:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 04:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 01:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/11/14 15:56:00 | 01,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== Files - Modified Within 30 Days ==========

[2009/04/29 08:13:44 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/04/29 08:13:44 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/04/29 08:13:44 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/04/29 08:05:40 | 00,027,525 | ---- | M] () -- C:\Users\dunbarg\AppData\Roaming\nvModes.001
[2009/04/29 08:05:35 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/04/29 08:05:24 | 00,350,192 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2009/04/29 08:05:23 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/04/29 08:05:23 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/04/29 08:05:18 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/04/29 08:05:14 | 32,195,78880 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/28 18:23:43 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/04/28 18:23:36 | 03,594,222 | -H-- | M] () -- C:\Users\dunbarg\AppData\Local\IconCache.db
[2009/04/28 18:23:30 | 00,027,525 | ---- | M] () -- C:\Users\dunbarg\AppData\Roaming\nvModes.dat
[2009/04/28 11:00:23 | 00,001,819 | ---- | M] () -- C:\Users\Public\Desktop\1-Click-Optimizer.lnk
[2009/04/28 11:00:23 | 00,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 6.lnk
[2009/04/27 11:01:56 | 00,020,480 | ---- | M] () -- C:\Users\dunbarg\Documents\PASS2.docx
[2009/04/26 19:15:34 | 00,000,924 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2009/04/21 17:41:53 | 00,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/04/20 17:29:02 | 00,059,392 | ---- | M] () -- C:\Users\dunbarg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/16 17:42:55 | 00,000,853 | ---- | M] () -- C:\Users\dunbarg\Desktop\Any Video Converter.lnk
[2009/04/16 17:06:15 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/16 17:04:52 | 00,001,732 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/04/16 16:56:41 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/04/15 19:40:11 | 00,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2009/04/13 16:08:54 | 00,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/06 08:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe

========== LOP Check ==========

[2009/04/29 08:05:35 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/04/28 18:23:43 | 00,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

#4 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:05:22 PM

Posted 30 April 2009 - 01:21 PM

Hi chernobylgoo

A few things for you to do:

Step 1
I see you have the 'ZoneAlarm Spy Blocker Toolbar' installed.
This is bundled along with ZoneAlarm, but isn't needed for Zone Alarm to run.
This program is classed as 'open to debate'...... we normally suggest this toolbar is not installed.
My recommendation is that it's uninstalled.

This is also in your add/remove folder:
Norton 360
This program is no longer needed, so i suggest you remove it.

Step 2
Double click on OTListIt2.exe to run it.
Copy the lines in the codebox below.
:otli
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Reg Error: Key error. File not found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - Reg Error: Key error. File not found
O33 - MountPoints2\{53a9ff0c-e899-11dc-b0cd-001a80b5f76b}\Shell - "" = AutoRun
O33 - MountPoints2\{53a9ff0c-e899-11dc-b0cd-001a80b5f76b}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c08a814c-e7c5-11dc-9500-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c08a814c-e7c5-11dc-9500-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found

:commands
[emptytemp]
[purity]
[start explorer]
  • Return to OTListIt2,
  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

    Posted Image
  • Click the red Run Fix button.
  • If OTListIt prompts for permission to reboot the computer, allow it to do so.
  • After the reboot, you may need to double click OTListIt2 to launch the program and retrieve the log.
Copy and paste the contents of the OTListIt2 log in your next reply.

Step 3
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 13 and save it to your desktop.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6u13...allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Read the License Agreement and then check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u13-windows-i586-p.exe to install the newest version.
Step 4
Please do an online scan with Kaspersky WebScanner.
Notes
Java must be installed and enabled for the scan to work.
Disable your computer's antivirus program as leaving it active will cause conflicts
  • Close ALL programs and windows except for your browser
    Please go to Online Kaspersky Scan and perform an online antivirus scan.
  • Read through the Requirements and limitations statement and click on the Accept button.
  • You will be prompted to install an application from Kaspersky. Click the Run button. It will start downloading and installing the scanner and virus definitions.
  • When the downloads have finished, the scrolling window will show 'Database is updated. Ready to scan'. Click on the Settings button at the bottom left.
  • Make sure these boxes are checked/ticked. If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail databases
  • Click on My Computer under Scan on the left. OK any warnings from your protection programs.
  • Go for a long walk. Please be patient and let the scanner finish. It is better that you do NOT use the computer while the scan is running. Keep all other programs/windows closed.
  • Once the scan is complete (the 'status' will show complete), click on View Scan Report and any infected objects will be shown.
  • Click on Save Report As... and change the Files of type to Text file (.txt)
  • Name the file KAVScan-ddmmyy before clicking on the Save button. Save the report to a convenient place - for example the Desktop.
  • Please post this log in your next reply.
Note - enable your antivirus program before browsing away from the Kaspersky site.

Go to the Desktop and double-click on the Kaspersky report KAVScan-ddmmyy.txt, it will open in Notepad
Click Edit > Select all then Edit > Copy
Reply to this thread and paste (Ctrl+V) the report.

In your next reply, please submit:
OTLI2 report
Kaspersky scan report


Thanks.

BBPP6nz.png


#5 chernobylgoo

chernobylgoo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 09 May 2009 - 03:35 AM

Ok did everything you recommended but still having the problem. The reports you wanted are attached.

Attached Files



#6 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:05:22 PM

Posted 09 May 2009 - 04:34 AM

Hi chernobylgoo

Let's see what this throws up:

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with the running of ComboFix.
    For more information read:
    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

    Then:
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    If running Vista, you may not see this screen
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Thanks

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users