Rdirected Here from "Am I Infected"

DDS (Ver_09-12-01.01) - NTFSx86
Run by SONY VAIO at 11:18:46.09 on Fri 01/08/2010
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.496 [GMT -8:00]

AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\SONY VAIO\Desktop\Downloads\dds.scr
C:\Program Files\Messenger\msmsgs.exe

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = hxxp://www.sony.com/vaiopeople
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: CNavExtBho Class: {bdf3e430-b101-42ad-a544-fadc6b084872} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: Norton Internet Security: {0b53eac3-8d69-4b9e-9b19-a37c9a5676a7} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
TB: Norton AntiVirus: {42cdd1bf-3ffb-4238-8ad1-7859df00b1d6} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxsrvc.dll
Notify: LMIinit - LMIinit.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sonyva~1\applic~1\mozilla\firefox\profiles\yabf2xru.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - GOOGLE.COM
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJPI150.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-12-16 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-12-16 74480]
R1 SAVRTPEL;SAVRTPEL;c:\program files\norton internet security\norton antivirus\SAVRTPEL.SYS [2004-7-23 50312]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2004-8-27 198248]
R2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\CCPROXY.EXE [2004-8-27 235168]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2004-8-27 181864]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-5-23 47640]
R2 LxrSII1d;Secure II Driver;c:\windows\system32\drivers\LxrSII1d.sys [2008-2-26 72672]
R2 navapsvc;Norton AntiVirus Auto-Protect Service;c:\program files\norton internet security\norton antivirus\NAVAPSVC.EXE [2004-8-30 177264]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20070517.073\NAVENG.Sys [2007-5-18 77688]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20070517.073\NavEx15.Sys [2007-5-18 852824]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-12-16 7408]
R3 SAVRT;SAVRT;c:\program files\norton internet security\norton antivirus\SAVRT.SYS [2004-7-23 338056]
R3 USBFVNETR;NETGEAR MA101 USB Adapter;c:\windows\system32\drivers\ma101rndxp.sys [2009-5-23 76160]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S2 SBService;ScriptBlocking Service;c:\progra~1\common~1\symant~1\script~1\SBServ.exe [2004-8-30 67184]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\CCPWDSVC.EXE [2004-8-27 79464]
S3 SAVScan;SAVScan;c:\program files\norton internet security\norton antivirus\SAVSCAN.EXE [2004-7-23 198368]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]

=============== Created Last 30 ================

2010-01-08 06:39:32 0 d-----w- c:\program files\HotHotSoftware
2010-01-02 01:47:57 0 d-----w- c:\program files\Cobian Backup 9
2009-12-28 02:57:12 0 d-----w- c:\program files\ESET
2009-12-28 00:27:58 83748 -c--a-w- c:\windows\system32\dllcache\prcp.nls
2009-12-26 19:21:50 0 d-----w- c:\windows\pss
2009-12-21 05:33:26 0 d-----w- c:\program files\GameSpy Arcade
2009-12-21 05:14:22 0 d-----w- c:\program files\Elaborate Bytes
2009-12-21 01:26:17 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-12-21 01:26:06 0 d-----w- c:\program files\SUPERAntiSpyware
2009-12-21 01:26:06 0 d-----w- c:\docume~1\sonyva~1\applic~1\SUPERAntiSpyware.com
2009-12-21 01:25:42 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-12-21 01:19:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-21 01:17:48 0 d-----w- c:\docume~1\alluse~1\applic~1\DAEMON Tools Pro
2009-12-21 01:17:47 0 d-----w- c:\docume~1\sonyva~1\applic~1\DAEMON Tools Pro
2009-12-21 00:11:55 0 d-----w- c:\docume~1\sonyva~1\applic~1\Malwarebytes
2009-12-21 00:11:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-21 00:11:48 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-21 00:11:48 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-21 00:11:48 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-12-20 23:37:28 0 d-----w- C:\Westwood
2009-12-12 22:12:48 0 d-----w- c:\program files\WindSolutions
2009-12-12 22:12:45 0 d-----w- c:\docume~1\sonyva~1\applic~1\WindSolutions
2009-12-12 22:12:45 0 d-----w- c:\docume~1\alluse~1\applic~1\WindSolutions

==================== Find3M ====================

2010-01-07 17:47:34 95360 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-03 04:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 07:46:59 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:46:52 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:46:50 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-21 06:00:55 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:00:55 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-13 10:53:29 266752 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:54:17 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:54:17 112128 ----a-w- c:\windows\system32\rastls.dll
2007-06-27 07:08:02 3416064 ----a-w- c:\program files\Microsoft Money.mny

============= FINISH: 11:20:57.54 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 11/13/2006 2:34:02 PM
System Uptime: 1/8/2010 10:08:55 AM (1 hours ago)

Motherboard: Intel Corporation | | D915GRO
Processor: Intel® Pentium® 4 CPU 3.00GHz | J2E1 | 3000/200mhz
Processor: Intel® Pentium® 4 CPU 3.00GHz | J2E1 | 3000/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 181 GiB total, 136.171 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_1064&SUBSYS_81A1104D&REV_03\4&23C0B1C&0&40F0
Manufacturer: Intel
Name: Intel® PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_1064&SUBSYS_81A1104D&REV_03\4&23C0B1C&0&40F0
Service: E100B

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&2D2D400&0
Manufacturer: (Standard keyboards)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&2D2D400&0
Service: i8042prt

==== System Restore Points ===================

RP551: 10/10/2009 12:07:08 PM - System Checkpoint
RP552: 10/12/2009 12:43:19 AM - System Checkpoint
RP553: 10/12/2009 2:03:09 PM - Software Distribution Service 3.0
RP554: 10/13/2009 2:39:14 PM - System Checkpoint
RP555: 10/14/2009 7:54:08 PM - System Checkpoint
RP556: 10/15/2009 1:01:05 AM - Software Distribution Service 3.0
RP557: 10/15/2009 1:21:40 PM - Software Distribution Service 3.0
RP558: 10/16/2009 1:46:10 PM - System Checkpoint
RP559: 10/17/2009 3:54:46 PM - System Checkpoint
RP560: 10/18/2009 5:01:53 PM - System Checkpoint
RP561: 10/19/2009 7:08:21 AM - Software Distribution Service 3.0
RP562: 10/20/2009 7:14:56 AM - System Checkpoint
RP563: 10/21/2009 9:15:58 AM - System Checkpoint
RP564: 10/22/2009 9:11:38 AM - Software Distribution Service 3.0
RP565: 10/23/2009 11:47:46 AM - System Checkpoint
RP566: 10/24/2009 4:12:17 PM - System Checkpoint
RP567: 10/25/2009 5:49:56 PM - System Checkpoint
RP568: 10/26/2009 1:16:59 PM - Software Distribution Service 3.0
RP569: 10/27/2009 1:29:20 PM - System Checkpoint
RP570: 10/28/2009 3:46:38 PM - System Checkpoint
RP571: 10/29/2009 8:12:03 AM - Software Distribution Service 3.0
RP572: 10/30/2009 10:33:02 AM - System Checkpoint
RP573: 10/31/2009 11:20:07 AM - System Checkpoint
RP574: 11/1/2009 12:40:44 PM - System Checkpoint
RP575: 11/2/2009 10:19:48 PM - System Checkpoint
RP576: 11/3/2009 2:48:16 PM - Software Distribution Service 3.0
RP577: 11/4/2009 2:27:22 AM - Software Distribution Service 3.0
RP578: 11/5/2009 4:43:56 PM - System Checkpoint
RP579: 11/6/2009 5:11:06 PM - System Checkpoint
RP580: 11/7/2009 2:32:54 AM - Software Distribution Service 3.0
RP581: 11/8/2009 2:44:48 AM - System Checkpoint
RP582: 11/9/2009 12:02:17 PM - System Checkpoint
RP583: 11/9/2009 4:02:59 PM - Software Distribution Service 3.0
RP584: 11/10/2009 5:07:12 PM - System Checkpoint
RP585: 11/11/2009 6:12:29 PM - System Checkpoint
RP586: 11/12/2009 3:00:19 AM - Software Distribution Service 3.0
RP587: 11/12/2009 9:25:36 AM - Software Distribution Service 3.0
RP588: 11/13/2009 2:26:38 PM - System Checkpoint
RP589: 11/14/2009 3:39:51 PM - System Checkpoint
RP590: 11/15/2009 3:48:48 PM - System Checkpoint
RP591: 11/17/2009 9:15:55 AM - Software Distribution Service 3.0
RP592: 11/18/2009 8:29:48 PM - System Checkpoint
RP593: 11/19/2009 8:06:30 AM - Software Distribution Service 3.0
RP594: 11/20/2009 1:07:07 PM - System Checkpoint
RP595: 11/21/2009 1:59:29 PM - System Checkpoint
RP596: 11/22/2009 2:52:37 PM - System Checkpoint
RP597: 11/23/2009 3:27:03 PM - System Checkpoint
RP598: 11/23/2009 7:48:25 PM - Software Distribution Service 3.0
RP599: 11/25/2009 12:02:43 AM - Software Distribution Service 3.0
RP600: 11/26/2009 12:20:31 AM - System Checkpoint
RP601: 11/26/2009 10:32:25 AM - Software Distribution Service 3.0
RP602: 11/27/2009 10:45:46 AM - System Checkpoint
RP603: 11/28/2009 11:13:37 AM - System Checkpoint
RP604: 11/29/2009 2:51:11 PM - System Checkpoint
RP605: 11/30/2009 5:06:38 PM - System Checkpoint
RP606: 11/30/2009 11:12:44 PM - Software Distribution Service 3.0
RP607: 12/2/2009 1:45:13 AM - System Checkpoint
RP608: 12/3/2009 8:43:53 AM - Software Distribution Service 3.0
RP609: 12/4/2009 8:22:26 PM - System Checkpoint
RP610: 12/5/2009 8:27:17 PM - System Checkpoint
RP611: 12/6/2009 11:49:27 PM - Installed QuickTime
RP612: 12/7/2009 7:36:55 PM - Software Distribution Service 3.0
RP613: 12/8/2009 8:08:00 PM - System Checkpoint
RP614: 12/9/2009 6:03:21 AM - Software Distribution Service 3.0
RP615: 12/10/2009 11:27:08 AM - System Checkpoint
RP616: 12/10/2009 12:47:49 PM - Software Distribution Service 3.0
RP617: 12/11/2009 12:53:06 PM - System Checkpoint
RP618: 12/12/2009 1:07:51 PM - System Checkpoint
RP619: 12/13/2009 1:48:39 PM - System Checkpoint
RP620: 12/14/2009 7:38:51 AM - Software Distribution Service 3.0
RP621: 12/15/2009 11:03:44 AM - System Checkpoint
RP622: 12/16/2009 3:09:57 PM - System Checkpoint
RP623: 12/17/2009 10:40:59 AM - Software Distribution Service 3.0
RP624: 12/18/2009 1:11:10 PM - System Checkpoint
RP625: 12/19/2009 1:12:20 PM - System Checkpoint
RP626: 12/20/2009 2:26:21 PM - System Checkpoint
RP627: 12/20/2009 4:08:49 PM - Windows Defender Checkpoint
RP628: 12/20/2009 5:19:03 PM - SPTD setup V1.62
RP629: 12/20/2009 5:26:05 PM - Installed SUPERAntiSpyware Free Edition
RP630: 12/20/2009 6:15:14 PM - SPTD setup V1.62
RP631: 12/21/2009 12:32:48 PM - Software Distribution Service 3.0
RP632: 12/22/2009 5:22:36 PM - System Checkpoint
RP633: 12/23/2009 7:02:33 PM - System Checkpoint
RP634: 12/24/2009 10:51:58 AM - Software Distribution Service 3.0
RP635: 12/25/2009 12:53:05 PM - System Checkpoint
RP636: 12/25/2009 11:54:22 PM - Uninstall Guardian Software
RP637: 12/27/2009 9:21:14 PM - System Checkpoint
RP638: 12/28/2009 12:13:12 PM - Software Distribution Service 3.0
RP639: 12/29/2009 12:24:13 PM - Software Distribution Service 3.0
RP640: 12/30/2009 1:29:33 PM - System Checkpoint
RP641: 12/31/2009 11:07:31 AM - Software Distribution Service 3.0
RP642: 1/1/2010 2:08:35 PM - System Checkpoint
RP643: 1/2/2010 8:44:18 PM - System Checkpoint
RP644: 1/4/2010 7:30:24 AM - Software Distribution Service 3.0
RP645: 1/5/2010 1:01:20 PM - System Checkpoint
RP646: 1/7/2010 9:49:30 AM - System Checkpoint
RP647: 1/7/2010 9:50:51 PM - Software Distribution Service 3.0

==== Installed Programs ======================

AAC Decoder
AC3Filter 1.61b
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 8 Standard
Adobe Acrobat 8.1.1 Standard
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 6.0.1
Adobe Shockwave Player 11.5
Agere Systems PCI Soft Modem
Apple Application Support
Apple Software Update
Art Explosion Publisher Pro 2.0
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AutoUpdate
BitTorrent
Camtasia Studio 6
CC_ccProxyExt
ccCommon
ccPxyCore
Cheat Engine 5.5
Click to DVD 2.0.02 Menu Data
Click to DVD 2.2.10
Cobian Backup 9
Command & Conquer Renegade
Compatibility Pack for the 2007 Office system
CONNECT
Define Multiple Words and get Multiple Word Definitions Softwar
DivX Codec
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DNA
DVgate Plus
ESET Online Scanner v3
FLV Player 2.0 (build 25)
GameSpy Arcade
H.264 Decoder
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Adapters and Drivers
InterVideo WinDVD 5 for VAIO
InterVideo WinDVDX
ISScript
J2SE Runtime Environment 5.0
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Lizardtech DjVu Control
MA101 USB Adapter Configuration Utility
Malwarebytes' Anti-Malware
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft Web Publishing Wizard 1.53
mIRC
MKV Splitter
MoodLogic
Mozilla Firefox (3.0.17)
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB973686)
Nero - Burning Rom
Nero 8 Lite
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton WMI Update
NVIDIA Drivers
OpenMG Limited Patch 4.0-04-08-02-01
OpenMG Secure Module 4.0.00
PictureGear Studio 2.0
PyRuntimeUninstall
QuickTime
Realtek High Definition Audio Driver
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Skypeâ„¢ 4.1
Sonic RecordNow!
SonicStage 2.1.02
SonicStage Mastering Studio Audio Filter Custom Preset
Sony Certificate PCH
Sony Video Shared Library
Sothink SWF Decompiler
SPBBC
Sun Download Manager 2.0 (web)
SUPERAntiSpyware Free Edition
SupportSoft Assisted Service
Symantec Network Drivers Update
Symantec Script Blocking Installer
SymNet
TightVNC 1.3.10
TortoiseSVN 1.6.2.16344 (32 bit)
Uninstall Gormball
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VAIO Control Center
VAIO Entertainment Platform
VAIO Help and Support
VAIO Media 3.1
VAIO Media Integrated Server 3.1
VAIO Media Redistribution 3.1
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Scene HD Normal Contents
VAIO Structure Wallpaper
VAIO Survey Standalone
VC80CRTRedist - 8.0.50727.762
VirtualCloneDrive
VuePrint
WebFldrs XP
Westwood Shared Internet Components
Windows Defender
Windows Driver Package - eMPIA Technology (DCamUSBET) Image (09/11/2007 2.7.0911.0)
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (04/27/2007 5.7.0427.0)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB884018
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver

==== Event Viewer Messages From Past Week ========

1/3/2010 11:40:25 AM, error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
1/3/2010 11:40:20 AM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
1/3/2010 11:40:20 AM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.

==== End Of File ===========================

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2010/01/08 11:25
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================

Drivers
-------------------
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xBA079000 Size: 49152 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 031 Function Name: NtConnectPort
Status: Hooked by "" at address 0x870f4920

#: 122 Function Name: NtOpenProcess
Status: Hooked by "" at address 0x8711a6c0

#: 128 Function Name: NtOpenThread
Status: Hooked by "" at address 0x870d88f8

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys" at address 0xebcbd0b0

Stealth Objects
-------------------
Object: Hidden Handle [Index: 800, Type: Key]
Process: SPBBCSvc.exe (PID: 1848) Address: 0xe18fdb38 Size: -

Object: Hidden Handle [Index: 856, Type: Key]
Process: SPBBCSvc.exe (PID: 1848) Address: 0xe159a370 Size: -

Object: Hidden Handle [Index: 872, Type: Key]
Process: SPBBCSvc.exe (PID: 1848) Address: 0xe32ab8c8 Size: -

Object: Hidden Handle [Index: 876, Type: Key]
Process: SPBBCSvc.exe (PID: 1848) Address: 0xe47a3830 Size: -

Object: Hidden Handle [Index: 884, Type: Section]
Process: SPBBCSvc.exe (PID: 1848) Address: 0xe4960848 Size: -

Object: Hidden Handle [Index: 888, Type: File]
Process: SPBBCSvc.exe (PID: 1848) Address: 0x8716a028 Size: -

==EOF==

DDS (Ver_09-12-01.01) - NTFSx86
Run by SONY VAIO at 9:41:06.76 on Sat 01/16/2010
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.317 [GMT -8:00]

AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\SONY VAIO\Desktop\Downloads\dds(2).scr

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = hxxp://www.sony.com/vaiopeople
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: CNavExtBho Class: {bdf3e430-b101-42ad-a544-fadc6b084872} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: Norton Internet Security: {0b53eac3-8d69-4b9e-9b19-a37c9a5676a7} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
TB: Norton AntiVirus: {42cdd1bf-3ffb-4238-8ad1-7859df00b1d6} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxsrvc.dll
Notify: LMIinit - LMIinit.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sonyva~1\applic~1\mozilla\firefox\profiles\yabf2xru.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - YouTube Video Search
FF - prefs.js: browser.startup.homepage - GOOGLE.COM
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJPI150.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-12-16 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-12-16 74480]
R1 SAVRTPEL;SAVRTPEL;c:\program files\norton internet security\norton antivirus\SAVRTPEL.SYS [2004-7-23 50312]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2004-8-27 198248]
R2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\CCPROXY.EXE [2004-8-27 235168]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2004-8-27 181864]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-5-23 47640]
R2 LxrSII1d;Secure II Driver;c:\windows\system32\drivers\LxrSII1d.sys [2008-2-26 72672]
R2 navapsvc;Norton AntiVirus Auto-Protect Service;c:\program files\norton internet security\norton antivirus\NAVAPSVC.EXE [2004-8-30 177264]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20070517.073\NAVENG.Sys [2007-5-18 77688]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20070517.073\NavEx15.Sys [2007-5-18 852824]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-12-16 7408]
R3 SAVRT;SAVRT;c:\program files\norton internet security\norton antivirus\SAVRT.SYS [2004-7-23 338056]
R3 USBFVNETR;NETGEAR MA101 USB Adapter;c:\windows\system32\drivers\ma101rndxp.sys [2009-5-23 76160]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S2 SBService;ScriptBlocking Service;c:\progra~1\common~1\symant~1\script~1\SBServ.exe [2004-8-30 67184]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\CCPWDSVC.EXE [2004-8-27 79464]
S3 SAVScan;SAVScan;c:\program files\norton internet security\norton antivirus\SAVSCAN.EXE [2004-7-23 198368]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]

=============== Created Last 30 ================

2010-01-13 07:24:08 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-08 06:39:32 0 d-----w- c:\program files\HotHotSoftware
2010-01-02 01:47:57 0 d-----w- c:\program files\Cobian Backup 9
2009-12-28 02:57:12 0 d-----w- c:\program files\ESET
2009-12-28 00:27:58 83748 -c--a-w- c:\windows\system32\dllcache\prcp.nls
2009-12-26 19:21:50 0 d-----w- c:\windows\pss
2009-12-21 05:33:26 0 d-----w- c:\program files\GameSpy Arcade
2009-12-21 05:14:22 0 d-----w- c:\program files\Elaborate Bytes
2009-12-21 01:26:17 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-12-21 01:26:06 0 d-----w- c:\program files\SUPERAntiSpyware
2009-12-21 01:26:06 0 d-----w- c:\docume~1\sonyva~1\applic~1\SUPERAntiSpyware.com
2009-12-21 01:25:42 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-12-21 01:19:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-21 01:17:48 0 d-----w- c:\docume~1\alluse~1\applic~1\DAEMON Tools Pro
2009-12-21 01:17:47 0 d-----w- c:\docume~1\sonyva~1\applic~1\DAEMON Tools Pro
2009-12-21 00:11:55 0 d-----w- c:\docume~1\sonyva~1\applic~1\Malwarebytes
2009-12-21 00:11:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-21 00:11:48 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-21 00:11:48 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-21 00:11:48 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-12-20 23:37:28 0 d-----w- C:\Westwood

==================== Find3M ====================

2010-01-15 05:27:42 95360 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-03 04:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 07:46:59 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:46:52 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:46:50 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-21 06:00:55 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:00:55 25088 ----a-w- c:\windows\system32\httpapi.dll
2007-06-27 07:08:02 3416064 ----a-w- c:\program files\Microsoft Money.mny

============= FINISH: 9:43:24.18 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 11/13/2006 2:34:02 PM
System Uptime: 1/15/2010 2:28:35 PM (19 hours ago)

Motherboard: Intel Corporation | | D915GRO
Processor: Intel® Pentium® 4 CPU 3.00GHz | J2E1 | 3000/200mhz
Processor: Intel® Pentium® 4 CPU 3.00GHz | J2E1 | 3000/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 181 GiB total, 134.597 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_1064&SUBSYS_81A1104D&REV_03\4&23C0B1C&0&40F0
Manufacturer: Intel
Name: Intel® PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_1064&SUBSYS_81A1104D&REV_03\4&23C0B1C&0&40F0
Service: E100B

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&2D2D400&0
Manufacturer: (Standard keyboards)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&2D2D400&0
Service: i8042prt

==== System Restore Points ===================

RP560: 10/18/2009 5:01:53 PM - System Checkpoint
RP561: 10/19/2009 7:08:21 AM - Software Distribution Service 3.0
RP562: 10/20/2009 7:14:56 AM - System Checkpoint
RP563: 10/21/2009 9:15:58 AM - System Checkpoint
RP564: 10/22/2009 9:11:38 AM - Software Distribution Service 3.0
RP565: 10/23/2009 11:47:46 AM - System Checkpoint
RP566: 10/24/2009 4:12:17 PM - System Checkpoint
RP567: 10/25/2009 5:49:56 PM - System Checkpoint
RP568: 10/26/2009 1:16:59 PM - Software Distribution Service 3.0
RP569: 10/27/2009 1:29:20 PM - System Checkpoint
RP570: 10/28/2009 3:46:38 PM - System Checkpoint
RP571: 10/29/2009 8:12:03 AM - Software Distribution Service 3.0
RP572: 10/30/2009 10:33:02 AM - System Checkpoint
RP573: 10/31/2009 11:20:07 AM - System Checkpoint
RP574: 11/1/2009 12:40:44 PM - System Checkpoint
RP575: 11/2/2009 10:19:48 PM - System Checkpoint
RP576: 11/3/2009 2:48:16 PM - Software Distribution Service 3.0
RP577: 11/4/2009 2:27:22 AM - Software Distribution Service 3.0
RP578: 11/5/2009 4:43:56 PM - System Checkpoint
RP579: 11/6/2009 5:11:06 PM - System Checkpoint
RP580: 11/7/2009 2:32:54 AM - Software Distribution Service 3.0
RP581: 11/8/2009 2:44:48 AM - System Checkpoint
RP582: 11/9/2009 12:02:17 PM - System Checkpoint
RP583: 11/9/2009 4:02:59 PM - Software Distribution Service 3.0
RP584: 11/10/2009 5:07:12 PM - System Checkpoint
RP585: 11/11/2009 6:12:29 PM - System Checkpoint
RP586: 11/12/2009 3:00:19 AM - Software Distribution Service 3.0
RP587: 11/12/2009 9:25:36 AM - Software Distribution Service 3.0
RP588: 11/13/2009 2:26:38 PM - System Checkpoint
RP589: 11/14/2009 3:39:51 PM - System Checkpoint
RP590: 11/15/2009 3:48:48 PM - System Checkpoint
RP591: 11/17/2009 9:15:55 AM - Software Distribution Service 3.0
RP592: 11/18/2009 8:29:48 PM - System Checkpoint
RP593: 11/19/2009 8:06:30 AM - Software Distribution Service 3.0
RP594: 11/20/2009 1:07:07 PM - System Checkpoint
RP595: 11/21/2009 1:59:29 PM - System Checkpoint
RP596: 11/22/2009 2:52:37 PM - System Checkpoint
RP597: 11/23/2009 3:27:03 PM - System Checkpoint
RP598: 11/23/2009 7:48:25 PM - Software Distribution Service 3.0
RP599: 11/25/2009 12:02:43 AM - Software Distribution Service 3.0
RP600: 11/26/2009 12:20:31 AM - System Checkpoint
RP601: 11/26/2009 10:32:25 AM - Software Distribution Service 3.0
RP602: 11/27/2009 10:45:46 AM - System Checkpoint
RP603: 11/28/2009 11:13:37 AM - System Checkpoint
RP604: 11/29/2009 2:51:11 PM - System Checkpoint
RP605: 11/30/2009 5:06:38 PM - System Checkpoint
RP606: 11/30/2009 11:12:44 PM - Software Distribution Service 3.0
RP607: 12/2/2009 1:45:13 AM - System Checkpoint
RP608: 12/3/2009 8:43:53 AM - Software Distribution Service 3.0
RP609: 12/4/2009 8:22:26 PM - System Checkpoint
RP610: 12/5/2009 8:27:17 PM - System Checkpoint
RP611: 12/6/2009 11:49:27 PM - Installed QuickTime
RP612: 12/7/2009 7:36:55 PM - Software Distribution Service 3.0
RP613: 12/8/2009 8:08:00 PM - System Checkpoint
RP614: 12/9/2009 6:03:21 AM - Software Distribution Service 3.0
RP615: 12/10/2009 11:27:08 AM - System Checkpoint
RP616: 12/10/2009 12:47:49 PM - Software Distribution Service 3.0
RP617: 12/11/2009 12:53:06 PM - System Checkpoint
RP618: 12/12/2009 1:07:51 PM - System Checkpoint
RP619: 12/13/2009 1:48:39 PM - System Checkpoint
RP620: 12/14/2009 7:38:51 AM - Software Distribution Service 3.0
RP621: 12/15/2009 11:03:44 AM - System Checkpoint
RP622: 12/16/2009 3:09:57 PM - System Checkpoint
RP623: 12/17/2009 10:40:59 AM - Software Distribution Service 3.0
RP624: 12/18/2009 1:11:10 PM - System Checkpoint
RP625: 12/19/2009 1:12:20 PM - System Checkpoint
RP626: 12/20/2009 2:26:21 PM - System Checkpoint
RP627: 12/20/2009 4:08:49 PM - Windows Defender Checkpoint
RP628: 12/20/2009 5:19:03 PM - SPTD setup V1.62
RP629: 12/20/2009 5:26:05 PM - Installed SUPERAntiSpyware Free Edition
RP630: 12/20/2009 6:15:14 PM - SPTD setup V1.62
RP631: 12/21/2009 12:32:48 PM - Software Distribution Service 3.0
RP632: 12/22/2009 5:22:36 PM - System Checkpoint
RP633: 12/23/2009 7:02:33 PM - System Checkpoint
RP634: 12/24/2009 10:51:58 AM - Software Distribution Service 3.0
RP635: 12/25/2009 12:53:05 PM - System Checkpoint
RP636: 12/25/2009 11:54:22 PM - Uninstall Guardian Software
RP637: 12/27/2009 9:21:14 PM - System Checkpoint
RP638: 12/28/2009 12:13:12 PM - Software Distribution Service 3.0
RP639: 12/29/2009 12:24:13 PM - Software Distribution Service 3.0
RP640: 12/30/2009 1:29:33 PM - System Checkpoint
RP641: 12/31/2009 11:07:31 AM - Software Distribution Service 3.0
RP642: 1/1/2010 2:08:35 PM - System Checkpoint
RP643: 1/2/2010 8:44:18 PM - System Checkpoint
RP644: 1/4/2010 7:30:24 AM - Software Distribution Service 3.0
RP645: 1/5/2010 1:01:20 PM - System Checkpoint
RP646: 1/7/2010 9:49:30 AM - System Checkpoint
RP647: 1/7/2010 9:50:51 PM - Software Distribution Service 3.0
RP648: 1/9/2010 10:40:43 AM - System Checkpoint
RP649: 1/10/2010 12:20:10 PM - System Checkpoint
RP650: 1/11/2010 9:30:03 AM - Software Distribution Service 3.0
RP651: 1/13/2010 7:21:46 AM - Software Distribution Service 3.0
RP652: 1/14/2010 9:12:29 PM - Software Distribution Service 3.0
RP653: 1/16/2010 8:14:08 AM - System Checkpoint

==== Installed Programs ======================

AAC Decoder
AC3Filter 1.61b
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 8 Standard
Adobe Acrobat 8.1.1 Standard
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 6.0.1
Adobe Shockwave Player 11.5
Agere Systems PCI Soft Modem
Apple Application Support
Apple Software Update
Art Explosion Publisher Pro 2.0
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AutoUpdate
BitTorrent
Camtasia Studio 6
CC_ccProxyExt
ccCommon
ccPxyCore
Cheat Engine 5.5
Click to DVD 2.0.02 Menu Data
Click to DVD 2.2.10
Cobian Backup 9
Command & Conquer Renegade
Compatibility Pack for the 2007 Office system
CONNECT
DivX Codec
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DNA
DVgate Plus
ESET Online Scanner v3
FLV Player 2.0 (build 25)
GameSpy Arcade
H.264 Decoder
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Adapters and Drivers
InterVideo WinDVD 5 for VAIO
InterVideo WinDVDX
ISScript
J2SE Runtime Environment 5.0
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Lizardtech DjVu Control
MA101 USB Adapter Configuration Utility
Malwarebytes' Anti-Malware
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft Web Publishing Wizard 1.53
mIRC
MKV Splitter
MoodLogic
Mozilla Firefox (3.0.17)
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB973686)
Nero - Burning Rom
Nero 8 Lite
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton WMI Update
NVIDIA Drivers
OpenMG Limited Patch 4.0-04-08-02-01
OpenMG Secure Module 4.0.00
PictureGear Studio 2.0
PyRuntimeUninstall
QuickTime
Realtek High Definition Audio Driver
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Skype™ 4.1
Sonic RecordNow!
SonicStage 2.1.02
SonicStage Mastering Studio Audio Filter Custom Preset
Sony Certificate PCH
Sony Video Shared Library
Sothink SWF Decompiler
SPBBC
Sun Download Manager 2.0 (web)
SUPERAntiSpyware Free Edition
SupportSoft Assisted Service
Symantec Network Drivers Update
Symantec Script Blocking Installer
SymNet
TightVNC 1.3.10
TortoiseSVN 1.6.2.16344 (32 bit)
Uninstall Gormball
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VAIO Control Center
VAIO Entertainment Platform
VAIO Help and Support
VAIO Media 3.1
VAIO Media Integrated Server 3.1
VAIO Media Redistribution 3.1
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Scene HD Normal Contents
VAIO Structure Wallpaper
VAIO Survey Standalone
VC80CRTRedist - 8.0.50727.762
VirtualCloneDrive
VuePrint
WebFldrs XP
Westwood Shared Internet Components
Windows Defender
Windows Driver Package - eMPIA Technology (DCamUSBET) Image (09/11/2007 2.7.0911.0)
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (04/27/2007 5.7.0427.0)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB884018
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver

==== Event Viewer Messages From Past Week ========

1/14/2010 12:48:43 PM, error: PlugPlayManager [12] - The device 'Sony SM/xD Reader USB Device' (USBSTOR\Disk&Ven_Sony&Prod_SM/xD___Reader&Rev_3.15\000000127FF5&2) disappeared from the system without first being prepared for removal.
1/14/2010 12:48:43 PM, error: PlugPlayManager [12] - The device 'Sony SD/MMC Reader USB Device' (USBSTOR\Disk&Ven_Sony&Prod_SD/MMC__Reader&Rev_3.15\000000127FF5&3) disappeared from the system without first being prepared for removal.
1/14/2010 12:48:43 PM, error: PlugPlayManager [12] - The device 'Sony MS Reader USB Device' (USBSTOR\Disk&Ven_Sony&Prod_MS______Reader&Rev_3.15\000000127FF5&0) disappeared from the system without first being prepared for removal.
1/14/2010 12:48:43 PM, error: PlugPlayManager [12] - The device 'Sony Memory Card Reader/Writer' (USB\Vid_054c&Pid_021f\000000127FF5) disappeared from the system without first being prepared for removal.
1/14/2010 12:48:43 PM, error: PlugPlayManager [12] - The device 'Sony CF Reader USB Device' (USBSTOR\Disk&Ven_Sony&Prod_CF______Reader&Rev_3.15\000000127FF5&1) disappeared from the system without first being prepared for removal.
1/14/2010 12:48:43 PM, error: PlugPlayManager [12] - The device 'Generic volume' (STORAGE\RemovableMedia\7&a527829&0&RM) disappeared from the system without first being prepared for removal.
1/14/2010 12:48:43 PM, error: PlugPlayManager [12] - The device 'Generic volume' (STORAGE\RemovableMedia\7&9f872e0&0&RM) disappeared from the system without first being prepared for removal.
1/14/2010 12:48:43 PM, error: PlugPlayManager [12] - The device 'Generic volume' (STORAGE\RemovableMedia\7&9a5d6ae&0&RM) disappeared from the system without first being prepared for removal.
1/14/2010 12:48:43 PM, error: PlugPlayManager [12] - The device 'Generic volume' (STORAGE\RemovableMedia\7&383bd74a&0&RM) disappeared from the system without first being prepared for removal.
1/13/2010 7:21:47 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
1/13/2010 7:21:47 AM, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/13/2010 7:21:44 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
1/11/2010 9:42:22 AM, error: PlugPlayManager [12] - The device 'SONY DVD RW DW-D22A' (IDE\CdRomSONY_DVD_RW_DW-D22A_____________________BFS2____\5&34b6c6bd&0&0.0.0) disappeared from the system without first being prepared for removal.
1/11/2010 9:41:52 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
1/11/2010 9:38:49 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Common Files\Nero\AudioPlugins\msaxp.dll. Reference error message: The operation completed successfully. .
1/11/2010 9:38:49 AM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Common Files\Nero\AudioPlugins\msaxp.dll" on line 9.
1/11/2010 9:36:53 AM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom0.
1/10/2010 9:03:45 PM, error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
1/10/2010 9:03:45 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
1/10/2010 9:03:45 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.

==== End Of File ===========================

OTL Extras logfile created on: 1/19/2010 10:17:10 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\SONY VAIO\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 406.00 Mb Available Physical Memory | 40.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 181.30 Gb Total Space | 134.52 Gb Free Space | 74.20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 700.15 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: E58AEB3F9A6342E
Current User Name: SONY VAIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- File not found
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\system32\winver.exe" = C:\WINDOWS\system32\winver.exe:*:Enabled:winver -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 3.1
"{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}" = VAIO Original Screen Saver VAIO Scene HD Normal Contents
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39D4FB9C-9CDE-4449-BD2B-6AD4D376CFDC}" = Art Explosion Publisher Pro 2.0
"{3B29A786-5803-4e9e-9B58-3014A5B4E519}" = Norton AntiSpam
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{449F3A9E-9903-4a0d-A209-08030D45A935}" = Norton Internet Security
"{4761EB82-E8BD-45A4-B19B-586FA9D1D7E6}" = Camtasia Studio 6
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}" = Norton Internet Security
"{5677563D-0CB1-485f-9E18-C5025306BB3F}" = Norton AntiSpam
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F1974D6-4249-43B6-88B0-9A9B8A33956C}" = OpenMG Secure Module 4.0.00
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 3.1
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage 2.1.02
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 3.1
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80EE18E6-F16C-11D4-8BE8-006097C9A3ED}" = ISScript
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD 5 for VAIO
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.02 Menu Data
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-1033-0000-BA7E-000000000003}" = Adobe Acrobat 8 Standard
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B46834CC-141E-11D5-A76F-0030AB007078}" = MA101 USB Adapter Configuration Utility
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BB4301FF-59CC-4EEA-9D66-633100680C25}_is1" = PyRuntimeUninstall
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2005
"{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}" = Norton Internet Security
"{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D327AFC9-7BAA-473A-8319-6EB7A0D40138}" = Symantec Script Blocking Installer
"{D36B1F7D-3B51-4DBC-A4AE-F25B06DF2AD1}" = VAIO Control Center
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919}" = CC_ccProxyExt
"{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}" = ccCommon
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E68B38DE-D7DD-4FB3-A453-3F03A947EA8E}" = VAIO Help and Support
"{E715FA41-46EB-4D3F-B4D9-A45973E76026}" = VAIO Structure Wallpaper
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.2.10
"{E85FA9A1-C241-4698-893B-DD99509B8DB0}" = Norton WMI Update
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update
"{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone
"{FC08587A-4F01-4188-819F-F55880022917}" = ccPxyCore
"{FC2C0536-583C-46c0-844A-62CECAE01F22}" = Norton Internet Security
"{FCA37CD2-7BA4-4A5A-8979-B64EA712F4CB}" = TortoiseSVN 1.6.2.16344 (32 bit)
"13E070C395DA4471589A75003E6EDEA2166506A0" = Windows Driver Package - eMPIA Technology (DCamUSBET) Image (09/11/2007 2.7.0911.0)
"8EEF50C376BC7EFF9051ECC515D0352A7868ADCE" = Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (04/27/2007 5.7.0427.0)
"AC3Filter_is1" = AC3Filter 1.61b
"Adobe Acrobat 8 Standard" = Adobe Acrobat 8.1.1 Standard
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Cliffhanger Auto Player_is1" = Uninstall Gormball
"CobBackup9" = Cobian Backup 9
"CONNECT" = CONNECT
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ESET Online Scanner" = ESET Online Scanner v3
"FLV Player" = FLV Player 2.0 (build 25)
"GameSpy Arcade" = GameSpy Arcade
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{6F1974D6-4249-43B6-88B0-9A9B8A33956C}" = OpenMG Secure Module 4.0.00
"InstallShield_{E68B38DE-D7DD-4FB3-A453-3F03A947EA8E}" = VAIO Help and Support
"InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"MoodLogic" = MoodLogic
"Mozilla Firefox (3.0.17)" = Mozilla Firefox (3.0.17)
"Nero8Lite_is1" = Nero 8 Lite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.0-04-06-21-01" = OpenMG Limited Patch 4.0-04-08-02-01
"PROSet" = Intel® PRO Network Adapters and Drivers
"Renegade" = Command & Conquer Renegade
"Sun Download Manager 2.0 (web)" = Sun Download Manager 2.0 (web)
"SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security 2005 (Symantec Corporation)
"TightVNC_is1" = TightVNC 1.3.10
"VirtualCloneDrive" = VirtualCloneDrive
"Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition
"VuePrint" = VuePrint
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebPost" = Microsoft Web Publishing Wizard 1.53
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver
"WOLAPI" = Westwood Shared Internet Components

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/31/2009 10:30:43 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 455
Description = wuaueng.dll (2476) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error - 12/31/2009 10:30:55 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 489
Description = wuauclt (3860) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).

Error - 12/31/2009 10:30:55 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 455
Description = wuaueng.dll (3860) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error - 12/31/2009 10:31:05 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 489
Description = wuauclt (3860) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).

Error - 12/31/2009 10:31:05 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 455
Description = wuaueng.dll (3860) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error - 1/4/2010 1:03:12 AM | Computer Name = E58AEB3F9A6342E | Source = Application Error | ID = 1000
Description = Faulting application acrobat.exe, version 8.1.0.137, faulting module
acrobat.dll, version 8.1.1.20, fault address 0x001178bc.

Error - 1/7/2010 12:25:21 PM | Computer Name = E58AEB3F9A6342E | Source = MPSampleSubmission | ID = 5000
Description =

Error - 1/17/2010 11:00:37 PM | Computer Name = E58AEB3F9A6342E | Source = Application Error | ID = 1000
Description = Faulting application acrobat.exe, version 8.1.0.137, faulting module
acrobat.dll, version 8.1.1.20, fault address 0x001178bc.

Error - 1/18/2010 10:41:59 AM | Computer Name = E58AEB3F9A6342E | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office XP Professional with FrontPage -- Error
1706. Setup cannot find the required files. Check your connection to the network,
or CD-ROM drive. For other potential solutions to this problem, see C:\Program
Files\Microsoft Office\Office10\1033\SETUP.HLP.

Error - 1/18/2010 6:57:13 PM | Computer Name = E58AEB3F9A6342E | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office XP Professional with FrontPage -- Error
1706. Setup cannot find the required files. Check your connection to the network,
or CD-ROM drive. For other potential solutions to this problem, see C:\Program
Files\Microsoft Office\Office10\1033\SETUP.HLP.

[ Application Events ]
Error - 12/31/2009 10:30:43 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 455
Description = wuaueng.dll (2476) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error - 12/31/2009 10:30:55 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 489
Description = wuauclt (3860) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).

Error - 12/31/2009 10:30:55 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 455
Description = wuaueng.dll (3860) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error - 12/31/2009 10:31:05 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 489
Description = wuauclt (3860) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).

Error - 12/31/2009 10:31:05 AM | Computer Name = E58AEB3F9A6342E | Source = ESENT | ID = 455
Description = wuaueng.dll (3860) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error - 1/4/2010 1:03:12 AM | Computer Name = E58AEB3F9A6342E | Source = Application Error | ID = 1000
Description = Faulting application acrobat.exe, version 8.1.0.137, faulting module
acrobat.dll, version 8.1.1.20, fault address 0x001178bc.

Error - 1/7/2010 12:25:21 PM | Computer Name = E58AEB3F9A6342E | Source = MPSampleSubmission | ID = 5000
Description =

Error - 1/17/2010 11:00:37 PM | Computer Name = E58AEB3F9A6342E | Source = Application Error | ID = 1000
Description = Faulting application acrobat.exe, version 8.1.0.137, faulting module
acrobat.dll, version 8.1.1.20, fault address 0x001178bc.

Error - 1/18/2010 10:41:59 AM | Computer Name = E58AEB3F9A6342E | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office XP Professional with FrontPage -- Error
1706. Setup cannot find the required files. Check your connection to the network,
or CD-ROM drive. For other potential solutions to this problem, see C:\Program
Files\Microsoft Office\Office10\1033\SETUP.HLP.

Error - 1/18/2010 6:57:13 PM | Computer Name = E58AEB3F9A6342E | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office XP Professional with FrontPage -- Error
1706. Setup cannot find the required files. Check your connection to the network,
or CD-ROM drive. For other potential solutions to this problem, see C:\Program
Files\Microsoft Office\Office10\1033\SETUP.HLP.

[ System Events ]
Error - 1/17/2010 10:17:17 AM | Computer Name = E58AEB3F9A6342E | Source = Service Control Manager | ID = 7000
Description = The LogMeIn Kernel Information Provider service failed to start due
to the following error: %%3

Error - 1/17/2010 1:58:44 PM | Computer Name = E58AEB3F9A6342E | Source = DCOM | ID = 10010
Description = The server {F3A614DC-ABE0-11D2-A441-00C04F795683} did not register
with DCOM within the required timeout.

Error - 1/17/2010 11:37:47 PM | Computer Name = E58AEB3F9A6342E | Source = DCOM | ID = 10010
Description = The server {98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C} did not register
with DCOM within the required timeout.

Error - 1/18/2010 10:30:35 AM | Computer Name = E58AEB3F9A6342E | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 1/18/2010 10:30:35 AM | Computer Name = E58AEB3F9A6342E | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 1/18/2010 10:30:42 AM | Computer Name = E58AEB3F9A6342E | Source = Service Control Manager | ID = 7000
Description = The LogMeIn Kernel Information Provider service failed to start due
to the following error: %%3

Error - 1/18/2010 5:49:09 PM | Computer Name = E58AEB3F9A6342E | Source = DCOM | ID = 10010
Description = The server {F3A614DC-ABE0-11D2-A441-00C04F795683} did not register
with DCOM within the required timeout.

Error - 1/19/2010 10:55:38 AM | Computer Name = E58AEB3F9A6342E | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 1/19/2010 10:55:38 AM | Computer Name = E58AEB3F9A6342E | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 1/19/2010 10:55:39 AM | Computer Name = E58AEB3F9A6342E | Source = Service Control Manager | ID = 7000
Description = The LogMeIn Kernel Information Provider service failed to start due
to the following error: %%3


< End of report >

OTL logfile created on: 1/19/2010 10:17:10 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\SONY VAIO\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 406.00 Mb Available Physical Memory | 40.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 181.30 Gb Total Space | 134.52 Gb Free Space | 74.20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 700.15 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: E58AEB3F9A6342E
Current User Name: SONY VAIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/19 22:16:18 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SONY VAIO\Desktop\OTL.exe
PRC - [2010/01/07 08:30:07 | 00,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/12/16 16:26:56 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/05/09 13:09:24 | 00,606,720 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2007/06/28 23:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007/06/13 02:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/28 17:41:56 | 00,206,552 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2007/01/09 17:32:04 | 00,181,864 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
PRC - [2007/01/09 17:32:02 | 00,198,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
PRC - [2007/01/09 17:32:02 | 00,058,984 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
PRC - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/07/25 18:03:42 | 00,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/06/14 13:48:42 | 00,235,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
PRC - [2006/01/09 13:56:04 | 00,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe
PRC - [2005/10/19 12:54:14 | 00,177,264 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
PRC - [2005/04/18 19:49:24 | 00,083,584 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\ISSVC.exe
PRC - [2004/10/25 09:35:32 | 00,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2004/10/25 09:35:32 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2004/10/25 09:35:30 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2004/08/11 01:45:04 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2004/07/21 08:24:04 | 00,173,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe


========== Modules (SafeList) ==========

MOD - [2010/01/19 22:16:18 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SONY VAIO\Desktop\OTL.exe
MOD - [2006/08/25 07:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/12/20 09:57:16 | 00,198,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AntiSpam\ASOEHOOK.DLL
MOD - [2003/02/21 04:42:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (iPod Service)
SRV - [2007/06/28 23:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2007/03/28 17:41:56 | 00,206,552 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2007/01/09 17:32:04 | 00,181,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2007/01/09 17:32:04 | 00,079,464 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2007/01/09 17:32:02 | 00,198,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/07/25 18:03:42 | 02,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/07/25 18:03:42 | 00,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/06/14 13:48:42 | 00,235,168 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2006/01/09 13:56:04 | 00,049,152 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2005/11/14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/10/19 12:55:00 | 00,067,184 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBSERV.EXE -- (SBService)
SRV - [2005/10/19 12:54:14 | 00,177,264 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2005/04/18 19:49:24 | 00,083,584 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\ISSVC.exe -- (ISSVC)
SRV - [2005/03/07 14:59:36 | 00,198,368 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/11/02 15:42:42 | 01,826,816 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2004/10/25 09:35:34 | 00,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2004/10/25 09:35:32 | 00,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2004/10/25 09:35:32 | 00,118,784 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2004/10/25 09:35:30 | 00,278,528 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2004/09/09 18:09:50 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2004/07/21 08:24:04 | 00,173,160 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2004/06/22 11:58:14 | 00,733,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP)
SRV - [2004/06/22 11:58:14 | 00,733,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2004/06/16 03:42:34 | 00,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2004/06/16 03:41:06 | 00,188,416 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2004/03/18 15:55:48 | 00,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/10/30 12:48:10 | 01,286,144 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "GOOGLE.COM"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: cdxFireNSI_FF@neocodex.us:2.0
FF - prefs.js..extensions.enabledItems: CliffhangerFF@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.3
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.4
FF - prefs.js..extensions.enabledItems: HarvestPricerFF@neocodex.us:2.0
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.15
FF - prefs.js..extensions.enabledItems: NeoFiller@neocodex.us:2.0
FF - prefs.js..extensions.enabledItems: NQ2TrainerFF@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: NTrainFF@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: PetImageParser@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: PriceWizFF@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: SaveSourceFF@neocodex.us:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/13 19:33:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/07 08:30:15 | 00,000,000 | ---D | M]

[2009/05/23 17:12:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Extensions
[2010/01/18 16:52:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions
[2007/07/31 07:45:06 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
[2009/06/19 23:22:44 | 00,000,000 | ---D | M] (Live HTTP Headers) -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2009/08/12 15:42:32 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/07/14 15:55:48 | 00,000,000 | ---D | M] (FoxClocks) -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2009/09/07 01:50:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\AuctionTimeFF@neocodex.us
[2010/01/18 20:32:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\cdxFireNSI_FF@neocodex.us
[2010/01/17 16:46:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\CliffhangerFF@neocodex.us
[2009/11/04 10:52:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\firebug@software.joehewitt.com
[2009/10/14 14:33:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\HarvestPricerFF@neocodex.us
[2009/05/29 17:02:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\inspector@mozilla.org
[2009/09/03 17:31:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\NeoFiller@neocodex.us
[2009/08/25 21:04:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\NQ2TrainerFF@neocodex.us
[2009/12/18 12:21:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\NTrainFF@neocodex.us
[2009/05/27 20:08:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\PetImageParser@neocodex.us
[2009/11/21 03:07:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\PriceWizFF@neocodex.us
[2009/05/29 17:43:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\SaveSourceFF@neocodex.us
[2009/06/01 09:15:52 | 00,001,600 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\searchplugins\idb-weapon-search.xml
[2009/08/06 18:08:37 | 00,001,976 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\searchplugins\ilikecom.xml
[2009/07/23 13:28:39 | 00,001,831 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\searchplugins\jellyneo-item-database-search.xml
[2009/05/24 09:51:45 | 00,000,945 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\searchplugins\youtube-video-search.xml
[2009/07/22 21:07:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/03 16:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2007/02/04 22:02:56 | 01,642,496 | ---- | M] (LizardTech) -- C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll

O1 HOSTS File: ([2009/07/16 22:23:14 | 00,001,216 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Internet Security) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/11/15 13:44:01 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{caa4aefa-473c-11de-a03d-001583077df7}\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\{caa4aefa-473c-11de-a03d-001583077df7}\Shell\Shell00\Command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\{caa4aefa-473c-11de-a03d-001583077df7}\Shell\Shell01\Command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\{caa4aefa-473c-11de-a03d-001583077df7}\Shell\Shell02\Command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\{cf80cc30-e4f4-11dc-a02e-001320086b25}\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\{cf80cc30-e4f4-11dc-a02e-001320086b25}\Shell\Shell00\Command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\{cf80cc30-e4f4-11dc-a02e-001320086b25}\Shell\Shell01\Command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\{cf80cc30-e4f4-11dc-a02e-001320086b25}\Shell\Shell02\Command - "" = J:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/11/15 13:43:35 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (49261513948528640)

========== Files/Folders - Created Within 14 Days ==========

[2010/01/19 22:16:14 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SONY VAIO\Desktop\OTL.exe
[2010/01/17 19:02:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SONY VAIO\My Documents\Design
[2010/01/07 22:39:32 | 00,000,000 | ---D | C] -- C:\Program Files\HotHotSoftware
[2008/03/30 10:40:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2008/01/03 16:33:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/11/03 11:10:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Intuit
[2007/10/31 08:18:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2007/06/20 21:17:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Symantec
[2004/11/15 13:46:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2004/11/15 13:46:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2004/11/15 13:43:58 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/01/19 22:16:18 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SONY VAIO\Desktop\OTL.exe
[2010/01/19 07:15:45 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/01/19 06:55:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/19 06:55:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/18 20:34:00 | 06,553,600 | -H-- | M] () -- C:\Documents and Settings\SONY VAIO\NTUSER.DAT
[2010/01/18 20:33:22 | 11,639,712 | -H-- | M] () -- C:\Documents and Settings\SONY VAIO\Local Settings\Application Data\IconCache.db
[2010/01/17 19:06:15 | 00,001,742 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 6.0.lnk
[2010/01/16 06:52:49 | 00,024,653 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Desktop\test.htm
[2010/01/15 20:13:20 | 00,000,556 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - SONY VAIO.job
[2010/01/13 07:23:08 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 09:44:28 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/11 09:43:46 | 00,006,855 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\My Documents\muratdil_all.nra
[2010/01/09 15:49:33 | 00,113,664 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/07 22:54:11 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\My Documents\definiatios osman is a cheater.doc
[2010/01/07 08:04:34 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/11 09:43:46 | 00,006,855 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\My Documents\muratdil_all.nra
[2010/01/07 22:54:10 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\My Documents\definiatios osman is a cheater.doc
[2009/07/27 17:29:24 | 00,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2009/07/23 10:58:29 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/06/26 04:36:54 | 00,000,760 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\Application Data\setup_ldm.iss
[2009/06/15 23:11:08 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/04/21 21:23:50 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/02/26 21:42:34 | 00,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2008/01/25 19:22:15 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\gsp.dll
[2007/11/22 12:49:14 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\vmcoinst_zc0301plh.dll
[2007/06/28 23:43:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/06/28 23:43:00 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/06/28 23:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/06/28 23:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/06/28 23:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/06/26 23:07:04 | 03,416,064 | ---- | C] () -- C:\Program Files\Microsoft Money.mny
[2007/06/25 22:13:11 | 00,000,064 | ---- | C] () -- C:\WINDOWS\QBWCD.INI
[2007/05/31 22:06:59 | 00,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/05/31 22:04:24 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2007/05/31 22:04:23 | 00,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2007/05/16 09:17:28 | 00,113,664 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/05 16:11:05 | 00,002,518 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/04/29 16:54:44 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/04/08 21:32:06 | 00,000,045 | ---- | C] () -- C:\WINDOWS\INSTALL.INI
[2007/03/26 19:53:34 | 00,000,240 | ---- | C] () -- C:\WINDOWS\vuepro32.ini
[2007/02/17 22:52:42 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/02/16 19:39:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2007/01/30 10:50:47 | 00,000,132 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\Local Settings\Application Data\fusioncache.dat
[2006/11/13 14:51:41 | 00,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2006/11/13 14:46:02 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/11/13 14:46:02 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/11/13 14:46:02 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/11/13 14:46:02 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/11/13 14:46:02 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/11/13 14:46:02 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/11/13 14:39:07 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2006/11/02 09:27:46 | 00,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2004/11/15 14:44:10 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/15 14:10:43 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/11/15 13:48:18 | 00,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/11/15 12:30:56 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/11/15 12:30:26 | 00,000,724 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/10/22 16:10:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/06/12 13:21:12 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2001/10/24 16:00:40 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll

========== LOP Check ==========

[2007/06/18 21:35:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2009/05/23 12:27:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2007/10/31 00:13:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2009/12/20 17:18:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2007/10/07 20:06:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LiveSubscribe
[2009/05/23 23:21:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/06/16 01:41:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2009/12/21 22:11:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/12 14:12:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2010/01/16 14:23:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\BitTorrent
[2008/02/26 21:30:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Ceedo
[2009/12/20 17:17:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\DAEMON Tools Pro
[2009/12/26 11:18:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\DNA
[2007/11/22 12:05:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\EyeSpyFX
[2007/04/14 20:24:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\InterVideo
[2009/11/29 22:07:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Leadertech
[2007/09/01 09:39:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Nova Development
[2009/05/23 23:59:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Subversion
[2009/12/12 14:12:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\WindSolutions
[2010/01/19 07:15:45 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2006/11/13 14:33:57 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 1.job
[2006/11/13 14:33:58 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2006/11/13 14:33:58 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2010/01/14 21:27:42 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2010/01/14 21:27:42 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 04:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 04:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2009/02/06 10:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 10:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 04:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 04:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:408F95E5
< End of report >

ComboFix 10-01-21.08 - SONY VAIO 01/22/2010 11:33:15.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.659 [GMT -8:00]
Running from: c:\documents and settings\SONY VAIO\Desktop\schrauber.exe
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-1960408961-616249376-725345543-1003
c:\recycler\S-1-5-21-3977344382-2026929294-377546046-1003
c:\windows\cuba .bmp
c:\windows\setup.exe

Infected copy of c:\windows\system32\DRIVERS\atapi.sys was found and disinfected
Restored copy from - Kitty ate it
.
((((((((((((((((((((((((( Files Created from 2009-12-22 to 2010-01-22 )))))))))))))))))))))))))))))))
.

2010-01-13 07:24 . 2009-11-21 16:36 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-08 06:39 . 2010-01-08 06:39 -------- d-----w- c:\program files\HotHotSoftware
2010-01-02 01:47 . 2010-01-02 01:48 -------- d-----w- c:\program files\Cobian Backup 9
2009-12-28 02:57 . 2009-12-28 02:57 -------- d-----w- c:\program files\ESET
2009-12-28 00:28 . 2004-08-04 12:00 838144 -c--a-w- c:\windows\system32\dllcache\chtbrkr.dll
2009-12-28 00:28 . 2004-08-04 12:00 838144 ----a-w- c:\windows\system32\chtbrkr.dll
2009-12-28 00:28 . 2004-08-04 12:00 70656 -c--a-w- c:\windows\system32\dllcache\korwbrkr.dll
2009-12-28 00:28 . 2004-08-04 12:00 70656 ----a-w- c:\windows\system32\korwbrkr.dll
2009-12-28 00:28 . 2004-08-04 12:00 1677824 -c--a-w- c:\windows\system32\dllcache\chsbrkr.dll
2009-12-28 00:28 . 2004-08-04 12:00 1677824 ----a-w- c:\windows\system32\chsbrkr.dll
2009-12-28 00:28 . 2004-08-04 12:00 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll
2009-12-28 00:28 . 2004-08-04 12:00 98304 ----a-w- c:\windows\system32\msir3jp.dll
2009-12-28 00:28 . 2004-08-04 12:00 19456 -c--a-w- c:\windows\system32\dllcache\agt0404.dll
2009-12-28 00:28 . 2004-08-04 12:00 10096640 -c--a-w- c:\windows\system32\dllcache\hwxcht.dll
2009-12-28 00:28 . 2004-08-04 12:00 19456 -c--a-w- c:\windows\system32\dllcache\agt0804.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-21 20:50 . 2004-08-03 22:59 95360 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-01-20 05:23 . 2006-11-13 22:52 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-18 03:36 . 2009-08-13 00:21 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-16 22:23 . 2009-06-08 14:23 -------- d-----w- c:\documents and settings\SONY VAIO\Application Data\BitTorrent
2010-01-16 21:02 . 2009-05-24 02:43 -------- d-----w- c:\documents and settings\SONY VAIO\Application Data\mIRC
2010-01-16 19:37 . 2009-05-24 02:43 -------- d-----w- c:\program files\mIRC
2010-01-14 19:12 . 2009-10-03 17:52 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-05 10:00 . 2004-11-15 20:30 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2004-11-15 20:29 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2004-11-15 20:29 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-29 08:31 . 2007-01-30 18:50 62672 ----a-w- c:\documents and settings\SONY VAIO\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-28 03:54 . 2009-07-23 18:58 -------- d-----w- c:\program files\Cheat Engine
2009-12-26 19:18 . 2009-06-08 14:23 -------- d-----w- c:\program files\DNA
2009-12-26 19:18 . 2009-06-08 14:23 -------- d-----w- c:\documents and settings\SONY VAIO\Application Data\DNA
2009-12-23 07:45 . 2009-12-21 01:27 52224 ----a-w- c:\documents and settings\SONY VAIO\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-23 07:45 . 2009-12-21 01:27 117760 ----a-w- c:\documents and settings\SONY VAIO\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-22 06:12 . 2009-12-22 06:12 -------- d-----w- c:\program files\FLV Player
2009-12-22 06:11 . 2009-07-28 01:29 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-21 05:47 . 2009-12-21 05:33 -------- d-----w- c:\program files\GameSpy Arcade
2009-12-21 05:14 . 2009-12-21 05:14 -------- d-----w- c:\program files\Elaborate Bytes
2009-12-21 02:15 . 2009-12-21 01:19 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-21 01:26 . 2009-12-21 01:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-21 01:26 . 2009-12-21 01:26 65024 ----a-r- c:\documents and settings\SONY VAIO\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2009-12-21 01:26 . 2009-12-21 01:26 5120 ----a-r- c:\documents and settings\SONY VAIO\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2009-12-21 01:26 . 2009-12-21 01:26 18944 ----a-r- c:\documents and settings\SONY VAIO\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2009-12-21 01:26 . 2009-12-21 01:26 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-21 01:26 . 2009-12-21 01:26 -------- d-----w- c:\documents and settings\SONY VAIO\Application Data\SUPERAntiSpyware.com
2009-12-21 01:25 . 2009-12-21 01:25 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-21 01:18 . 2009-12-21 01:17 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-12-21 01:17 . 2009-12-21 01:17 -------- d-----w- c:\documents and settings\SONY VAIO\Application Data\DAEMON Tools Pro
2009-11-30 06:07 . 2009-11-30 06:07 -------- d-----w- c:\documents and settings\SONY VAIO\Application Data\Sonic
2009-11-30 06:07 . 2009-11-30 06:07 -------- d-----w- c:\documents and settings\SONY VAIO\Application Data\Leadertech
2009-11-21 16:36 . 2004-11-15 20:29 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2007-06-27 07:08 . 2007-06-27 07:07 3416064 ----a-w- c:\program files\Microsoft Money.mny
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-11-02 16:26 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-11-02 16:26 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-11-02 16:26 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-11-02 16:26 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-11-02 16:26 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-11-02 16:26 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-11-02 16:26 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-11-02 16:26 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-11-02 16:26 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-12-17 2002160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 58984]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-29 8466432]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-10-17 03:35 87352 ----a-w- c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2007-05-11 05:46 624248 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2004-06-29 17:06 88363 ----a-w- c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2004-10-14 00:00 57344 ----a-w- c:\windows\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
2004-10-22 01:44 2744832 ----a-w- c:\windows\ALCWZRD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2004-09-10 05:10 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-11-13 17:44 323392 ----a-w- c:\program files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-04 12:00 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD_Reminder]
2004-07-16 19:17 53248 ----a-w- c:\windows\SONYSYS\VAIO Recovery\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-04 12:00 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
2004-03-17 23:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2004-10-08 15:27 126976 ----a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2004-10-08 15:31 155648 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-09-21 10:10 55824 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LxrAutorun]
2006-11-09 19:00 24576 ----a-w- c:\documents and settings\SONY VAIO\Local Settings\Application Data\Lexar Media\LxrAutorun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-06-29 07:43 8466432 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-06-29 07:43 81920 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2007-06-29 07:43 1626112 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 07:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2004-10-21 22:20 77824 ----a-w- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
2007-04-18 03:19 100056 ----a-w- c:\progra~1\SYMNET~1\SNDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Recovery]
2003-04-20 05:08 28672 ----a-w- c:\windows\SONYSYS\VAIO Recovery\PartSeal.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-05-26 22:31 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-04 02:20 866584 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12/16/2009 4:26 PM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/16/2009 4:26 PM 74480]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [5/23/2009 11:21 PM 47640]
R2 LxrSII1d;Secure II Driver;c:\windows\system32\drivers\LxrSII1d.sys [2/26/2008 9:42 PM 72672]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 6:19 PM 13592]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12/16/2009 4:27 PM 7408]
R3 USBFVNETR;NETGEAR MA101 USB Adapter;c:\windows\system32\drivers\ma101rndxp.sys [5/23/2009 4:31 PM 76160]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
Contents of the 'Scheduled Tasks' folder

2010-01-22 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 02:20]

2010-01-16 c:\windows\Tasks\Norton AntiVirus - Scan my computer - SONY VAIO.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2004-08-30 20:54]

2006-11-13 c:\windows\Tasks\Registration reminder 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-11-15 12:00]

2006-11-13 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-11-15 12:00]

2006-11-13 c:\windows\Tasks\Registration reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-11-15 12:00]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.sony.com/vaiopeople
FF - ProfilePath - c:\documents and settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - IDB Weapon search
FF - prefs.js: browser.startup.homepage - GOOGLE.COM
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJPI150.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-22 11:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(752)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll

- - - - - - - > 'explorer.exe'(3800)
c:\windows\system32\WININET.dll
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\TortoiseSVN\bin\TortoiseStub.dll
c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LxrSII1s.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\windows\system32\wscntfy.exe
c:\program files\TortoiseSVN\bin\TSVNCache.exe
c:\program files\Messenger\msmsgs.exe
.
**************************************************************************
.
Completion time: 2010-01-22 11:50:19 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-22 19:50

Pre-Run: 147,998,334,976 bytes free
Post-Run: 149,700,636,672 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 4967F589E4E18F61ED79BAFB2CE3AA6F

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir Win32/Olmarik.RF virus deleted - quarantined

OTL logfile created on: 1/27/2010 6:18:54 AM - Run 2
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\SONY VAIO\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 488.00 Mb Available Physical Memory | 48.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 181.30 Gb Total Space | 138.76 Gb Free Space | 76.54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 700.15 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: E58AEB3F9A6342E
Current User Name: SONY VAIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/27 06:17:45 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SONY VAIO\Desktop\OTL.exe
PRC - [2010/01/07 08:30:07 | 00,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/12/16 16:26:56 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/05/09 13:09:24 | 00,606,720 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2007/06/28 23:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007/06/13 02:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/28 17:41:56 | 00,206,552 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2007/01/09 17:32:04 | 00,181,864 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
PRC - [2007/01/09 17:32:02 | 00,198,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
PRC - [2007/01/09 17:32:02 | 00,058,984 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
PRC - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/07/25 18:03:42 | 00,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/06/14 13:48:42 | 00,235,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
PRC - [2006/01/09 13:56:04 | 00,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe
PRC - [2005/10/19 12:54:14 | 00,177,264 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
PRC - [2005/04/18 19:49:24 | 00,083,584 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\ISSVC.exe
PRC - [2004/10/25 09:35:32 | 00,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2004/10/25 09:35:32 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2004/10/25 09:35:30 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2004/08/04 04:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004/07/21 08:24:04 | 00,173,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe


========== Modules (SafeList) ==========

MOD - [2010/01/27 06:17:45 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SONY VAIO\Desktop\OTL.exe
MOD - [2006/08/25 07:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/12/20 09:57:16 | 00,198,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AntiSpam\ASOEHOOK.DLL
MOD - [2003/02/21 04:42:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (iPod Service)
SRV - File not found [Unknown | Stopped] -- -- (FLEXnet Licensing Service)
SRV - [2007/06/28 23:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2007/03/28 17:41:56 | 00,206,552 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2007/01/09 17:32:04 | 00,181,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2007/01/09 17:32:04 | 00,079,464 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2007/01/09 17:32:02 | 00,198,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/07/25 18:03:42 | 02,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/07/25 18:03:42 | 00,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/06/14 13:48:42 | 00,235,168 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2006/01/09 13:56:04 | 00,049,152 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2005/11/14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/10/19 12:55:00 | 00,067,184 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBSERV.EXE -- (SBService)
SRV - [2005/10/19 12:54:14 | 00,177,264 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2005/04/18 19:49:24 | 00,083,584 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\ISSVC.exe -- (ISSVC)
SRV - [2005/03/07 14:59:36 | 00,198,368 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/11/02 15:42:42 | 01,826,816 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2004/10/25 09:35:34 | 00,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2004/10/25 09:35:32 | 00,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2004/10/25 09:35:32 | 00,118,784 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2004/10/25 09:35:30 | 00,278,528 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2004/09/09 18:09:50 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2004/07/21 08:24:04 | 00,173,160 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2004/06/22 11:58:14 | 00,733,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP)
SRV - [2004/06/22 11:58:14 | 00,733,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2004/06/16 03:42:34 | 00,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2004/06/16 03:41:06 | 00,188,416 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2004/03/18 15:55:48 | 00,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/10/30 12:48:10 | 01,286,144 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "GOOGLE.COM"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: cdxFireNSI_FF@neocodex.us:2.0
FF - prefs.js..extensions.enabledItems: CliffhangerFF@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.3
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.4
FF - prefs.js..extensions.enabledItems: HarvestPricerFF@neocodex.us:2.0
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.15
FF - prefs.js..extensions.enabledItems: NeoFiller@neocodex.us:2.0
FF - prefs.js..extensions.enabledItems: NQ2TrainerFF@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: NTrainFF@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: PetImageParser@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: PriceWizFF@neocodex.us:1.0
FF - prefs.js..extensions.enabledItems: SaveSourceFF@neocodex.us:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/13 19:33:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/07 08:30:15 | 00,000,000 | ---D | M]

[2009/05/23 17:12:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Extensions
[2010/01/26 09:13:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions
[2007/07/31 07:45:06 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
[2009/06/19 23:22:44 | 00,000,000 | ---D | M] (Live HTTP Headers) -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2009/08/12 15:42:32 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/07/14 15:55:48 | 00,000,000 | ---D | M] (FoxClocks) -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2009/09/07 01:50:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\AuctionTimeFF@neocodex.us
[2010/01/26 10:49:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\cdxFireNSI_FF@neocodex.us
[2010/01/17 16:46:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\CliffhangerFF@neocodex.us
[2009/11/04 10:52:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\firebug@software.joehewitt.com
[2009/10/14 14:33:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\HarvestPricerFF@neocodex.us
[2009/05/29 17:02:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\inspector@mozilla.org
[2009/09/03 17:31:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\NeoFiller@neocodex.us
[2009/08/25 21:04:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\NQ2TrainerFF@neocodex.us
[2009/12/18 12:21:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\NTrainFF@neocodex.us
[2009/05/27 20:08:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\PetImageParser@neocodex.us
[2009/11/21 03:07:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\PriceWizFF@neocodex.us
[2009/05/29 17:43:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\extensions\SaveSourceFF@neocodex.us
[2009/06/01 09:15:52 | 00,001,600 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\searchplugins\idb-weapon-search.xml
[2009/08/06 18:08:37 | 00,001,976 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\searchplugins\ilikecom.xml
[2009/07/23 13:28:39 | 00,001,831 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\searchplugins\jellyneo-item-database-search.xml
[2009/05/24 09:51:45 | 00,000,945 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\yabf2xru.default\searchplugins\youtube-video-search.xml
[2009/07/22 21:07:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/03 16:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2007/02/04 22:02:56 | 01,642,496 | ---- | M] (LizardTech) -- C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll

O1 HOSTS File: ([2010/01/22 11:42:51 | 00,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Internet Security) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/11/15 13:44:01 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/11/15 13:43:35 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891891626803200)

========== Files/Folders - Created Within 14 Days ==========

[2010/01/24 18:30:49 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2010/01/24 18:27:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SONY VAIO\My Documents\intro nano
[2010/01/22 11:27:16 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2010/01/22 11:25:04 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/01/22 11:25:04 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/01/22 11:25:04 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/01/22 11:25:04 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/01/22 11:24:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/22 11:04:46 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010/01/19 22:16:14 | 00,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SONY VAIO\Desktop\OTL.exe
[2010/01/17 19:02:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SONY VAIO\My Documents\Design
[2008/03/30 10:40:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2008/01/03 16:33:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/11/03 11:10:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Intuit
[2007/10/31 08:18:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2007/06/20 21:17:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Symantec
[2004/11/15 13:46:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2004/11/15 13:46:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2004/11/15 13:43:58 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/01/27 06:17:45 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SONY VAIO\Desktop\OTL.exe
[2010/01/27 01:37:20 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/01/24 21:26:46 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\My Documents\THE OA TIMES.doc
[2010/01/24 21:25:04 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\My Documents\research 2.doc
[2010/01/24 06:06:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 06:06:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/23 22:06:57 | 06,553,600 | -H-- | M] () -- C:\Documents and Settings\SONY VAIO\NTUSER.DAT
[2010/01/22 20:00:11 | 00,000,556 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - SONY VAIO.job
[2010/01/22 11:43:09 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/22 11:42:51 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/22 11:41:26 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\SONY VAIO\ntuser.ini
[2010/01/22 11:27:26 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2010/01/22 11:20:34 | 11,640,544 | -H-- | M] () -- C:\Documents and Settings\SONY VAIO\Local Settings\Application Data\IconCache.db
[2010/01/22 11:04:20 | 03,833,308 | R--- | M] () -- C:\Documents and Settings\SONY VAIO\Desktop\schrauber.exe
[2010/01/22 07:08:37 | 00,032,768 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\My Documents\Che 118 HW_2 (10).doc
[2010/01/16 06:52:49 | 00,024,653 | ---- | M] () -- C:\Documents and Settings\SONY VAIO\Desktop\test.htm
[2010/01/13 07:23:20 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 21:26:46 | 00,019,968 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\My Documents\THE OA TIMES.doc
[2010/01/24 21:25:04 | 00,019,968 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\My Documents\research 2.doc
[2010/01/22 11:27:25 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2010/01/22 11:27:19 | 00,260,272 | ---- | C] () -- C:\cmldr
[2010/01/22 11:25:04 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/01/22 11:25:04 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/01/22 11:25:04 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/01/22 11:25:04 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/01/22 11:25:04 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/01/22 11:04:04 | 03,833,308 | R--- | C] () -- C:\Documents and Settings\SONY VAIO\Desktop\schrauber.exe
[2010/01/22 07:08:34 | 00,032,768 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\My Documents\Che 118 HW_2 (10).doc
[2009/07/27 17:29:24 | 00,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2009/07/23 10:58:29 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/06/26 04:36:54 | 00,000,760 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\Application Data\setup_ldm.iss
[2009/06/15 23:11:08 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/04/21 21:23:50 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/02/26 21:42:34 | 00,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2008/01/25 19:22:15 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\gsp.dll
[2007/11/22 12:49:14 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\vmcoinst_zc0301plh.dll
[2007/06/28 23:43:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/06/28 23:43:00 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/06/28 23:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/06/28 23:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/06/28 23:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/06/26 23:07:04 | 03,416,064 | ---- | C] () -- C:\Program Files\Microsoft Money.mny
[2007/06/25 22:13:11 | 00,000,064 | ---- | C] () -- C:\WINDOWS\QBWCD.INI
[2007/05/31 22:06:59 | 00,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/05/31 22:04:24 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2007/05/31 22:04:23 | 00,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2007/05/16 09:17:28 | 00,113,664 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/05 16:11:05 | 00,002,518 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/04/29 16:54:44 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/04/08 21:32:06 | 00,000,045 | ---- | C] () -- C:\WINDOWS\INSTALL.INI
[2007/03/26 19:53:34 | 00,000,240 | ---- | C] () -- C:\WINDOWS\vuepro32.ini
[2007/02/17 22:52:42 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/02/16 19:39:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2007/01/30 10:50:47 | 00,000,132 | ---- | C] () -- C:\Documents and Settings\SONY VAIO\Local Settings\Application Data\fusioncache.dat
[2006/11/13 14:51:41 | 00,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2006/11/13 14:46:02 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/11/13 14:46:02 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/11/13 14:46:02 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/11/13 14:46:02 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/11/13 14:46:02 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/11/13 14:46:02 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/11/13 14:39:07 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2006/11/02 09:27:46 | 00,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2004/11/15 14:44:10 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/15 14:10:43 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/11/15 13:48:18 | 00,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/11/15 12:30:56 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/11/15 12:30:26 | 00,000,724 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/10/22 16:10:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/06/12 13:21:12 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2001/10/24 16:00:40 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll

========== LOP Check ==========

[2007/06/18 21:35:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2009/05/23 12:27:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2007/10/31 00:13:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2009/12/20 17:18:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2007/10/07 20:06:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LiveSubscribe
[2009/05/23 23:21:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/06/16 01:41:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2009/12/21 22:11:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/12 14:12:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2010/01/16 14:23:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\BitTorrent
[2008/02/26 21:30:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Ceedo
[2009/12/20 17:17:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\DAEMON Tools Pro
[2009/12/26 11:18:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\DNA
[2007/11/22 12:05:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\EyeSpyFX
[2007/04/14 20:24:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\InterVideo
[2009/11/29 22:07:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Leadertech
[2007/09/01 09:39:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Nova Development
[2009/05/23 23:59:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\Subversion
[2009/12/12 14:12:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SONY VAIO\Application Data\WindSolutions
[2010/01/27 01:37:20 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2006/11/13 14:33:57 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 1.job
[2006/11/13 14:33:58 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2006/11/13 14:33:58 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2010/01/21 12:50:31 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2010/01/21 12:50:31 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2010/01/21 12:50:31 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 04:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 04:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004/08/04 04:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2009/02/06 10:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 10:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 04:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004/08/04 04:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 04:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004/08/04 04:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:408F95E5
< End of report >