Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware blocking internet - problems now getting worse - help please!


  • This topic is locked This topic is locked
2 replies to this topic

#1 jezhogan

jezhogan

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 02 June 2010 - 12:32 PM

My computer cannot get online since it was infected by some malware. Some has been cleaned by MalwareBytes but what remains is now causing worse and worse problems:

Symptoms include:

1. Windows cannot configure network, if i run WZC it then sees the network but cannot get an IP. IP displays as zeros.
2. Increasingly long pause before startup.
3. GMER scan causes sudden reboot after hanging on a file.
4. Taskbar has reverted to windows classic and xp no longer appears in the menu.
5. Lots of redirects when online (this was before the connection broke).

I have done some scan and some basic fixes but nothing has worked any help much appreciated, i will certainly donate generously if the problems can be fixed.

Scan information is below, firstly MBAM, then OTL, as explained above, i cannot get GMER.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4161

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

01/06/2010 21:57:15
mbam-log-2010-06-01 (21-57-15).txt

Scan type: Quick scan
Objects scanned: 136221
Time elapsed: 7 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL logfile created on: 02/06/2010 00:52:58 - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Documents and Settings\Jez\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 73.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 3.14 Gb Free Space | 5.63% Space Free | Partition Type: NTFS
Drive D: | 47.98 Gb Total Space | 5.23 Gb Free Space | 10.89% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
Drive H: | 488.84 Mb Total Space | 298.69 Mb Free Space | 61.10% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: JEZLAPTOP
Current User Name: Jez
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/01 21:32:00 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jez\Desktop\OTL.exe
PRC - [2010/05/05 13:39:27 | 002,064,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/05/05 13:39:21 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/04/04 02:48:28 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/03/11 17:40:16 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/11 17:40:12 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/11 17:40:05 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/05 09:44:16 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008/04/14 01:12:36 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe
PRC - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/27 18:56:54 | 003,072,184 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe
PRC - [2008/02/01 12:32:07 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2007/06/18 18:36:26 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/05/28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/01/25 21:41:00 | 000,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2006/08/27 14:46:54 | 000,217,088 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/07/02 21:57:12 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/07/02 21:49:10 | 000,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/07/02 21:42:14 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/06/20 16:11:00 | 000,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006/04/04 14:55:18 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2006/02/14 12:11:46 | 000,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2005/11/28 13:39:32 | 000,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2005/11/28 13:39:30 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2004/11/17 12:47:16 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2004/08/19 01:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2004/02/20 14:12:34 | 000,032,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2002/03/14 16:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe


========== Modules (SafeList) ==========

MOD - [2010/06/01 21:32:00 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jez\Desktop\OTL.exe
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/03/11 17:40:12 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/11/05 09:44:16 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/03/18 07:04:42 | 001,685,024 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\WINDOWS\system32\Nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2008/04/14 01:12:36 | 000,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/02/27 18:56:54 | 003,072,184 | ---- | M] (Kontiki Inc.) [Auto | Running] -- C:\Program Files\Kontiki\KService.exe -- (KService)
SRV - [2008/02/01 12:32:07 | 001,251,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/05/28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/07/25 18:03:42 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/07/02 21:57:12 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2006/07/02 21:49:10 | 000,937,984 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2006/07/02 21:42:14 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2006/06/20 16:11:00 | 000,176,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2006/06/13 08:03:42 | 002,084,864 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2006/06/07 09:51:50 | 000,155,648 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006/05/18 10:22:26 | 000,770,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2006/05/18 10:22:26 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2006/05/08 04:24:54 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2006/04/27 17:35:16 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/04/27 17:27:06 | 000,049,241 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/04/27 17:16:28 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/04/04 14:55:18 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/11/28 13:39:32 | 000,118,784 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/11/28 13:39:30 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/11/25 13:08:54 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/07/14 19:10:16 | 000,032,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2005/01/04 11:09:36 | 000,398,336 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_svc.exe -- (VCI)


========== Driver Services (SafeList) ==========

DRV - [2010/05/05 13:39:22 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/03/11 17:40:15 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/11 17:40:05 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/09/28 03:02:44 | 000,014,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/05/11 18:57:55 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/05/11 18:57:54 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/05/01 20:49:36 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/04/08 14:29:52 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21)
DRV - [2009/03/15 11:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/02/13 12:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/08/08 12:12:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/04/02 19:50:01 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/07/27 10:10:00 | 003,662,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/07/24 09:38:20 | 000,990,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/07/24 09:38:20 | 000,727,808 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/07/24 09:38:20 | 000,208,256 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/07/05 04:29:54 | 000,489,696 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS)
DRV - [2006/07/02 23:16:30 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/07/02 05:00:46 | 001,706,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32) Intel®
DRV - [2006/06/14 03:04:00 | 004,299,264 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/05/23 00:56:00 | 000,245,248 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006/04/13 20:00:00 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006/03/16 10:45:00 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2006/03/15 10:52:00 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2006/02/24 01:37:00 | 000,040,192 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006/02/21 10:32:32 | 000,226,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2006/02/10 11:17:00 | 000,047,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/02/08 17:33:00 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2005/08/01 16:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/07/11 18:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005/01/06 13:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/11/22 05:31:10 | 000,108,767 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2000/12/05 16:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 11:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mail.live.com/default.aspx?wa=wsignin1.0"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.812
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/05/05 13:44:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/26 01:33:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/26 01:33:06 | 000,000,000 | ---D | M]

[2008/09/23 19:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Mozilla\Extensions
[2010/05/31 22:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Mozilla\Firefox\Profiles\fnm0so27.default\extensions
[2009/09/06 22:36:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jez\Application Data\Mozilla\Firefox\Profiles\fnm0so27.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/08 17:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Mozilla\Firefox\Profiles\fnm0so27.default\extensions\firefox@tvunetworks.com
[2008/02/18 13:04:19 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Jez\Application Data\Mozilla\Firefox\Profiles\fnm0so27.default\searchplugins\siteadvisor.xml
[2010/05/22 03:21:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/12 19:59:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2008/02/27 18:57:38 | 000,106,496 | ---- | M] (British Broadcasting Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npBBCPlugin.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/14 14:34:53 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/14 14:34:53 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/14 14:34:54 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/14 14:34:54 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/06/01 21:21:48 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\realplayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Sony Corp.)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIO Update 3] C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Add RSS Support Site to VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jez\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jez\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/03 12:32:36 | 000,206,164 | ---- | M] () - C:\AUTO.pat -- [ NTFS ]
O32 - AutoRun File - [2008/04/03 12:32:36 | 000,255,192 | ---- | M] () - C:\AUTO.pst -- [ NTFS ]
O32 - AutoRun File - [2006/08/31 12:54:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/06/29 07:29:55 | 000,000,000 | R--D | M] - F:\Autorun -- [ UDF ]
O32 - AutoRun File - [2007/06/11 05:25:04 | 000,263,744 | R--- | M] (Firaxis Games) - F:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2007/06/28 19:34:01 | 000,006,299 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3bb975de-3d7a-11df-98ff-0016fe9159e5}\Shell - "" = AutoRun
O33 - MountPoints2\{3bb975de-3d7a-11df-98ff-0016fe9159e5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3bb975e2-3d7a-11df-98ff-0016fe9159e5}\Shell - "" = AutoRun
O33 - MountPoints2\{3bb975e2-3d7a-11df-98ff-0016fe9159e5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5c1f0ff0-f301-11de-b3c4-0018de3f27a9}\Shell - "" = AutoRun
O33 - MountPoints2\{5c1f0ff0-f301-11de-b3c4-0018de3f27a9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5c1f0ff6-f301-11de-b3c4-0018de3f27a9}\Shell - "" = AutoRun
O33 - MountPoints2\{5c1f0ff6-f301-11de-b3c4-0018de3f27a9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006/08/31 12:53:54 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MKVC - C:\WINDOWS\System32\KMVIDC32.DLL ()
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 90 Days ==========

[2010/06/01 21:46:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/01 21:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/01 21:36:24 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Jez\Desktop\WinsockxpFix.exe
[2010/06/01 21:36:24 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jez\Desktop\TFC.exe
[2010/06/01 21:36:20 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Jez\Desktop\spybotsd162.exe
[2010/06/01 21:36:18 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jez\Desktop\OTL.exe
[2010/06/01 21:36:16 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Jez\Desktop\erunt_setup.exe
[2010/06/01 21:25:12 | 000,000,000 | ---D | C] -- C:\ERDNT
[2010/05/31 22:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Easy
[2010/05/27 21:52:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\Application Data\Malwarebytes
[2010/05/27 21:52:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/27 21:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/27 21:51:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/27 21:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/16 23:46:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/05/16 23:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/05/14 17:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\Application Data\Tropico 3
[2010/05/14 17:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Kalypso
[2010/05/14 05:18:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/05/14 05:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\Application Data\runic games
[2010/05/14 03:09:52 | 000,000,000 | ---D | C] -- C:\Program Files\Jets'n'Guns GOLD Demo
[2010/05/14 02:45:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\Desktop\IrukandjiWinDemo
[2010/05/14 02:31:50 | 000,000,000 | ---D | C] -- C:\Program Files\Global Defense Network
[2010/05/14 02:23:43 | 000,000,000 | ---D | C] -- C:\Program Files\Nurium_Games
[2010/05/13 05:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\Shrapnel Games
[2010/05/13 05:22:03 | 000,000,000 | ---D | C] -- C:\Program Files\Break Ball 2 Gold
[2010/05/13 05:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade
[2010/05/13 04:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\Chromadrome 2
[2010/05/13 04:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mexican Motor Mafia
[2010/05/13 04:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Downloads
[2010/05/13 03:22:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\zatikon
[2010/05/13 03:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\Zatikon
[2010/05/13 01:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\My Documents\New Star Soccer 2010
[2010/05/13 01:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\New Star Soccer 2010
[2010/05/12 23:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\My Documents\democracy2
[2010/05/12 23:07:28 | 000,000,000 | ---D | C] -- C:\Program Files\Democracy2 Demo
[2010/05/12 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\Kudos 2 Demo
[2010/05/12 21:10:15 | 000,000,000 | ---D | C] -- C:\Program Files\Prime Minister Forever - British 2010 Demo
[2010/05/12 20:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\TribalTrouble2
[2010/05/12 20:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\Application Data\Tribal Trouble 2
[2010/05/12 20:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/12 17:02:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\Application Data\PlayFirst
[2010/05/12 17:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\Application Data\Mind Control Software
[2010/05/12 17:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\Oasis by Mind Control
[2010/05/11 03:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters
[2010/05/11 03:29:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\Local Settings\Application Data\SKIDROW
[2010/05/11 03:28:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\Local Settings\Application Data\Sidhe
[2010/05/11 00:35:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\My Documents\aaatemp
[2010/04/01 11:39:58 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010/04/01 11:39:58 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2010/04/01 11:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\Huawei technologies
[2010/03/17 16:20:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\My Documents\Docs for Ideaworks
[2010/03/14 19:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\My Documents\Albion
[2010/03/13 17:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/03/13 17:57:44 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/03/12 17:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jez\My Documents\Portfolio Work
[2010/03/11 17:40:16 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

========== Files - Modified Within 90 Days ==========

[2010/06/02 00:52:30 | 004,718,592 | ---- | M] () -- C:\Documents and Settings\Jez\NTUSER.DAT
[2010/06/02 00:43:56 | 000,050,868 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/06/02 00:39:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/02 00:39:33 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/02 00:38:08 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\Jez\NTUSER.bak
[2010/06/02 00:38:08 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jez\ntuser.ini
[2010/06/02 00:24:45 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/01 22:28:00 | 000,000,968 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4266417535-3221280029-822022599-1006UA.job
[2010/06/01 22:26:05 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D15F8456-D15E-49B8-9533-B8DE5C5378AB}.job
[2010/06/01 21:46:10 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\NTREGOPT.lnk
[2010/06/01 21:46:10 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\ERUNT.lnk
[2010/06/01 21:42:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/01 21:32:00 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jez\Desktop\OTL.exe
[2010/06/01 21:31:04 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\gmer.zip
[2010/06/01 21:24:44 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Jez\Desktop\erunt_setup.exe
[2010/06/01 21:24:34 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jez\Desktop\TFC.exe
[2010/06/01 21:21:48 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/06/01 21:20:24 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Jez\Desktop\WinsockxpFix.exe
[2010/06/01 21:17:16 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Jez\Desktop\spybotsd162.exe
[2010/06/01 19:13:58 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\Services.lnk
[2010/06/01 19:11:20 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010/06/01 00:11:09 | 000,148,480 | ---- | M] () -- C:\Documents and Settings\Jez\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/31 23:14:34 | 002,108,800 | -H-- | M] () -- C:\Documents and Settings\Jez\Local Settings\Application Data\IconCache.db
[2010/05/31 23:02:12 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\RegistryEasy.lie
[2010/05/31 21:46:03 | 060,552,446 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/05/28 00:41:32 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/27 21:22:31 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/27 21:22:31 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/27 21:22:31 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2010/05/20 00:35:28 | 000,010,504 | ---- | M] () -- C:\Documents and Settings\Jez\My Documents\game ideas.docx
[2010/05/14 11:28:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4266417535-3221280029-822022599-1006Core.job
[2010/05/13 02:13:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_xusb21_01007.Wdf
[2010/05/13 02:13:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/05/12 21:22:39 | 000,004,096 | ---- | M] () -- C:\WINDOWS\d3dx.dat
[2010/05/12 16:03:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/05 13:39:22 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/05/04 23:23:41 | 000,130,331 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\Shogun.pdf
[2010/05/04 23:16:06 | 010,365,404 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\samuraiswords.pdf
[2010/05/04 04:11:22 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2010/05/04 04:03:29 | 001,089,342 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\sabotage rules.docx
[2010/05/04 03:53:38 | 003,264,928 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\axis and allies rules.pdf
[2010/05/04 03:40:47 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\Civilization_Rules.doc
[2010/05/04 03:29:24 | 000,121,284 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\AdCiv_StrategyForNewPlayers.rtf
[2010/05/04 03:15:33 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\Civilization_Card_Game_Rules.doc
[2010/05/04 02:50:58 | 007,806,878 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\Through_the_Ages_-_English_Rules.pdf
[2010/05/04 02:34:03 | 002,992,545 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\civ-manual-rev2.pdf
[2010/05/04 02:00:41 | 000,524,896 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\RFC_README.pdf
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/13 22:51:33 | 000,066,323 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\boarding pass.pdf
[2010/04/06 16:53:48 | 000,573,402 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\KaliGandakiValley trek-revisedforLucyandJuliet11.03.10.pdf
[2010/03/28 12:16:50 | 000,591,556 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/28 12:16:50 | 000,492,392 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/28 12:16:50 | 000,089,410 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/22 13:40:09 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Jez\Desktop\JHogan_CoverLetter.doc
[2010/03/15 23:36:14 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Jez\My Documents\HISTOR~1.DOC
[2010/03/11 17:40:16 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/11 17:40:15 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/11 17:40:05 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/05 16:47:40 | 000,467,824 | ---- | M] () -- C:\Documents and Settings\Jez\My Documents\UK developers_Page_1.jpg

========== Files Created - No Company Name ==========

[2010/06/02 00:37:53 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Jez\NTUSER.tmp.LOG
[2010/06/01 22:45:05 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\gmer.exe
[2010/06/01 21:46:10 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\NTREGOPT.lnk
[2010/06/01 21:46:10 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\ERUNT.lnk
[2010/06/01 21:36:16 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\gmer.zip
[2010/06/01 19:52:33 | 000,007,000 | ---- | C] () -- C:\Documents and Settings\Jez\reset.log
[2010/06/01 19:13:58 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\Services.lnk
[2010/05/31 23:02:12 | 000,000,042 | ---- | C] () -- C:\WINDOWS\System32\RegistryEasy.lie
[2010/05/31 23:01:46 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\KeyGen.exe
[2010/05/31 23:01:41 | 000,012,367 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\AHTeam.nfo
[2010/05/28 01:40:36 | 2145,570,816 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/20 00:31:00 | 000,010,504 | ---- | C] () -- C:\Documents and Settings\Jez\My Documents\game ideas.docx
[2010/05/13 02:13:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_xusb21_01007.Wdf
[2010/05/13 02:13:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/05/12 21:22:39 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010/05/04 23:23:41 | 000,130,331 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\Shogun.pdf
[2010/05/04 23:16:05 | 010,365,404 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\samuraiswords.pdf
[2010/05/04 04:03:28 | 001,089,342 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\sabotage rules.docx
[2010/05/04 03:53:16 | 003,264,928 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\axis and allies rules.pdf
[2010/05/04 03:40:47 | 000,100,864 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\Civilization_Rules.doc
[2010/05/04 03:27:46 | 000,121,284 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\AdCiv_StrategyForNewPlayers.rtf
[2010/05/04 03:15:33 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\Civilization_Card_Game_Rules.doc
[2010/05/04 02:50:58 | 007,806,878 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\Through_the_Ages_-_English_Rules.pdf
[2010/05/04 02:34:03 | 002,992,545 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\civ-manual-rev2.pdf
[2010/05/04 02:00:41 | 000,524,896 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\RFC_README.pdf
[2010/04/13 22:51:33 | 000,066,323 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\boarding pass.pdf
[2010/04/07 00:25:27 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2010/04/06 16:53:48 | 000,573,402 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\KaliGandakiValley trek-revisedforLucyandJuliet11.03.10.pdf
[2010/03/22 13:40:07 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Jez\Desktop\JHogan_CoverLetter.doc
[2010/03/18 12:23:43 | 000,000,968 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4266417535-3221280029-822022599-1006UA.job
[2010/03/18 12:23:43 | 000,000,916 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4266417535-3221280029-822022599-1006Core.job
[2010/03/15 23:36:13 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Jez\My Documents\HISTOR~1.DOC
[2010/03/05 16:47:40 | 000,467,824 | ---- | C] () -- C:\Documents and Settings\Jez\My Documents\UK developers_Page_1.jpg
[2009/12/09 23:20:49 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/12/09 23:20:49 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/11/09 21:46:52 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/05/11 18:57:55 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/05/11 18:57:54 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/05/01 20:49:35 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/03/12 20:08:17 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/03/12 20:08:17 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/03/12 20:08:00 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/03/12 20:08:00 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/03/12 20:07:59 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/03/12 20:07:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/01/09 19:41:28 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2007/12/17 17:49:25 | 000,000,048 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/04/02 21:06:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007/04/02 20:27:47 | 000,215,144 | R--- | C] () -- C:\WINDOWS\patchw32.dll
[2007/04/02 20:27:16 | 000,215,144 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2007/04/02 19:46:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/02 19:40:52 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2007/04/02 19:39:31 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2007/04/02 19:37:01 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/09/01 12:15:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/01 10:52:38 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/09/01 10:52:38 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/09/01 10:52:38 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/09/01 10:52:38 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/09/01 10:52:38 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/09/01 10:52:38 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/09/01 10:46:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2006/08/31 16:14:51 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\WLANDLL.DLL
[2006/08/31 15:34:06 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/08/31 04:37:47 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/31 04:37:32 | 000,003,820 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/07/05 02:07:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/09/02 14:44:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/22 21:30:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/07/20 17:04:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2009/04/30 23:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2010/02/22 18:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/12/17 00:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media
[2010/06/02 00:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki
[2009/06/25 20:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2009/10/30 18:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2009/12/09 23:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/27 17:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2009/05/07 18:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\AgeOfBooty
[2009/12/29 12:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Amazon
[2009/12/05 22:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Any DVD Converter Professional
[2009/06/02 18:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Atari
[2009/06/29 13:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Betfair
[2009/05/05 23:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Braid
[2009/12/05 22:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\ImTOO Software Studio
[2007/12/09 23:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\InterVideo
[2008/03/19 12:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\iPodder
[2009/05/20 19:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Leadertech
[2010/05/12 17:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Mind Control Software
[2007/04/02 21:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\My Games
[2010/05/12 17:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\PlayFirst
[2010/05/14 05:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\runic games
[2009/10/30 18:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Sports Interactive
[2010/05/27 22:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Spotify
[2009/07/13 20:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\SystemRequirementsLab
[2008/09/05 18:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Template
[2009/03/04 20:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\The Creative Assembly
[2010/05/13 01:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Tribal Trouble 2
[2010/05/27 01:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Tropico 3
[2010/05/14 05:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Tropico 3 Demo
[2010/06/01 20:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\uTorrent
[2009/12/27 17:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Western Digital
[2009/12/27 17:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jez\Application Data\Western DigitalTemp
[2010/06/01 22:26:05 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D15F8456-D15E-49B8-9533-B8DE5C5378AB}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008/04/03 12:32:36 | 000,206,164 | ---- | M] () -- C:\AUTO.pat
[2008/04/03 12:32:36 | 000,255,192 | ---- | M] () -- C:\AUTO.pst
[2006/08/31 12:54:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/05/27 21:22:31 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2006/08/31 12:54:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/06/02 00:39:33 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2006/08/31 12:54:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/08/31 12:54:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/10 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/01/28 00:03:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/02 00:39:31 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/14 01:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[2008/04/14 01:11:53 | 000,380,445 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\expsrv.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/08/31 13:43:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/08/31 13:43:28 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/08/31 13:43:28 | 000,901,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB1B13D8
< End of report >



OTL Extras logfile created on: 02/06/2010 00:52:58 - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Documents and Settings\Jez\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 73.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 3.14 Gb Free Space | 5.63% Space Free | Partition Type: NTFS
Drive D: | 47.98 Gb Total Space | 5.23 Gb Free Space | 10.89% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
Drive H: | 488.84 Mb Total Space | 298.69 Mb Free Space | 61.10% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: JEZLAPTOP
Current User Name: Jez
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe" = C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server -- File not found
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 -- (Firaxis Games)
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords -- (Firaxis Games)
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss -- (Firaxis Games)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe" = C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe:*:Enabled:Sid Meier's Civilization IV Colonization -- (Firaxis Games)
"C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe" = C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Enabled:Football Manager 2009 -- File not found
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe" = C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War -- File not found
"C:\Program Files\Kontiki\KService.exe" = C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service -- (Kontiki Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Program Files\Unreal Tournament 3\Binaries\UT3.exe" = D:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3 -- ()
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword -- (Firaxis Games)
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss -- (Firaxis Games)
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe" = C:\Program Files\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe:*:Enabled:Sid Meier's Railroads! -- (MACiOZO Games, Inc)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"D:\Steam\SteamApps\common\football manager 2010\fm.exe" = D:\Steam\SteamApps\common\football manager 2010\fm.exe:*:Enabled:Football Manager 2010 -- (Sports Interactive)
"D:\Steam\SteamApps\common\eets\Eets.exe" = D:\Steam\SteamApps\common\eets\Eets.exe:*:Enabled:Eets Demo -- ()
"D:\Steam\SteamApps\common\freedom force vs. the 3rd reich demo\ffvt3rd.exe" = D:\Steam\SteamApps\common\freedom force vs. the 3rd reich demo\ffvt3rd.exe:*:Enabled:Freedom Force vs. the 3rd Reich - Demo -- (Irrational Games)
"C:\Program Files\Codemasters\Ashes Cricket 2009\Cricket2009.exe" = C:\Program Files\Codemasters\Ashes Cricket 2009\Cricket2009.exe:*:Enabled:Ashes Cricket 2009 -- ()
"D:\Steam\SteamApps\common\empire total war\Empire.exe" = D:\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War -- (The Creative Assembly Ltd)
"D:\Steam\SteamApps\common\torchlight\Torchlight.exe" = D:\Steam\SteamApps\common\torchlight\Torchlight.exe:*:Enabled:Torchlight Demo -- (Runic Games, Inc.)
"D:\Steam\SteamApps\common\bob came in pieces demo\Bob.exe" = D:\Steam\SteamApps\common\bob came in pieces demo\Bob.exe:*:Enabled:Bob Came in Pieces Demo -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F8608F-BA6A-4B32-843A-1A568ACD1198}" = VAIO Sea Wallpaper
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0.0 (r181)
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{04605217-DD32-4090-9D9A-E5345222B9E1}" =
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{24960AC2-C413-4A86-B1C1-E4CCADCA44D3}" = VAIO Information FLOW
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 20
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{339E14FF-8FDC-4809-AAF2-87BA22905C7F}" = DirectX for Managed Code Update (December 2004)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{44E1DE63-C8FA-4C70-B4AA-0C49A947ACDE}" = Sid Meier's Railroads!
"{47836B39-2465-4F39-9D7E-52F70A1C3D72}" = Axis & Allies
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 5.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
"{792BF55D-113E-43DD-B686-F13DAFDEE1A4}}_is1" = New Star Soccer 2010 v4.13d
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8B39736E-7C8C-4A32-82C1-F94245F20D85}" = Ashes Cricket 2009
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E158BB9-37B9-464B-837E-CC1D5766291B}" = VAIO Update 3
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.0
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}" = Betfair Poker
"{A2614BE8-5A35-4C28-A3EA-69A1ED98CE0E}" = Zatikon
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{ABBD2A2E-2424-4078-966F-F319A88D5F21}" = VAIO Starfish Wallpaper
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AC76BA86-7AD7-1033-7B44-A81100000003}" = Adobe Reader 8.1.1
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D04113AE-140C-496C-B48D-38FF07291B2F}" = Global Defense Network
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D466F3D9-510C-4729-B7D4-2E70490E4CDF}" = BBC iPlayer Download Manager
"{E5E6E687-1033-0000-0000-000000000002}" = Adobe Acrobat 7.0 Elements
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.5.30
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}" = Sid Meier's Railroads!
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3 USB Modem" = 3 USB Modem
"4578-0181-0549-1546" = Altitude 1.0.0
"Adobe Acrobat 7.0 Elements" = Adobe Acrobat 7.0 Elements
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.8
"Ancient Empires Lux Demo_is1" = Ancient Empires Lux Demo 1.01
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 3.7.8
"Aquaria" = Aquaria
"AVG9Uninstall" = AVG Free 9.0
"BBC iPlayer Download Manager" = BBC iPlayer Download Manager
"Break Ball 2 Gold_is1" = Break Ball 2 Gold
"BreakQuest" = BreakQuest
"Chromadrome 2" = Chromadrome 2 (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_104D1700" = Soft Data Fax Modem with SmartCP
"Darwinia" = Darwinia
"Democracy 2 Demo_is1" = Democracy 2 Demo
"ERUNT_is1" = ERUNT 1.1j
"Eufloria 2.00" = Eufloria 2.00
"free-downloads.net Toolbar" = free-downloads.net Toolbar
"Freez Screen Video Capture v1.2_is1" = Freez Screen Video Capture v1.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ImTOO MOV Converter" = ImTOO MOV Converter
"InstallShield_{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"InstallShield_{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO Online Registration (English)
"InstallShield_{8B39736E-7C8C-4A32-82C1-F94245F20D85}" = Ashes Cricket 2009
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"Jets'n'Guns GOLD Demo" = Jets'n'Guns GOLD Demo 1.212
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.0 (Basic)
"Kudos 2 Demo_is1" = Kudos 2 Demo
"Land of Legends DEMO" = Land of Legends DEMO
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mexican Motor Mafia_is1" = Mexican Motor Mafia 1.3
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"My Club VAIO Media Center Edition_is1" = My Club VAIO MCE 1.0.0
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Oasis" = Oasis
"OpenAL" = OpenAL
"OpenMG HotFix4.5-06-05-10-01" = OpenMG Limited Patch 4.5-06-05-12-01
"ParadisePoker" = ParadisePoker
"Peggle" = Peggle (remove only)
"Picasa2" = Picasa 2
"PM4E_BRITISH_2010_DEMO_is1" = Prime Minister Forever - British 2010 Demo - v. 1.5.2
"Pocket Tanks_is1" = Pocket Tanks v1.3
"Pokerbility_is1" = Pokerbility 1.10.25
"PowerISO" = PowerISO
"ProInst" = Intel® PROSet/Wireless Software
"RealPlayer 12.0" = RealPlayer
"Registry Easy_is1" = Registry Easy v5.6
"Shockwave" = Shockwave
"SopCast" = SopCast 3.0.3
"Spotify" = Spotify
"Steam App 10500" = Empire: Total War
"Steam App 18820" = Zero Gear
"Steam App 34000" = Football Manager 2010
"Steam App 37810" = QuantZ Demo
"Steam App 41510" = Torchlight Demo
"Steam App 46010" = Bob Came in Pieces Demo
"Steam App 6110" = Eets Demo
"Steam App 8910" = Freedom Force vs. the 3rd Reich - Demo
"Super DX-Ball_is1" = Super DX-Ball v1.1
"SystemRequirementsLab" = System Requirements Lab
"Tropico3" = Tropico 3 1.00
"TVAnts 1.0" = TVAnts 1.0
"TVUPlayer" = TVUPlayer 2.4.7.2
"Veetle TV" = Veetle TV 0.9.14
"VJOcx2.0" = VJOcx2.0
"VLC media player" = VLC media player 1.0.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"Planetary Conquest Client" = Planetary Conquest Client
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 01/06/2010 13:45:13 | Computer Name = JEZLAPTOP | Source = Google Update | ID = 20
Description =

Error - 01/06/2010 13:57:39 | Computer Name = JEZLAPTOP | Source = Google Update | ID = 20
Description =

Error - 01/06/2010 14:30:42 | Computer Name = JEZLAPTOP | Source = Google Update | ID = 20
Description =

Error - 01/06/2010 14:40:37 | Computer Name = JEZLAPTOP | Source = Google Update | ID = 20
Description =

Error - 01/06/2010 14:57:45 | Computer Name = JEZLAPTOP | Source = Google Update | ID = 20
Description =

Error - 01/06/2010 15:12:16 | Computer Name = JEZLAPTOP | Source = Google Update | ID = 20
Description =

Error - 01/06/2010 16:12:16 | Computer Name = JEZLAPTOP | Source = Google Update | ID = 20
Description =

Error - 01/06/2010 16:33:14 | Computer Name = JEZLAPTOP | Source = Google Update | ID = 20
Description =

Error - 01/06/2010 16:45:58 | Computer Name = JEZLAPTOP | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 01/06/2010 16:45:58 | Computer Name = JEZLAPTOP | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

[ System Events ]
Error - 01/06/2010 19:42:09 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Themes service to connect.

Error - 01/06/2010 19:42:09 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7000
Description = The Themes service failed to start due to the following error: %%1053

Error - 01/06/2010 19:42:09 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the DHCP Client service to
connect.

Error - 01/06/2010 19:42:09 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7000
Description = The DHCP Client service failed to start due to the following error:
%%1053

Error - 01/06/2010 19:42:09 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Wireless Zero Configuration
service to connect.

Error - 01/06/2010 19:42:09 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7000
Description = The Wireless Zero Configuration service failed to start due to the
following error: %%1053

Error - 01/06/2010 19:42:09 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Shell Hardware Detection
service to connect.

Error - 01/06/2010 19:42:09 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Task Scheduler service
to connect.

Error - 01/06/2010 19:42:09 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7000
Description = The Task Scheduler service failed to start due to the following error:
%%1053

Error - 01/06/2010 19:43:32 | Computer Name = JEZLAPTOP | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.


< End of report > thumbup2.gif

Here is a DDS scan as well. I really appreciate you helping me with this. Let me know what else i can post/attach.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Jez at 20:19:54.03 on 02/06/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2046.1430 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kontiki\KService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
svchost.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Jez\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Jez\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.hotmail.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = https://registration.sonystyle-europe.com/v...es&lang=ENG
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfre0.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\progra~1\google~1\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfre0.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfre0.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\jez\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [PeerBlock] c:\program files\peerblock\peerblock.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"
mRun: [ISBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe
mRun: [Switcher.exe] c:\program files\sony\wireless switch setting utility\Switcher.exe
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [VAIO Update 3] "c:\program files\sony\vaio update 3\VAIOUpdt.exe" /Stationary
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: Add RSS Support Site to VAIO Information FLOW - c:\program files\sony\vaio information flow\aiesc.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jez\applic~1\mozilla\firefox\profiles\fnm0so27.default\
FF - prefs.js: browser.startup.homepage - hxxp://mail.live.com/default.aspx?wa=wsignin1.0
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\jez\application data\mozilla\firefox\profiles\fnm0so27.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\documents and settings\jez\local settings\application data\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npBBCPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-7-19 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-7-19 29512]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-7-19 242896]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-11 308064]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-9-1 1251720]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-5 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
R3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2010-3-3 14424]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2006-8-31 226304]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys --> c:\windows\system32\drivers\ivusb.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-12-27 11520]

=============== Created Last 30 ================

2010-06-02 19:12:56 20 ----a-w- c:\documents and settings\jez\defogger_reenable
2010-05-31 22:02:12 42 ----a-w- c:\windows\system32\RegistryEasy.lie
2010-05-31 21:52:52 0 d-----w- c:\program files\Registry Easy
2010-05-27 20:52:11 0 d-----w- c:\docume~1\jez\applic~1\Malwarebytes
2010-05-27 20:52:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-27 20:51:59 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-05-27 20:51:58 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-27 20:51:58 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-14 16:29:32 0 d-----w- c:\docume~1\jez\applic~1\Tropico 3
2010-05-14 16:19:30 0 d-----w- c:\program files\Kalypso
2010-05-14 04:04:25 0 d-----w- c:\docume~1\jez\applic~1\runic games
2010-05-14 02:09:52 0 d-----w- c:\program files\Jets'n'Guns GOLD Demo
2010-05-14 01:31:50 0 d-----w- c:\program files\Global Defense Network
2010-05-14 01:23:43 0 d-----w- c:\program files\Nurium_Games
2010-05-13 04:58:50 0 d-----w- c:\program files\Shrapnel Games
2010-05-13 04:22:03 0 d-----w- c:\program files\Break Ball 2 Gold
2010-05-13 04:21:04 0 d-----w- c:\program files\ReflexiveArcade
2010-05-13 03:32:04 0 d-----w- c:\program files\Chromadrome 2
2010-05-13 03:28:29 0 d-----w- c:\program files\Mexican Motor Mafia
2010-05-13 02:22:18 0 d-----w- c:\documents and settings\jez\zatikon
2010-05-13 02:19:07 0 d-----w- c:\program files\Zatikon
2010-05-13 01:13:23 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01007.Wdf
2010-05-13 01:13:19 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-05-13 01:13:01 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-05-13 00:58:00 0 d-----w- c:\program files\New Star Soccer 2010
2010-05-12 22:07:28 0 d-----w- c:\program files\Democracy2 Demo
2010-05-12 20:22:39 4096 ----a-w- c:\windows\d3dx.dat
2010-05-12 20:22:08 0 d-----w- c:\program files\Kudos 2 Demo
2010-05-12 20:10:15 0 d-----w- c:\program files\Prime Minister Forever - British 2010 Demo
2010-05-12 19:16:00 0 d-----w- c:\documents and settings\jez\TribalTrouble2
2010-05-12 19:04:25 0 d-----w- c:\docume~1\jez\applic~1\Tribal Trouble 2
2010-05-12 18:59:42 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-12 16:02:41 0 d-----w- c:\docume~1\jez\applic~1\Mind Control Software
2010-05-12 16:02:00 0 d-----w- c:\program files\Oasis by Mind Control
2010-05-11 02:52:06 0 d-----w- c:\program files\Codemasters

==================== Find3M ====================

2010-05-05 12:39:22 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-11 16:40:16 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-11 12:38:54 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:38:52 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:38:51 17408 ------w- c:\windows\system32\corpol.dll
2010-03-09 11:09:18 430080 ----a-w- c:\windows\system32\vbscript.dll
2009-01-27 23:48:49 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009012720090128\index.dat

============= FINISH: 20:21:41.45 ===============

Merged 2 posts. ~ OB

Edited by Orange Blossom, 03 June 2010 - 05:51 PM.


BC AdBot (Login to Remove)

 


#2 jezhogan

jezhogan
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 04 June 2010 - 02:43 PM


PLEASE CLOSE - i have found some help elsewhere - thanks very much, you people are doing great work!

Jeremy

#3 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:12:02 PM

Posted 05 June 2010 - 05:25 PM

Thanks for letting us know. thumbup2.gif

Since this issue appears to be resolved ... this Topic has been closed.

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users