Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Malware Doctor" infection changing settings


  • This topic is locked This topic is locked
38 replies to this topic

#1 kliao93

kliao93

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 18 July 2010 - 04:20 PM

I must have visited a website and gotten a fake program (that I deleted quickly) that auto-downloaded itself to my computer somehow, and I now somehow can't use regedit or system restore and have yet to find out what else I can't use.

I want to post the ddr and gmer logs but for some reason the ddr one would not download properly from the link provided by this site, and the gmer gives an error saying that it can not find the system or something.
I'm very afraid that this is from the malware. I have done a malwareremoval scan (malwarebytes) which has identified and eliminated part of the virus(es)

Thank you for helping!

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 AM

Posted 25 July 2010 - 11:39 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.
  1. Do not run any other tool untill instructed to do so!
  2. Please Do not Attach logs or put in code boxes.
  3. Tell me about any problems that have occurred during the fix.
  4. Tell me of any other symptoms you may be having as these can help also.
  5. Do not run anything while running a fix.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:
    Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
    • The application window will appear
    • Click the Disable button to disable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger may ask you to reboot the machine, if it does - click OK
    Do not re-enable these drivers until otherwise instructed.

Download DDS:
    Please download DDS by sUBs from one of the links below and save it to your desktop:


    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.
    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
      • DDS.txt
      • Attach.txt
    • A window will open instructing you save & post the logs
    • Save the logs to a convenient place such as your desktop
    • Copy the contents of both logs & post in your next reply

Scan With RKUnHooker
  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


MBRCheck

Please also download MBRCheck to your desktop
  • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
  • It will show a Black screen with some data on it
  • a report called MBRcheck will be on your desktop
  • open this report
  • Right click on the screen and select > Select All
  • Press Control+C
  • now please copy that report to this thread


information and logs:
    In your next post I need the following
      1.logs from DDS
      2.log from RKUnHooker
      3. report from MBRchecker
      4.let me know of any problems you may have had

Gringo


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 kliao93

kliao93
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 25 July 2010 - 12:53 PM

I can not download many of these programs since the virus has changed my security settings so these .exe programs auto-delete in my downloads folder right after I have them.
I am not sure what to do, since I can't even download these programs, though I have a few of the old prereqs like hijackthis, anti-malwarebytes, etc.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 AM

Posted 25 July 2010 - 01:00 PM

It's most likely the rogueware, that is preventing programs as well as our tools from running. The following tool will hep running them.

If you have an active internet connection, copy/paste the links below into your browser, don't click them or the rogue might redirect. If you don't have an active internet connection, download the tools from another machine, and transfer them to the affected machine via USB flash drive.

There are 4 different versions. If one of them won't run then download and try to run the other one. You only need to get one of them to run, not all of them.

Vista and Win7 users need to right click and choose Run as Admin

http://download.bleepingcomputer.com/grinler/rkill.exe
http://download.bleepingcomputer.com/grinler/rkill.com
http://download.bleepingcomputer.com/grinler/rkill.scr
http://download.bleepingcomputer.com/grinler/rkill.pif

Note: You will likely see a message from this rogue telling you the file is infected. Ignore the message. Leave the message OPEN, do not close the message. Run rkill repeatedly until it's able to do it's job. This may take a few tries. You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.

Once the tool has run, do NOT reboot the machine,

If for some reason the machine reboots, repeat the process. Again, try not to restart the machine.

Scan with exeHelper:

Please download exeHelper to your desktop.
  • Double-click on exeHelper.com to run the fix.
  • A black window should pop up, press any key to close once the fix is completed.
  • Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

At this point, you should now be able to run analysis tools.

Gringo

Edited by gringo_pr, 25 July 2010 - 01:01 PM.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 kliao93

kliao93
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 25 July 2010 - 01:05 PM

I can not even download any of the supplied link's programs.
I use firefox, and it downloads into a download folder. It does this
1. downloads to download box, but auto-cancels
2. I hit retry where it looks like its downloading, you can see the temp file forming in the download folder
3. it autodeletes the file if it is any kind of file that is meant to "run" (aka .exe). Things like .avi seem to be able to be downloaded.

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 AM

Posted 25 July 2010 - 06:48 PM

Hello

Try with IE.

use another computer to download them then move to infected computer by jumpdrive.


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 AM

Posted 29 July 2010 - 03:52 PM

Hello

three day bump

It has been Three days since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 kliao93

kliao93
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 31 July 2010 - 07:52 PM

hi there, I am in the process of doing what you told me to, please do not close the thread as my problem is not yet fixed, I apologize for the late reply.
Thank you, I should be done shortly and will post all logs.

#9 kliao93

kliao93
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 31 July 2010 - 07:59 PM

I ran rkill multiple times (a LOT of times), had a log pop up, but never saw explorer.exe reload itself so I'm unsure if its successful.
I then ran exehelper, (im on win7 by the way), and it would freeze up quickly here's a log of that:

exeHelper by Raktor
Build 20100414
Run at 20:53:50 on 07/31/10
Now searching...
Checking for numerical processes...
exeHelper by Raktor
Build 20100414
Run at 20:55:07 on 07/31/10
Now searching...
Checking for numerical processes...
exeHelper by Raktor
Build 20100414
Run at 20:55:20 on 07/31/10
Now searching...
Checking for numerical processes...
exeHelper by Raktor
Build 20100414
Run at 20:55:38 on 07/31/10
Now searching...
Checking for numerical processes...


And as for my log for rkill:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Kai on 31/07/2010 at 20:57:31.


Processes terminated by Rkill or while it was running:




Rkill completed on 31/07/2010 at 20:58:34.






As the admin on this computer, I have lost the ability to use things like system restore, can not download many programs from the computer, and many downloads in general look strange now or I can not download at all.
Thank you!

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 AM

Posted 31 July 2010 - 09:03 PM

after you ran rkill and exe helper did you try to run DDS? and is this 64 bit or 32 bit?


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 kliao93

kliao93
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 31 July 2010 - 09:09 PM

I have just run it now, if you would like the log this is it:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 14/12/2009 12:02:40 AM
System Uptime: 28/07/2010 12:19:20 AM (94 hours ago)

Motherboard: Sony Corporation | | VAIO
Processor: Intel® Core™2 Duo CPU T6500 @ 2.10GHz | N/A | 2100/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 363 GiB total, 67.887 GiB free.
D: is Removable
E: is Removable
F: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is CDROM ()
J: is CDROM ()
K: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP109: 26/05/2010 9:31:32 PM - Installed Sibelius 6
RP110: 26/05/2010 10:00:21 PM - Removed Sibelius 6
RP111: 26/05/2010 10:03:09 PM - Installed Sibelius 6
RP112: 27/05/2010 7:55:39 AM - Windows Update
RP113: 03/06/2010 9:49:53 PM - Installed Stereoscopic Player
RP114: 04/06/2010 8:00:35 AM - Windows Update
RP115: 10/06/2010 10:14:52 AM - Windows Update
RP116: 11/06/2010 12:50:34 PM - Windows Update
RP117: 14/06/2010 1:32:35 PM - Removed Ask Toolbar.
RP118: 14/06/2010 1:40:01 PM - Removed Adobe Reader 9.3.2.
RP119: 14/06/2010 1:50:51 PM - Installed Adobe Reader 8.1.3
RP120: 17/06/2010 1:02:11 PM - Windows Update
RP121: 23/06/2010 11:45:27 AM - Windows Update
RP122: 25/06/2010 1:42:37 PM - VAIO Care Automatic Restore Point
RP123: 26/06/2010 11:34:03 AM - Windows Update
RP124: 01/07/2010 2:26:08 PM - Installed KORG USB-MIDI Driver Tools for Windows
RP125: 01/07/2010 9:15:02 PM - Device Driver Package Install: KORG Inc. Sound, video and game controllers
RP126: 03/07/2010 10:16:08 PM - Installed KORG M1 Le.
RP127: 03/07/2010 10:41:57 PM - Installed Korg Kontrol Editor.
RP128: 04/07/2010 3:53:53 PM - Installed Driver Detective.
RP129: 13/07/2010 9:14:50 PM - Scheduled Checkpoint
RP130: 14/07/2010 7:34:00 AM - Windows Update

==== Installed Programs ======================


AC3Filter (remove only)
Acrobat.com
Ad-Aware
Adobe Acrobat 5.0
Adobe AIR
Adobe Audition 3.0
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11.5
Advanced WMA Workshop version 2.6
Antares Auto-Tune Evo VST
Antares Autotune VST RTAS TDM v5.08
Apple Application Support
Apple Software Update
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 2
Ares 2.1.5
Ares Transfer 1.0.1.1002
ASIO4ALL
Atomic RAR Password Recovery 1.20
µTorrent
Audacity 1.2.6
Audacity 1.3.10 (Unicode)
AVerMedia H826 series driver 1.0.64.84
BufferChm
Camtasia Studio 6
CCleaner
Cheat Engine 5.5
Click to Disc
Click to Disc Editor
Collab
Combat Arms
Compatibility Pack for the 2007 Office system
Copy
Debut Video Capture Software
Destinations
DeviceDiscovery
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DJ_AIO_05_F4400_Software_Min
Driver Detective
DSD Direct
DSD Direct Player
DSD Playback Plug-in
Edirol HQ Orchestral v1.01
ERUNT 1.1j
F4400
FL Studio 8
FL Studio 9
Free Audio CD Burner version 1.4
Free Video to iPod Converter version 3.2
Free YouTube Download 2.6
Free YouTube to MP3 Converter version 3.6
GIMP 2.6.8
Google Chrome
Google Update Helper
GPL MPEG-1/2 DirectShow Decoder Filter
HiJackThis
HP Update
HPPhotoGadget
hpPrintProjects
hpWLPGInstaller
I-Doser 4.50
IL Download Manager
Indeo® Software
Java™ 6 Update 17
Java™ SE Runtime Environment 6
Jing
Junk Mail filter update
K-Lite Codec Pack 5.4.4 (Basic)
Korg Kontrol Editor
KORG M1 Le
KORG USB-MIDI Driver Tools for Windows
LAME v3.98.2 for Audacity
Live 8.0.4
Malwarebytes' Anti-Malware
MarketResearch
McAfee Security Scan Plus
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.4
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ Run Time Lib Setup
Microsoft Works
Mozilla Firefox (3.6.6)
Mozilla Thunderbird (3.0.4)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Transfer
Norton Security Scan
PoiZone
Primo
QuickTime
Realtek High Definition Audio Driver
reFX Nexus VSTi RTAS v2.2.0
Rogers Update Manager
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Runtime
Sawer
Scan
Seagate Manager Installer
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Setting Utility Series
Sibelius 6
Skype Toolbars
Skype™ 4.2
SmartWi Connection Utility
Sony Home Network Library
Sony Picture Utility
Status
Steam
Stereoscopic Player
System Requirements Lab
Toolbox
Toxic Biohazard
TrayApp
TuneUp Companion 1.1.9
Uninstall 1.0.0.1
Universal Extractor 1.6
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO BD Menu Data
VAIO Care
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data Basic
VAIO Entertainment Platform
VAIO Event Service
VAIO Help and Support
VAIO Launcher
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story
VAIO Movie Story Template Data
VAIO MusicBox Sample Music
VAIO OOBE and Welcome Center
VAIO Original Function Settings
VAIO Survey
VAIO Update 4
VAIO Wallpaper Contents
VC80CRTRedist - 8.0.50727.4053
Virtual.HairStyle Fab
VirtualCloneDrive
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ 8.0 Runtime Setup Package (x64)
VLC media player 1.0.5
VST Bridge 1.1
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
WinDVD BD for VAIO
WinRAR archiver
YouTube Downloader 2.5.5

==== Event Viewer Messages From Past Week ========

27/07/2010 6:57:25 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR5.
25/07/2010 10:08:14 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
24/07/2010 3:57:16 PM, Error: Service Control Manager [7000] - The Lbd service failed to start due to the following error: The system cannot find the file specified.

==== End Of File ===========================


#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 AM

Posted 31 July 2010 - 09:16 PM

there should have been two reports this is the second report let me have the first report

Also is this 64bit or 32 bit?


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 kliao93

kliao93
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 31 July 2010 - 09:23 PM


DDS (Ver_10-03-17.01) - NTFSX64
Run by Kai at 22:08:28.14 on 31/07/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.2.1033.18.4063.1060 [GMT -4:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Ares\Ares.exe
C:\Windows\splwow64.exe
C:\Program Files\Windows Media Player\wmprph.exe
C:\Windows\system32\prevhost.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Windows\explorer.exe
C:\Windows\system32\StikyNot.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Windows\system32\calc.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
K:\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT


I am running on 64-bit as well

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:07 AM

Posted 31 July 2010 - 09:37 PM

Hello

This is the programs I like to use for 64 bit

: Malwarebytes' Anti-Malware :
    I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.




Download and run OTL:

Download OTL by Old Timer and save it to your Desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in
      netsvcs
      drivers32 /all
      %SYSTEMDRIVE%\*.*
      %systemroot%\system32\*.wt
      %systemroot%\system32\*.ruy
      %systemroot%\Fonts\*.com
      %systemroot%\Fonts\*.dll
      %systemroot%\Fonts\*.ini
      %systemroot%\Fonts\*.ini2
      %systemroot%\system32\spool\prtprocs\w32x86\*.*
      %systemroot%\REPAIR\*.bak1
      %systemroot%\REPAIR\*.ini
      %systemroot%\system32\*.jpg
      %systemroot%\*.scr
      %systemroot%\*._sy
      %APPDATA%\Adobe\Update\*.*
      %ALLUSERSPROFILE%\Favorites\*.*
      %APPDATA%\Microsoft\*.*
      %PROGRAMFILES%\*.*
      %APPDATA%\Update\*.*
      %systemroot%\*. /mp /s
      CREATERESTOREPOINT
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemroot%\System32\config\*.sav
      %systemroot%\system32\user32.dll /md5
      %systemroot%\system32\ws2_32.dll /md5
      %systemroot%\system32\ws2help.dll /md5
      HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time,

Edited by gringo_pr, 31 July 2010 - 09:37 PM.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 kliao93

kliao93
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 31 July 2010 - 11:13 PM

I tried to update malwarebytes but it would not let me! the virus has been doing things like this. nothing was detected in the quick scan.

Malwarebytes' Anti-Malware 1.44
Database version: 3772
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

31/07/2010 11:56:52 PM
mbam-log-2010-07-31 (23-56-52).txt

Scan type: Quick Scan
Objects scanned: 122669
Time elapsed: 5 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL logfile created on: 01/08/2010 12:02:04 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = K:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 20.00% Memory free
8.00 Gb Paging File | 3.00 Gb Available in Paging File | 42.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 362.89 Gb Total Space | 66.99 Gb Free Space | 18.46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 7.39 Gb Total Space | 0.03 Gb Free Space | 0.39% Space Free | Partition Type: FAT32

Computer Name: KAI-PC
Current User Name: Kai
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/31 23:09:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- K:\OTL.exe
PRC - [2010/07/21 15:53:00 | 010,358,568 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunes.exe
PRC - [2010/07/03 20:39:11 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/07/03 20:39:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/06/10 21:18:20 | 000,019,760 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/06/03 13:45:42 | 000,012,592 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
PRC - [2010/05/15 12:25:52 | 000,322,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/29 21:43:23 | 000,755,096 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe
PRC - [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
PRC - [2010/02/08 10:51:32 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files (x86)\Ares\Ares.exe
PRC - [2009/12/01 00:52:06 | 007,796,736 | ---- | M] (The Audacity Team) -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe
PRC - [2009/08/26 18:11:50 | 000,173,368 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2009/08/26 18:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
PRC - [2009/08/26 18:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
PRC - [2009/08/26 18:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2009/07/26 16:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/07/23 11:39:38 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009/07/23 11:39:36 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/07/22 16:03:04 | 000,642,920 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/07/14 12:15:12 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/07/14 12:15:12 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/06/17 07:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/26 10:23:14 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
PRC - [2008/09/26 11:02:04 | 002,356,088 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe
PRC - [2007/01/04 22:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (SafeList) ==========

MOD - [2010/07/31 23:09:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- K:\OTL.exe
MOD - [2010/07/18 12:01:49 | 000,036,865 | ---- | M] () -- C:\Windows\SysWOW64\msmxjchn.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/11/05 13:59:44 | 000,294,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV:64bit: - [2009/09/17 00:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/26 15:35:04 | 000,468,264 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2009/03/30 18:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/01/24 14:23:16 | 000,839,720 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/01/17 00:59:12 | 000,110,376 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/23 11:39:38 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009/07/23 11:39:38 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/07/23 11:39:36 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/07/22 16:03:04 | 000,642,920 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/07/17 12:31:28 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/07/17 12:31:28 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/07/17 12:31:28 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/07/17 12:31:26 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/07/17 12:31:26 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/07/14 12:15:12 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/06/26 12:25:36 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/06/26 12:25:24 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/09/18 13:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/04/22 09:25:02 | 000,163,840 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe -- (RogersUpdateManager)
SRV - [2007/01/04 22:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [File_System | Boot | Stopped] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/12/17 18:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/11/22 15:04:58 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/10/15 01:12:00 | 000,031,832 | ---- | M] (KORG INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KORGUM64.SYS -- (KORGUMDS)
DRV:64bit: - [2009/09/09 11:04:46 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/08/21 21:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/08/09 17:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/08/06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/20 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/02/19 16:02:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/02/19 16:02:25 | 000,133,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/02/19 16:02:25 | 000,095,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/02/19 16:01:57 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/02/13 16:02:28 | 000,965,248 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerAVF2.sys -- (AVerAVF2)
DRV:64bit: - [2008/11/18 20:08:46 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2008/11/05 20:10:58 | 000,076,688 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr_cfs.sys -- (JMCR_CFS)
DRV:64bit: - [2008/10/22 20:02:17 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2008/10/22 20:02:08 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2008/10/01 20:39:48 | 000,062,480 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcusb.sys -- (TcUsb)
DRV:64bit: - [2008/07/14 21:17:16 | 000,315,648 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\AVerFx2hbtv64.sys -- (AVerFx2hbtv64)
DRV:64bit: - [2008/05/20 20:06:14 | 000,321,072 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/04/24 17:06:42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007/04/16 23:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...T&bmod=SNNT
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...T&bmod=SNNT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sonystyle.ca/vaio [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Swag Bucks Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-yff35"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-yff35"
FF - prefs.js..browser.search.selectedEngine: "Swag Bucks Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://ca.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..keyword.URL: "http://ca.search.yahoo.com/search;_ylt=A0oG748Q_lhLAqAA5lXrFAx.?p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/03 20:39:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/18 13:30:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/03 20:39:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/18 13:30:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/03 20:39:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/18 13:30:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/05/15 14:04:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010/06/14 13:51:22 | 000,000,000 | ---D | M]

[2010/03/27 14:44:22 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Mozilla\Extensions
[2010/03/27 14:44:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kai\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/07/27 19:50:14 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Mozilla\Firefox\Profiles\zgdgx198.default\extensions
[2010/02/18 21:10:11 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kai\AppData\Roaming\Mozilla\Firefox\Profiles\zgdgx198.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/21 00:31:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kai\AppData\Roaming\Mozilla\Firefox\Profiles\zgdgx198.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/06/15 13:30:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kai\AppData\Roaming\Mozilla\Firefox\Profiles\zgdgx198.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/20 13:15:44 | 000,000,923 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\Mozilla\Firefox\Profiles\zgdgx198.default\searchplugins\conduit.xml
[2010/07/27 20:00:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/12/13 23:32:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/03/05 20:20:10 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

O1 HOSTS File: ([2010/06/13 10:33:26 | 000,001,115 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 mynortonaccount.conxion.com
O1 - Hosts: 127.0.0.1 a204-2-160-40.deploy.akamaitechnologies.com
O1 - Hosts: 127.0.0.1 symantec.com.102.112.2o7.net
O1 - Hosts: 127.0.0.1 a96-7-151-238.deploy.akamaitechnologies.com
O1 - Hosts: 127.0.0.1 lcsitemain.conxion.com
O1 - Hosts: 127.0.0.1 lc1alt.symantec.com
O1 - Hosts: 127.0.0.1 lcsitemain.symantec.com
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Video Accelerator] C:\Program Files\Leawo\Video Accelerator\VideoAccelerator.exe (Leawo Software Co., Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AML] C:\Program Files (x86)\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [dfttuyo] C:\Windows\SysWow64\dfttuyo.exe File not found
O4 - HKLM..\Run: [dfttuyox] C:\Windows\SysWow64\dfttuyox.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [sxuluj] C:\Windows\SysWow64\msmxjchn.DLL ()
O4 - HKLM..\Run: [Video Accelerator] C:\Program Files\Leawo\Video Accelerator\VideoAccelerator.exe (Leawo Software Co., Ltd.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [070700Setup.exe] C:\Users\Kai\AppData\Roaming\F8FE53AB0E20F2653D4D041AAC8FB371\070700Setup.exe File not found
O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [hsehf98u34i9tjioaugy987iuegdsg] C:\Users\Kai\AppData\Local\Temp\mdm.exe File not found
O4 - HKCU..\Run: [mcexecwin] C:\Users\Kai\AppData\Local\Temp\gm2xdjr.DLL File not found
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\SysWow64\StikyNot.exe File not found
O4 - HKCU..\Run: [uiha98uiohf873yuiadnhgjesgregas] C:\Users\Kai\AppData\Local\Temp\xetst8ejgz.exe File not found
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Kai\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kai\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Kai\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kai\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Kai\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kai\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi5 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi6 - KORGUM64.DRV (KORG INC.)
Drivers32:64bit: midi7 - KORGUM64.DRV (KORG INC.)
Drivers32:64bit: midi8 - KORGUM64.DRV (KORG INC.)
Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer5 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave5 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\KORGUMDD.DRV (KORG INC.)
Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi6 - .metadata_never_index ()
Drivers32: midi7 - .metadata_never_index ()
Drivers32: midi8 - .metadata_never_index ()
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.dvsd - C:\Program Files (x86)\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\iyvu9_32.dll ()
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 90 Days ==========

[2010/07/27 18:47:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\I-Doser
[2010/07/25 13:39:41 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/07/25 11:45:35 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\we hated over_data
[2010/07/25 10:10:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/07/25 10:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/07/18 13:42:29 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010/07/18 13:37:06 | 002,610,008 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2010/07/18 13:37:06 | 001,733,464 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2010/07/18 13:37:06 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010/07/18 13:37:06 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2010/07/18 13:37:06 | 000,335,192 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2010/07/18 13:37:06 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010/07/18 13:37:06 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010/07/18 13:37:06 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010/07/18 13:37:06 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2010/07/18 13:37:06 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010/07/18 13:37:06 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010/07/18 13:37:06 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2010/07/18 13:37:06 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2010/07/18 13:37:05 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2010/07/18 13:37:05 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2010/07/18 13:37:05 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2010/07/18 13:37:05 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2010/07/18 13:37:05 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2010/07/18 13:37:05 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2010/07/18 13:37:05 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2010/07/18 13:37:05 | 000,335,192 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2010/07/18 13:37:05 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010/07/18 13:37:05 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010/07/18 13:37:05 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2010/07/18 13:37:05 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2010/07/18 13:37:05 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2010/07/18 13:37:05 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2010/07/18 13:37:05 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2010/07/18 13:37:05 | 000,122,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2010/07/18 13:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010/07/18 13:30:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/07/18 12:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/07/18 12:43:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/07/18 12:21:47 | 000,016,384 | ---- | C] (微软中国) -- C:\Windows\SysWow64\updata.exe
[2010/07/13 23:03:45 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\10 crack commandements_data
[2010/07/12 01:25:07 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\copy_data
[2010/07/07 17:41:29 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\soulmate
[2010/07/04 15:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2010/07/04 15:55:26 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Local\PC_Drivers_Headquarters
[2010/07/04 15:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2010/07/04 15:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2010/07/03 22:17:13 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\KORG
[2010/07/03 22:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\KORG
[2010/07/03 22:16:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\KORG
[2010/07/01 23:08:05 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\music
[2010/07/01 14:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KORG
[2010/06/30 21:23:26 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\Drake - Instrumental_data
[2010/06/30 18:31:06 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\New folder
[2010/06/27 19:51:42 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\VIOlin_data
[2010/06/27 17:16:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2010/06/26 23:51:09 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\come on baby (instrumental)_data
[2010/06/26 00:23:06 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Local\LitexMedia
[2010/06/25 23:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LitexMedia
[2010/06/23 18:30:46 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\OMG_data
[2010/06/23 14:55:04 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\raps
[2010/06/21 17:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/21 17:37:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/06/18 11:13:15 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Avatar - the last Airbender - Season 2 Complete - NXOR
[2010/06/15 16:01:17 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\love
[2010/06/14 13:23:47 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\Registry Mechanic
[2010/06/14 13:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2010/06/14 13:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/06/14 13:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2010/06/14 13:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/06/13 18:35:54 | 000,000,000 | ---D | C] -- C:\_CLTUI_E894D6B5_E3CA_4561_A244_272400640573_Session1
[2010/06/13 18:35:54 | 000,000,000 | ---D | C] -- C:\_CLTUI_E894D6B5_E3CA_4561_A244_272400640573_Session0
[2010/06/13 17:18:23 | 000,136,704 | ---- | C] (Ligos Corporation) -- C:\Windows\SysWow64\iacenc.dll
[2010/06/13 17:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ligos
[2010/06/13 14:26:05 | 000,000,000 | ---D | C] -- C:\Windows\Profiles
[2010/06/13 14:26:04 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\My eBooks
[2010/06/13 14:26:04 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\InterTrust
[2010/06/13 10:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1260766960
[2010/06/10 22:31:36 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\vlc
[2010/06/03 21:54:49 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\Stereoscopic Player
[2010/06/03 21:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stereoscopic Player
[2010/05/26 22:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sibelius Software
[2010/05/26 22:05:21 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\Scores
[2010/05/26 21:56:48 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\Sibelius Software
[2010/05/26 21:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sibelius Software
[2010/05/26 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Sibelius.v6.0.0.54-NoPE
[2010/05/21 19:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010/05/21 00:31:49 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/05/18 22:24:04 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\regbackup
[2010/05/18 21:35:04 | 000,047,616 | ---- | C] (Auslogics) -- C:\Windows\SysNative\rdboot64.exe
[2010/05/16 19:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/05/16 14:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010/05/16 14:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010/05/14 22:38:02 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Local\CrashDumps
[2010/05/14 21:54:41 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\SAP
[2010/05/07 21:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2010/05/07 19:36:51 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Norton Internet Security 2010 with trial reset
[2010/05/07 18:53:13 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\NAV10.17.0.0.136_[RH]
[2010/05/03 20:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\reFX
[2010/05/03 20:19:06 | 001,332,224 | ---- | C] (AD © 2009) -- C:\Windows\SysWow64\SYNSOEMU.DLL
[1 C:\Users\Kai\Documents\*.tmp files -> C:\Users\Kai\Documents\*.tmp -> ]
[1 C:\Users\Kai\Desktop\*.tmp files -> C:\Users\Kai\Desktop\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/01 00:05:37 | 004,718,592 | -HS- | M] () -- C:\Users\Kai\NTUSER.DAT
[2010/07/31 23:47:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/31 22:45:18 | 000,005,120 | ---- | M] () -- C:\Users\Kai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/31 22:16:36 | 000,000,494 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Kai.job
[2010/07/31 20:08:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/31 17:26:54 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/30 19:20:59 | 000,000,653 | ---- | M] () -- C:\ProgramData\SHSupdates.xml
[2010/07/30 19:20:33 | 000,116,367 | ---- | M] () -- C:\ProgramData\log.doc
[2010/07/28 19:14:28 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/07/27 06:52:54 | 000,730,586 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/07/27 06:52:54 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/07/27 06:52:54 | 000,114,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/07/27 06:49:48 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/07/27 00:27:17 | 000,012,360 | ---- | M] () -- C:\Users\Kai\Documents\songs.docx
[2010/07/26 07:44:46 | 000,033,280 | ---- | M] () -- C:\Users\Kai\Documents\Chemistry Assignment.doc
[2010/07/25 16:37:08 | 000,014,283 | ---- | M] () -- C:\Users\Kai\Documents\Chemistry Assignment.docx
[2010/07/25 12:15:50 | 002,846,882 | -H-- | M] () -- C:\Users\Kai\AppData\Local\IconCache.db
[2010/07/25 11:45:40 | 000,049,641 | ---- | M] () -- C:\Users\Kai\Desktop\we hated over.aup
[2010/07/25 10:10:43 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/07/25 08:17:09 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2010/07/25 01:11:09 | 000,001,877 | ---- | M] () -- C:\test.xml
[2010/07/24 22:36:44 | 002,758,656 | ---- | M] () -- C:\Users\Kai\Desktop\(Shot Me) Bang Bang.mp3
[2010/07/24 17:16:34 | 000,016,053 | ---- | M] () -- C:\Users\Kai\Documents\i aint need to front bout my accomplishments.docx
[2010/07/24 17:16:29 | 001,165,473 | ---- | M] () -- C:\Users\Kai\Documents\amazingsave.docx
[2010/07/24 13:33:51 | 000,002,168 | -H-- | M] () -- C:\aaw7boot.cmd
[2010/07/23 22:21:47 | 000,001,120 | ---- | M] () -- C:\Users\Kai\Documents\minorrr.nanopad_set
[2010/07/23 22:20:35 | 000,000,272 | ---- | M] () -- C:\Users\Kai\Documents\drumkit.nanopad_data
[2010/07/23 22:18:58 | 000,001,120 | ---- | M] () -- C:\Users\Kai\Documents\MINOR.nanopad_set
[2010/07/19 21:17:51 | 000,001,609 | ---- | M] () -- C:\Users\Kai\Desktop\DivX Movies.lnk
[2010/07/19 21:17:25 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/07/19 19:37:42 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/19 19:37:42 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/18 18:57:38 | 000,000,162 | -H-- | M] () -- C:\Users\Kai\Documents\~$azingsave.docx
[2010/07/18 13:39:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/18 13:39:00 | 3195,318,272 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/18 12:53:58 | 000,001,108 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/07/18 12:53:54 | 000,000,928 | ---- | M] () -- C:\Users\Kai\Desktop\NTREGOPT.lnk
[2010/07/18 12:53:54 | 000,000,909 | ---- | M] () -- C:\Users\Kai\Desktop\ERUNT.lnk
[2010/07/18 12:43:31 | 000,002,965 | ---- | M] () -- C:\Users\Kai\Desktop\HiJackThis.lnk
[2010/07/18 12:21:48 | 000,016,384 | ---- | M] (微软中国) -- C:\Windows\SysWow64\updata.exe
[2010/07/18 12:10:46 | 000,001,126 | ---- | M] () -- C:\Users\Kai\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2010/07/18 12:01:53 | 000,000,148 | ---- | M] () -- C:\Windows\SysWow64\763250366.BAT
[2010/07/18 12:01:49 | 000,036,865 | ---- | M] () -- C:\Windows\SysWow64\msmxjchn.dll
[2010/07/18 12:01:37 | 000,030,000 | ---- | M] () -- C:\Windows\SysWow64\emy5nrqi7v.dll
[2010/07/15 19:40:03 | 002,798,719 | ---- | M] () -- C:\Users\Kai\Desktop\10 Crack Commandments.mp3
[2010/07/14 19:43:53 | 000,022,399 | ---- | M] () -- C:\Users\Kai\Desktop\10 crack commandements.aup
[2010/07/13 20:33:57 | 000,001,243 | ---- | M] () -- C:\Users\Kai\Desktop\DVDVideoSoft Free Studio.lnk
[2010/07/12 22:03:46 | 000,015,123 | ---- | M] () -- C:\Users\Kai\Documents\Gold lyrics.docx
[2010/07/12 01:26:08 | 004,488,502 | ---- | M] () -- C:\Users\Kai\Desktop\Gold.mp3
[2010/07/12 01:25:09 | 000,021,493 | ---- | M] () -- C:\Users\Kai\Desktop\copy.aup
[2010/07/12 01:15:37 | 001,351,828 | ---- | M] () -- C:\Users\Kai\Desktop\myac.mp3
[2010/07/12 00:41:28 | 006,738,048 | ---- | M] () -- C:\Users\Kai\Desktop\Truck Turner - Bring It To The Cypher (Instrumental) DJ Premier.mp3
[2010/07/11 21:47:33 | 006,859,823 | ---- | M] () -- C:\Users\Kai\Desktop\Commandments.mp3
[2010/07/11 12:59:48 | 006,859,823 | ---- | M] () -- C:\Users\Kai\Desktop\save.mp3
[2010/07/10 16:02:35 | 001,457,599 | ---- | M] () -- C:\Users\Kai\Documents\beach body workout.pdf
[2010/07/10 10:05:30 | 073,517,319 | ---- | M] () -- C:\Users\Kai\Desktop\Backup.flp
[2010/07/08 20:06:41 | 000,012,244 | ---- | M] () -- C:\Users\Kai\Documents\u.n. nation.docx
[2010/07/04 17:42:38 | 010,731,648 | ---- | M] () -- C:\Users\Kai\Desktop\Home Basie.mp3
[2010/07/04 15:54:29 | 000,002,473 | ---- | M] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2010/07/03 22:54:10 | 000,001,120 | ---- | M] () -- C:\Users\Kai\Documents\Set 1.nanopad_set
[2010/07/03 22:16:49 | 000,000,958 | ---- | M] () -- C:\Users\Public\Desktop\M1 Le.lnk
[2010/07/01 23:09:03 | 020,586,476 | ---- | M] () -- C:\Users\Kai\Desktop\Tin Tin Out - Strings For Yasmin - LEEDS UNITED! MEAN MACHINE.wav
[2010/07/01 16:52:02 | 000,001,142 | ---- | M] () -- C:\Users\Kai\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2010/07/01 14:30:03 | 000,014,767 | ---- | M] () -- C:\Users\Kai\Documents\special k lyrics.docx
[2010/06/30 23:33:01 | 001,585,072 | ---- | M] () -- C:\Users\Kai\Desktop\01 The One.mp3
[2010/06/30 23:29:34 | 000,176,456 | ---- | M] () -- C:\Users\Kai\Desktop\specialk.JPG
[2010/06/30 23:29:34 | 000,003,300 | ---- | M] () -- C:\Users\Kai\.recently-used.xbel
[2010/06/30 23:19:04 | 000,157,354 | ---- | M] () -- C:\Users\Kai\Desktop\DSC03119.JPG
[2010/06/30 22:20:33 | 006,526,194 | ---- | M] () -- C:\Users\Kai\Documents\Fudge Youtube.wmv
[2010/06/30 22:10:45 | 000,013,089 | ---- | M] () -- C:\Users\Kai\Documents\fudge lyrics.docx
[2010/06/30 22:10:01 | 000,006,816 | ---- | M] () -- C:\Users\Kai\Documents\Fudge Youtube.wlmp
[2010/06/30 21:45:57 | 000,068,982 | ---- | M] () -- C:\Users\Kai\Desktop\Fudge.JPG
[2010/06/30 21:23:28 | 000,025,289 | ---- | M] () -- C:\Users\Kai\Documents\Drake - Instrumental.aup
[2010/06/30 21:23:03 | 002,094,855 | ---- | M] () -- C:\Users\Kai\Desktop\Fudge- Light Up Freestyle.mp3
[2010/06/30 17:55:51 | 000,016,962 | ---- | M] () -- C:\Users\Kai\Documents\Hey guys.docx
[2010/06/27 19:53:43 | 000,016,695 | ---- | M] () -- C:\Users\Kai\Documents\VIOlin.aup
[2010/06/26 23:51:10 | 000,024,490 | ---- | M] () -- C:\Users\Kai\Documents\come on baby (instrumental).aup
[2010/06/26 23:21:58 | 003,896,284 | ---- | M] () -- C:\Users\Kai\Desktop\kfudge.mp3
[2010/06/26 22:53:56 | 042,942,508 | ---- | M] () -- C:\Users\Kai\Desktop\come on baby (instrumental).wav
[2010/06/26 22:47:37 | 043,012,140 | ---- | M] () -- C:\Users\Kai\Desktop\Come On Baby Instrumental prod by just blaze.wav
[2010/06/25 23:54:39 | 000,001,267 | ---- | M] () -- C:\Users\Public\Desktop\Advanced WMA Workshop.lnk
[2010/06/24 19:48:01 | 000,002,447 | ---- | M] () -- C:\Users\Kai\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/06/23 22:11:40 | 000,024,917 | ---- | M] () -- C:\Users\Kai\Documents\OMG.aup
[2010/06/23 14:58:40 | 000,000,590 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\wklnhst.dat
[2010/06/17 18:35:36 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010/06/16 22:41:03 | 005,057,714 | ---- | M] () -- C:\Users\Kai\Desktop\kanyebleep.mp3
[2010/06/16 22:29:57 | 004,180,299 | ---- | M] () -- C:\Users\Kai\Desktop\Made For Me And You.mp3
[2010/06/14 13:51:22 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/06/13 18:35:39 | 000,403,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/06/13 15:23:25 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/06/13 14:26:18 | 000,001,255 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk
[2010/06/13 10:33:26 | 000,001,115 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.msn
[2010/06/13 10:33:26 | 000,001,115 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/06/10 22:29:36 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/06/03 21:51:31 | 000,002,601 | ---- | M] () -- C:\Users\Public\Desktop\Stereoscopic Player.lnk
[2010/06/01 21:27:59 | 031,428,524 | ---- | M] () -- C:\Users\Kai\Desktop\REALLL bleepTT2.wav
[2010/05/28 20:12:10 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010/05/28 16:33:50 | 001,841,203 | ---- | M] () -- C:\Users\Kai\Documents\scrapbook.docx
[2010/05/27 22:07:12 | 000,770,158 | ---- | M] () -- C:\Users\Kai\Desktop\embeat.mp3
[2010/05/26 23:15:32 | 006,557,952 | ---- | M] () -- C:\Users\Kai\Desktop\Stephane Grappelli & Jeff Green - Minor Swing.mp3
[2010/05/26 23:02:44 | 000,001,126 | ---- | M] () -- C:\Users\Kai\Desktop\YouTube Downloader.lnk
[2010/05/26 22:09:13 | 000,103,616 | ---- | M] () -- C:\Users\Kai\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/26 22:07:03 | 000,000,604 | -H-- | M] () -- C:\Program Files (x86)\STLL Notifier
[2010/05/26 22:05:33 | 000,000,464 | ---- | M] () -- C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
[2010/05/26 22:05:18 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Sibelius 6.lnk
[2010/05/26 22:04:43 | 000,015,624 | ---- | M] () -- C:\Users\Public\Documents\artist statements.docx
[2010/05/26 20:52:31 | 023,953,026 | ---- | M] () -- C:\Users\Kai\Desktop\Blue Moon - Stephane Grappelli.avi
[2010/05/21 19:22:56 | 000,165,038 | ---- | M] () -- C:\Windows\hpoins37.dat
[2010/05/21 18:56:01 | 000,000,179 | ---- | M] () -- C:\Windows\win.ini
[2010/05/21 09:49:08 | 000,026,992 | ---- | M] () -- C:\Users\Kai\Documents\craigslist conceptual art.docx
[2010/05/21 00:39:54 | 026,766,965 | ---- | M] () -- C:\Users\Kai\Desktop\Car Airbags - Explained.mp4
[2010/05/21 00:22:18 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Leawo Free Youtube Downloader.lnk
[2010/05/16 14:56:49 | 000,002,539 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/05/10 23:47:51 | 008,662,494 | ---- | M] () -- C:\Users\Kai\Desktop\just blaze-jay-z-u don't know (instrumental).mp3
[2010/05/07 18:38:43 | 078,259,080 | ---- | M] () -- C:\Users\Kai\Desktop\NAV10.17.0.0.136_[RH].rar
[2010/05/03 18:29:03 | 000,001,889 | ---- | M] () -- C:\Users\Kai\Desktop\CCleaner.lnk
[1 C:\Users\Kai\Documents\*.tmp files -> C:\Users\Kai\Documents\*.tmp -> ]
[1 C:\Users\Kai\Desktop\*.tmp files -> C:\Users\Kai\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/27 00:27:16 | 000,012,360 | ---- | C] () -- C:\Users\Kai\Documents\songs.docx
[2010/07/26 07:44:45 | 000,033,280 | ---- | C] () -- C:\Users\Kai\Documents\Chemistry Assignment.doc
[2010/07/25 16:37:06 | 000,014,283 | ---- | C] () -- C:\Users\Kai\Documents\Chemistry Assignment.docx
[2010/07/25 11:45:39 | 000,049,641 | ---- | C] () -- C:\Users\Kai\Desktop\we hated over.aup
[2010/07/25 10:10:43 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/07/24 22:36:34 | 002,758,656 | ---- | C] () -- C:\Users\Kai\Desktop\(Shot Me) Bang Bang.mp3
[2010/07/23 22:21:47 | 000,001,120 | ---- | C] () -- C:\Users\Kai\Documents\minorrr.nanopad_set
[2010/07/23 22:20:35 | 000,000,272 | ---- | C] () -- C:\Users\Kai\Documents\drumkit.nanopad_data
[2010/07/23 22:05:32 | 000,001,120 | ---- | C] () -- C:\Users\Kai\Documents\MINOR.nanopad_set
[2010/07/18 19:54:59 | 000,002,168 | -H-- | C] () -- C:\aaw7boot.cmd
[2010/07/18 18:57:38 | 000,000,162 | -H-- | C] () -- C:\Users\Kai\Documents\~$azingsave.docx
[2010/07/18 17:18:31 | 000,293,376 | ---- | C] () -- C:\Users\Kai\Desktop\gmer.exe
[2010/07/18 13:01:27 | 001,165,473 | ---- | C] () -- C:\Users\Kai\Documents\amazingsave.docx
[2010/07/18 12:53:58 | 000,001,108 | ---- | C] () -- C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/07/18 12:53:54 | 000,000,928 | ---- | C] () -- C:\Users\Kai\Desktop\NTREGOPT.lnk
[2010/07/18 12:53:54 | 000,000,909 | ---- | C] () -- C:\Users\Kai\Desktop\ERUNT.lnk
[2010/07/18 12:43:31 | 000,002,965 | ---- | C] () -- C:\Users\Kai\Desktop\HiJackThis.lnk
[2010/07/18 12:10:46 | 000,001,126 | ---- | C] () -- C:\Users\Kai\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2010/07/18 12:01:53 | 000,000,148 | ---- | C] () -- C:\Windows\SysWow64\763250366.BAT
[2010/07/18 12:01:49 | 000,036,865 | ---- | C] () -- C:\Windows\SysWow64\msmxjchn.dll
[2010/07/18 12:01:37 | 000,030,000 | ---- | C] () -- C:\Windows\SysWow64\emy5nrqi7v.dll
[2010/07/15 19:39:37 | 002,798,719 | ---- | C] () -- C:\Users\Kai\Desktop\10 Crack Commandments.mp3
[2010/07/13 23:03:46 | 000,022,399 | ---- | C] () -- C:\Users\Kai\Desktop\10 crack commandements.aup
[2010/07/12 22:03:46 | 000,015,123 | ---- | C] () -- C:\Users\Kai\Documents\Gold lyrics.docx
[2010/07/12 01:25:42 | 004,488,502 | ---- | C] () -- C:\Users\Kai\Desktop\Gold.mp3
[2010/07/12 01:25:09 | 000,021,493 | ---- | C] () -- C:\Users\Kai\Desktop\copy.aup
[2010/07/12 01:15:28 | 001,351,828 | ---- | C] () -- C:\Users\Kai\Desktop\myac.mp3
[2010/07/12 00:41:08 | 006,738,048 | ---- | C] () -- C:\Users\Kai\Desktop\Truck Turner - Bring It To The Cypher (Instrumental) DJ Premier.mp3
[2010/07/11 13:15:53 | 006,859,823 | ---- | C] () -- C:\Users\Kai\Desktop\Commandments.mp3
[2010/07/11 12:58:59 | 006,859,823 | ---- | C] () -- C:\Users\Kai\Desktop\save.mp3
[2010/07/10 21:08:55 | 073,517,319 | ---- | C] () -- C:\Users\Kai\Desktop\Backup.flp
[2010/07/10 16:02:33 | 001,457,599 | ---- | C] () -- C:\Users\Kai\Documents\beach body workout.pdf
[2010/07/08 20:06:40 | 000,012,244 | ---- | C] () -- C:\Users\Kai\Documents\u.n. nation.docx
[2010/07/04 17:42:13 | 010,731,648 | ---- | C] () -- C:\Users\Kai\Desktop\Home Basie.mp3
[2010/07/04 15:54:29 | 000,002,473 | ---- | C] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2010/07/03 22:52:20 | 000,001,120 | ---- | C] () -- C:\Users\Kai\Documents\Set 1.nanopad_set
[2010/07/03 22:16:49 | 000,000,958 | ---- | C] () -- C:\Users\Public\Desktop\M1 Le.lnk
[2010/07/01 23:09:02 | 020,586,476 | ---- | C] () -- C:\Users\Kai\Desktop\Tin Tin Out - Strings For Yasmin - LEEDS UNITED! MEAN MACHINE.wav
[2010/07/01 14:30:03 | 000,014,767 | ---- | C] () -- C:\Users\Kai\Documents\special k lyrics.docx
[2010/06/30 23:29:34 | 000,003,300 | ---- | C] () -- C:\Users\Kai\.recently-used.xbel
[2010/06/30 23:29:33 | 000,176,456 | ---- | C] () -- C:\Users\Kai\Desktop\specialk.JPG
[2010/06/30 23:25:05 | 000,157,354 | ---- | C] () -- C:\Users\Kai\Desktop\DSC03119.JPG
[2010/06/30 23:21:09 | 001,585,072 | ---- | C] () -- C:\Users\Kai\Desktop\01 The One.mp3
[2010/06/30 22:10:44 | 000,013,089 | ---- | C] () -- C:\Users\Kai\Documents\fudge lyrics.docx
[2010/06/30 22:10:20 | 006,526,194 | ---- | C] () -- C:\Users\Kai\Documents\Fudge Youtube.wmv
[2010/06/30 21:52:11 | 000,006,816 | ---- | C] () -- C:\Users\Kai\Documents\Fudge Youtube.wlmp
[2010/06/30 21:45:57 | 000,068,982 | ---- | C] () -- C:\Users\Kai\Desktop\Fudge.JPG
[2010/06/30 21:23:28 | 000,025,289 | ---- | C] () -- C:\Users\Kai\Documents\Drake - Instrumental.aup
[2010/06/30 21:22:46 | 002,094,855 | ---- | C] () -- C:\Users\Kai\Desktop\Fudge- Light Up Freestyle.mp3
[2010/06/27 19:51:43 | 000,016,695 | ---- | C] () -- C:\Users\Kai\Documents\VIOlin.aup
[2010/06/27 17:16:28 | 000,001,142 | ---- | C] () -- C:\Users\Kai\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2010/06/26 23:51:10 | 000,024,490 | ---- | C] () -- C:\Users\Kai\Documents\come on baby (instrumental).aup
[2010/06/26 23:21:34 | 003,896,284 | ---- | C] () -- C:\Users\Kai\Desktop\kfudge.mp3
[2010/06/26 22:53:55 | 042,942,508 | ---- | C] () -- C:\Users\Kai\Desktop\come on baby (instrumental).wav
[2010/06/26 22:47:37 | 043,012,140 | ---- | C] () -- C:\Users\Kai\Desktop\Come On Baby Instrumental prod by just blaze.wav
[2010/06/26 19:48:00 | 000,016,962 | ---- | C] () -- C:\Users\Kai\Documents\Hey guys.docx
[2010/06/26 19:47:55 | 000,016,053 | ---- | C] () -- C:\Users\Kai\Documents\i aint need to front bout my accomplishments.docx
[2010/06/25 23:54:39 | 000,001,267 | ---- | C] () -- C:\Users\Public\Desktop\Advanced WMA Workshop.lnk
[2010/06/24 19:48:01 | 000,002,447 | ---- | C] () -- C:\Users\Kai\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/06/23 18:30:46 | 000,024,917 | ---- | C] () -- C:\Users\Kai\Documents\OMG.aup
[2010/06/16 22:40:24 | 005,057,714 | ---- | C] () -- C:\Users\Kai\Desktop\kanyebleep.mp3
[2010/06/16 22:27:17 | 004,180,299 | ---- | C] () -- C:\Users\Kai\Desktop\Made For Me And You.mp3
[2010/06/14 13:51:22 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/06/14 13:23:04 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010/06/13 17:18:23 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2010/06/13 14:26:18 | 000,001,255 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk
[2010/06/10 22:29:36 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/06/03 21:51:31 | 000,002,601 | ---- | C] () -- C:\Users\Public\Desktop\Stereoscopic Player.lnk
[2010/06/01 21:27:28 | 031,428,524 | ---- | C] () -- C:\Users\Kai\Desktop\REALLL bleepTT2.wav
[2010/05/28 16:33:48 | 001,841,203 | ---- | C] () -- C:\Users\Kai\Documents\scrapbook.docx
[2010/05/27 22:07:05 | 000,770,158 | ---- | C] () -- C:\Users\Kai\Desktop\embeat.mp3
[2010/05/26 23:15:08 | 006,557,952 | ---- | C] () -- C:\Users\Kai\Desktop\Stephane Grappelli & Jeff Green - Minor Swing.mp3
[2010/05/26 22:07:03 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STLL Notifier
[2010/05/26 22:05:15 | 000,002,089 | ---- | C] () -- C:\Users\Public\Desktop\Sibelius 6.lnk
[2010/05/26 22:03:57 | 000,000,464 | ---- | C] () -- C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
[2010/05/26 20:51:57 | 023,953,026 | ---- | C] () -- C:\Users\Kai\Desktop\Blue Moon - Stephane Grappelli.avi
[2010/05/21 09:49:04 | 000,026,992 | ---- | C] () -- C:\Users\Kai\Documents\craigslist conceptual art.docx
[2010/05/21 00:33:09 | 026,766,965 | ---- | C] () -- C:\Users\Kai\Desktop\Car Airbags - Explained.mp4
[2010/05/21 00:22:18 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Leawo Free Youtube Downloader.lnk
[2010/05/16 19:41:27 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/05/16 19:40:56 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/05/16 14:56:49 | 000,002,539 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/05/10 23:46:25 | 008,662,494 | ---- | C] () -- C:\Users\Kai\Desktop\just blaze-jay-z-u don't know (instrumental).mp3
[2010/05/07 18:36:51 | 078,259,080 | ---- | C] () -- C:\Users\Kai\Desktop\NAV10.17.0.0.136_[RH].rar
[2010/01/02 17:05:53 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2009/12/17 23:51:08 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/12/17 23:46:27 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009/12/14 17:19:41 | 000,000,033 | ---- | C] () -- C:\Windows\WININIT.INI
[2009/12/03 22:39:24 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/11/10 00:15:48 | 000,000,036 | ---- | C] () -- C:\Windows\SysWow64\swk.ini
[2009/09/19 20:05:13 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2009/07/13 21:15:07 | 000,000,009 | ---- | C] () -- C:\Windows\SysWow64\comsats.sys
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/22 05:51:21 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI

========== LOP Check ==========

[2010/03/13 15:00:35 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\5imyshow.Ltd
[2009/12/13 23:44:04 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Ableton
[2010/02/04 19:37:06 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Antares
[2010/07/31 23:49:41 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Audacity
[2010/05/18 21:35:04 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Auslogics
[2009/12/13 23:44:05 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Blitware
[2009/12/13 23:44:05 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\com.adobe.example.avatarAirApplication.199ED43C2CFEB351CD0244628B93195D7C58F98C.1
[2009/11/22 15:02:40 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\DAEMON Tools Lite
[2009/12/13 23:44:05 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Dropbox
[2010/07/04 16:51:41 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/06/30 23:29:34 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\gtk-2.0
[2010/01/25 21:13:15 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Hardcore
[2010/06/13 14:26:04 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\InterTrust
[2009/12/13 23:44:05 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\InterVideo
[2010/07/03 22:42:45 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\KORG
[2009/12/17 23:46:30 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Leawo
[2009/12/14 23:30:06 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\LockHunter
[2010/01/31 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\PACE Anti-Piracy
[2009/11/22 19:45:54 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\PeerNetworking
[2010/06/14 13:23:47 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Registry Mechanic
[2010/06/03 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Stereoscopic Player
[2009/12/13 23:44:17 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\SystemRequirementsLab
[2009/12/13 23:44:17 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Template
[2010/03/27 14:44:22 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Thunderbird
[2010/07/25 10:07:45 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\TuneUpMedia
[2010/08/01 00:06:03 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\uTorrent
[2010/07/25 08:17:09 | 000,000,466 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2009/07/14 01:08:49 | 000,008,954 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/07/24 13:33:51 | 000,002,168 | -H-- | M] () -- C:\aaw7boot.cmd
[2010/07/18 13:38:58 | 000,004,252 | ---- | M] () -- C:\aaw7boot.log
[2009/07/13 21:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/12/14 02:17:42 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/07/18 13:39:00 | 3195,318,272 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/14 17:43:02 | 000,000,187 | ---- | M] () -- C:\Installer_Setup.log
[2010/07/18 13:39:01 | 4260,425,728 | -HS- | M] () -- C:\pagefile.sys
[2010/07/18 13:01:03 | 000,001,714 | ---- | M] () -- C:\RHDSetup.log
[2010/07/31 20:58:34 | 000,000,316 | ---- | M] () -- C:\rkill.log
[2009/09/19 00:33:16 | 000,559,616 | ---- | M] () -- C:\seatoolsforwindowssetup.msi
[2010/07/25 01:11:09 | 000,001,877 | ---- | M] () -- C:\test.xml
[2009/05/22 05:28:20 | 000,389,260 | ---- | M] () -- C:\vcredist_x86.log

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.scr >
[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2009/11/20 00:40:44 | 000,001,650 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[2010/05/26 22:07:03 | 000,000,604 | -H-- | M] () -- C:\Program Files (x86)\STLL Notifier

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\user32.dll /md5 >
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2009/07/13 21:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2009/07/13 21:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 1313 bytes -> C:\ProgramData\Microsoft:jYU2adANWgIgJgLajlDLY4W
@Alternate Data Stream - 1303 bytes -> C:\ProgramData\Microsoft:YrGvzfKVwVFsrUzRW6e4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 1246 bytes -> C:\ProgramData\Microsoft:zaEhYDF3r3cbQu5kHt9Vpv49
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C8B8CEBD
@Alternate Data Stream - 1076 bytes -> C:\Users\Kai\AppData\Local\Temp:yuM7hwzW2ytYZNFTyPif1z
< End of report >


OTL Extras logfile created on: 01/08/2010 12:02:04 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = K:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 20.00% Memory free
8.00 Gb Paging File | 3.00 Gb Available in Paging File | 42.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 362.89 Gb Total Space | 66.99 Gb Free Space | 18.46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 7.39 Gb Total Space | 0.03 Gb Free Space | 0.39% Space Free | Partition Type: FAT32

Computer Name: KAI-PC
Current User Name: Kai
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23B45E10-0CA5-43E9-BD6D-C2BD6CBE11AC}" = iTunes
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}" = HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
"{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
"{6D217AEE-2D67-4486-A73D-106C726BCDF1}_is1" = Leawo Free Youtube Downloader Version: 3.0.3.0
"{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb" = Adobe Audition 3.0 Vista Compatibility
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC1B58BB-55ED-43F0-98D9-6CEB24C2C5CD}" = Macrium Reflect - Free Edition
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{D239B547-8B20-4BDE-888D-C9CCA823FFD8}" = WIDCOMM Bluetooth Software
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7513E19-6224-485E-988D-9BF45BE64B53}" = Windows Live Family Safety
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"LockHunter_is1" = LockHunter version 1.0 beta 3, 64 bit edition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"QuickSFV" = QuickSFV (Remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A5F02E5-1A52-4F85-892C-A35227641C75}" = VAIO Content Metadata Intelligent Analyzing Manager
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}" = Sibelius 6
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.5
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Welcome Center
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{223A0070-C924-48E3-AEB6-2E06CC835CC0}" = VAIO Care
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 17
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BE51320-174A-44EC-8041-50E35E091283}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2E8631C2-72E6-4A95-A86E-CB912D8D1537}" = Sony Home Network Library
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F839384-6AB0-449B-8772-25E607036357}" = VAIO Help and Support
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37B1F7CD-13E4-47DA-9E84-51AD6972ADC5}" = Stereoscopic Player
"{39177C0B-800F-4129-8C87-8B8B8AD8B4F8}_is1" = Ares Transfer 1.0.1.1002
"{3A30DFDF-238C-4DE4-B8D8-D764AF468AA5}" = KORG USB-MIDI Driver Tools for Windows
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{469B19BA-C803-435E-B110-5B51DBC497C2}" = Virtual.HairStyle Fab
"{484D0DD1-57D3-4AE5-8B5A-40232C83B674}" = VAIO Entertainment Platform
"{48E91AD2-2A80-4E70-98E6-450A189F6048}" = VAIO Movie Story
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_05_F4400_Software_Min
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{52247166-6F9F-4B85-9BB6-57473F3E0D74}" = Jing
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie
"{6EB6A82E-4918-481F-9AF8-3129E6D29B7E}" = Sony Home Network Library
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{78780A45-B180-4297-AE6D-12C45EC5AD35}" = VAIO Content Metadata Manager Setting
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7E8DE539-B044-48B3-BC76-4F0A089ABE2F}" = VAIO Content Metadata Intelligent Analyzing Manager
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EAD600D-1912-4DEF-92B5-0C7525E17ED2}" = F4400
"{8F47B673-8D71-49E3-98B6-BCF547C82F57}" = Click to Disc
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9624502C-3D39-41A0-8917-858EC16769CE}" = KORG M1 Le
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Settings
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAE4B36C-7A25-4513-975B-ACE7437572A0}" = Korg Kontrol Editor
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1555BC5-88B1-466B-BC79-062B5715DF92}" = VAIO Content Metadata XML Interface Library
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC2541A6-BC6A-4099-B711-7911C884AEB8}" = VAIO Content Metadata XML Interface Library
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D8AE7D4E-BA8B-4F7B-BF50-8D2F090034F0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{DB1C9CB7-DF65-4991-BD17-71BF9CD15BA0}" = VAIO Help and Support
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3453B1B-C91B-4C48-B046-8DF635DD46F2}" = VAIO Content Metadata XML Interface Library
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"{EADE97A7-E7AA-43FD-A042-92A68E0187A6}" = VAIO Content Metadata Manager Setting
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}" = Antares Auto-Tune Evo VST
"AC3Filter" = AC3Filter (remove only)
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced WMA Workshop_is1" = Advanced WMA Workshop version 2.6
"Antares Autotune VST RTAS TDM_is1" = Antares Autotune VST RTAS TDM v5.08
"Ares" = Ares 2.1.5
"ASIO4ALL" = ASIO4ALL
"Atomic RAR Password Recovery_is1" = Atomic RAR Password Recovery 1.20
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"AVerMedia H826 series driver" = AVerMedia H826 series driver 1.0.64.84
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Collab" = Collab
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms" = Combat Arms
"Debut" = Debut Video Capture Software
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"Edirol HQ Orchestral v1.01" = Edirol HQ Orchestral v1.01
"ERUNT_is1" = ERUNT 1.1j
"FL Studio 8" = FL Studio 8
"FL Studio 9" = FL Studio 9
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2
"Free YouTube Download_is1" = Free YouTube Download 2.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.6
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"I-Doser 4.50" = I-Doser 4.50
"IL Download Manager" = IL Download Manager
"Indeo® Software" = Indeo® Software
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Basic)
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Live 8.0.4" = Live 8.0.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"NSS" = Norton Security Scan
"PoiZone" = PoiZone
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Rogers Update Manager" = Rogers Update Manager
"Sawer" = Sawer
"SystemRequirementsLab" = System Requirements Lab
"Toxic Biohazard" = Toxic Biohazard
"TuneUpMedia" = TuneUp Companion 1.1.9
"Uninstall_is1" = Uninstall 1.0.0.1
"Universal Extractor_is1" = Universal Extractor 1.6
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.0.5
"VST Bridge_is1" = VST Bridge 1.1
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users