Jump to content

Please HELP! - xp home security 2011


Recommended Posts

Hello there, i apologize if im writing this in the wrong section but here it goes,

I recently got infected with the virus XP Home Security 2011, I believe i managed to remove the virus but I'm still suspicious that the virus might still be hidden in my computer, someone please help me check my computer for the virus? thanx so much in advance =). Here are the things i did to remove the virus.

I am running windows xp, and while reading throughout this forum i managed to fix my computer (I hope). Since the fake pop ups started coming up, i tried to use the malwarebytes program which i had installed previously a long time ago but unfortunately the virus wouldn't let it start, so then i put in a manual registration of this code(1147-175591-6550), which now let me use my firefox/internet explorer. After this, malwarebytes still wouldn't start so i downloaded (rkill) and right after, malwarebytes actually worked and found some viruses, it removedt he virus, so i restarted my computer, then scanned again, found some more viruses, then did another full scan and now it seems to be clean, my computer is working like before, i don't see or feel anything different but i really would like someone more knowledgeable to help me figure out if my computer is completely virus free. Thanx so much in advance...

Link to post
Share on other sites

Welcome to the forum.

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTListIt.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC

Link to post
Share on other sites

Welcome to the forum.

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTListIt.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC

Hello MrCharlie, i apologize for the late reply, work.... here is OTL >>

OTL logfile created on: 3/21/2011 11:50:15 PM - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Ever\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 407.00 Mb Available Physical Memory | 40.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 225.88 Gb Total Space | 5.67 Gb Free Space | 2.51% Space Free | Partition Type: NTFS

Drive J: | 232.88 Gb Total Space | 10.48 Gb Free Space | 4.50% Space Free | Partition Type: NTFS

Computer Name: VALUED-A9767827 | User Name: Ever | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/21 23:47:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ever\Desktop\OTL.exe

PRC - [2011/03/05 10:08:39 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

PRC - [2009/09/26 00:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

PRC - [2009/08/22 04:14:09 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe

PRC - [2009/07/20 13:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe

PRC - [2009/07/10 13:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe

PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005/04/12 04:10:22 | 000,065,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE

PRC - [2005/04/06 21:57:12 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

PRC - [2005/04/06 21:53:00 | 002,805,248 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE

PRC - [2005/03/11 21:55:40 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

PRC - [2005/03/09 13:29:58 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2005/03/09 13:29:44 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

PRC - [2005/02/09 12:43:52 | 000,167,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

PRC - [2005/02/09 12:43:52 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

PRC - [2005/02/09 12:43:50 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

PRC - [2005/01/14 16:43:28 | 000,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe

PRC - [2004/10/04 08:47:04 | 000,098,304 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

PRC - [2004/10/04 07:40:50 | 000,118,784 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

PRC - [2003/08/13 15:23:00 | 000,106,496 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe

PRC - [2003/08/13 15:07:22 | 000,094,208 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe

========== Modules (SafeList) ==========

MOD - [2011/03/21 23:47:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ever\Desktop\OTL.exe

MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2009/08/22 04:14:06 | 000,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.8.0.41\asOEHook.dll

MOD - [2009/07/20 13:29:06 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll

MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)

SRV - [2009/08/22 04:14:09 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe -- (N360)

SRV - [2009/07/20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2006/03/03 22:03:10 | 000,069,632 | ---- | M] (HP) [unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

SRV - [2005/03/11 21:55:40 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe -- (SonicStageMonitoring)

SRV - [2005/03/09 13:29:44 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel®

SRV - [2005/02/15 01:30:02 | 000,032,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)

SRV - [2005/02/09 12:43:52 | 000,167,936 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)

SRV - [2005/02/09 12:43:52 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)

SRV - [2005/02/09 12:43:52 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)

SRV - [2005/02/09 12:43:50 | 000,270,336 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)

SRV - [2005/01/26 18:30:04 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)

SRV - [2005/01/26 18:25:34 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

SRV - [2005/01/26 18:20:14 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)

SRV - [2005/01/24 22:36:52 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)

SRV - [2005/01/14 20:18:48 | 001,839,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)

SRV - [2005/01/14 19:26:56 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)

SRV - [2005/01/14 19:21:32 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)

SRV - [2005/01/14 19:20:14 | 000,188,416 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)

SRV - [2004/10/04 08:47:04 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)

SRV - [2004/10/04 07:40:50 | 000,118,784 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -- (PhotoshopElementsDeviceConnect)

SRV - [2003/08/13 15:23:00 | 000,106,496 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe -- (Sony TVTA Manager)

SRV - [2003/08/13 15:10:04 | 000,118,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe -- (Sony TV Tuner Controller)

SRV - [2003/08/13 15:07:22 | 000,094,208 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe -- (Sony TV Tuner Manager)

========== Driver Services (SafeList) ==========

DRV - [2010/12/21 01:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)

DRV - [2010/12/21 01:55:02 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)

DRV - [2010/12/21 01:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)

DRV - [2010/12/21 01:55:02 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)

DRV - [2010/12/21 01:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)

DRV - [2010/12/21 01:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)

DRV - [2010/12/21 01:55:02 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)

DRV - [2010/05/28 15:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100701.001\IDSXpx86.sys -- (IDSxpx86)

DRV - [2010/05/26 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2010/05/10 04:00:00 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100701.052\NAVEX15.SYS -- (NAVEX15)

DRV - [2010/05/10 04:00:00 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100701.052\NAVENG.SYS -- (NAVENG)

DRV - [2009/08/31 18:52:34 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2009/08/22 04:14:09 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)

DRV - [2009/08/22 04:14:09 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)

DRV - [2009/08/22 04:14:09 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)

DRV - [2009/08/22 04:14:09 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)

DRV - [2009/08/22 04:14:09 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)

DRV - [2009/08/22 04:14:09 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)

DRV - [2009/08/22 04:14:09 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - [2009/08/22 04:14:09 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS -- (SYMNDIS)

DRV - [2009/08/22 04:14:09 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS -- (SYMIDS)

DRV - [2009/08/22 04:13:59 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)

DRV - [2009/08/22 04:13:59 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)

DRV - [2009/06/17 12:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2009/06/17 12:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2008/04/13 14:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)

DRV - [2007/04/11 16:32:30 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)

DRV - [2005/06/24 18:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)

DRV - [2005/05/26 11:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)

DRV - [2005/05/26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)

DRV - [2005/04/15 21:05:42 | 002,564,032 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2005/03/22 23:00:00 | 001,034,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2004/08/12 20:45:52 | 000,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)

DRV - [2004/08/06 00:20:34 | 000,788,736 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smrt.sys -- (smrt)

DRV - [2004/04/13 17:57:10 | 000,160,640 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)

DRV - [2004/04/13 17:56:26 | 000,682,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2004/04/13 17:54:50 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)

DRV - [2000/12/05 19:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\S-1-5-21-900567137-2806797810-1471019888-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-900567137-2806797810-1471019888-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\S-1-5-21-900567137-2806797810-1471019888-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-900567137-2806797810-1471019888-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"

FF - prefs.js..browser.search.order.1: "Yahoo"

FF - prefs.js..browser.search.param.yahoo-fr: "megaup"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2

FF - prefs.js..extensions.enabledItems: 4

FF - prefs.js..extensions.enabledItems: 9

FF - prefs.js..extensions.enabledItems: 1

FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="

FF - HKLM\software\mozilla\Firefox\extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/04/15 03:25:17 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2010/07/18 19:46:30 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/06 11:26:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/05 10:08:43 | 000,000,000 | ---D | M]

[2009/04/01 03:17:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ever\Application Data\Mozilla\Extensions

[2009/04/01 03:17:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ever\Application Data\Mozilla\Extensions\mozswing@mozswing.org

[2011/03/20 23:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ever\Application Data\Mozilla\Firefox\Profiles\nyttv0h4.default\extensions

[2011/03/15 00:53:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ever\Application Data\Mozilla\Firefox\Profiles\nyttv0h4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009/11/15 01:19:48 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\Ever\Application Data\Mozilla\Firefox\Profiles\nyttv0h4.default\extensions\firefox@tvunetworks.com

[2011/03/20 23:36:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/04/15 03:25:17 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN

[2011/03/20 22:10:35 | 000,000,000 | ---D | M] (Norton IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\IPSFFPLGN

[2009/04/01 03:15:21 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2004/08/10 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O3 - HKU\S-1-5-21-900567137-2806797810-1471019888-1005\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O3 - HKU\S-1-5-21-900567137-2806797810-1471019888-1005\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)

O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [PartSeal] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)

O4 - HKLM..\Run: [soundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)

O4 - HKLM..\Run: [VAIO Update 2] C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-900567137-2806797810-1471019888-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8

O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1247021442450 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O24 - Desktop WallPaper: C:\Documents and Settings\Ever\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ever\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/04/25 22:30:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009/03/31 22:53:34 | 000,000,062 | ---- | M] () - J:\autorun.inf -- [ NTFS ]

O33 - MountPoints2\{50f0aa5b-36df-11de-8769-0013d44df751}\Shell - "" = AutoRun

O33 - MountPoints2\{50f0aa5b-36df-11de-8769-0013d44df751}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{50f0aa5b-36df-11de-8769-0013d44df751}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/21 23:47:45 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ever\Desktop\OTL.exe

[2011/03/20 20:30:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC

[2011/03/20 19:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ever\Local Settings\Application Data\Threat Expert

[2011/03/20 19:42:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2011/03/20 19:42:17 | 036,317,320 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Ever\Desktop\sdsetup.exe

[2011/03/11 17:02:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer

[2011/03/11 17:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies

[2011/03/11 01:12:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes

[2011/03/11 01:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/03/11 01:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/03/09 11:00:03 | 000,000,000 | ---D | C] -- C:\db6884a06cc170e86d29e092

[2011/03/09 10:54:42 | 000,000,000 | ---D | C] -- C:\dbff5306db7c3bb18e16ee60

[2011/03/09 10:54:39 | 000,000,000 | ---D | C] -- C:\2a6d72953564467654bfb5

[2011/03/07 17:10:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ever\Local Settings\Application Data\AirMouse

[2011/03/07 17:04:06 | 004,465,568 | ---- | C] (RPA Tech, Inc ) -- C:\Documents and Settings\Ever\Desktop\setup2.5.0.exe

[2011/03/04 14:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate

[2011/02/23 19:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung

[2011/02/23 19:59:03 | 000,121,576 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdm.sys

[2011/02/23 19:59:03 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdfl.sys

[2011/02/23 19:59:03 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcmnt.sys

[2011/02/23 19:59:03 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcm.sys

[2011/02/23 19:59:02 | 000,096,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadbus.sys

[2011/02/23 19:59:02 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwhnt.sys

[2011/02/23 19:59:02 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwh.sys

[2011/02/23 19:59:00 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdm.sys

[2011/02/23 19:59:00 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys

[2011/02/23 19:59:00 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcmnt.sys

[2011/02/23 19:59:00 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcm.sys

[2011/02/23 19:58:58 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdbus.sys

[2011/02/23 19:58:58 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwhnt.sys

[2011/02/23 19:58:58 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwh.sys

[2011/02/23 19:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung

[2011/02/23 19:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung

[2011/02/23 19:58:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\.svn

[2011/02/23 19:57:08 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll

[2009/06/05 10:36:51 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ever\Application Data\pcouffin.sys

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/21 23:47:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ever\Desktop\OTL.exe

[2011/03/21 23:39:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-900567137-2806797810-1471019888-1005UA.job

[2011/03/21 20:39:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-900567137-2806797810-1471019888-1005Core.job

[2011/03/20 22:10:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/03/20 22:10:04 | 1072,128,000 | -HS- | M] () -- C:\hiberfil.sys

[2011/03/20 21:42:44 | 001,006,764 | ---- | M] () -- C:\Documents and Settings\Ever\Desktop\rkill.com

[2011/03/20 21:24:21 | 000,014,122 | -HS- | M] () -- C:\Documents and Settings\Ever\Local Settings\Application Data\234f45o17lmjtc5r7tra6s

[2011/03/20 21:24:21 | 000,014,122 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\234f45o17lmjtc5r7tra6s

[2011/03/20 19:42:27 | 036,317,320 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Ever\Desktop\sdsetup.exe

[2011/03/20 18:34:21 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\Ever\Application Data\vso_ts_preview.xml

[2011/03/20 18:15:10 | 737,000,050 | ---- | M] () -- C:\Documents and Settings\Ever\Desktop\gu 10.avi

[2011/03/20 16:25:03 | 1312,522,240 | ---- | M] () -- C:\Documents and Settings\Ever\Desktop\127.Hours.2010.DVDSCR.AC3.avi

[2011/03/14 21:01:48 | 001,127,961 | ---- | M] () -- C:\Documents and Settings\Ever\Desktop\Networking paperwork E Vargas.pdf

[2011/03/13 10:18:17 | 000,486,916 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/03/13 10:18:17 | 000,088,264 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/03/11 17:49:57 | 000,300,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/03/11 02:26:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011/03/11 01:12:26 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2011/03/07 17:04:11 | 004,465,568 | ---- | M] (RPA Tech, Inc ) -- C:\Documents and Settings\Ever\Desktop\setup2.5.0.exe

[2011/03/04 14:35:39 | 000,001,863 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk

[2011/03/04 03:06:19 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Ever\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/02/23 20:31:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf

[2011/02/23 20:13:51 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies mini.lnk

[2011/02/23 19:57:04 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll

[2011/02/23 18:10:59 | 073,702,216 | ---- | M] () -- C:\Documents and Settings\Ever\Desktop\AiO_071_000_201_000_CDA_DriverOnly_Network_enu_NB.exe

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/20 21:42:44 | 001,006,764 | ---- | C] () -- C:\Documents and Settings\Ever\Desktop\rkill.com

[2011/03/20 21:17:36 | 1072,128,000 | -HS- | C] () -- C:\hiberfil.sys

[2011/03/20 18:29:43 | 000,014,122 | -HS- | C] () -- C:\Documents and Settings\Ever\Local Settings\Application Data\234f45o17lmjtc5r7tra6s

[2011/03/20 18:29:43 | 000,014,122 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\234f45o17lmjtc5r7tra6s

[2011/03/20 17:15:39 | 737,000,050 | ---- | C] () -- C:\Documents and Settings\Ever\Desktop\gu 10.avi

[2011/03/20 15:20:18 | 1312,522,240 | ---- | C] () -- C:\Documents and Settings\Ever\Desktop\127.Hours.2010.DVDSCR.AC3.avi

[2011/03/14 21:01:48 | 001,127,961 | ---- | C] () -- C:\Documents and Settings\Ever\Desktop\Networking paperwork E Vargas.pdf

[2011/03/11 01:12:26 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2011/03/04 14:35:39 | 000,001,863 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk

[2011/02/23 20:31:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf

[2011/02/23 19:59:22 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies mini.lnk

[2011/02/23 18:08:07 | 073,702,216 | ---- | C] () -- C:\Documents and Settings\Ever\Desktop\AiO_071_000_201_000_CDA_DriverOnly_Network_enu_NB.exe

[2010/03/29 22:47:27 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Ever\Application Data\$_hpcst$.hpc

[2009/09/14 22:25:47 | 000,000,029 | ---- | C] () -- C:\WINDOWS\Battle.ini

[2009/06/15 21:10:25 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Ever\Application Data\wklnhst.dat

[2009/06/09 00:33:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI

[2009/06/05 10:37:23 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Ever\Application Data\vso_ts_preview.xml

[2009/06/05 10:36:51 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Ever\Application Data\inst.exe

[2009/06/05 10:36:51 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ever\Application Data\pcouffin.cat

[2009/06/05 10:36:51 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ever\Application Data\pcouffin.inf

[2009/05/21 00:42:24 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Ever\Application Data\setup_ldm.iss

[2009/04/21 18:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini

[2009/04/06 16:30:23 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll

[2009/04/05 19:56:32 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Ever\Local Settings\Application Data\fusioncache.dat

[2009/04/01 18:27:45 | 000,079,189 | ---- | C] () -- C:\WINDOWS\War3Unin.dat

[2009/04/01 11:13:52 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Ever\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/04/01 02:56:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2009/04/01 01:27:44 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini

[2009/04/01 01:23:36 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2009/04/01 01:23:36 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2009/04/01 01:23:36 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2009/04/01 01:23:36 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2009/04/01 01:23:36 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2009/04/01 01:23:36 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2009/04/01 01:22:32 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009/04/01 01:16:03 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll

[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2005/05/24 18:15:31 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005/04/26 21:09:26 | 000,610,304 | ---- | C] () -- C:\WINDOWS\System32\lpykrp.exe

[2005/04/26 19:30:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI

[2005/04/25 23:07:21 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2005/04/25 23:07:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2005/04/25 22:41:50 | 000,111,552 | ---- | C] () -- C:\WINDOWS\setup.exe

[2005/04/25 22:41:35 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\elcric.dat

[2005/04/25 22:37:51 | 000,000,811 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2005/04/25 22:32:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2005/04/25 22:27:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2005/04/25 22:17:37 | 000,081,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2005/04/25 22:17:28 | 000,000,762 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2005/04/25 22:17:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2005/04/25 22:17:05 | 000,486,916 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2005/04/25 22:17:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2005/04/25 22:17:05 | 000,088,264 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2005/04/25 22:17:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2005/04/25 22:17:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2005/04/25 22:17:04 | 000,004,530 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2005/04/25 22:17:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2005/04/25 22:17:02 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2005/04/25 22:17:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2005/04/25 22:16:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2005/04/25 22:16:57 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2005/04/25 15:23:58 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2005/04/25 15:23:24 | 000,300,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2005/01/18 15:31:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2002/06/12 17:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll

[2002/04/02 21:08:34 | 000,311,108 | ---- | C] () -- C:\WINDOWS\ml-cleanup.exe

[2001/10/24 19:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll

[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2009/06/05 00:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier

[2009/06/05 00:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Megaupload

[2011/02/23 20:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung

[2009/04/01 02:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate

[2011/03/20 22:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2009/06/05 11:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk

[2009/04/01 03:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}

[2010/06/26 09:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2009/12/18 09:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/08/31 18:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}

[2009/06/27 03:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2009/06/05 00:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ever\Application Data\EmailNotifier

[2009/04/01 01:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ever\Application Data\InterMute

[2011/03/20 14:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ever\Application Data\LimeWire

[2009/06/15 21:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ever\Application Data\Template

[2010/11/08 00:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ever\Application Data\Vso

[2010/09/10 02:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ever\Application Data\Windows Search

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >

AND here is the Extras >>>

OTL Extras logfile created on: 3/21/2011 11:50:15 PM - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Ever\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 407.00 Mb Available Physical Memory | 40.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 225.88 Gb Total Space | 5.67 Gb Free Space | 2.51% Space Free | Partition Type: NTFS

Drive J: | 232.88 Gb Total Space | 10.48 Gb Free Space | 4.50% Space Free | Partition Type: NTFS

Computer Name: VALUED-A9767827 | User Name: Ever | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-900567137-2806797810-1471019888-1005\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)

"D:\setup\HPZNET01.EXE" = D:\setup\HPZNET01.EXE:*:Enabled:hpznet01.exe

"D:\setup\HPONICIFS01.EXE" = D:\setup\HPONICIFS01.EXE:*:Enabled:hponicifs01.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe

"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe

"C:\Documents and Settings\Ever\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\Ever\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)

"C:\Documents and Settings\Ever\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Ever\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{005F78AF-110D-398A-8430-BE98950A1E22}" = Google Talk Plugin

"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset

"{01AE599F-7B72-4135-8C56-9191F4ACBA88}" = VAIO Edit Components

"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer

"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver

"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 4.0

"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 13

"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter

"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer

"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes

"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour

"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support

"{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00

"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper

"{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration

"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration

"{40D1BC4F-56CB-458E-BE8C-35A025CC52FB}" = Sony TV Tuner Library 1.0

"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works

"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2

"{4E993095-28F2-4060-9101-99C1FD1195C0}" = VAIO Control Center

"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant

"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 4.0

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.6.4.158

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7998F67D-655B-42E3-B651-18D96DD17268}" = Adobe Premiere Standard

"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 4.1

"{80EE18E6-F16C-11D4-8BE8-006097C9A3ED}" = ISScript

"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager

"{9155A84B-A94B-496E-9661-9978EB0CBC7C}" = Image Converter 2

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO

"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!

"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync

"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B953606-000E-491C-B74D-78ECFDD520A0}" = OpenMG Metadata Extractor for Windows Media Player

"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data

"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.0

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser

"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel

"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter

"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0

"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 4.0

"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles

"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center

"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update

"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter

"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library

"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 1.4

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver

"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter

"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform

"{DA7ECDA9-C6DD-4E4A-8EB8-9899E08C6740}" = SonicStage MP3 Add-on program

"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)

"{E623BB3F-F7ED-4148-BEB5-A0D1DB28B4DE}" = Media Converter for Philips

"{E715FA41-46EB-4D3F-B4D9-A45973E76026}" = VAIO Structure Wallpaper

"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.4.02

"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer

"{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}" = Kies mini

"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint

"{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"All ATI Software" = ATI - Software Uninstall Utility

"ATI Display Driver" = ATI Display Driver

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0600" = HDAUDIO SoftV92 Data Fax Modem with SmartCP

"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18

"ENTERPRISE" = Microsoft Office Enterprise 2007

"hon" = Heroes of Newerth

"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0

"HPOCR" = OCR Software by I.R.I.S 7.0

"ie8" = Windows Internet Explorer 8

"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer

"InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00

"InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration

"InstallShield_{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}" = Kies mini

"InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone

"LimeWire" = LimeWire PRO 5.0.11

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"N360" = Norton 360

"NVIDIA Drivers" = NVIDIA Drivers

"OpenMG HotFix4.1-05-13-31-01" = OpenMG Limited Patch 4.1-05-13-31-01

"PROSet" = Intel® PRO Network Connections Drivers

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-900567137-2806797810-1471019888-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 3/21/2011 10:52:43 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 1969

Error - 3/21/2011 11:03:51 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/21/2011 11:03:51 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 670703

Error - 3/21/2011 11:03:51 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 670703

Error - 3/21/2011 11:03:55 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/21/2011 11:03:55 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 674609

Error - 3/21/2011 11:03:55 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 674609

Error - 3/21/2011 11:03:59 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/21/2011 11:03:59 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 678516

Error - 3/21/2011 11:03:59 AM | Computer Name = VALUED-A9767827 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 678516

[ Media Center Events ]

Error - 2/14/2010 9:37:41 AM | Computer Name = VALUED-A9767827 | Source = Recording | ID = 19

Description = The recording schedule has been corrupted and was automatically deleted

on 2/14/2010 8:37:41 AM. You may need to reschedule your recordings.

[ OSession Events ]

Error - 5/3/2009 1:26:09 AM | Computer Name = VALUED-A9767827 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 85878

seconds with 660 seconds of active time. This session ended with a crash.

Error - 5/21/2009 12:28:45 AM | Computer Name = VALUED-A9767827 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 830733

seconds with 1440 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 3/20/2011 8:30:44 PM | Computer Name = VALUED-A9767827 | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service EventSystem

with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 3/20/2011 8:31:40 PM | Computer Name = VALUED-A9767827 | Source = Service Control Manager | ID = 7001

Description = The VAIO Entertainment File Import Service service depends on the

VAIO Entertainment Database Service service which failed to start because of the

following error: %%1068

Error - 3/20/2011 8:31:40 PM | Computer Name = VALUED-A9767827 | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

BHDrvx86 ccHP DMICall eeCtrl Fips IDSxpx86 intelppm SRTSPX SYMTDI

Error - 3/20/2011 9:16:31 PM | Computer Name = VALUED-A9767827 | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service EventSystem

with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 3/20/2011 9:19:36 PM | Computer Name = VALUED-A9767827 | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

IDSxpx86

Error - 3/20/2011 10:01:05 PM | Computer Name = VALUED-A9767827 | Source = Service Control Manager | ID = 7009

Description = Timeout (30000 milliseconds) waiting for the PC Tools Security Service

service to connect.

Error - 3/20/2011 10:01:05 PM | Computer Name = VALUED-A9767827 | Source = Service Control Manager | ID = 7000

Description = The PC Tools Security Service service failed to start due to the following

error: %%1053

Error - 3/20/2011 10:01:21 PM | Computer Name = VALUED-A9767827 | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

IDSxpx86

Error - 3/20/2011 10:10:56 PM | Computer Name = VALUED-A9767827 | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

IDSxpx86

Error - 3/20/2011 10:15:54 PM | Computer Name = VALUED-A9767827 | Source = DCOM | ID = 10010

Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register

with DCOM within the required timeout.

< End of report >

Thanx for your help by the way

Link to post
Share on other sites

Looks pretty good.

Enable hidden files:

http://www.bleepingcomputer.com/tutorials/tutorial62.html#winxp

Then have a look in these two folders, if you don't recognize them, please delete them.

I'm pretty sure that they are related to malware.

C:\Documents and Settings\Ever\Local Settings\Application Data\234f45o17lmjtc5r7tra6s

C:\Documents and Settings\All Users\Application Data\234f45o17lmjtc5r7tra6s

-----------------------

Download TDSSKiller to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Start Scan.

Don't Change These Settings:

If an infected file is detected, the default action will be Cure, click on Continue.

If a suspicious file is detected, the default action will be Skip, click on Continue.

You may be asked you to reboot the computer to complete the process. Click on Reboot Now

To view the report:

Click the Report button and copy/paste the contents of it into your next reply.

Note:It will also create a log in the C:\ directory and look something like this:

TDSSKiller.2.4.17.0_12.02.2011_14.35.56_log.txt

--------------------------

When we're done.....

Your Java is way out of date: (older versions are vulnerable to malware)

Java

Link to post
Share on other sites

ok i did everything you asked though in the two folders that you mentioned, i only found the one that was in the folder "All Users" so i deleted it, coudnt find any on the "Ever" folder.

TDSSKiller didnt find anything but here is the log:

2011/03/22 10:41:30.0619 5216 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28

2011/03/22 10:41:30.0712 5216 ================================================================================

2011/03/22 10:41:30.0712 5216 SystemInfo:

2011/03/22 10:41:30.0712 5216

2011/03/22 10:41:30.0712 5216 OS Version: 5.1.2600 ServicePack: 3.0

2011/03/22 10:41:30.0712 5216 Product type: Workstation

2011/03/22 10:41:30.0712 5216 ComputerName: VALUED-A9767827

2011/03/22 10:41:30.0712 5216 UserName: Ever

2011/03/22 10:41:30.0712 5216 Windows directory: C:\WINDOWS

2011/03/22 10:41:30.0712 5216 System windows directory: C:\WINDOWS

2011/03/22 10:41:30.0712 5216 Processor architecture: Intel x86

2011/03/22 10:41:30.0712 5216 Number of processors: 2

2011/03/22 10:41:30.0712 5216 Page size: 0x1000

2011/03/22 10:41:30.0712 5216 Boot type: Normal boot

2011/03/22 10:41:30.0712 5216 ================================================================================

2011/03/22 10:41:32.0744 5216 Initialize success

2011/03/22 10:41:37.0619 5264 ================================================================================

2011/03/22 10:41:37.0619 5264 Scan started

2011/03/22 10:41:37.0619 5264 Mode: Manual;

2011/03/22 10:41:37.0619 5264 ================================================================================

2011/03/22 10:41:38.0275 5264 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/03/22 10:41:38.0353 5264 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

2011/03/22 10:41:38.0415 5264 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2011/03/22 10:41:38.0494 5264 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2011/03/22 10:41:38.0650 5264 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys

2011/03/22 10:41:38.0728 5264 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

2011/03/22 10:41:38.0869 5264 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/03/22 10:41:38.0900 5264 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/03/22 10:41:39.0025 5264 ati2mtag (2fbdfec8cd60cec3d55e615865333033) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

2011/03/22 10:41:39.0072 5264 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/03/22 10:41:39.0134 5264 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/03/22 10:41:39.0197 5264 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/03/22 10:41:39.0322 5264 BHDrvx86 (76154fa6a742c613b44bb636b1a7c057) C:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys

2011/03/22 10:41:39.0384 5264 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/03/22 10:41:39.0415 5264 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2011/03/22 10:41:39.0478 5264 ccHP (8973ff34b83572d867b5b928905ad5ac) C:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys

2011/03/22 10:41:39.0572 5264 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/03/22 10:41:39.0587 5264 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/03/22 10:41:39.0619 5264 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/03/22 10:41:39.0775 5264 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/03/22 10:41:39.0853 5264 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2011/03/22 10:41:39.0994 5264 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys

2011/03/22 10:41:40.0009 5264 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2011/03/22 10:41:40.0056 5264 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/03/22 10:41:40.0119 5264 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2011/03/22 10:41:40.0181 5264 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/03/22 10:41:40.0259 5264 e1express (0849eacdc01487573add86f5e470806c) C:\WINDOWS\system32\DRIVERS\e1e5132.sys

2011/03/22 10:41:40.0384 5264 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

2011/03/22 10:41:40.0447 5264 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/03/22 10:41:40.0478 5264 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

2011/03/22 10:41:40.0494 5264 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2011/03/22 10:41:40.0525 5264 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2011/03/22 10:41:40.0587 5264 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

2011/03/22 10:41:40.0603 5264 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/03/22 10:41:40.0650 5264 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/03/22 10:41:40.0697 5264 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

2011/03/22 10:41:40.0775 5264 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/03/22 10:41:40.0837 5264 HdAudAddService (9131ede087af04a7d80f7ebadc164254) C:\WINDOWS\system32\drivers\HdAudio.sys

2011/03/22 10:41:40.0884 5264 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

2011/03/22 10:41:40.0915 5264 HidIr (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys

2011/03/22 10:41:40.0947 5264 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/03/22 10:41:41.0056 5264 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

2011/03/22 10:41:41.0119 5264 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

2011/03/22 10:41:41.0181 5264 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

2011/03/22 10:41:41.0244 5264 HSFHWAZL (dfadd76b2efdf49b81e5ebfa691d5131) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

2011/03/22 10:41:41.0306 5264 HSF_DP (a5997c70a8df5f4e5c60fff7429823e9) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

2011/03/22 10:41:41.0415 5264 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/03/22 10:41:41.0494 5264 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/03/22 10:41:41.0556 5264 iaStor (79ae2a97c120f282845d854d0f070ea9) C:\WINDOWS\system32\drivers\iaStor.sys

2011/03/22 10:41:41.0728 5264 IDSxpx86 (231c3f6d5c520e99924e1e37401a90c4) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100701.001\IDSxpx86.sys

2011/03/22 10:41:41.0775 5264 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/03/22 10:41:41.0947 5264 IntcAzAudAddService (44792ccbc7b41b42ec068c6416d17de1) C:\WINDOWS\system32\drivers\RtkHDAud.sys

2011/03/22 10:41:42.0072 5264 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/03/22 10:41:42.0103 5264 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

2011/03/22 10:41:42.0134 5264 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/03/22 10:41:42.0197 5264 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/03/22 10:41:42.0244 5264 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/03/22 10:41:42.0275 5264 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/03/22 10:41:42.0337 5264 IrBus (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys

2011/03/22 10:41:42.0384 5264 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/03/22 10:41:42.0431 5264 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/03/22 10:41:42.0494 5264 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/03/22 10:41:42.0509 5264 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

2011/03/22 10:41:42.0540 5264 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2011/03/22 10:41:42.0603 5264 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/03/22 10:41:42.0665 5264 L8042Kbd (d88846f9f4f27ae9be584a6e5b6b8753) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys

2011/03/22 10:41:42.0712 5264 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys

2011/03/22 10:41:42.0775 5264 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys

2011/03/22 10:41:42.0837 5264 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

2011/03/22 10:41:42.0947 5264 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

2011/03/22 10:41:42.0994 5264 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/03/22 10:41:43.0072 5264 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2011/03/22 10:41:43.0087 5264 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/03/22 10:41:43.0103 5264 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/03/22 10:41:43.0134 5264 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/03/22 10:41:43.0197 5264 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/03/22 10:41:43.0259 5264 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/03/22 10:41:43.0337 5264 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2011/03/22 10:41:43.0384 5264 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/03/22 10:41:43.0431 5264 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/03/22 10:41:43.0478 5264 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/03/22 10:41:43.0525 5264 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/03/22 10:41:43.0556 5264 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

2011/03/22 10:41:43.0603 5264 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2011/03/22 10:41:43.0650 5264 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2011/03/22 10:41:43.0884 5264 NAVENG (83518e6cc82bdc3c3db0c12d1c9a2275) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100701.052\NAVENG.SYS

2011/03/22 10:41:43.0994 5264 NAVEX15 (85cf37740fe06c7a2eaa7f6c81f0819c) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100701.052\NAVEX15.SYS

2011/03/22 10:41:44.0072 5264 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2011/03/22 10:41:44.0119 5264 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2011/03/22 10:41:44.0134 5264 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/03/22 10:41:44.0181 5264 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/03/22 10:41:44.0197 5264 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/03/22 10:41:44.0244 5264 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/03/22 10:41:44.0275 5264 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/03/22 10:41:44.0306 5264 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/03/22 10:41:44.0353 5264 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

2011/03/22 10:41:44.0384 5264 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2011/03/22 10:41:44.0415 5264 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/03/22 10:41:44.0478 5264 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/03/22 10:41:44.0634 5264 nv (d38646b9f5936e401ef1d87fc10b6eb2) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

2011/03/22 10:41:44.0790 5264 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/03/22 10:41:44.0837 5264 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/03/22 10:41:44.0884 5264 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

2011/03/22 10:41:44.0947 5264 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/03/22 10:41:44.0962 5264 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/03/22 10:41:45.0009 5264 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/03/22 10:41:45.0040 5264 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/03/22 10:41:45.0150 5264 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/03/22 10:41:45.0197 5264 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

2011/03/22 10:41:45.0244 5264 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys

2011/03/22 10:41:45.0744 5264 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/03/22 10:41:45.0759 5264 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/03/22 10:41:45.0790 5264 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/03/22 10:41:45.0822 5264 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/03/22 10:41:45.0962 5264 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/03/22 10:41:45.0994 5264 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/03/22 10:41:46.0025 5264 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/03/22 10:41:46.0056 5264 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/03/22 10:41:46.0087 5264 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/03/22 10:41:46.0150 5264 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/03/22 10:41:46.0181 5264 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/03/22 10:41:46.0228 5264 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/03/22 10:41:46.0259 5264 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/03/22 10:41:46.0322 5264 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/03/22 10:41:46.0369 5264 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

2011/03/22 10:41:46.0415 5264 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/03/22 10:41:46.0478 5264 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2011/03/22 10:41:46.0572 5264 smrt (27d6be8e961ab9df26ec5ce823b68b7f) C:\WINDOWS\system32\DRIVERS\smrt.sys

2011/03/22 10:41:46.0665 5264 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2011/03/22 10:41:46.0759 5264 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/03/22 10:41:46.0884 5264 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS

2011/03/22 10:41:46.0915 5264 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS

2011/03/22 10:41:46.0978 5264 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/03/22 10:41:47.0072 5264 ssadbus (6d83ff6722baf7e82a4521dbec363e5a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys

2011/03/22 10:41:47.0103 5264 ssadmdfl (5ae42e90f99749e0e35b9989a2d0275c) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys

2011/03/22 10:41:47.0134 5264 ssadmdm (9285d8aba50a4d6482b1574448f9eb76) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys

2011/03/22 10:41:47.0181 5264 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\WINDOWS\system32\DRIVERS\sscdbus.sys

2011/03/22 10:41:47.0228 5264 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys

2011/03/22 10:41:47.0275 5264 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys

2011/03/22 10:41:47.0369 5264 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys

2011/03/22 10:41:47.0400 5264 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2011/03/22 10:41:47.0431 5264 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/03/22 10:41:47.0462 5264 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2011/03/22 10:41:47.0634 5264 SymEFA (d0885f6e24259a6c65e68d6ad749910a) C:\WINDOWS\system32\drivers\N360\0308000.029\SYMEFA.SYS

2011/03/22 10:41:47.0728 5264 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

2011/03/22 10:41:47.0744 5264 SYMFW (1e825026436c4eac3e1a11d1e9c33f2c) C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS

2011/03/22 10:41:47.0775 5264 SYMIDS (7a20b7d774ef0f16cf81b898bfeca772) C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS

2011/03/22 10:41:47.0822 5264 SymIM (c6db9f873b09c63f5cb1de10c08bf6f9) C:\WINDOWS\system32\DRIVERS\SymIM.sys

2011/03/22 10:41:47.0884 5264 SymIMMP (c6db9f873b09c63f5cb1de10c08bf6f9) C:\WINDOWS\system32\DRIVERS\SymIM.sys

2011/03/22 10:41:47.0947 5264 SYMNDIS (5ab7d00ea6b7a6fcd5067c632ec6f039) C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS

2011/03/22 10:41:48.0009 5264 SYMTDI (e4fa8bbb96e314e9508865de1a767538) C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS

2011/03/22 10:41:48.0087 5264 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/03/22 10:41:48.0150 5264 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/03/22 10:41:48.0212 5264 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/03/22 10:41:48.0244 5264 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/03/22 10:41:48.0290 5264 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/03/22 10:41:48.0415 5264 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2011/03/22 10:41:48.0509 5264 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2011/03/22 10:41:48.0587 5264 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys

2011/03/22 10:41:48.0619 5264 usbbus (5353218b3265e3b8190335059f697a11) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys

2011/03/22 10:41:48.0665 5264 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/03/22 10:41:48.0728 5264 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys

2011/03/22 10:41:48.0775 5264 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/03/22 10:41:48.0790 5264 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/03/22 10:41:48.0853 5264 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys

2011/03/22 10:41:48.0900 5264 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2011/03/22 10:41:48.0931 5264 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2011/03/22 10:41:48.0947 5264 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/03/22 10:41:48.0994 5264 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/03/22 10:41:49.0040 5264 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

2011/03/22 10:41:49.0087 5264 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2011/03/22 10:41:49.0150 5264 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/03/22 10:41:49.0212 5264 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/03/22 10:41:49.0290 5264 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

2011/03/22 10:41:49.0353 5264 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/03/22 10:41:49.0447 5264 winachsf (cdc87dc4d727a1c0c7cfaf82e58b0e7c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

2011/03/22 10:41:49.0572 5264 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

2011/03/22 10:41:49.0619 5264 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

2011/03/22 10:41:49.0665 5264 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2011/03/22 10:41:49.0712 5264 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/03/22 10:41:49.0759 5264 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/03/22 10:41:50.0040 5264 ================================================================================

2011/03/22 10:41:50.0040 5264 Scan finished

2011/03/22 10:41:50.0040 5264 ================================================================================

Link to post
Share on other sites

its running really well although the only problem i have noticed ever since i had the virus is the Windows Automatic Update is OFF and it wont let me turn it on. When i open the Windows Security Center window and i click on "Turn On" i get a pop up window with

"We're sorry. The Security Center could not change your Automatic Updates settings. To try changing these settings yourself, go to System in Control Panel. On the Automatic Updates tab, select Automatic (recommended, and then click OK."

When try doing that, the window shows that it already is "Turned On". Although there is the Red Shield with and X in the bottom right corner of my screen that shows that it is not turned on. I had Norton 360, but it expired so i cant even do a regular anti-virus scan. Is there any free anti-virus that you would recommend me and also a firewall? Thanx.

Link to post
Share on other sites

hello MrCharlie, that link does not work so i googled and found the solution for it, this is what i did.

I closed all programs, clicked on

Start, click Run and then type this by itself with nothing: cmd

then i hit enter, then a window popped up and then

typed this, after each line, hit enter then typed the next line, then hit enter and son on:

net.exe stop wuauserv

regsvr32 /s wuapi.dll

regsvr32 /s wups.dll

regsvr32 /s wuaueng.dll

regsvr32 /s wuaueng1.dll

regsvr32 /s wucltui.dll

regsvr32 /s wuweb.dll

regsvr32 /s jscript.dll

regsvr32 /s atl.dll

regsvr32 /s softpub.dll

regsvr32 /s msxml3.dll

net.exe start wuauserv

Now, i restarted the computer and the windows update was ON, and i ALSO noticed that a JAVA icon popped saying there is a new update, ALSO there was a VAIO update for my computer, so now i updated everything and my computer is working excellent. I guess a virus that i might have gotten a couple of years ago made my computer not update anything.

But yea thanx for all your help MrCharlie, really appreciate your time helping me.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.