Jump to content

Recommended Posts

My computer is clearly infected with something. Or, I have messed up my registry. Things went south when I attempted to install software for a wireless router. I've used the same router before on an XP system without problems, but my current system is Win 7, 64 bit. Any help would be greatly appreciated. I have attached my hijackthis log.

thanks,

E-mail addresses removed; this forum is a target for spam bots. -screen317

hijackthis 04-14-2011.txt

Link to post
Share on other sites

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:24:18 PM, on 4/14/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16722)

Boot mode: Safe mode with network support

Running processes:

C:\Program Files (x86)\SeaMonkey\seamonkey.exe

C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

C:\Users\My\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110127133008.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll

O4 - HKLM\..\Run: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup

O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [standardKeyboard] C:\Windows\Wireless\Wireless.exe

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone

O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{F080DE39-A95A-4ECD-9EF4-659C412F3AD6}: NameServer = 8.10.7.142

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: DM1Service - Unknown owner - (no file)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Oasis2Service - Unknown owner - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe

O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Intel® Sample Collector (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\collsvc.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 18249 bytes

Link to post
Share on other sites

Hi coffman1809,

:welcome: My name is SpySentinel and I will be helping you with your computer infection.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Link to post
Share on other sites

OTL logfile created on: 4/15/2011 11:26:21 PM - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\My\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: | Country: | Language: | Date Format:

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 84.00% Memory free

8.00 Gb Paging File | 7.00 Gb Available in Paging File | 92.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 457.21 Gb Total Space | 118.01 Gb Free Space | 25.81% Space Free | Partition Type: NTFS

Computer Name: MY-VAIO | User Name: My | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\My\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\SeaMonkey\seamonkey.exe (mozilla.org)

========== Modules (SafeList) ==========

MOD - C:\Users\My\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)

SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)

SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)

SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)

SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()

SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)

SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)

SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)

SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)

SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)

SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)

SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)

SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)

SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)

SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)

SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)

SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)

SRV - (Oasis2Service) -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe ()

SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (IAStorDataMgrSvc) Intel® -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)

SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)

SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)

SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)

SRV - (nmservice) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)

SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)

SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)

SRV - (AOL ACS) -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)

========== Driver Services (SafeList) ==========

DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)

DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)

DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)

DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)

DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)

DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)

DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)

DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)

DRV:64bit: - (UimBus) -- C:\Windows\SysNative\drivers\uimx64.sys (Windows ® 2000 DDK provider)

DRV:64bit: - (Uim_IM) -- C:\Windows\SysNative\drivers\Uim_IMx64.sys (Paragon)

DRV:64bit: - (hotcore3) -- C:\Windows\SysNative\drivers\hotcore3.sys (Paragon Software Group)

DRV:64bit: - (TVICHW64) -- C:\Windows\SysNative\drivers\TVicHW64.sys (EnTech Taiwan)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)

DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)

DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)

DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)

DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)

DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)

DRV:64bit: - (purendis) -- C:\Windows\SysNative\drivers\purendis.sys (Cisco Systems, Inc.)

DRV:64bit: - (pnarp) -- C:\Windows\SysNative\drivers\pnarp.sys (Cisco Systems, Inc.)

DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)

DRV:64bit: - (grmnusb) -- C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.)

DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)

DRV:64bit: - (wanatw) WAN Miniport (ATW) -- C:\Windows\SysNative\drivers\wanatw64.sys (America Online, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "engine://C%3A%5CProgram%20Files%20%28x86%29%5CSeaMonkey%5Csearchplugins%5Cgoogle.src"

FF - prefs.js..browser.startup.homepage: "http://www.google.com"

FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.4

FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.85

FF - prefs.js..extensions.enabledItems: {f13b157f-b174-47e7-a34d-4815ddfdfeb8}:0.9.87.4

FF - prefs.js..extensions.enabledItems: modern@themes.mozilla.org:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/11 14:34:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/02/20 14:05:32 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/03/30 20:36:52 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/02/20 14:05:24 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/20 16:57:00 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\SeaMonkey 2.0.13\extensions\\Components: C:\Program Files (x86)\SeaMonkey\components [2011/04/14 20:12:55 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\SeaMonkey 2.0.13\extensions\\Plugins: C:\Program Files (x86)\SeaMonkey\plugins [2011/03/23 21:31:15 | 000,000,000 | ---D | M]

[2011/03/09 21:56:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/11/23 17:37:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/02/20 17:01:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/03/23 21:31:19 | 000,000,000 | ---D | M] (ChatZilla) -- C:\PROGRAM FILES (X86)\SEAMONKEY\EXTENSIONS\{59C81DF5-4B7A-477B-912D-4E0FDF64E5F2}

[2011/03/23 21:31:19 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\PROGRAM FILES (X86)\SEAMONKEY\EXTENSIONS\{F13B157F-B174-47E7-A34D-4815DDFDFEB8}

[2011/03/23 21:31:19 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\SEAMONKEY\EXTENSIONS\INSPECTOR@MOZILLA.ORG

[2010/10/13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll

[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110127133008.dll (McAfee, Inc.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)

O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110127133008.dll (McAfee, Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll (Spigot, Inc.)

O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)

O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)

O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)

O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

O4 - HKLM..\Run: [searchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)

O4 - HKLM..\Run: [smartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)

O4 - HKLM..\Run: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)

O4 - HKLM..\Run: [standardKeyboard] File not found

O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

O4:64bit: - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\SysNative\WerFault.exe (Microsoft Corporation)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)

O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)

O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/15 23:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

[2011/04/11 23:10:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}

[2011/04/11 23:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue

[2011/04/11 22:00:53 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx

[2011/04/11 22:00:53 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx

[2011/04/11 22:00:53 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml.dll

[2011/04/11 22:00:53 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx

[2011/04/11 22:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Mechanic

[2011/04/11 22:00:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools

[2011/04/11 22:00:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Registry Mechanic

[2011/04/11 21:59:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\%LOCALAPPDATA%

[2011/04/08 12:08:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer 2

[2011/04/08 12:07:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeViewer2

[2011/04/06 07:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2011/03/23 19:51:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{D5490210-C58C-4919-A9B7-65928FBA8033}

[2011/03/23 19:51:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{53FA9915-7EE0-4A6A-81E1-E1B7A0041DAE}

[2011/03/23 19:51:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{BD67076B-1F36-4213-9A14-969A8C10E56C}

[2011/03/23 19:35:43 | 000,000,000 | -HSD | C] -- C:\found.001

[2011/03/23 19:35:43 | 000,000,000 | -HSD | C] -- \found.001

[2011/03/21 11:52:17 | 000,000,000 | -HSD | C] -- C:\found.000

[2011/03/21 11:52:17 | 000,000,000 | -HSD | C] -- \found.000

========== Files - Modified Within 30 Days ==========

[2011/04/15 23:22:48 | 000,817,648 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/04/15 23:22:48 | 000,689,252 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/04/15 23:22:48 | 000,130,238 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/04/15 23:19:00 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk

[2011/04/15 23:15:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/04/15 23:12:55 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/15 05:28:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3742009753-1323018794-3662728572-1005UA.job

[2011/04/15 05:27:04 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/04/15 00:28:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3742009753-1323018794-3662728572-1005Core.job

[2011/04/14 22:37:24 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/04/14 22:37:24 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/04/14 22:22:09 | 439,958,943 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2011/04/14 18:58:23 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/04/14 18:35:48 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/04/11 22:05:50 | 000,416,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/04/11 22:01:42 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job

[2011/04/11 22:00:53 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk

[2011/04/08 12:08:08 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer 2.lnk

[2011/04/06 07:13:17 | 000,002,178 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2011/03/24 21:36:43 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2011/03/23 22:40:59 | 000,225,907 | ---- | M] () -- C:\test.xml

[2011/03/23 21:31:18 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\SeaMonkey.lnk

[2011/03/20 16:05:13 | 000,003,969 | ---- | M] () -- C:\Windows\checkip.dat

========== Files Created - No Company Name ==========

[2011/04/11 22:01:42 | 000,000,260 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job

[2011/04/11 22:00:53 | 000,040,408 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe

[2011/04/11 22:00:53 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk

[2011/04/08 12:08:08 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer 2.lnk

[2011/03/20 15:25:45 | 000,003,969 | ---- | C] () -- C:\Windows\checkip.dat

[2010/11/11 15:05:33 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\PROTOCOL.INI

[2010/11/04 16:52:29 | 000,655,171 | ---- | C] () -- C:\Windows\hpoins16.dat.temp

[2010/11/04 16:52:28 | 000,003,770 | ---- | C] () -- C:\Windows\hpomdl16.dat.temp

[2010/08/11 14:26:53 | 000,221,355 | ---- | C] () -- C:\Windows\hpoins19.dat

[2010/08/11 14:26:53 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat

[2010/08/02 21:55:42 | 000,048,425 | ---- | C] () -- C:\Program Files (x86)\EULA.eng

[2010/04/14 09:12:50 | 000,225,907 | ---- | C] () -- \test.xml

[2010/03/27 12:34:27 | 000,000,000 | ---- | C] () -- C:\Windows\Dssole.INI

[2010/03/13 10:55:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/03/12 22:18:00 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat

[2010/03/07 19:18:17 | 4209,078,272 | -HS- | C] () --

[2010/03/07 19:18:01 | 3156,807,680 | -HS- | C] () --

[2009/12/11 10:12:56 | 000,819,664 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2007/11/07 08:53:12 | 000,242,176 | ---- | C] () -- \VC_RED.MSI

[2007/11/07 08:50:40 | 001,927,956 | ---- | C] () -- \VC_RED.cab

[2007/11/07 08:44:20 | 000,855,040 | ---- | C] () -- \install.exe

[2007/11/07 08:44:20 | 000,096,272 | ---- | C] () -- \install.res.1036.dll

[2007/11/07 08:44:20 | 000,095,248 | ---- | C] () -- \install.res.3082.dll

[2007/11/07 08:44:20 | 000,095,248 | ---- | C] () -- \install.res.1031.dll

[2007/11/07 08:44:20 | 000,094,224 | ---- | C] () -- \install.res.1040.dll

[2007/11/07 08:44:20 | 000,090,128 | ---- | C] () -- \install.res.1033.dll

[2007/11/07 08:44:20 | 000,080,400 | ---- | C] () -- \install.res.1041.dll

[2007/11/07 08:44:20 | 000,078,864 | ---- | C] () -- \install.res.1042.dll

[2007/11/07 08:44:20 | 000,075,280 | ---- | C] () -- \install.res.1028.dll

[2007/11/07 08:44:20 | 000,074,768 | ---- | C] () -- \install.res.2052.dll

[2007/11/07 08:00:40 | 000,005,686 | ---- | C] () -- \vcredist.bmp

[2007/11/07 08:00:40 | 000,001,110 | ---- | C] () -- \globdata.ini

[2007/11/07 08:00:40 | 000,000,843 | ---- | C] () -- \install.ini

[2007/01/10 09:44:26 | 001,457,024 | ---- | C] () -- C:\Windows\SysWow64\SSCProt.dll

========== LOP Check ==========

[2011/04/11 22:01:42 | 000,000,260 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job

[2010/12/10 21:40:22 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D1B5B4F1

@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C671BC00

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 4/15/2011 11:26:21 PM - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\My\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: | Country: | Language: | Date Format:

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 84.00% Memory free

8.00 Gb Paging File | 7.00 Gb Available in Paging File | 92.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 457.21 Gb Total Space | 118.01 Gb Free Space | 25.81% Space Free | Partition Type: NTFS

Computer Name: MY-VAIO | User Name: My | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- Reg Error: Key error.

htmlfile [opennew] -- Reg Error: Key error.

htmlfile [print] -- Reg Error: Value error.

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" [2010/09/19 16:01:12 | 000,000,000 | ---D | M]

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- Reg Error: Key error.

htmlfile [opennew] -- Reg Error: Key error.

htmlfile [print] -- Reg Error: Value error.

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" [2010/09/19 16:01:12 | 000,000,000 | ---D | M]

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64

"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1C6B6716-84AC-412A-A296-247D41EBB7FB}" = Setup_msm_VCMS_x64

"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java 6 Update 21 (64-bit)

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer

"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector

"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center

"{64A3A4F4-B792-11D6-A78A-00B0D0160210}" = Java SE Development Kit 6 Update 21 (64-bit)

"{725D5BA4-E9FA-452B-8CF5-D7E5F8055C71}" = VAIO Content Metadata Intelligent Network Service Manager

"{7ECD4ACB-E1B6-425B-B8AA-5761A59B77E0}" = Setup_VEP_x64_Contain_SSDB

"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64

"{8FE3CF66-4484-4D39-B47D-DEBBA173619D}" = VAIO Content Metadata Manager Settings

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{97C58294-36D8-4594-8A49-7AB4AE096504}" = VAIO Content Metadata XML Interface Library

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software

"{9ECB96C6-A412-419B-8D38-4E0A4A371A43}" = GlobalMapper (64-bit)

"{A1255354-11F3-4D25-95CC-C9B1C2320761}" = VAIO Content Metadata Intelligent Analyzing Manager

"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B

"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{C69A835B-67A5-4542-AD24-FE36E3140BA9}" = Setup_msm_VOFS_x64

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst

"{DBB823F3-E8BD-4578-9D16-42AF176FD777}" = VAIO Personalization Manager

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)

"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)

"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)

"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit

"HP Imaging Device Functions" = HP Imaging Device Functions 13.0

"HP Photosmart Essential" = HP Photosmart Essential 3.5

"HP Smart Web Printing" = HP Smart Web Printing 4.51

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"HPOCR" = OCR Software by I.R.I.S. 13.0

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"NVIDIA Drivers" = NVIDIA Drivers

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Shop for HP Supplies" = Shop for HP Supplies

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{005F78AF-110D-398A-8430-BE98950A1E22}" = Google Talk Plugin

"{00721C5E-5B17-494C-95E5-208415864F62}" =

"{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF}" = VAIO Messenger

"{0489D044-6386-4BDF-9F98-577D60CF79DD}" = VAIO Entertainment Platform

"{04EAE65A-CDCF-480F-B754-5C3A9364239C}" = VAIO Original Function Settings

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{06C05B90-2127-4933-8ABA-61833BDE13FA}" = VAIO Content Monitoring Settings

"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data

"{094378A9-A706-4685-99AE-6D5D1F51B6A9}" = Sony Home Network Library

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status

"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{0F962B79-D0DC-40D9-96BA-ED1355120CBA}" = QuickBooks Financial Center

"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan

"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{180CAD6C-B0ED-42A9-8C4A-CF49C6682A06}_is1" = Free Screen Video Capture by Topviewsoft 1.1.7

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)

"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7

"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Startup Assistant

"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 24

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery

"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver

"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey

"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth

"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg

"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax

"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A221E47-E361-45C3-886A-7B2D7AD0E5AA}" = SOHLib Merge Module

"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)

"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport

"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers

"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool

"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services

"{58FA5D40-E35A-47ED-8AFA-68CCC758559E}" = Garmin MapSource

"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data

"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update

"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{6754AE0D-B2E1-45E4-835F-FDFEC373DE8A}" = VAIO Hardware Diagnostics

"{67B9AF41-C0B9-4960-84D9-A61D23DE85D8}" = Garmin Trip and Waypoint Manager v4

"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack

"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply

"{6B5E816C-A761-4F5B-BF48-84B794556CAA}_is1" = Freelang Dictionary (wordlist)

"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox

"{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie

"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data

"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update

"{70991E0A-1108-437E-BA7D-085702C670C0}" =

"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries

"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic

"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2

"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Power Management

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{87EEB1B4-EE40-4D74-9780-F266FA12F564}" = VAIO Care Update

"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A95C2DC-779A-4EA8-9DE3-B118D1411E8B}_is1" = Freelang Dictionary 3.74 beta

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{92881120-6DA5-44A3-8BAB-2429A01D022E}" = YouTube Downloader Toolbar v4.3

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =

"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc

"{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software

"{A6B90666-2A1F-49E8-A40E-27EAAD11C096}" = Sony Home Network Library

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2

"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager

"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services

"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy

"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB

"{BA4DA261-CB60-4690-B202-44998DFC6986}" = Microsoft SQL Server 2008 Setup Support Files

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{BEFBEDDF-1417-4C8A-92FB-F003C0D41199}" = OpenOffice.org 3.2

"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery

Link to post
Share on other sites

Run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
    O4 - HKLM..\Run: [] File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D1B5B4F1
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C671BC00

    :Files
    C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
    C:\Program Files (x86)\YouTube Downloader Toolbar

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done

Link to post
Share on other sites

Sir, I ran OTL again after following your instructions and got this text file:

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.

File C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\LogonHoursAction deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DontDisplayLogonHoursWarnings deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.

File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.

File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ not found.

File {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.

File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.

ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.

ADS C:\ProgramData\TEMP:C671BC00 deleted successfully.

========== FILES ==========

C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\Res folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.3 folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\IE folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\locale\EN-US folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\locale folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\content folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\FF folder moved successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar folder moved successfully.

========== COMMANDS ==========

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

[EMPTYTEMP]

User: Journal

-> No Temporary Internet Files cache folder defined!

User: RegBack

-> No Temporary Internet Files cache folder defined!

User: systemprofile

-> No Temporary Internet Files cache folder defined!

User: TxR

-> No Temporary Internet Files cache folder defined!

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 79507507 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 159991 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 757 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 76.00 mb

[EMPTYFLASH]

User: Journal

User: RegBack

User: systemprofile

User: TxR

Total Flash Files Cleaned = 0.00 mb

Error creating restore point.

OTL by OldTimer - Version 3.2.22.3 log created on 04162011_160626

Files\Folders moved on Reboot...

File move failed. C:\Windows\temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Link to post
Share on other sites

Hi coffman1809,

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Download Combofix from any of the links below but rename it to Iexplorer.com before saving it to your desktop.

* IMPORTANT !!! Save Iexplorer.com to your Desktop

Link 1

Link 2<--Right Click and use Save As if using this link.

Double click on the Iexplorer.com ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt so we can continue cleaning the system.

Link to post
Share on other sites

2011/04/17 21:39:15.0861 2620 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28

2011/04/17 21:39:17.0873 2620 ================================================================================

2011/04/17 21:39:17.0873 2620 SystemInfo:

2011/04/17 21:39:17.0873 2620

2011/04/17 21:39:17.0873 2620 OS Version: 6.1.7600 ServicePack: 0.0

2011/04/17 21:39:17.0873 2620 Product type: Workstation

2011/04/17 21:39:17.0873 2620 ComputerName: MY-VAIO

2011/04/17 21:39:17.0873 2620 UserName: My

2011/04/17 21:39:17.0873 2620 Windows directory: C:\Windows

2011/04/17 21:39:17.0873 2620 System windows directory: C:\Windows

2011/04/17 21:39:17.0873 2620 Running under WOW64

2011/04/17 21:39:17.0873 2620 Processor architecture: Intel x64

2011/04/17 21:39:17.0873 2620 Number of processors: 4

2011/04/17 21:39:17.0873 2620 Page size: 0x1000

2011/04/17 21:39:17.0873 2620 Boot type: Safe boot with network

2011/04/17 21:39:17.0873 2620 ================================================================================

2011/04/17 21:39:18.0310 2620 Initialize success

2011/04/17 21:39:22.0850 2748 ================================================================================

2011/04/17 21:39:22.0850 2748 Scan started

2011/04/17 21:39:22.0850 2748 Mode: Manual;

2011/04/17 21:39:22.0850 2748 ================================================================================

2011/04/17 21:39:23.0879 2748 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys

2011/04/17 21:39:23.0957 2748 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys

2011/04/17 21:39:24.0020 2748 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys

2011/04/17 21:39:24.0113 2748 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

2011/04/17 21:39:24.0207 2748 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

2011/04/17 21:39:24.0301 2748 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

2011/04/17 21:39:24.0394 2748 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys

2011/04/17 21:39:24.0488 2748 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

2011/04/17 21:39:24.0581 2748 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

2011/04/17 21:39:24.0675 2748 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

2011/04/17 21:39:24.0737 2748 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

2011/04/17 21:39:24.0815 2748 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

2011/04/17 21:39:24.0909 2748 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\drivers\amdsata.sys

2011/04/17 21:39:24.0987 2748 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

2011/04/17 21:39:25.0081 2748 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\drivers\amdxata.sys

2011/04/17 21:39:25.0159 2748 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

2011/04/17 21:39:25.0346 2748 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

2011/04/17 21:39:25.0471 2748 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

2011/04/17 21:39:25.0580 2748 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

2011/04/17 21:39:25.0658 2748 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/04/17 21:39:25.0705 2748 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

2011/04/17 21:39:25.0783 2748 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys

2011/04/17 21:39:25.0923 2748 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

2011/04/17 21:39:26.0017 2748 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2011/04/17 21:39:26.0063 2748 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2011/04/17 21:39:26.0173 2748 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys

2011/04/17 21:39:26.0282 2748 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

2011/04/17 21:39:26.0375 2748 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

2011/04/17 21:39:26.0485 2748 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

2011/04/17 21:39:26.0578 2748 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2011/04/17 21:39:26.0625 2748 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/04/17 21:39:26.0703 2748 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/04/17 21:39:26.0781 2748 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/04/17 21:39:26.0828 2748 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys

2011/04/17 21:39:26.0906 2748 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

2011/04/17 21:39:26.0984 2748 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

2011/04/17 21:39:27.0046 2748 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys

2011/04/17 21:39:27.0109 2748 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys

2011/04/17 21:39:27.0155 2748 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys

2011/04/17 21:39:27.0233 2748 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys

2011/04/17 21:39:27.0327 2748 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys

2011/04/17 21:39:27.0389 2748 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys

2011/04/17 21:39:27.0436 2748 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys

2011/04/17 21:39:27.0530 2748 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/04/17 21:39:27.0577 2748 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

2011/04/17 21:39:27.0670 2748 cfwids (e02c9cdb15f13de4eb2ff67660e62317) C:\Windows\system32\drivers\cfwids.sys

2011/04/17 21:39:27.0717 2748 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

2011/04/17 21:39:27.0764 2748 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2011/04/17 21:39:27.0826 2748 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

2011/04/17 21:39:27.0889 2748 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

2011/04/17 21:39:27.0951 2748 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

2011/04/17 21:39:28.0029 2748 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

2011/04/17 21:39:28.0060 2748 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys

2011/04/17 21:39:28.0169 2748 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

2011/04/17 21:39:28.0263 2748 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys

2011/04/17 21:39:28.0294 2748 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2011/04/17 21:39:28.0372 2748 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

2011/04/17 21:39:28.0450 2748 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2011/04/17 21:39:28.0528 2748 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

2011/04/17 21:39:28.0684 2748 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

2011/04/17 21:39:28.0840 2748 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

2011/04/17 21:39:28.0918 2748 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

2011/04/17 21:39:28.0965 2748 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2011/04/17 21:39:29.0012 2748 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2011/04/17 21:39:29.0043 2748 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

2011/04/17 21:39:29.0074 2748 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2011/04/17 21:39:29.0121 2748 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2011/04/17 21:39:29.0152 2748 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

2011/04/17 21:39:29.0199 2748 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

2011/04/17 21:39:29.0230 2748 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2011/04/17 21:39:29.0261 2748 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2011/04/17 21:39:29.0324 2748 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

2011/04/17 21:39:29.0371 2748 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

2011/04/17 21:39:29.0480 2748 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys

2011/04/17 21:39:29.0573 2748 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2011/04/17 21:39:29.0620 2748 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

2011/04/17 21:39:29.0683 2748 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys

2011/04/17 21:39:29.0761 2748 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

2011/04/17 21:39:29.0823 2748 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

2011/04/17 21:39:29.0885 2748 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

2011/04/17 21:39:29.0963 2748 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

2011/04/17 21:39:30.0088 2748 hotcore3 (8df34474b0789edf5007db8cbcbf9c18) C:\Windows\system32\DRIVERS\hotcore3.sys

2011/04/17 21:39:30.0135 2748 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys

2011/04/17 21:39:30.0229 2748 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

2011/04/17 21:39:30.0275 2748 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

2011/04/17 21:39:30.0385 2748 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

2011/04/17 21:39:30.0447 2748 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys

2011/04/17 21:39:30.0541 2748 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys

2011/04/17 21:39:30.0619 2748 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

2011/04/17 21:39:30.0681 2748 Impcd (4ff8a2082d78255d2eb169f986bcc981) C:\Windows\system32\drivers\Impcd.sys

2011/04/17 21:39:30.0790 2748 IntcAzAudAddService (5f35fe198ee7818221414776f8413ab0) C:\Windows\system32\drivers\RTKVHD64.sys

2011/04/17 21:39:30.0962 2748 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

2011/04/17 21:39:30.0993 2748 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys

2011/04/17 21:39:31.0055 2748 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/04/17 21:39:31.0149 2748 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys

2011/04/17 21:39:31.0196 2748 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2011/04/17 21:39:31.0243 2748 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2011/04/17 21:39:31.0321 2748 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

2011/04/17 21:39:31.0367 2748 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys

2011/04/17 21:39:31.0461 2748 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/04/17 21:39:31.0539 2748 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/04/17 21:39:31.0633 2748 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

2011/04/17 21:39:31.0726 2748 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

2011/04/17 21:39:31.0773 2748 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2011/04/17 21:39:31.0835 2748 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2011/04/17 21:39:31.0945 2748 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

2011/04/17 21:39:32.0023 2748 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

2011/04/17 21:39:32.0116 2748 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

2011/04/17 21:39:32.0179 2748 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

2011/04/17 21:39:32.0241 2748 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2011/04/17 21:39:32.0397 2748 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

2011/04/17 21:39:32.0491 2748 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

2011/04/17 21:39:32.0600 2748 mfeapfk (c1556ca9695fcd6bbd23d75d402fd43d) C:\Windows\system32\drivers\mfeapfk.sys

2011/04/17 21:39:32.0693 2748 mfeavfk (8857ee8b49f3338fc1fad476bfcca146) C:\Windows\system32\drivers\mfeavfk.sys

2011/04/17 21:39:32.0787 2748 mfefirek (19c44295f6bf085c83352d48397f7870) C:\Windows\system32\drivers\mfefirek.sys

2011/04/17 21:39:32.0896 2748 mfehidk (5f915e20ab56121c41c6bf9a91a83bda) C:\Windows\system32\drivers\mfehidk.sys

2011/04/17 21:39:33.0005 2748 mfenlfk (23ae332e32ff615ca5e5224c8d91af11) C:\Windows\system32\DRIVERS\mfenlfk.sys

2011/04/17 21:39:33.0052 2748 mferkdet (9c7a9273e345f8d653394b5c542bf86a) C:\Windows\system32\drivers\mferkdet.sys

2011/04/17 21:39:33.0130 2748 mferkdk (624d717b11e5004f68442b5740f17f21) C:\Windows\system32\drivers\mferkdk.sys

2011/04/17 21:39:33.0224 2748 mfesmfk (0cd9de7b96735f33f078c4ea044e8b34) C:\Windows\system32\drivers\mfesmfk.sys

2011/04/17 21:39:33.0349 2748 mfewfpk (3140b2c56d7119ba314f68fc785683f0) C:\Windows\system32\drivers\mfewfpk.sys

2011/04/17 21:39:33.0442 2748 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2011/04/17 21:39:33.0505 2748 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2011/04/17 21:39:33.0583 2748 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

2011/04/17 21:39:33.0645 2748 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

2011/04/17 21:39:33.0754 2748 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

2011/04/17 21:39:33.0801 2748 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys

2011/04/17 21:39:33.0848 2748 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2011/04/17 21:39:33.0895 2748 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

2011/04/17 21:39:33.0973 2748 mrxsmb (b7f3d2c40bdf8ffb73ebfb19c77734e2) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/04/17 21:39:34.0035 2748 mrxsmb10 (86c6f88b5168ce21cf8d69d0b3ff5d19) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/04/17 21:39:34.0082 2748 mrxsmb20 (b081069251c8e9f42cb8769d07148f9c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/04/17 21:39:34.0160 2748 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys

2011/04/17 21:39:34.0253 2748 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys

2011/04/17 21:39:34.0425 2748 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2011/04/17 21:39:34.0534 2748 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2011/04/17 21:39:34.0690 2748 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

2011/04/17 21:39:34.0909 2748 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2011/04/17 21:39:34.0955 2748 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/04/17 21:39:34.0987 2748 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2011/04/17 21:39:35.0033 2748 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

2011/04/17 21:39:35.0111 2748 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

2011/04/17 21:39:35.0189 2748 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2011/04/17 21:39:35.0283 2748 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

2011/04/17 21:39:35.0330 2748 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2011/04/17 21:39:35.0439 2748 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2011/04/17 21:39:35.0501 2748 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

2011/04/17 21:39:35.0579 2748 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/04/17 21:39:35.0611 2748 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/04/17 21:39:35.0657 2748 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/04/17 21:39:35.0704 2748 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/04/17 21:39:35.0767 2748 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

2011/04/17 21:39:35.0829 2748 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2011/04/17 21:39:35.0860 2748 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

2011/04/17 21:39:35.0969 2748 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

2011/04/17 21:39:36.0047 2748 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2011/04/17 21:39:36.0094 2748 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2011/04/17 21:39:36.0172 2748 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

2011/04/17 21:39:36.0235 2748 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2011/04/17 21:39:36.0297 2748 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys

2011/04/17 21:39:36.0547 2748 nvlddmkm (9d1b69708732b57d1dbc0f648692a04b) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/04/17 21:39:36.0874 2748 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys

2011/04/17 21:39:36.0921 2748 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys

2011/04/17 21:39:37.0030 2748 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

2011/04/17 21:39:37.0139 2748 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

2011/04/17 21:39:37.0249 2748 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

2011/04/17 21:39:37.0295 2748 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

2011/04/17 21:39:37.0358 2748 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys

2011/04/17 21:39:37.0405 2748 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

2011/04/17 21:39:37.0467 2748 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

2011/04/17 21:39:37.0576 2748 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2011/04/17 21:39:37.0670 2748 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2011/04/17 21:39:37.0873 2748 pnarp (fb83b6c62dff5abe36304351d2bed581) C:\Windows\system32\DRIVERS\pnarp.sys

2011/04/17 21:39:37.0982 2748 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

2011/04/17 21:39:38.0060 2748 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

2011/04/17 21:39:38.0122 2748 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

2011/04/17 21:39:38.0200 2748 purendis (1b3434642ce3c26e6f24d3a76d749c2a) C:\Windows\system32\DRIVERS\purendis.sys

2011/04/17 21:39:38.0294 2748 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys

2011/04/17 21:39:38.0403 2748 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

2011/04/17 21:39:38.0528 2748 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

2011/04/17 21:39:38.0637 2748 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2011/04/17 21:39:38.0699 2748 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2011/04/17 21:39:38.0809 2748 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/04/17 21:39:38.0855 2748 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/04/17 21:39:38.0918 2748 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/04/17 21:39:38.0965 2748 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2011/04/17 21:39:39.0011 2748 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

2011/04/17 21:39:39.0089 2748 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

2011/04/17 21:39:39.0136 2748 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/04/17 21:39:39.0199 2748 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2011/04/17 21:39:39.0245 2748 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2011/04/17 21:39:39.0292 2748 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

2011/04/17 21:39:39.0401 2748 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

2011/04/17 21:39:39.0464 2748 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

2011/04/17 21:39:39.0511 2748 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys

2011/04/17 21:39:39.0620 2748 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

2011/04/17 21:39:39.0713 2748 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys

2011/04/17 21:39:39.0823 2748 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2011/04/17 21:39:39.0885 2748 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys

2011/04/17 21:39:39.0947 2748 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

2011/04/17 21:39:40.0057 2748 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys

2011/04/17 21:39:40.0150 2748 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/04/17 21:39:40.0244 2748 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

2011/04/17 21:39:40.0337 2748 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

2011/04/17 21:39:40.0400 2748 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

2011/04/17 21:39:40.0509 2748 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys

2011/04/17 21:39:40.0587 2748 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

2011/04/17 21:39:40.0634 2748 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2011/04/17 21:39:40.0712 2748 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

2011/04/17 21:39:40.0790 2748 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

2011/04/17 21:39:40.0852 2748 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

2011/04/17 21:39:40.0946 2748 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

2011/04/17 21:39:41.0024 2748 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2011/04/17 21:39:41.0117 2748 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2011/04/17 21:39:41.0211 2748 srv (148d50904d2a0df29a19778715eb35bb) C:\Windows\system32\DRIVERS\srv.sys

2011/04/17 21:39:41.0289 2748 srv2 (ce2189fe31d36678ac9eb7ddee08ec96) C:\Windows\system32\DRIVERS\srv2.sys

2011/04/17 21:39:41.0351 2748 srvnet (cb69edeb069a49577592835659cd0e46) C:\Windows\system32\DRIVERS\srvnet.sys

2011/04/17 21:39:41.0445 2748 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

2011/04/17 21:39:41.0523 2748 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

2011/04/17 21:39:41.0601 2748 SynTP (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\drivers\SynTP.sys

2011/04/17 21:39:41.0741 2748 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys

2011/04/17 21:39:41.0851 2748 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys

2011/04/17 21:39:41.0960 2748 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

2011/04/17 21:39:42.0007 2748 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2011/04/17 21:39:42.0069 2748 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2011/04/17 21:39:42.0116 2748 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

2011/04/17 21:39:42.0194 2748 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys

2011/04/17 21:39:42.0303 2748 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/04/17 21:39:42.0350 2748 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

2011/04/17 21:39:42.0443 2748 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS

2011/04/17 21:39:42.0537 2748 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

2011/04/17 21:39:42.0631 2748 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

2011/04/17 21:39:42.0802 2748 UimBus (ba1b69c9b7f8c952201b30d26a4bc0b2) C:\Windows\system32\DRIVERS\uimx64.sys

2011/04/17 21:39:42.0880 2748 Uim_IM (56060b99d10f381caa70d2684e6512d3) C:\Windows\system32\Drivers\Uim_IMx64.sys

2011/04/17 21:39:42.0989 2748 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

2011/04/17 21:39:43.0036 2748 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

2011/04/17 21:39:43.0145 2748 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

2011/04/17 21:39:43.0255 2748 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

2011/04/17 21:39:43.0348 2748 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/04/17 21:39:43.0426 2748 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

2011/04/17 21:39:43.0473 2748 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys

2011/04/17 21:39:43.0551 2748 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys

2011/04/17 21:39:43.0613 2748 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys

2011/04/17 21:39:43.0660 2748 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2011/04/17 21:39:43.0707 2748 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/04/17 21:39:43.0754 2748 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys

2011/04/17 21:39:43.0847 2748 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

2011/04/17 21:39:43.0925 2748 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

2011/04/17 21:39:44.0113 2748 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

2011/04/17 21:39:44.0175 2748 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/04/17 21:39:44.0253 2748 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2011/04/17 21:39:44.0362 2748 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys

2011/04/17 21:39:44.0456 2748 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

2011/04/17 21:39:44.0534 2748 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys

2011/04/17 21:39:44.0581 2748 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

2011/04/17 21:39:44.0643 2748 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys

2011/04/17 21:39:44.0752 2748 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

2011/04/17 21:39:44.0861 2748 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

2011/04/17 21:39:44.0908 2748 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

2011/04/17 21:39:44.0939 2748 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

2011/04/17 21:39:45.0033 2748 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

2011/04/17 21:39:45.0095 2748 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/04/17 21:39:45.0111 2748 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/04/17 21:39:45.0158 2748 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys

2011/04/17 21:39:45.0251 2748 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

2011/04/17 21:39:45.0314 2748 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/04/17 21:39:45.0407 2748 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/04/17 21:39:45.0439 2748 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2011/04/17 21:39:45.0579 2748 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

2011/04/17 21:39:45.0688 2748 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

2011/04/17 21:39:45.0797 2748 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2011/04/17 21:39:45.0875 2748 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

2011/04/17 21:39:45.0922 2748 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/04/17 21:39:46.0000 2748 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys

2011/04/17 21:39:46.0094 2748 ================================================================================

2011/04/17 21:39:46.0094 2748 Scan finished

2011/04/17 21:39:46.0094 2748 ================================================================================

Link to post
Share on other sites

ComboFix 11-04-16.03 - SYSTEM 04/17/2011 21:52:19.1.4 - x64

Running from: c:\users\My\Desktop\lexplorer.com.exe

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\windows\SysWow64\win.ini

.

.

((((((((((((((((((((((((( Files Created from 2011-03-18 to 2011-04-18 )))))))))))))))))))))))))))))))

.

.

2011-04-18 01:59 . 2011-04-18 01:59 -------- d-----w- c:\users\My\AppData\Local\temp

2011-04-18 01:59 . 2011-04-18 01:59 -------- d-----w- c:\users\Mom\AppData\Local\temp

2011-04-18 01:59 . 2011-04-18 01:59 -------- d-----w- c:\users\Matthew\AppData\Local\temp

2011-04-18 01:59 . 2011-04-18 01:59 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-04-18 01:59 . 2011-04-18 01:59 -------- d-----w- c:\users\Guest\AppData\Local\temp

2011-04-18 01:44 . 2011-04-18 01:45 -------- d-----w- C:\32788R22FWJFW

2011-04-16 20:06 . 2011-04-16 20:06 -------- d-----w- C:\_OTL

2011-04-16 13:36 . 2011-04-16 13:36 -------- d-----w- c:\windows\system32\%LocalAppData%

2011-04-15 07:58 . 2011-03-03 03:58 3133440 ----a-w- c:\windows\system32\win32k.sys

2011-04-15 07:48 . 2011-02-18 06:37 612352 ----a-w- c:\windows\system32\vbscript.dll

2011-04-15 07:48 . 2011-02-18 05:36 428032 ----a-w- c:\windows\SysWow64\vbscript.dll

2011-04-15 07:48 . 2011-03-11 06:19 1359872 ----a-w- c:\windows\system32\mfc42u.dll

2011-04-15 07:48 . 2011-03-11 06:19 1395712 ----a-w- c:\windows\system32\mfc42.dll

2011-04-15 07:48 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll

2011-04-15 07:48 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll

2011-04-15 07:48 . 2011-02-23 05:16 401920 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-04-15 07:48 . 2011-02-23 05:16 461312 ----a-w- c:\windows\system32\drivers\srv.sys

2011-04-15 07:48 . 2011-02-23 05:15 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-04-15 07:47 . 2011-02-19 06:36 46080 ----a-w- c:\windows\system32\atmlib.dll

2011-04-15 07:47 . 2011-02-19 05:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2011-04-15 07:47 . 2011-02-19 04:13 367104 ----a-w- c:\windows\system32\atmfd.dll

2011-04-15 07:47 . 2011-02-19 03:37 294912 ----a-w- c:\windows\SysWow64\atmfd.dll

2011-04-15 07:43 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-04-15 07:43 . 2011-03-03 06:14 30208 ----a-w- c:\windows\system32\dnscacheugc.exe

2011-04-15 07:42 . 2011-03-03 05:27 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe

2011-04-15 07:41 . 2011-03-08 06:14 976896 ----a-w- c:\windows\system32\inetcomm.dll

2011-04-15 07:41 . 2011-03-08 05:38 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll

2011-04-15 07:40 . 2011-02-05 12:41 556928 ----a-w- c:\windows\system32\winresume.efi

2011-04-15 07:40 . 2011-02-05 12:41 640896 ----a-w- c:\windows\system32\winload.efi

2011-04-15 07:40 . 2011-02-05 12:41 20352 ----a-w- c:\windows\system32\kdusb.dll

2011-04-15 07:40 . 2011-02-05 12:41 19328 ----a-w- c:\windows\system32\kd1394.dll

2011-04-15 07:40 . 2011-02-05 12:41 17792 ----a-w- c:\windows\system32\kdcom.dll

2011-04-15 07:40 . 2011-02-05 12:39 603976 ----a-w- c:\windows\system32\winload.exe

2011-04-15 07:40 . 2011-02-05 12:39 518160 ----a-w- c:\windows\system32\winresume.exe

2011-04-15 07:39 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe

2011-04-15 07:38 . 2011-02-23 05:15 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-04-15 07:38 . 2011-02-23 05:15 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-04-15 07:38 . 2011-02-23 05:15 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-04-15 07:38 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-04-12 03:22 . 2011-04-12 03:22 -------- d-----w- c:\users\Guest\AppData\Roaming\Malwarebytes

2011-04-12 03:10 . 2011-04-12 03:10 -------- d-----w- c:\program files (x86)\Uniblue

2011-04-12 03:10 . 2011-04-12 03:10 -------- d-----w- c:\users\My\AppData\Local\PackageAware

2011-04-12 02:03 . 2011-04-12 02:03 -------- d-----w- c:\users\My\AppData\Roaming\Registry Mechanic

2011-04-12 02:00 . 2010-09-16 15:26 40408 ----a-w- c:\windows\system32\CleanMFT64.exe

2011-04-12 02:00 . 2008-04-02 19:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx

2011-04-12 02:00 . 2008-04-02 19:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx

2011-04-12 02:00 . 2008-04-02 19:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx

2011-04-12 02:00 . 2004-08-04 11:00 506368 ----a-w- c:\windows\SysWow64\msxml.dll

2011-04-12 02:00 . 2011-04-12 02:00 -------- d-----w- c:\program files (x86)\Common Files\PC Tools

2011-04-12 01:59 . 2011-04-12 01:59 -------- d-----w- c:\windows\SysWow64\%LOCALAPPDATA%

2011-04-08 16:07 . 2011-04-08 16:10 -------- d-----w- c:\program files (x86)\SecondLifeViewer2

2011-04-08 02:41 . 2011-04-09 13:51 -------- d-----w- c:\users\Guest\AppData\Local\SecondLife

2011-04-08 02:41 . 2011-04-08 22:14 -------- d-----w- c:\users\Guest\AppData\Roaming\SecondLife

2011-04-06 22:38 . 2011-04-06 22:39 -------- d-----w- c:\users\Guest\AppData\Local\AOL

2011-04-06 22:38 . 2011-04-06 22:38 -------- d-----w- c:\users\Guest\AppData\Roaming\AOL

2011-04-02 01:01 . 2011-04-02 01:01 -------- d-----w- c:\users\Guest\AppData\Roaming\Yahoo!

2011-04-02 01:01 . 2011-04-12 03:03 -------- d-----w- c:\users\Guest\AppData\Local\Google

2011-04-02 01:01 . 2011-04-02 01:01 -------- d-----w- c:\users\Guest\AppData\Local\AOL Toolbar

2011-04-02 00:04 . 2011-04-08 21:45 -------- d-----w- c:\users\Guest\AppData\Local\PokerStars

2011-03-31 00:28 . 2011-03-31 00:28 -------- d-----w- c:\users\Matthew\AppData\Roaming\Intel Corporation

2011-03-30 02:31 . 2011-03-30 02:40 -------- d-----w- c:\users\Guest\AppData\Local\Adobe

2011-03-27 04:38 . 2011-03-27 04:38 -------- d-----w- c:\users\Guest\AppData\Roaming\Apple Computer

2011-03-26 13:54 . 2011-03-26 13:54 -------- d-----w- c:\users\Guest\AppData\Local\CrashDumps

2011-03-25 22:29 . 2011-03-25 22:33 -------- d-----w- c:\users\Guest\AppData\Roaming\GARMIN

2011-03-25 02:05 . 2011-03-25 02:05 -------- d-----w- c:\users\Guest\AppData\Local\Mozilla

2011-03-25 01:38 . 2011-03-25 01:38 -------- d-----w- c:\users\Guest\AppData\Local\ArcSoft

2011-03-25 01:37 . 2011-03-25 01:38 -------- d-----w- c:\users\Guest\AppData\Roaming\ArcSoft

2011-03-25 01:37 . 2011-04-12 00:47 -------- d-----w- c:\users\Guest\AppData\Roaming\skypePM

2011-03-25 01:36 . 2011-04-12 01:30 -------- d-----w- c:\users\Guest\AppData\Roaming\Skype

2011-03-25 01:16 . 2011-03-25 01:16 -------- d-----w- c:\users\Guest\AppData\Roaming\Intel Corporation

2011-03-23 23:51 . 2011-03-23 23:51 -------- d-----w- c:\windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{D5490210-C58C-4919-A9B7-65928FBA8033}

2011-03-23 23:51 . 2011-03-23 23:51 -------- d-----w- c:\windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{53FA9915-7EE0-4A6A-81E1-E1B7A0041DAE}

2011-03-23 23:51 . 2011-03-23 23:51 -------- d-----w- c:\windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{BD67076B-1F36-4213-9A14-969A8C10E56C}

2011-03-23 23:35 . 2011-03-23 23:35 -------- d-----w- C:\found.001

2011-03-21 15:52 . 2011-03-21 15:52 -------- d-----w- C:\found.000

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-03-20 06:11 . 2010-05-06 14:55 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2011-03-20 06:10 . 2010-05-19 18:07 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2011-03-20 06:10 . 2010-05-06 14:54 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2011-03-16 18:31 . 2011-02-18 06:54 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-5\Microsoft.MediaCenter.Sports.UI.dll

2011-03-13 13:29 . 2010-06-24 16:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-03-10 18:09 . 2011-03-10 18:09 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-7\markup.dll

2011-03-10 18:07 . 2010-06-04 00:59 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2011-03-06 06:34 . 2010-05-06 14:55 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2011-02-22 06:29 . 2011-02-22 06:29 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-6\markup.dll

2011-02-20 18:04 . 2010-02-18 11:04 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2011-02-20 18:04 . 2010-02-18 11:04 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2011-02-19 20:31 . 2010-05-08 06:32 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2011-02-15 23:56 . 2010-07-05 06:47 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2011-02-03 02:40 . 2010-05-05 02:52 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-01-26 06:53 . 2011-02-20 16:41 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-01-26 06:53 . 2011-02-20 16:41 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2011-01-26 06:31 . 2011-02-20 16:41 144384 ----a-w- c:\windows\system32\cdd.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-10-05 80384]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-27 320880]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]

"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]

"nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]

"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 136544]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-11-22 1484856]

"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2011-02-20 273544]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2010-09-10 99696]

"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-01-28 526336]

"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-09-16 104408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"GrpConv"="grpconv -o" [X]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2009-12-01 03:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]

R2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 135664]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2011-02-16 101048]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]

R2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2010-06-24 46080]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]

R2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]

R2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]

R2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]

R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]

R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-09-27 864000]

R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-10-25 549168]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]

R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-09-17 167424]

R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-09-27 303872]

R3 TVICHW64;TVICHW64;c:\windows\system32\DRIVERS\TVICHW64.SYS [x]

R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-12-01 571248]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152]

R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-06-09 1223024]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]

R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]

S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-14 245352]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - KLMD25

*Deregistered* - klmd25

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2011-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 13:42]

.

2011-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 13:42]

.

2011-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3742009753-1323018794-3662728572-1005Core.job

- c:\users\My\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-01 02:18]

.

2011-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3742009753-1323018794-3662728572-1005UA.job

- c:\users\My\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-01 02:18]

.

2011-04-12 c:\windows\Tasks\RMSchedule.job

- c:\program files (x86)\Registry Mechanic\RegMech.exe [2011-04-12 15:26]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-02 16395880]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-20 11106408]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-26 2184520]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2009-07-14 415232]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: {F080DE39-A95A-4ECD-9EF4-659C412F3AD6} = 8.10.7.142

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

FF - ProfilePath - c:\users\My\AppData\Roaming\Mozilla\Firefox\Profiles\gpp8nyiv.default\

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&p=

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&p=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files (x86)\McAfee\SiteAdvisor

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKLM-Run-StandardKeyboard - c:\windows\Wireless\Wireless.exe

Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file)

HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-The Weather Channel Desktop 6 - c:\program files (x86)\The Weather Channel FW\Desktop\TheWeatherChannelCustomUninstall.exe

AddRemove-Uniblue RegistryBooster - c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe

AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_3_162_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_3_162_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-04-17 22:02:29

ComboFix-quarantined-files.txt 2011-04-18 02:02

.

Pre-Run: 125,901,479,936 bytes free

Post-Run: 137,314,709,504 bytes free

.

- - End Of File - - 8BD9975C92C3E3ACC432CCB0C2BAF7E0

Link to post
Share on other sites

Launch Malwarebytes' Anti-Malware

  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Run ESET Online Scan

  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the esetOnline.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.

    3. Check esetAcceptTerms.png
    4. Click the esetStart.png button.
    5. Accept any security warnings from your browser.
    6. Check esetScanArchives.png
    7. Push the Start button.
    8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    9. When the scan completes, push esetListThreats.png
    10. Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    11. Push the esetBack.png button.
    12. Push esetFinish.png

      You can refer to this animation by neomage if needed.
Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6400

Windows 6.1.7600 (Safe Mode)

Internet Explorer 8.0.7600.16385

4/19/2011 7:16:55 PM

mbam-log-2011-04-19 (19-16-55).txt

Scan type: Quick scan

Objects scanned: 211916

Time elapsed: 4 minute(s), 21 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Matt, I've tried to run the ESET scan 4 times. Each time, it gets about 3 hours into the scan, I get the blue screen of death, and the machine recycles. The first time, I saw that it found 3 adware programs and a trojan downloader, but I didn't catch the specific names. When the machine recycled, the ESET program appeared to quarantine the files, so I deleted them, but I never got a log file to post. Any suggestions?

Thank you for all of your support!

Gary

Link to post
Share on other sites

Hi Gary,

You're welcome :)

We will try a different scanner that should clean up any remaining infection, since ESET Online Scanner had some issues.

Please download Dr.Web CureIt . Save it to your desktop:

  • Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in the pop-up window to allow the scan.
  • This will scan the files currently running in memory and if something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, select Complete scan.
  • Click the green arrow drweb.jpg at the right, and the scan will start.
  • Click Yes to all if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click File and choose Save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Note:this report may need to be renamed to Dr.Web.txt in order to post it on the forum.
  • Please post the Dr.Web.txt report in your next reply
  • Close Dr.Web Cureit.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on the X in the upper right corner.

Link to post
Share on other sites

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This changed from what we know in 2006 read this article:

http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Click on start > run > and then paste the following into the "open" field: appwiz.cpl and press OK. From within Add or Remove Programs uninstall the following if they exist: Viewpoint, Viewpoint Manager, Viewpoint Media Player.

Download TFC by OldTimer to your desktop

  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Link to post
Share on other sites

Getting user folders.

Stopping running processes.

Emptying Temp folders.

User: All Users

->Temp folder emptied: 0 bytes

-> No Temporary Internet Files cache folder defined!

User: Default

-> No Temporary Internet Files cache folder defined!

User: Default User

-> No Temporary Internet Files cache folder defined!

User: Guest

-> No Temporary Internet Files cache folder defined!

User: Matthew

-> No Temporary Internet Files cache folder defined!

User: Mom

-> No Temporary Internet Files cache folder defined!

User: My

-> No Temporary Internet Files cache folder defined!

User: Public

-> No Temporary Internet Files cache folder defined!

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 1197806 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 0 bytes

Process complete!

Total Files Cleaned = 1.00 mb

Link to post
Share on other sites

In reviewing my hardware settings after following your last advice, I found one thing under problem devices. I don't know if its noteworthy or not but it read:

Security processor loader driver Root\legacy _ SPLDR\0000 This device is not present,not working properly, on not...

Link to post
Share on other sites

These are the tasks running under safe mode:

csrss.exe c:\windows\system32\csrss.exe 424 13 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 7.50 KB (7,680 bytes) 7/13/2009 7:19 PM

csrss.exe c:\windows\system32\csrss.exe 460 13 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 7.50 KB (7,680 bytes) 7/13/2009 7:19 PM

ctfmon.exe c:\windows\system32\ctfmon.exe 612 8 200 1380 4/24/2011 10:17 AM 6.1.7600.16385 9.50 KB (9,728 bytes) 7/13/2009 7:39 PM

explorer.exe c:\windows\explorer.exe 1956 8 200 1380 4/24/2011 10:16 AM 6.1.7600.16450 2.74 MB (2,870,272 bytes) 3/8/2010 9:48 PM

helppane.exe c:\windows\helppane.exe 1568 8 200 1380 4/24/2011 10:17 AM 6.1.7600.16385 716.50 KB (733,696 bytes) 7/13/2009 8:29 PM

lsass.exe c:\windows\system32\lsass.exe 568 9 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 30.50 KB (31,232 bytes) 7/13/2009 7:20 PM

lsm.exe c:\windows\system32\lsm.exe 576 8 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 325.50 KB (333,312 bytes) 7/13/2009 8:17 PM

mcagent.exe c:\progra~1\mcafee.com\agent\mcagent.exe 1860 8 200 1380 4/24/2011 10:19 AM 10.5.216.0 1.42 MB (1,484,856 bytes) 1/27/2011 1:30 PM

mcsvhost.exe c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe 1208 8 200 1380 4/24/2011 10:16 AM 1.5.109.0 347.11 KB (355,440 bytes) 1/27/2011 1:29 PM

mfefire.exe c:\program files\common files\mcafee\systemcore\mfefire.exe 1172 8 200 1380 4/24/2011 10:16 AM 14.2.0.940 239.60 KB (245,352 bytes) 1/27/2011 1:30 PM

mfevtps.exe c:\windows\system32\mfevtps.exe 1028 8 200 1380 4/24/2011 10:16 AM 14.2.0.940 145.54 KB (149,032 bytes) 1/27/2011 1:29 PM

msinfo32.exe c:\windows\system32\msinfo32.exe 1720 8 200 1380 4/24/2011 10:17 AM 6.1.7600.16385 370.00 KB (378,880 bytes) 7/13/2009 7:31 PM

services.exe c:\windows\system32\services.exe 560 9 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 321.00 KB (328,704 bytes) 7/13/2009 7:19 PM

smss.exe Not Available 280 11 200 1380 4/24/2011 10:14 AM Not Available Not Available Not Available

svchost.exe c:\windows\system32\svchost.exe 672 8 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 26.50 KB (27,136 bytes) 7/13/2009 7:31 PM

svchost.exe c:\windows\system32\svchost.exe 748 8 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 26.50 KB (27,136 bytes) 7/13/2009 7:31 PM

svchost.exe c:\windows\system32\svchost.exe 836 8 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 26.50 KB (27,136 bytes) 7/13/2009 7:31 PM

svchost.exe c:\windows\system32\svchost.exe 880 8 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 26.50 KB (27,136 bytes) 7/13/2009 7:31 PM

svchost.exe c:\windows\system32\svchost.exe 932 8 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 26.50 KB (27,136 bytes) 7/13/2009 7:31 PM

svchost.exe c:\windows\system32\svchost.exe 988 8 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 26.50 KB (27,136 bytes) 7/13/2009 7:31 PM

svchost.exe c:\windows\system32\svchost.exe 1016 8 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 26.50 KB (27,136 bytes) 7/13/2009 7:31 PM

svchost.exe c:\windows\system32\svchost.exe 976 8 200 1380 4/24/2011 10:16 AM 6.1.7600.16385 26.50 KB (27,136 bytes) 7/13/2009 7:31 PM

svchost.exe c:\windows\system32\svchost.exe 1288 8 200 1380 4/24/2011 10:16 AM 6.1.7600.16385 26.50 KB (27,136 bytes) 7/13/2009 7:31 PM

system Not Available 4 8 Not Available Not Available 4/24/2011 10:14 AM Not Available Not Available Not Available

system idle process Not Available 0 0 Not Available Not Available Not Available Not Available Not Available Not Available

wininit.exe c:\windows\system32\wininit.exe 468 13 200 1380 4/24/2011 10:14 AM 6.1.7600.16385 126.00 KB (129,024 bytes) 7/13/2009 7:52 PM

winlogon.exe c:\windows\system32\winlogon.exe 496 13 200 1380 4/24/2011 10:14 AM 6.1.7600.16447 380.50 KB (389,632 bytes) 3/8/2010 9:48 PM

wmiprvse.exe c:\windows\system32\wbem\wmiprvse.exe 1132 8 200 1380 4/24/2011 10:17 AM 6.1.7600.16385 360.00 KB (368,640 bytes) 7/13/2009 7:47 PM

wmiprvse.exe c:\windows\system32\wbem\wmiprvse.exe 1420 8 200 1380 4/24/2011 10:29 AM 6.1.7600.16385 360.00 KB (368,640 bytes) 7/13/2009 7:47 PM

Link to post
Share on other sites

I am finally able to log on without booting to safe mode. My main profile password is still invalid so I can't log on as administrator. The rest of my profile won't allow me to access administrator permissions so I can't run any of the above prescribed software to dislodge whatever is causing this mess. Everything I've run so far, I ran from safe mode, so the repair software apparently isn't accessing the problem.

I really appreciate your patience and help so far! Any further suggestions would be much appreciated too.

Link to post
Share on other sites

Newest OTL txt file:

OTL logfile created on: 4/25/2011 10:02:09 PM - Run 2

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Guest\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: | Country: | Language: | Date Format:

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free

8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 457.21 Gb Total Space | 127.37 Gb Free Space | 27.86% Space Free | Partition Type: NTFS

Computer Name: MY-VAIO | User Name: My | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Guest\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\SeaMonkey\seamonkey.exe (mozilla.org)

PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

PRC - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)

PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)

PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)

PRC - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe ()

PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe (Trend Micro Inc.)

PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe ()

PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe ()

PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe ()

PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)

PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)

PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)

PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)

PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Users\Guest\Downloads\OTL.exe (OldTimer Tools)

MOD - c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)

SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)

SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)

SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)

SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()

SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)

SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)

SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)

SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)

SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)

SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)

SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)

SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)

SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)

SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)

SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)

SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)

SRV - (Oasis2Service) -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe ()

SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (IAStorDataMgrSvc) Intel® -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)

SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)

SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)

SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)

SRV - (nmservice) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)

SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)

SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)

SRV - (AOL ACS) -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)

========== Driver Services (SafeList) ==========

DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)

DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)

DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)

DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)

DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)

DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)

DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)

DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)

DRV:64bit: - (UimBus) -- C:\Windows\SysNative\drivers\uimx64.sys (Windows ® 2000 DDK provider)

DRV:64bit: - (Uim_IM) -- C:\Windows\SysNative\drivers\Uim_IMx64.sys (Paragon)

DRV:64bit: - (hotcore3) -- C:\Windows\SysNative\drivers\hotcore3.sys (Paragon Software Group)

DRV:64bit: - (TVICHW64) -- C:\Windows\SysNative\drivers\TVicHW64.sys (EnTech Taiwan)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)

DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)

DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)

DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)

DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)

DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)

DRV:64bit: - (purendis) -- C:\Windows\SysNative\drivers\purendis.sys (Cisco Systems, Inc.)

DRV:64bit: - (pnarp) -- C:\Windows\SysNative\drivers\pnarp.sys (Cisco Systems, Inc.)

DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)

DRV:64bit: - (grmnusb) -- C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.)

DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)

DRV:64bit: - (wanatw) WAN Miniport (ATW) -- C:\Windows\SysNative\drivers\wanatw64.sys (America Online, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "engine://C%3A%5CProgram%20Files%20%28x86%29%5CSeaMonkey%5Csearchplugins%5Cgoogle.src"

FF - prefs.js..browser.startup.homepage: "http://www.google.com"

FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.4

FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.85

FF - prefs.js..extensions.enabledItems: {f13b157f-b174-47e7-a34d-4815ddfdfeb8}:0.9.87.4

FF - prefs.js..extensions.enabledItems: modern@themes.mozilla.org:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/11 14:34:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/02/20 14:05:32 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/04/23 15:22:17 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/02/20 14:05:24 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/20 16:57:00 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\SeaMonkey 2.0.13\extensions\\Components: C:\Program Files (x86)\SeaMonkey\components [2011/04/14 20:12:55 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\SeaMonkey 2.0.13\extensions\\Plugins: C:\Program Files (x86)\SeaMonkey\plugins [2011/03/23 21:31:15 | 000,000,000 | ---D | M]

[2011/03/09 21:56:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/11/23 17:37:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/02/20 17:01:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/03/23 21:31:19 | 000,000,000 | ---D | M] (ChatZilla) -- C:\PROGRAM FILES (X86)\SEAMONKEY\EXTENSIONS\{59C81DF5-4B7A-477B-912D-4E0FDF64E5F2}

[2011/03/23 21:31:19 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\PROGRAM FILES (X86)\SEAMONKEY\EXTENSIONS\{F13B157F-B174-47E7-A34D-4815DDFDFEB8}

[2011/03/23 21:31:19 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\SEAMONKEY\EXTENSIONS\INSPECTOR@MOZILLA.ORG

[2010/10/13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll

[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/04/17 22:00:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110127133008.dll (McAfee, Inc.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)

O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - No CLSID value found.

O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.

O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.

O2 - BHO: (no name) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - No CLSID value found.

O2 - BHO: (no name) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - No CLSID value found.

O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.

O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.

O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.

O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.

O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.

O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)

O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)

O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)

O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

O4 - HKLM..\Run: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)

O4 - HKLM..\Run: [smartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)

O4 - HKLM..\Run: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)

O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

O4:64bit: - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\SysNative\WerFault.exe (Microsoft Corporation)

O4 - HKLM..\RunOnce: [] File not found

O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)

O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)

O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)

O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/25 21:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

[2011/04/24 13:53:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2011/04/24 11:21:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2011/04/24 11:21:02 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN

[2011/04/21 21:24:45 | 000,000,000 | ---D | C] -- C:\Users\My\DoctorWeb

[2011/04/19 19:23:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011/04/17 21:46:48 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2011/04/17 21:46:48 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2011/04/17 21:46:48 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2011/04/17 21:45:17 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2011/04/17 21:44:51 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011/04/17 21:44:51 | 000,000,000 | ---D | C] -- \Qoobox

[2011/04/17 21:44:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2011/04/17 21:44:35 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW

[2011/04/17 21:44:35 | 000,000,000 | ---D | C] -- \32788R22FWJFW

[2011/04/16 16:06:26 | 000,000,000 | ---D | C] -- C:\_OTL

[2011/04/16 16:06:26 | 000,000,000 | ---D | C] -- \_OTL

[2011/04/16 09:36:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\%LocalAppData%

[2011/04/11 23:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue

[2011/04/11 22:00:53 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx

[2011/04/11 22:00:53 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx

[2011/04/11 22:00:53 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx

[2011/04/11 22:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Mechanic

[2011/04/11 22:00:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools

[2011/04/11 22:00:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Registry Mechanic

[2011/04/11 21:59:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\%LOCALAPPDATA%

[2011/04/06 07:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

========== Files - Modified Within 30 Days ==========

[2011/04/25 22:29:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/04/25 22:28:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3742009753-1323018794-3662728572-1005UA.job

[2011/04/25 21:57:05 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/04/25 21:57:02 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/04/25 21:25:26 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/04/25 21:24:40 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk

[2011/04/25 21:16:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/04/25 21:15:58 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/25 00:28:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3742009753-1323018794-3662728572-1005Core.job

[2011/04/24 11:31:36 | 417,744,975 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2011/04/24 10:42:05 | 000,817,648 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/04/24 10:42:05 | 000,689,490 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/04/24 10:42:05 | 000,130,444 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/04/19 23:23:02 | 000,001,441 | ---- | M] () -- C:\Users\My\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2011/04/19 18:56:49 | 000,001,137 | ---- | M] () -- C:\Users\My\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk

[2011/04/17 22:00:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2011/04/16 17:01:22 | 000,416,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/04/14 18:35:48 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/04/11 22:03:23 | 000,040,960 | ---- | M] () -- C:\Users\My\s-1-5-21-3742009753-1323018794-3662728572-1005.rrr

[2011/04/11 22:01:42 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job

[2011/04/11 22:00:53 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk

[2011/04/06 07:13:17 | 000,002,178 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

========== Files Created - No Company Name ==========

[2011/04/24 11:38:19 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk

[2011/04/17 21:46:48 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2011/04/17 21:46:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2011/04/17 21:46:48 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe

[2011/04/17 21:46:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2011/04/17 21:46:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2011/04/14 19:48:12 | 000,001,137 | ---- | C] () -- C:\Users\My\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk

[2011/04/11 22:03:23 | 000,040,960 | ---- | C] () -- C:\Users\My\s-1-5-21-3742009753-1323018794-3662728572-1005.rrr

[2011/04/11 22:01:42 | 000,000,260 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job

[2011/04/11 22:00:53 | 000,040,408 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe

[2011/04/11 22:00:53 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk

[2011/03/20 15:25:45 | 000,003,969 | ---- | C] () -- C:\Windows\checkip.dat

[2010/11/11 15:05:33 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\PROTOCOL.INI

[2010/11/04 16:52:29 | 000,655,171 | ---- | C] () -- C:\Windows\hpoins16.dat.temp

[2010/11/04 16:52:28 | 000,003,770 | ---- | C] () -- C:\Windows\hpomdl16.dat.temp

[2010/08/11 14:26:53 | 000,221,355 | ---- | C] () -- C:\Windows\hpoins19.dat

[2010/08/11 14:26:53 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat

[2010/08/02 21:55:42 | 000,048,425 | ---- | C] () -- C:\Program Files (x86)\EULA.eng

[2010/04/14 09:12:50 | 000,225,907 | ---- | C] () -- \test.xml

[2010/03/27 12:34:27 | 000,000,000 | ---- | C] () -- C:\Windows\Dssole.INI

[2010/03/13 10:55:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/03/12 22:18:00 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat

[2010/03/07 19:18:17 | 4209,078,272 | -HS- | C] () --

[2010/03/07 19:18:01 | 3156,807,680 | -HS- | C] () --

[2009/12/11 10:12:56 | 000,819,664 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2007/11/07 08:53:12 | 000,242,176 | ---- | C] () -- \VC_RED.MSI

[2007/11/07 08:50:40 | 001,927,956 | ---- | C] () -- \VC_RED.cab

[2007/11/07 08:44:20 | 000,096,272 | ---- | C] () -- \install.res.1036.dll

[2007/11/07 08:44:20 | 000,095,248 | ---- | C] () -- \install.res.3082.dll

[2007/11/07 08:44:20 | 000,095,248 | ---- | C] () -- \install.res.1031.dll

[2007/11/07 08:44:20 | 000,094,224 | ---- | C] () -- \install.res.1040.dll

[2007/11/07 08:44:20 | 000,090,128 | ---- | C] () -- \install.res.1033.dll

[2007/11/07 08:44:20 | 000,080,400 | ---- | C] () -- \install.res.1041.dll

[2007/11/07 08:44:20 | 000,078,864 | ---- | C] () -- \install.res.1042.dll

[2007/11/07 08:44:20 | 000,075,280 | ---- | C] () -- \install.res.1028.dll

[2007/11/07 08:44:20 | 000,074,768 | ---- | C] () -- \install.res.2052.dll

[2007/11/07 08:00:40 | 000,005,686 | ---- | C] () -- \vcredist.bmp

[2007/11/07 08:00:40 | 000,001,110 | ---- | C] () -- \globdata.ini

[2007/11/07 08:00:40 | 000,000,843 | ---- | C] () -- \install.ini

[2007/01/10 09:44:26 | 001,457,024 | ---- | C] () -- C:\Windows\SysWow64\SSCProt.dll

========== LOP Check ==========

[2011/04/11 22:01:42 | 000,000,260 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job

[2011/04/16 16:11:57 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

Hi coffman1809,

Run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - No CLSID value found.
    O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
    O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
    O2 - BHO: (no name) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - No CLSID value found.
    O2 - BHO: (no name) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - No CLSID value found.
    O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.
    O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
    O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
    O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
    O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
    O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
    O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No CLSID value found.
    O4 - HKLM..\RunOnce: [] File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done

Link to post
Share on other sites

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0347C33E-8762-4905-BF09-768834316C61}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ef64538-8b54-4573-b48f-4d34b0238ab2}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3ef64538-8b54-4573-b48f-4d34b0238ab2}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.

========== COMMANDS ==========

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

->Temp folder emptied: 0 bytes

-> No Temporary Internet Files cache folder defined!

->Flash cache emptied: 41 bytes

User: Default

-> No Temporary Internet Files cache folder defined!

User: Default User

-> No Temporary Internet Files cache folder defined!

User: Guest

-> No Temporary Internet Files cache folder defined!

User: Matthew

-> No Temporary Internet Files cache folder defined!

User: Mom

-> No Temporary Internet Files cache folder defined!

User: My

-> No Temporary Internet Files cache folder defined!

User: Public

-> No Temporary Internet Files cache folder defined!

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 2488700 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50157 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 2.00 mb

[EMPTYFLASH]

User: All Users

->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Guest

User: Matthew

User: Mom

User: My

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.22.3 log created on 04262011_212937

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.