cant access microsoft nor antispyware sites

Sony / Pcg-583p
March 24, 2010 at 05:19:24
Specs: Windows XP, /512 RAM
hey all, for a while now (i think after i downloaded AVG) i havent been able to access microsoft.com nor any of its support sites and any antivirus site. ive been reading through many forums to no avail can anyone help?

See More: cant access microsoft nor antispyware sites

Report •

#1
March 24, 2010 at 05:44:16
I don't think it is avg..I never had this problem and I do not have avg ..Which I have had in the past...I cannot access any antivirus , microsoft or windows update either and when I try to go to a fix I get redirected to stupid pages...Waiting for some help myself..Still going nuts..Hopefully someone will know what to do..I have ran tons of different scan..I was told to be patience..

Report •

#2
March 25, 2010 at 05:08:17
I would maybe try hitman It worked for me...But I have AVG and it is working fine..I was having same problems as well now I can get into everything.

Report •

#3
March 26, 2010 at 12:04:29
If you had Norton or McAfee installed earlier on your PC you have to go to THEIR websites and use their uninstaller. Just uninstalling from add/remove leaves tons of junk in the registry and no other anti-virus or firewall will work correctly.

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

Related Solutions

#4
March 26, 2010 at 18:20:17
@razzmataz- hitman deleted some unwanted trojans on my comp, but i still cant access any of the sites. tks anyway

@Xpuser4real- good idea, but i cant access norton/mcfee website ;D


Report •

#5
March 26, 2010 at 19:51:40
If you found trojans something may have been reset by them.

Please download OTL from following site:

OTL by OldTimer

1. Save it to your desktop
2. Double click the OTL icon on your desktop.
3. Click the “scan all users” checkbox.
4. Push the “run scan” button.
5. Two reports will open, copy and paste them in a reply here:
OTL.txt <-- Will be opened
Extra.txt <-- Will be minimized



Report •

#6
March 27, 2010 at 04:10:23
okay heres part 1/2 for OTL---> this site for some reason doesnt want to post up the whole file O_o

OTL logfile created on: 3/27/2010 9:52:37 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Danny\My Documents
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.00 Mb Total Physical Memory | 119.00 Mb Available Physical Memory | 24.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 2.72 Gb Free Space | 19.46% Space Free | Partition Type: NTFS
Drive D: | 23.29 Gb Total Space | 10.98 Gb Free Space | 47.14% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WILSON
Current User Name: Danny
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010/03/27 21:52:23 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danny\My Documents\OTL.exe
PRC - [2009/11/24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009/02/06 19:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009/02/06 18:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/01/14 18:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/07/01 09:02:28 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2008/07/01 09:01:04 | 001,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2007/06/13 21:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/12/01 18:04:00 | 000,712,704 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch\Utils\OneTouch.exe
PRC - [2005/09/21 16:40:46 | 000,073,728 | ---- | M] (EMC Dantz) -- C:\Program Files\Retrospect\Retrospect Express HD 1.1\retrorun.exe
PRC - [2005/04/13 04:48:52 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
PRC - [2005/03/17 15:25:54 | 000,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2004/07/10 05:14:58 | 000,122,880 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKServ.exe
PRC - [2004/07/10 05:13:12 | 000,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKWnd.exe
PRC - [2004/07/01 14:03:00 | 000,106,496 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2004/06/30 15:45:12 | 000,180,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2003/05/16 10:41:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\point32.exe
PRC - [2002/09/21 09:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2002/03/15 10:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010/03/27 21:52:23 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danny\My Documents\OTL.exe
MOD - [2006/08/26 02:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - File not found [On_Demand | Stopped] -- -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - File not found [On_Demand | Stopped] -- -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - File not found [On_Demand | Stopped] -- -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - File not found [On_Demand | Stopped] -- -- (VAIO Entertainment UPnP Client Adapter)
SRV - File not found [On_Demand | Stopped] -- -- (VAIO Entertainment TV Device Arbitration Service)
SRV - File not found [On_Demand | Stopped] -- -- (VAIO Entertainment Task Scheduler)
SRV - File not found [On_Demand | Stopped] -- -- (VAIO Entertainment Aggregation and Control Service)
SRV - File not found [Auto | Stopped] -- -- (Symantec Core LC)
SRV - File not found [Auto | Stopped] -- -- (SPBBCSvc)
SRV - File not found [Auto | Stopped] -- -- (SNDSrvc)
SRV - File not found [On_Demand | Stopped] -- -- (SAVScan)
SRV - File not found [Auto | Stopped] -- -- (RetroExp Helper)
SRV - File not found [On_Demand | Stopped] -- -- (NSCService)
SRV - File not found [Auto | Stopped] -- -- (navapsvc)
SRV - File not found [On_Demand | Stopped] -- -- (IDriverT)
SRV - File not found [On_Demand | Stopped] -- -- (comHost)
SRV - File not found [Auto | Stopped] -- -- (ccSetMgr)
SRV - File not found [Auto | Stopped] -- -- (ccProxy)
SRV - File not found [On_Demand | Stopped] -- -- (ccISPwdSvc)
SRV - File not found [Auto | Stopped] -- -- (ccEvtMgr)
SRV - File not found [Disabled | Stopped] -- -- (avgfws8)
SRV - File not found [Disabled | Stopped] -- -- (avg8wd)
SRV - File not found [Auto | Stopped] -- -- (Automatic LiveUpdate Scheduler)
SRV - File not found [Auto | Stopped] -- -- (559BBC30)
SRV - [2009/01/14 18:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/07/01 09:08:00 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2008/07/01 09:02:28 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008/02/21 17:48:00 | 000,376,832 | ---- | M] (MobileLeader) [On_Demand | Stopped] -- D:\Program Files\Samsung\Samsung PC Studio 3\LiveUpdate.exe -- (LiveUpdate)
SRV - [2005/09/21 16:40:46 | 000,073,728 | ---- | M] (EMC Dantz) [Auto | Running] -- C:\Program Files\Retrospect\Retrospect Express HD 1.1\retrorun.exe -- (RetroExpLauncher)
SRV - [2002/09/21 09:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009/09/17 15:21:53 | 000,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\avgfwdx.dll -- (Avgfwdx)
DRV - [2008/10/23 14:56:24 | 000,000,071 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\Partizan.RRI -- (Partizan)
DRV - [2008/07/01 09:04:40 | 000,034,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2008/07/01 08:57:14 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2008/07/01 08:56:22 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/01/17 10:18:54 | 000,115,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2006/08/07 17:02:26 | 000,195,776 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2006/08/07 17:02:22 | 000,024,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2006/08/07 17:02:18 | 000,031,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2006/08/07 17:02:14 | 000,028,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2006/08/07 17:02:02 | 000,110,784 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2006/08/07 17:01:56 | 000,012,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/02/12 16:17:55 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/01/19 04:17:38 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/01/18 23:44:46 | 000,053,248 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2004/10/15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/05/21 15:46:50 | 000,065,024 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
DRV - [2004/03/08 05:43:10 | 001,657,344 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w22n51.sys -- (w22n51) Intel(R)
DRV - [2003/10/14 18:08:22 | 000,197,120 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2003/10/14 18:05:48 | 000,679,808 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/10/14 18:04:16 | 001,043,072 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/29 15:31:38 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/03/05 12:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PfModNT.sys -- (PfModNT)
DRV - [2002/08/20 13:59:32 | 000,071,961 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyPI.sys -- (SPI)
DRV - [2000/12/06 10:18:02 | 000,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 21:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.co...
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.co...
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.co...

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.co...

IE - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={sea...
IE - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gllod.com
IE - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
IE - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2009/01/28 16:20:19 | 000,000,022 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Internet Security 2006) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll File not found
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
O3 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\..\Toolbar\WebBrowser: (Norton Internet Security 2006) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\..\Toolbar\WebBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe File not found
O4 - HKLM..\Run: [BearShare] D:\Program Files\BearShare\BearShare.exe File not found
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe File not found
O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35[1].exe (SurfRight B.V.)
O4 - HKLM..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe (Sony Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe File not found
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\point32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] D:\Program Files\iTunes\iTunesHelper.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe (Maxtor Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe File not found
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKLM..\Run: [stgclean] c:\sdwork\w32main2.exe (IBM Global Services)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIO Update 2] C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe File not found
O4 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006..\Run: [] File not found
O4 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe File not found
O4 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [POSTRBT] File not found
O4 - HKU\S-1-5-18..\RunOnce: [POSTRBT] File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe File not found
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe File not found
O4 - Startup: C:\Documents and Settings\Tuty\Start Menu\Programs\Startup\E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-4283222541-2502887446-2348235212-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Danny\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/... (Shockwave ActiveX Control)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://www.facebook.com/fbplugin/wi... (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr0... (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windows... (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/Div... (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls... (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-03.sun.com/s/ESD5/JS... (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/ji... (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/ji... (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/g... (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 211.29.152.116 198.142.0.51 211.29.132.12
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Danny\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Danny\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/25 08:14:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\{11fea75e-54b2-11dd-80c0-000e357c4ced}\Shell - "" = AutoRun
O33 - MountPoints2\{11fea75e-54b2-11dd-80c0-000e357c4ced}\Shell\Auto\command - "" = G:\auto.exe -- File not found
O33 - MountPoints2\{11fea75e-54b2-11dd-80c0-000e357c4ced}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{27922947-5fe1-11de-8114-000e357c4ced}\Shell\AutoRun\command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{27922947-5fe1-11de-8114-000e357c4ced}\Shell\explore\Command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{27922947-5fe1-11de-8114-000e357c4ced}\Shell\open\Command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{45b8c7b6-f42b-11dd-8102-000e357c4ced}\Shell\AutoRun\command - "" = e.cmd
O33 - MountPoints2\{45b8c7b6-f42b-11dd-8102-000e357c4ced}\Shell\explore\Command - "" = e.cmd
O33 - MountPoints2\{45b8c7b6-f42b-11dd-8102-000e357c4ced}\Shell\open\Command - "" = e.cmd
O33 - MountPoints2\{4c3e20e7-8a34-11d9-bccb-000e357c4ced}\Shell\AutoRun\command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{4c3e20e7-8a34-11d9-bccb-000e357c4ced}\Shell\explore\Command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{4c3e20e7-8a34-11d9-bccb-000e357c4ced}\Shell\open\Command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{4ed5f8e0-be9f-11dd-80f1-000e357c4ced}\Shell\AutoRun\command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{4ed5f8e0-be9f-11dd-80f1-000e357c4ced}\Shell\explore\Command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{4ed5f8e0-be9f-11dd-80f1-000e357c4ced}\Shell\open\Command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{76159b51-d64f-11dd-80f9-000e357c4ced}\Shell\AutoRun\command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{76159b51-d64f-11dd-80f9-000e357c4ced}\Shell\explore\Command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{76159b51-d64f-11dd-80f9-000e357c4ced}\Shell\open\Command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{86c63652-7db7-11dd-80c9-000e357c4ced}\Shell - "" = AutoRun
O33 - MountPoints2\{86c63652-7db7-11dd-80c9-000e357c4ced}\Shell\Auto\command - "" = G:\auto.exe -- File not found
O33 - MountPoints2\{86c63652-7db7-11dd-80c9-000e357c4ced}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{916da1e1-f6e5-11dc-8094-000e357c4ced}\Shell - "" = AutoRun
O33 - MountPoints2\{916da1e1-f6e5-11dc-8094-000e357c4ced}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{916da1e1-f6e5-11dc-8094-000e357c4ced}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{916da1e2-f6e5-11dc-8094-000e357c4ced}\Shell\AutoRun\command - "" = RESTORE\k-1-3542-4232123213-7676767-8888886\RanDll.exe
O33 - MountPoints2\{916da1e2-f6e5-11dc-8094-000e357c4ced}\Shell\open\command - "" = RESTORE\k-1-3542-4232123213-7676767-8888886\RanDll.exe
O33 - MountPoints2\{a658e047-117d-11df-8128-000e357c4ced}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\{ab7e8a23-9264-11db-bf68-000e357c4ced}\Shell - "" = AutoRun
O33 - MountPoints2\{ab7e8a23-9264-11db-bf68-000e357c4ced}\Shell\Auto\command - "" = G:\auto.exe -- File not found
O33 - MountPoints2\{ab7e8a23-9264-11db-bf68-000e357c4ced}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8406113-ff7d-11da-bec0-000e357c4ced}\Shell\AutoRun\command - "" = I:\e.cmd -- File not found
O33 - MountPoints2\{d8406113-ff7d-11da-bec0-000e357c4ced}\Shell\explore\Command - "" = I:\e.cmd -- File not found
O33 - MountPoints2\{d8406113-ff7d-11da-bec0-000e357c4ced}\Shell\open\Command - "" = I:\e.cmd -- File not found
O33 - MountPoints2\{ec5fc528-ecfb-11dd-8101-000e357c4ced}\Shell\AutoRun\command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{ec5fc528-ecfb-11dd-8101-000e357c4ced}\Shell\explore\Command - "" = G:\e.cmd -- File not found
O33 - MountPoints2\{ec5fc528-ecfb-11dd-8101-000e357c4ced}\Shell\open\Command - "" = G:\e.cmd -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (Partiza) - File not found
O34 - HKLM BootExecute: (bootdelete) - C:\WINDOWS\System32\bootdelete.exe (SurfRight B.V.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Report •

#7
March 27, 2010 at 04:11:04
and following on from that OTL part 2

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010/03/27 21:52:13 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Danny\My Documents\OTL.exe
[2010/03/27 12:18:02 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/03/27 12:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/03/27 11:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/03/23 22:04:03 | 000,991,232 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\W22MLRES.DLL
[2010/03/23 22:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/03/17 22:45:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danny\Application Data\skypePM
[2010/03/17 22:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/03/17 22:41:32 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/03/06 14:09:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/02/25 21:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/10/30 22:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/10/29 22:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/10/29 22:29:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/09/20 23:25:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/09/20 23:25:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/11/13 16:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2007/12/04 20:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Sony Corporation
[2007/02/20 20:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Webroot
[2006/02/13 21:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2006/01/30 08:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010/03/27 21:53:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/03/27 21:52:23 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danny\My Documents\OTL.exe
[2010/03/27 17:00:21 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/27 12:18:03 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/03/27 12:18:02 | 000,000,468 | ---- | M] () -- C:\WINDOWS\System32\bootdelete.lst
[2010/03/27 12:10:40 | 000,015,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/03/27 12:00:13 | 000,001,688 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hitman Pro 3.5.lnk
[2010/03/25 23:00:03 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/24 23:19:41 | 007,602,176 | -H-- | M] () -- C:\Documents and Settings\Danny\NTUSER.DAT
[2010/03/23 22:12:56 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\NSSstub.job
[2010/03/23 22:09:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/23 22:08:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/23 22:08:49 | 526,897,152 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/23 22:06:21 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Danny\ntuser.ini
[2010/03/23 21:42:16 | 000,011,460 | ---- | M] () -- C:\Documents and Settings\Danny\My Documents\xpnetdiag.xml
[2010/03/21 19:05:44 | 000,001,597 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/17 23:34:42 | 000,118,521 | ---- | M] () -- C:\Documents and Settings\Danny\My Documents\ct_doubtingthomas1.pdf
[2010/03/17 22:45:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/17 22:41:43 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/14 14:44:31 | 003,191,318 | ---- | M] () -- C:\Documents and Settings\Danny\Local Settings\Application Data\IconCache.db
[2010/03/11 16:29:07 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Danny\My Documents\Form_VI_Personal_Details_Form[1].DOC
[2010/02/27 11:02:37 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Conquerors.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010/03/27 12:18:01 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\bootdelete.lst
[2010/03/27 12:10:40 | 000,015,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/03/27 12:00:13 | 000,001,688 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Hitman Pro 3.5.lnk
[2010/03/23 21:42:16 | 000,011,460 | ---- | C] () -- C:\Documents and Settings\Danny\My Documents\xpnetdiag.xml
[2010/03/17 23:34:34 | 000,118,521 | ---- | C] () -- C:\Documents and Settings\Danny\My Documents\ct_doubtingthomas1.pdf
[2010/03/17 22:45:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/17 22:41:43 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/11 16:29:07 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Danny\My Documents\Form_VI_Personal_Details_Form[1].DOC
[2010/03/06 14:09:56 | 000,001,597 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/02/27 11:02:37 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Conquerors.lnk
[2009/09/16 22:57:00 | 000,000,096 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/01/29 20:57:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/01/29 20:55:44 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/10/22 13:38:49 | 000,000,078 | ---- | C] () -- C:\WINDOWS\lsoon.ini
[2008/10/22 13:06:39 | 000,085,033 | ---- | C] () -- C:\Documents and Settings\Danny\Local Settings\Application Data\ShLog.txt
[2008/07/11 11:58:00 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008/07/11 11:58:00 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2008/07/01 09:04:40 | 000,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2007/10/24 23:28:14 | 000,000,291 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007/10/24 23:28:14 | 000,000,094 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007/10/24 23:24:08 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007/10/24 23:19:23 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/05/10 23:08:49 | 000,002,211 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/03/11 22:04:03 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/19 19:37:38 | 000,002,454 | ---- | C] () -- C:\WINDOWS\System32\NSM 8 Student CD.ini
[2006/12/07 20:05:12 | 000,000,020 | ---- | C] () -- C:\WINDOWS\powerplayer.ini
[2006/12/07 19:57:22 | 000,000,057 | ---- | C] () -- C:\WINDOWS\System32\peer.ini
[2006/12/07 19:57:19 | 000,000,361 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2006/07/20 21:04:38 | 000,000,302 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2006/06/18 19:48:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Danny\Local Settings\Application Data\fusioncache.dat
[2006/02/12 16:04:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2006/01/25 05:08:29 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2005/12/31 03:48:26 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/12/31 03:40:30 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/12/17 21:03:45 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\8A209153A1.sys
[2005/11/30 18:58:32 | 000,002,920 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/10/26 18:47:03 | 000,000,258 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\setup.log
[2005/10/26 09:59:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Approach.ini
[2005/10/26 09:58:58 | 000,000,146 | ---- | C] () -- C:\WINDOWS\lotus.ini
[2005/10/26 09:49:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\winhelp.ini
[2005/08/13 08:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/05/05 22:51:56 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\Danny\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/01/29 11:38:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/01/29 11:35:14 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS49.DLL
[2005/01/29 11:29:09 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2005/01/29 11:29:09 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2005/01/29 11:22:45 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/25 09:34:33 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/25 09:11:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/08/25 09:11:10 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/08/25 09:11:10 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/08/25 09:11:10 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/08/25 09:11:10 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/08/25 09:11:10 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/08/25 09:10:26 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2004/08/25 08:56:28 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/24 15:57:36 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/08/24 15:57:35 | 000,003,720 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/06/24 15:28:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/03/04 11:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2001/10/25 10:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[1997/06/14 12:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1996/04/25 12:23:00 | 000,000,849 | ---- | C] () -- C:\WINDOWS\acroread.ini
[1996/02/22 12:23:00 | 000,222,928 | ---- | C] () -- C:\WINDOWS\System32\lobas09.dll
[1996/01/19 12:23:00 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\lodbc09.dll
[1996/01/17 12:23:00 | 000,031,008 | ---- | C] () -- C:\WINDOWS\System32\ivtrn09.dll
[1996/01/15 12:23:00 | 000,334,016 | ---- | C] () -- C:\WINDOWS\System32\loflt09.dll
[1995/09/25 12:23:00 | 000,014,928 | ---- | C] () -- C:\WINDOWS\System32\wingen.drv
[1994/04/07 12:23:00 | 000,000,462 | ---- | C] () -- C:\WINDOWS\lodbf09.ini

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2008/10/22 12:48:35 | 000,000,000 | ---D | M](C:\WINDOWS\M?crosoft) -- C:\WINDOWS\Mіcrosoft
[2008/10/22 09:55:50 | 000,000,000 | ---D | M](C:\Program Files\Common Files\s?curity) -- C:\Program Files\Common Files\sеcurity
[2008/10/22 09:55:50 | 000,000,000 | ---D | M](C:\Program Files\Common Files\s?curity) -- C:\Program Files\Common Files\sеcurity
[2006/04/02 20:51:28 | 000,000,000 | ---D | M](C:\Program Files\?asks) -- C:\Program Files\Тasks
[2006/04/02 20:51:28 | 000,000,000 | ---D | M](C:\Program Files\?asks) -- C:\Program Files\Тasks
[2006/03/28 19:40:02 | 000,000,000 | ---D | M](C:\Documents and Settings\Danny\Application Data\A?pPatch) -- C:\Documents and Settings\Danny\Application Data\AрpPatch
[2006/03/28 19:40:02 | 000,000,000 | ---D | M](C:\Documents and Settings\Danny\Application Data\A?pPatch) -- C:\Documents and Settings\Danny\Application Data\AрpPatch
[2006/03/09 18:41:41 | 000,000,000 | ---D | M](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\Fοnts
[2006/03/09 18:41:41 | 000,000,000 | ---D | C](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\Fοnts
[2006/02/16 18:37:14 | 000,000,000 | ---D | C](C:\WINDOWS\M?crosoft) -- C:\WINDOWS\Mіcrosoft
[2005/12/24 14:40:13 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??sembly) -- C:\WINDOWS\System32\аѕsembly
[2005/12/24 14:40:13 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??sembly) -- C:\WINDOWS\System32\аѕsembly
[2005/10/08 22:35:17 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??stem32) -- C:\WINDOWS\System32\ѕуstem32
[2005/10/08 22:35:17 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??stem32) -- C:\WINDOWS\System32\ѕуstem32
[2005/09/11 17:56:28 | 000,000,000 | ---D | M](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\Fоnts
[2005/09/11 17:56:28 | 000,000,000 | ---D | C](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\Fоnts
[2005/09/10 11:40:25 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
[2005/09/10 11:40:25 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
[2005/09/02 08:03:06 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??curity) -- C:\WINDOWS\System32\ѕеcurity
[2005/09/02 08:03:06 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??curity) -- C:\WINDOWS\System32\ѕеcurity
[2005/08/31 20:50:55 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?ystem) -- C:\WINDOWS\System32\ѕystem
[2005/08/31 20:50:55 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?ystem) -- C:\WINDOWS\System32\ѕystem
[2005/08/30 19:18:09 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??pPatch) -- C:\WINDOWS\System32\АрpPatch
[2005/08/30 19:18:09 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??pPatch) -- C:\WINDOWS\System32\АрpPatch
[2005/08/12 21:23:48 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??stem) -- C:\WINDOWS\System32\ѕуstem
[2005/08/12 21:23:48 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??stem) -- C:\WINDOWS\System32\ѕуstem
[2005/07/27 20:52:31 | 000,000,000 | ---D | M](C:\WINDOWS\System32\W?nSxS) -- C:\WINDOWS\System32\WіnSxS
[2005/07/27 20:52:31 | 000,000,000 | ---D | C](C:\WINDOWS\System32\W?nSxS) -- C:\WINDOWS\System32\WіnSxS
[2005/07/14 11:08:41 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??mbols) -- C:\WINDOWS\System32\ѕуmbols
[2005/07/14 11:08:41 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??mbols) -- C:\WINDOWS\System32\ѕуmbols
(C:\Program Files\Common Files\s?curity) -- C:\Program Files\Common Files\sеcurity
(C:\Program Files\?asks) -- C:\Program Files\Тasks
(C:\Documents and Settings\Danny\Application Data\A?pPatch) -- C:\Documents and Settings\Danny\Application Data\AрpPatch
< End of report >


Report •

#8
March 27, 2010 at 04:12:02
Likewise Extras part 1

OTL Extras logfile created on: 3/27/2010 9:52:37 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Danny\My Documents
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.00 Mb Total Physical Memory | 119.00 Mb Available Physical Memory | 24.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 2.72 Gb Free Space | 19.46% Space Free | Partition Type: NTFS
Drive D: | 23.29 Gb Total Space | 10.98 Gb Free Space | 47.14% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WILSON
Current User Name: Danny
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"8972:TCP" = 8972:TCP:*:Enabled:BitComet 8972 TCP
"8972:UDP" = 8972:UDP:*:Enabled:BitComet 8972 UDP
"24935:TCP" = 24935:TCP:*:Enabled:BitComet 24935 TCP
"24935:UDP" = 24935:UDP:*:Enabled:BitComet 24935 UDP
"16419:TCP" = 16419:TCP:*:Enabled:BitComet 16419 TCP
"16419:UDP" = 16419:UDP:*:Enabled:BitComet 16419 UDP
"2541:TCP" = 2541:TCP:*:Enabled:lmzdxmfc

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Games\Rise of Nations\rise.exe" = C:\Program Files\Microsoft Games\Rise of Nations\rise.exe:*:Enabled:Rise of Nations -- File not found
"C:\Program Files\WinMX\WinMX.exe" = C:\Program Files\WinMX\WinMX.exe:*:Enabled:WinMX Application -- File not found
"C:\Program Files\Warcraft III\Warcraft III.exe" = C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found
"C:\Program Files\EA GAMES\Battlefield Vietnam\bfvietnam.exe" = C:\Program Files\EA GAMES\Battlefield Vietnam\bfvietnam.exe:*:Disabled:bfvietnam -- File not found
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer -- File not found
"C:\sdwork\w32main2.exe" = C:\sdwork\w32main2.exe:*:Enabled:OSP Windows 32-bit ESD API -- (IBM Global Services)
"D:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = D:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- File not found
"D:\EA GAMES\Battlefield Vietnam\bfvietnam.exe" = D:\EA GAMES\Battlefield Vietnam\bfvietnam.exe:*:Enabled:bfvietnam -- File not found
"C:\Program Files\Microsoft Games\Rise of Nations\nations.exe" = C:\Program Files\Microsoft Games\Rise of Nations\nations.exe:*:Enabled:Rise of Nations -- File not found
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- File not found
"C:\WINDOWS\system32\rtcshare.exe" = C:\WINDOWS\system32\rtcshare.exe:*:Enabled:RTC App Sharing -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- File not found
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Disabled:Google Talk -- File not found
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- File not found
"D:\utorrent.exe" = D:\utorrent.exe:*:Enabled:µTorrent -- ()
"D:\Program Files\PPStream\PPStream.exe" = D:\Program Files\PPStream\PPStream.exe:*:Enabled:PPStream -- File not found
"D:\Program Files\PPMate\PPMate\ppmate.exe" = D:\Program Files\PPMate\PPMate\ppmate.exe:*:Enabled:PPMate -- File not found
"D:\Program Files\BearShare Applications\BearShare\BearShare.exe" = D:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"D:\Program Files\iTunes\iTunes.exe" = D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Program Files\LimeWire\LimeWire.exe" = D:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"D:\Program Files\Piolet\Piolet.exe" = D:\Program Files\Piolet\Piolet.exe:*:Enabled:Piolet -- (MP2P Technologies.)
"D:\Program Files\Microsoft Games\Rise of Nations\rise.exe" = D:\Program Files\Microsoft Games\Rise of Nations\rise.exe:*:Enabled:Rise of Nations -- (Big Huge Games, Inc.)
"D:\Program Files\SopCast\adv\SopAdver.exe" = D:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe -- File not found
"C:\Program Files\AVG\AVG8\avgdiag.exe" = C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe -- File not found
"C:\Program Files\AVG\AVG8\avgdiagex.exe" = C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"D:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.ICD" = D:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.ICD:*:Enabled:Age of Empires II -- (Microsoft Corporation)
"D:\Program Files\Microsoft Games\Age of Empires II\age2_x1\AGE2_X1.ICD" = D:\Program Files\Microsoft Games\Age of Empires II\age2_x1\AGE2_X1.ICD:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\Documents and Settings\Danny\Local Settings\Temporary Internet Files\Content.IE5\DRC6MU70\IM65223.JPG-www.myspace.com[1].exe" = C:\WINDOWS\infocard.exe:*:Enabled:Firewall Administrating -- File not found


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01AF4645-78E6-46C4-B528-54863679CC40}" = VAIO SLIT-C Screen Saver
"{06A940CD-4924-485E-8500-476C9E08A820}" = Samsung PC Studio 3
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}" = ccCommon
"{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 3.1
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2469F39C-54EC-4DDE-AA02-FF9633F20190}" = Ad-Aware SE Plus
"{266AEE68-5718-4A31-BDD3-D356B1250C70}" = VAIO SLIT Pattern Wallpaper
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{27579b3c-5470-4496-be6c-0c872674f19f}" = Macromedia Flash Player
"{2EBF25F1-F8A2-40EA-92BE-931C142A44E2}" = CC_ccProxyExt
"{30738666-9805-4926-A78F-91DA33B6C437}" = ccPxyCore
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3407FD83-0A2F-475E-BE94-34F1FA342C84}" = ESET NOD32 Antivirus
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1A8C8-6646-4101-B0AA-42D1EB2AB3AE}" = Windows Live Outlook Toolbar (Windows Live Toolbar)
"{3600FB01-C63B-4A3D-B044-BB21792C6811}" = VAIO SLIT-B Screen Saver
"{373CDFEC-F0DE-4C40-81AB-EF64F6F2F948}" = Apple Mobile Device Support
"{3B29A786-5803-4E9E-9B58-3014A5B4E519}" = Norton AntiSpam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{449F3A9E-9903-4a0d-A209-08030D45A935}" = Norton Internet Security
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2
"{53B2CFE9-A508-4457-B2CA-5D253536BFB7}" = OneCare Advisor (Windows Live Toolbar)
"{5677563D-0CB1-485F-9E18-C5025306BB3F}" = Norton AntiSpam
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{60EEB642-E9E0-45A2-A676-B9D8FE17C4A9}" = Maxtor OneTouch III
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{66A7A386-6F35-41A7-A731-101F0C0153C8}" = Popup Blocker (Windows Live Toolbar)
"{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6990A2BF-D1D2-11D3-81BC-00609789C908}" = Sony Video Shared Library
"{6F1974D6-4249-43B6-88B0-9A9B8A33956C}" = OpenMG Secure Module 4.0.00
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 3.1
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{71C97545-E547-4A8B-B0C8-61FF853270AC}" = PaperPort
"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage 2.1.00
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{761C9026-14F0-4352-8658-934558272404}" = VAIO Edit Components
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7998F67D-655B-42E3-B651-18D96DD17268}" = Adobe Premiere Standard
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 3.1
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7C2F71B2-6C73-11D6-B659-00C04F790F76}" = Click to DVD 2.1.10
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}" = Norton Protection Center
"{8610BEA1-FD76-4340-8326-7946DDC2EE7B}" = iTunes
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{8A62A068-3FD6-495A-9F66-26FE94F32EC9}" = Rhapsody Player Engine
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8D324F1B-A39E-4D5A-BA58-147416FE019A}" = VAIO SLIT-A Screen Saver
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD 5 for VAIO
"{936FADC9-C609-471A-B6F2-A33E2E660D1A}" = Sony Notebook Setup
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98A3A654-3AEF-42D9-BA91-DE5815EA5897}" = Click to DVD 2.0.01 Menu Data
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{A17456ED-3432-49FF-A14D-E0F00A96A2AA}" = VAIO SLIT Scene Wallpaper
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A43F939E-A863-433D-AC78-0897E44CFEB2}" = VAIO Launcher
"{A4952AA3-FCBF-4D28-9DC4-A3935FDC5805}" = Retrospect Express HD 1.1
"{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}" = Apple Software Update
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security
"{AA171A69-F942-40DA-AE3A-EA91026A1CAE}" = VAIO Manual
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BB311F54-39D6-4A03-8E18-053D1B2833D7}" = HotKey Utility
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 1.3
"{C1A350C0-9EDC-4F21-A75C-5609BF9523ED}" = Lotus Notes 6.0.2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C4F1B9FE-F3AF-11D5-93D1-00C0CA18FDE6}" = Hotel Giant
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2006
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CF6E7481-4487-46D3-810A-F73EEA232CE0}" = Microsoft IntelliPoint 5.0
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{DEBACE7E-5DD1-42DB-AFE7-2B60E7CC80A8}" = Microsoft GB18030 Support Package
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E4944F56-5C8A-41F9-A747-A9EDFD6BC6D4}" = Aventail Connect 5.30
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E78B5745-93EF-4268-94DD-08B73DA6636D}" = SymNet
"{E85FA9A1-C241-4698-893B-DD99509B8DB0}" = Norton WMI Update
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}" = VAIO Zone
"{EE5A24F2-06D7-4FFC-B9CF-F87EBE7B77CA}" = VeohTV BETA
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins 1.3
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FFB4DD53-28B7-4981-BFF0-9BD801F61095}" = Norton Internet Security
"3D-PhotoPrint" = Canon Utilities 3D-PhotoPrint
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Battlecraft Vietnam1.0 BETA" = Battlecraft Vietnam
"BearShare MediaBar" = BearShare MediaBar
"c474c3891a130b8bd0297680e91988cd938921738" = Football Manager 2007
"Canon PhotoStitch 3.1" = Canon Utilities PhotoStitch 3.1
"CANONBJ_Deinstall_CNMCP49.DLL" = Canon i550
"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_818C104D" = SoftV92 Data Fax Modem
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ExpressBurn" = Express Burn
"GameSpy Arcade" = GameSpy Arcade
"Heroes of Might and Magic II Gold" = Heroes II Gold
"Heroes of Might and Magic®" = Heroes of Might and Magic®
"HitmanPro35" = Hitman Pro 3.5
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{60EEB642-E9E0-45A2-A676-B9D8FE17C4A9}" = Maxtor OneTouch III
"InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"MDT" = Battlefield Mod Development Toolkit 2.0 Beta
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MouseSuite98" = Sony USB Mouse
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoRecord" = Canon PhotoRecord
"Piolet" = Piolet 3.0.7
"Prism" = Prism Video Converter
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"RiseOfNations 1.0" = Microsoft Rise Of Nations
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ScreensaversInstaller" = Screensavers Installer
"ShopperReports" = Get ShopperReports
"Sierra Utilities" = Sierra Utilities
"SmartSuite V97.0" = Lotus SmartSuite 97
"SopCast" = SopCast 2.0.4
"Stamp" = Stamp Uninstall
"Switch" = Switch Sound File Converter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD Media Codec" = XviD Media Codec 1.1.0
"ZoomBrowserEXDeInstall" = Canon Utilities ZoomBrowser EX


Report •

#9
March 27, 2010 at 04:12:38
and part 2/2 extras

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-4283222541-2502887446-2348235212-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 3/25/2010 1:41:54 AM | Computer Name = WILSON | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
<http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/801D62D07B449D5C5C035C98EA61FA443C2A58FE.crt>
with error: The server name or address could not be resolved

Error - 3/25/2010 1:41:54 AM | Computer Name = WILSON | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
<http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt>
with error: The server name or address could not be resolved

Error - 3/25/2010 1:41:54 AM | Computer Name = WILSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 3/26/2010 9:13:24 PM | Computer Name = WILSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The server name or address could not be resolved

Error - 3/26/2010 9:13:30 PM | Computer Name = WILSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 3/26/2010 9:13:30 PM | Computer Name = WILSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 3/26/2010 9:13:30 PM | Computer Name = WILSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 3/26/2010 9:13:33 PM | Computer Name = WILSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 3/26/2010 9:14:13 PM | Computer Name = WILSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The server name or address could not be resolved

Error - 3/26/2010 9:15:35 PM | Computer Name = WILSON | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The server name or address could not be resolved

[ System Events ]
Error - 3/23/2010 7:09:22 AM | Computer Name = WILSON | Source = Service Control Manager | ID = 7000
Description = The 559BBC30 service failed to start due to the following error: %%2

Error - 3/23/2010 7:09:22 AM | Computer Name = WILSON | Source = Service Control Manager | ID = 7000
Description = The Automatic LiveUpdate Scheduler service failed to start due to
the following error: %%3

Error - 3/23/2010 7:09:22 AM | Computer Name = WILSON | Source = Service Control Manager | ID = 7023
Description = The Monitor Windows service terminated with the following error: %%1114

Error - 3/23/2010 7:09:22 AM | Computer Name = WILSON | Source = Service Control Manager | ID = 7000
Description = The Norton AntiVirus Auto-Protect Service service failed to start
due to the following error: %%2

Error - 3/23/2010 7:09:22 AM | Computer Name = WILSON | Source = Service Control Manager | ID = 7000
Description = The Retrospect Express HD Helper service failed to start due to the
following error: %%2

Error - 3/23/2010 7:09:22 AM | Computer Name = WILSON | Source = Service Control Manager | ID = 7000
Description = The SAVRTPEL service failed to start due to the following error: %%2

Error - 3/23/2010 7:09:28 AM | Computer Name = WILSON | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86 AvgMfx86 AvgRkx86 AvgTdiX Beep eeCtrl Partizan

Error - 3/25/2010 6:47:19 AM | Computer Name = WILSON | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/27/2010 6:25:46 AM | Computer Name = WILSON | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 000E357C4CED. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 3/27/2010 6:47:20 AM | Computer Name = WILSON | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.


< End of report >


Report •

#10
March 27, 2010 at 09:06:41
Go to start> control panel>internet options> connections> lan settings, uncheck the box beside " add proxy server,etc" if it is checked checked and check "automatically detect settings" it is unchecked> apply ok.

Uninstall one of you antivirus programs, either Nortons ar AVG as they will conflict and cause many problems.

Next uninstall these p2p programs as they are known to harbor spyware:


utorrent
Bareshare
LimeWire
Piolet


Please download Combofix with internet explorer instead of any other browser if possible.

Remember..your Nortons/AVG antivirs ,Spybot's TeaTimer, Ad-Aware must be turned off or disabled before running ComboFix. The clickable link "This Link" in the ComboFix tutorial will help you get them disabled.

Please download ComboFix to the desktop from one of the following links:

ComboFix

Rename the setup file, combofix.exe, before you download it. To do that once the "enter name of file to save to" box appears as the download begins in the filename box rename combofix.exe to to Combo-Fix> click save.
Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop.
If you are using Firefox, make sure that your download settings are as follows:
Tools->Options->Main tab
Set to "Always ask me where to Save the files".

Please do not rename Combofix to other names, but only to the one indicated.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-----------------------------------------------------------
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on This Link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------
Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
-----------------------------------------------------------
Double click on Combo-Fix.exe & follow the prompts.
Install the recovery console when asked.
When finished, it will produce a report for you.
Please post the "C:\Combo-Fix.txt" .
Note: Do not mouseclick combo-fix's window while it's running. That may cause it to hang.


Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything unless told to do so while we are fixing your problem.


Report •

#11
March 28, 2010 at 04:12:52
i ran into a slight difficulty. when i was unistalling AVG/norton, it didnt unistall fully. there are some files still remaining on my comp (mostly undeletable extension files). henceforth atm, i still hav 3 antivirus scanners working.
- AVG internet security
- Norton Antivirus Security 2006
- ESET NOD 32 Antivirus 3.0

i heard that one of the ways to unistall the top2 was to go to their website. unfortunately i cant access them


Report •

#12
March 28, 2010 at 08:40:35
Go ahead a run combofix. If it were to hang shut down the computer> wait one minute then retsart the computer.

Edit test.


Report •

#13
April 6, 2010 at 03:15:36
hey, sorry for the late reply, i had uni assignments all week.

Miraculously for some unknown reason, the problem is gone! i can access microsoft websites/anit spyware sites. i think it had something to do with a virus that was deleted in my comp a couple of days ago during a scan.

thks anyway for ur help =D


Report •

#14
April 6, 2010 at 03:24:52
Thanks for the follow up.

Report •

Ask Question