OTL logfile created on: 6/6/2012 5:38:05 PM - Run 1
OTL by OldTimer - Version 3.2.46.1 Folder = C:\Users\Chris\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.84 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 65.08% Memory free
7.68 Gb Paging File | 5.91 Gb Available in Paging File | 76.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.37 Gb Total Space | 237.17 Gb Free Space | 81.68% Space Free | Partition Type: NTFS
Computer Name: CHRIS-VAIO | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/06/06 17:37:00 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2009/08/26 21:11:50 | 000,173,368 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2009/08/26 21:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
PRC - [2009/08/26 21:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
PRC - [2009/08/26 21:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2009/07/23 14:39:38 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009/07/23 14:39:36 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/07/22 19:03:04 | 000,642,920 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/07/01 15:49:34 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/07/01 15:49:34 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/06/04 22:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/26 13:23:14 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/18 14:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007/12/17 11:00:14 | 001,852,928 | ---- | M] (Cisco Systems, Inc) -- C:\Program Files (x86)\Cisco Systems\Clean Access Agent\CCAAgent.exe
========== Modules (No Company Name) ========== MOD - [2012/05/10 20:44:56 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll
MOD - [2012/05/10 20:44:49 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 20:44:20 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012/05/10 20:44:13 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012/05/10 20:43:59 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/10 20:43:53 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 20:43:48 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 20:43:46 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 20:43:37 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/01/26 19:33:25 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/01/03 22:51:04 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/01/03 22:51:03 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010/11/17 14:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/11/04 21:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/04 21:58:10 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010/11/04 21:58:09 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2009/08/26 21:11:50 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
MOD - [2009/08/26 21:11:50 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
MOD - [2009/08/26 21:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
MOD - [2009/08/26 21:11:50 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
MOD - [2009/08/26 21:11:50 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
MOD - [2009/08/26 21:11:50 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
MOD - [2009/08/26 21:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
MOD - [2009/08/26 21:11:50 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
MOD - [2009/08/26 21:11:50 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
MOD - [2009/08/26 21:11:50 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
MOD - [2009/08/26 21:11:50 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
MOD - [2009/08/26 21:11:50 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
MOD - [2009/08/26 21:11:50 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
MOD - [2009/08/26 21:11:50 | 000,004,608 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
MOD - [2009/08/26 21:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
MOD - [2009/08/26 21:11:48 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
MOD - [2009/08/26 21:11:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
MOD - [2009/08/26 21:11:48 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
MOD - [2009/08/26 21:11:48 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SystemPowerDLL.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:
64bit: - [2010/11/20 09:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:
64bit: - [2009/08/22 18:19:06 | 000,411,496 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:
64bit: - [2009/07/24 00:34:31 | 000,189,984 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:
64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/13 21:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:
64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:
64bit: - [2009/06/26 18:56:10 | 000,357,672 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:
64bit: - [2009/06/26 18:35:04 | 000,468,264 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:
64bit: - [2009/06/17 22:50:30 | 000,110,888 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:
64bit: - [2008/09/29 20:06:32 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector) Intel(R)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/07/31 16:09:12 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/07/27 20:58:40 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/07/27 20:58:38 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/07/27 20:58:38 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/07/27 20:58:38 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/07/27 20:58:36 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/07/23 14:39:38 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009/07/23 14:39:38 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/07/23 14:39:36 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/07/22 19:03:04 | 000,642,920 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/07/13 21:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009/07/01 15:49:34 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 16:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/18 14:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/08/09 15:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:
64bit: - [2011/08/04 10:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:
64bit: - [2011/08/04 10:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:
64bit: - [2011/08/04 10:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:
64bit: - [2011/08/04 10:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2010/11/20 05:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:
64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2010/07/21 16:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:
64bit: - [2010/07/07 18:18:58 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:
64bit: - [2010/01/05 12:50:48 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:
64bit: - [2009/08/28 17:12:02 | 000,187,392 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtuhs62.sys -- (GTNDIS62)
DRV:
64bit: - [2009/08/12 13:14:28 | 000,089,600 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtuhsbus.sys -- (GTUHSBUS)
DRV:
64bit: - [2009/08/12 13:12:52 | 000,010,496 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtuhsser.sys -- (GTUHSSER)
DRV:
64bit: - [2009/08/04 21:22:40 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:
64bit: - [2009/08/04 21:20:51 | 007,345,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2009/08/03 16:06:34 | 000,250,928 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:
64bit: - [2009/07/31 16:29:11 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:
64bit: - [2009/07/31 16:14:14 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:
64bit: - [2009/07/31 16:13:51 | 000,086,528 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk)
DRV:
64bit: - [2009/07/31 16:09:12 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:
64bit: - [2009/07/31 16:09:08 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:
64bit: - [2009/07/31 16:02:03 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:
64bit: - [2009/07/27 16:27:10 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:
64bit: - [2009/07/24 01:24:03 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:
64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:
64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:
64bit: - [2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:
64bit: - [2009/07/13 19:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:
64bit: - [2009/06/11 16:19:09 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:
64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:
64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:
64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:
64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:
64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/06/04 21:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2009/05/26 18:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:
64bit: - [2009/05/20 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009/05/08 17:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:
64bit: - [2008/08/22 11:05:42 | 000,030,088 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swmsflt.sys -- (swmsflt)
DRV:
64bit: - [2007/06/08 17:32:26 | 000,112,768 | ---- | M] (C-motech Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmusbser.sys -- (cmusbser)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/redirectdomain ... &bmod=SNNTIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/ig/redirectdomain ... &bmod=SNNTIE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/redirectdomain ... &bmod=SNNTIE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" =
http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=D5AAD798-9822-4ABD-8A82-F1868549C4E3&apn_sauid=E1394901-9E5C-4929-8A65-6186FE19F021&
IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" =
http://findgala.com/?&uid=8034&q={searchTerms}
IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\SearchScopes\{BD1A11EF-AEEA-475C-AF94-01E9B4DE72C5}: "URL" =
http://search.avg.com/route/?d=4be09249 ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012/01/31 10:02:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/01/31 10:02:36 | 000,000,000 | ---D | M]
[2010/11/30 12:54:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2010/08/27 21:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/11/30 12:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/05 15:05:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2012/01/31 00:19:15 | 000,001,401 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 109.163.226.208
www.google-analytics.com.
O1 - Hosts: 109.163.226.208 ad-emea.doubleclick.net.
O1 - Hosts: 109.163.226.208
www.statcounter.com.
O1 - Hosts: 69.72.252.254
www.google-analytics.com.
O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.
O1 - Hosts: 69.72.252.254
www.statcounter.com.
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:
64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LaunchUserRequestedPrograms] C:\Program Files\Sony\First Experience\Miniprogram.exe ()
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [RegistrationReminder] C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000..\Run: [ASP] C:\ProgramData\bc09d8\AntivirusSP.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2593427774-2648610252-1859127685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: Garmin Communicator Plug-In
https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25D5C764-2312-4C9F-87DD-E9C3C0B8AAF1}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C5C5AE8-D796-4F02-9DC2-CB68C899E490}: NameServer = 209.183.35.23 209.183.33.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF44948F-9EBC-47EE-BF5C-6043495E5446}: NameServer = 8.8.8.8,209.183.35.23 209.183.33.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE307F5B-1D8F-4DAB-BB3E-62665CE29873}: NameServer = 209.183.35.23 209.183.33.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB983010-6BC6-47D5-BCC5-C265E6997F11}: NameServer = 209.183.35.23 209.183.33.23
O18:
64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{586dea20-fcc3-11df-ab86-d7bb37b0b6b7}\Shell - "" = AutoRun
O33 - MountPoints2\{586dea20-fcc3-11df-ab86-d7bb37b0b6b7}\Shell\AutoRun\command - "" = G:\ATTPreCopy.exe -d:OPETNAEXPCI -7
O33 - MountPoints2\{ed425aa4-f8b4-11de-aaa3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ed425aa4-f8b4-11de-aaa3-806e6f6e6963}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2012/06/06 17:36:07 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2012/06/05 09:04:43 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Chris\Desktop\dds.scr
[2012/05/10 08:23:22 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/05/10 08:22:30 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/05/10 08:22:26 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/10 08:22:25 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/06/06 17:37:00 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2012/06/06 17:22:38 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/06 17:22:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/05 19:56:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/05 09:04:43 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Chris\Desktop\dds.scr
[2012/06/03 18:17:19 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/03 18:17:19 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/03 18:09:47 | 3094,622,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/02 14:02:11 | 000,002,016 | -H-- | M] () -- C:\Users\Chris\Desktop\Documents\Default.rdp
[2012/05/10 09:53:14 | 000,448,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/10 08:33:33 | 000,751,012 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/10 08:33:33 | 000,631,458 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/10 08:33:33 | 000,109,544 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/12/12 13:20:17 | 000,003,584 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/07 16:46:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/11/30 13:08:54 | 000,749,728 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/30 12:07:43 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/11/10 23:53:23 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth2.dll
[2010/11/10 23:53:23 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth1.dll
[2010/11/10 23:53:23 | 000,000,100 | ---- | C] () -- C:\Windows\SysWow64\prsgrc.dll
[2010/11/10 23:51:48 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2010/11/10 23:51:48 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010/06/23 12:12:02 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/06/23 12:12:02 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2140.DAT
[2010/06/21 20:43:47 | 000,000,017 | ---- | C] () -- C:\Users\Chris\AppData\Local\resmon.resmoncfg
========== LOP Check ========== [2012/01/31 00:19:21 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Roaming\Antivirus Smart Protection
[2010/01/11 17:58:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\CiscoCAA
[2012/01/31 10:03:48 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ESET
[2011/09/07 14:27:22 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FrostWire
[2010/12/10 11:19:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\GARMIN
[2010/11/23 21:09:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LimeWire
[2011/07/02 14:27:24 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SecondLife
[2010/11/30 23:02:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sierra Wireless
[2010/01/28 15:24:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Template
[2011/11/05 08:32:47 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 6/6/2012 5:38:05 PM - Run 1
OTL by OldTimer - Version 3.2.46.1 Folder = C:\Users\Chris\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.84 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 65.08% Memory free
7.68 Gb Paging File | 5.91 Gb Available in Paging File | 76.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.37 Gb Total Space | 237.17 Gb Free Space | 81.68% Space Free | Partition Type: NTFS
Computer Name: CHRIS-VAIO | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C2E5E86-27BC-40F7-B51E-99DA0E451C9D}" = lport=138 | protocol=17 | dir=in | app=system |
"{25A08DE7-1C69-475B-9597-F043CFE1309F}" = rport=137 | protocol=17 | dir=out | app=system |
"{2AC83205-FF42-4BAE-B91F-5540AA125C22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{2C533D24-AD67-4FBB-8F19-4BCEE907874E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{445720FB-6091-4C08-87A2-8FA0848DC265}" = lport=2869 | protocol=6 | dir=in | app=system |
"{48593329-BB8F-42DC-9A54-24F74508721B}" = rport=445 | protocol=6 | dir=out | app=system |
"{5507F3DB-9ACC-4DEF-97C3-8F2B24546E86}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{566EF1A9-4FE8-4B56-96D3-08E56209BCC7}" = rport=138 | protocol=17 | dir=out | app=system |
"{59CF6354-A369-40DD-90DB-E22C8719597E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F11D20A-683F-4CA5-AA13-8E5FD2B2CDDF}" = rport=139 | protocol=6 | dir=out | app=system |
"{699A5A8C-5962-4865-86DF-437D106B903F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A620AF6-FCA4-4359-B70D-E818A15D463F}" = lport=137 | protocol=17 | dir=in | app=system |
"{9119DA53-0E9E-4186-85DD-7AADB2D04C22}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93ED261C-9AA0-4EA4-98F8-2A77EBD19F94}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{99370ECE-E8C0-4B7C-9A72-4B1A6B54D5DB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A09F6A38-DBDB-4A04-B423-B2C0C50718E0}" = lport=445 | protocol=6 | dir=in | app=system |
"{B38E7534-248A-48B6-BB40-5C9CDB4E702F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BBA5FBA5-4387-4BFF-BEC8-AF042D117A25}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5D66319-2584-4C9A-840B-7003D7E143E0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D6D240FD-8FA3-4F33-874C-E2B9696B1691}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DE95AA03-27B4-41A1-B39E-E4407BE8B425}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{EC22BDC5-C9EC-4632-8B73-200DC0C35B70}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EF018EC6-0395-473F-AD7D-5AC87EBE4ADA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F77B99D1-F1FA-48BC-80E8-8131E35D816C}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028314D4-0D23-45B6-8398-670739F6C793}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{040AF2E4-4721-44D4-A474-BE26E8CA859A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{050B6C27-BCB0-4D50-A8E4-87EB4530E048}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{0A7AED9F-7A0D-4F76-AD27-A73A1D63D884}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F78394B-6FDF-4F15-89C2-C3C5FA1266EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\osmos\osmos.exe |
"{0FC25FB6-82EC-4501-BF50-4CEE4331D0B0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{19777CE6-EDEB-4828-AAAF-3B19E6A73BDE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1BE3F7E5-BA74-43E9-B93B-E8CCCF6182B4}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{2357B92C-9D39-42BC-8E13-4318229AB112}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\osmos\osmos.exe |
"{29DCEB87-43E9-4CEA-AE7F-808A7198E455}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3758EE07-BDDA-4B97-AC8E-36DB5246617D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\potshotpolka\counter-strike source\hl2.exe |
"{375D9057-9B2C-4C72-BFE1-72978BF09644}" = protocol=17 | dir=in | app=c:\programdata\bc09d8\asbc0_8034.exe |
"{435E3ACA-DB7C-4FDD-A5FC-043FF97DC584}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\potshotpolka\counter-strike source\hl2.exe |
"{4924C6DD-2E11-4B66-BB43-DE1239E91CBA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4DB96368-C116-4694-9AFC-597CA6D4CF86}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{53A94C70-F265-4159-8EF7-C733FF1C1E86}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{56617DA4-F54C-4DFE-B427-2B74CEE3C5CA}" = protocol=6 | dir=in | app=c:\program files (x86)\steamfix\steam.exe |
"{5FBAF3C5-FACC-49E1-A0D1-BA30ABCC28DC}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{613BD5B3-86D3-40B3-90FB-59BC8B3CFB8D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{636D3102-79DB-427A-B5A5-A516EB24A9D7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{643DAD3C-7A33-48BF-B35C-659586D4F478}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 2\fallout2.exe |
"{6DF5FA37-60DF-4EE7-8551-1F230B3687CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hearts of iron 3\hoi3game.exe |
"{6FE39B81-8DEB-4187-BE90-A27E3CF20B02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7064766A-231B-42A0-B126-9396FA8EC68C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71501F97-6F42-4A06-B370-96FC971386FE}" = protocol=6 | dir=in | app=c:\program files (x86)\wtf\steam.exe |
"{7335844F-6892-4745-83D4-9D95EBBB436D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{746EC63A-0CC3-4C59-A35C-C3FEAEBCC95D}" = protocol=6 | dir=out | app=system |
"{74DCECD0-9208-45A1-A5F7-1D8F9102B3AD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{7AD1C1EA-6C1B-435D-B276-6E675E1BEAE4}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{7C47F9D6-BE64-4749-AB33-DAB1A9A7E385}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{7D9A58AF-141E-46B3-855A-D94695901CE9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{7DE6249A-D28F-47D2-BFEA-E845220F373A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{8E83C484-3A6C-459C-9F06-5373F64E9094}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{9001B086-A7A9-4F28-99C4-FFB59E890052}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{900DD0E7-CE4A-48AD-9B58-CED1FBBD6EBE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 2\fallout2.exe |
"{9FF5809E-D936-45D1-845E-0D4F2F91E6C8}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{A177E92E-4769-4F4C-9D79-934A54723540}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A32C44AB-07F7-439D-B02C-8988395ACFDE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7924E99-7435-4589-A770-23501771E1C8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B05B5FC7-E8A3-4855-BF05-5C13929C0B5F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B3C960E4-01F6-41AF-8440-DCF3EC5F9B18}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{BE908713-5A11-4B66-B2B2-AD09CD71D9AC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hearts of iron 3\hoi3game.exe |
"{C019C648-9300-48AD-B2CC-0B26ABCB1D7A}" = protocol=17 | dir=in | app=c:\program files (x86)\wtf\steam.exe |
"{C02A2393-8F97-48A4-BE57-CC8759B09FA0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C171A5AE-BCB4-44F9-AD86-4B20D2E41F6B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D63E3287-8F2F-44C2-B114-FAB9DB2B08A7}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{E77C3A2F-3498-47CA-9720-F97B6FC5795D}" = protocol=17 | dir=in | app=c:\program files (x86)\steamfix\steam.exe |
"{E781DC47-4793-4432-9E0D-7AA010E09B90}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E838D017-5736-4B58-9A9D-85CBD59719C8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F060255E-94B3-4F2B-9473-66158C7ABBDC}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{F6F9646B-BC16-4C96-8C3E-7ABAEA5AA4AB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FA5241EC-CE0D-45F2-AB27-1F428FE1ADFC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FB9E4CBD-5788-4FD6-8377-05B969165FB4}" = protocol=6 | dir=in | app=c:\programdata\bc09d8\asbc0_8034.exe |
"TCP Query User{007E6A93-87BC-4E1A-8551-7226C8B16AAD}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{255BB1DF-A8D0-4D05-B493-854F357CF367}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"TCP Query User{81E43635-F0A8-415B-AACA-0E6C92909532}C:\program files (x86)\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\secondlifeviewer2\slvoice.exe |
"TCP Query User{92131F2D-9770-463B-9939-58AA973471C9}C:\programdata\bc09d8\asbc0_8034.exe" = protocol=6 | dir=in | app=c:\programdata\bc09d8\asbc0_8034.exe |
"TCP Query User{D7C60D42-90C2-4B37-8AE2-2DB125E8C7D9}C:\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"TCP Query User{DD8D9B4C-D1D8-4FDB-A7D6-860375045333}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"UDP Query User{3BB4ED13-0414-40FB-9754-5BB636155887}C:\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"UDP Query User{4F1D9475-62C5-40C7-8D34-B8E6A3BCE268}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"UDP Query User{7E390F2F-A2F6-4CE1-9108-ED9E8910516A}C:\program files (x86)\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\secondlifeviewer2\slvoice.exe |
"UDP Query User{9ACCD3D9-5330-4668-8045-03BCE681576D}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{9D8ED6AB-FD98-40F3-9CB5-6DD1C6F3EEF9}C:\programdata\bc09d8\asbc0_8034.exe" = protocol=17 | dir=in | app=c:\programdata\bc09d8\asbc0_8034.exe |
"UDP Query User{DECE2564-869D-4E4B-9631-CB134CCF3700}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{5586CBEA-C071-4616-B809-6E11815D2190}" = ESET Smart Security
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java(TM) SE Development Kit 6 Update 15 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20 (64-bit)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B6EFD9A5-2ECE-4C22-BAEC-D16E73EA2013}" = iTunes
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00721C5E-5B17-494C-95E5-208415864F62}" =
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{04010300-6D72-4D54-8686-91D884A27B5C}" = Cisco Clean Access Agent
"{0A5F02E5-1A52-4F85-892C-A35227641C75}" = VAIO Content Metadata Intelligent Analyzing Manager
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Startup Assistant
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = VAIO Presentation Support
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2208D65A-1BF9-485E-A308-1BA6CADCDC1D}" = Windows Live Movie Maker Beta
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Monitoring Settings
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 29
"{2BE51320-174A-44EC-8041-50E35E091283}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3B1168DE-1F8C-471C-AC49-0CA52F096170}" = VAIO Content Metadata Intelligent Network Service Manager
"{48E91AD2-2A80-4E70-98E6-450A189F6048}" = VAIO Movie Story
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{51BEF30C-58E4-490F-BA40-A2F12AB8B5F9}" = VAIO Content Metadata Manager Settings
"{57AABF73-E17F-4212-A103-13A9794F0869}" = VAIO Content Metadata XML Interface Library
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5F2D882B-A663-4EB5-9851-48CC6C75FD2D}" = VAIO Content Metadata Intelligent Network Service Manager
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Power Management
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7395DD51-0D1A-47A7-9993-742073ECF4CE}" = VAIO Content Metadata Manager Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A512C74-7780-43A1-93DA-29C23D0DF374}" = VAIO Content Metadata XML Interface Library
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7E8DE539-B044-48B3-BC76-4F0A089ABE2F}" = VAIO Content Metadata Intelligent Analyzing Manager
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8F47B673-8D71-49E3-98B6-BCF547C82F57}" = Click to Disc
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{949419DF-F4AF-4693-B60A-522B24F233C6}" = VAIO Content Metadata XML Interface Library
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D912275-85FD-45F6-9AF3-388A0F8AADB2}" = VAIO Content Metadata Intelligent Network Service Manager
"{9E39EA0D-38CD-4739-9E28-DEA4A1155522}" = Sony Home Network Library
"{A568DFBD-4A04-484E-86BB-165AA6C53E2B}" = VAIO Content Monitoring Settings
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Settings
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D8AE7D4E-BA8B-4F7B-BF50-8D2F090034F0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FBBF5D9C-1989-4933-AE4E-19EE368385B4}" = VAIO Entertainment Platform
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Application Manager for VAIO" = Application Manager for VAIO
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"DCoder Image Source" = DCoder Image Source (remove only)
"DirectVobSub" = DirectVobSub (remove only)
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FrostWire" = FrostWire 4.21.1
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"RealMedia" = RealMedia (remove only)
"splashtop" = VAIO Quick Web Access
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 3/12/2012 9:48:01 AM | Computer Name = Chris-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 3/12/2012 6:18:01 PM | Computer Name = Chris-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 3/14/2012 3:22:17 AM | Computer Name = Chris-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 3/14/2012 3:51:46 AM | Computer Name = Chris-VAIO | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 3/18/2012 11:56:49 AM | Computer Name = Chris-VAIO | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 3/21/2012 9:57:31 AM | Computer Name = Chris-VAIO | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 3/22/2012 9:14:35 AM | Computer Name = Chris-VAIO | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 3/24/2012 8:50:40 AM | Computer Name = Chris-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 3/24/2012 9:48:26 PM | Computer Name = Chris-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 3/27/2012 8:36:50 AM | Computer Name = Chris-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
[ System Events ]
Error - 5/15/2012 10:02:49 AM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService
service to connect.
Error - 5/15/2012 10:02:49 AM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7000
Description = The HsfXAudioService service failed to start due to the following
error: %%1053
Error - 5/15/2012 12:22:08 PM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService
service to connect.
Error - 5/15/2012 12:22:08 PM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7000
Description = The HsfXAudioService service failed to start due to the following
error: %%1053
Error - 5/23/2012 10:20:13 AM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService
service to connect.
Error - 5/23/2012 10:20:13 AM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7000
Description = The HsfXAudioService service failed to start due to the following
error: %%1053
Error - 6/2/2012 12:56:43 PM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService
service to connect.
Error - 6/2/2012 12:56:43 PM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7000
Description = The HsfXAudioService service failed to start due to the following
error: %%1053
Error - 6/3/2012 6:09:57 PM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService
service to connect.
Error - 6/3/2012 6:09:57 PM | Computer Name = Chris-VAIO | Source = Service Control Manager | ID = 7000
Description = The HsfXAudioService service failed to start due to the following
error: %%1053
< End of report >
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-06 17:47:27
-----------------------------
17:47:27.514 OS Version: Windows x64 6.1.7601 Service Pack 1
17:47:27.514 Number of processors: 2 586 0x170A
17:47:27.514 ComputerName: CHRIS-VAIO UserName: Chris
17:47:28.310 Initialize success
17:47:38.732 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:47:38.732 Disk 0 Vendor: FUJITSU_ 0041 Size: 305245MB BusType: 3
17:47:38.732 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000070
17:47:38.748 Disk 1 Vendor: RICOH 01 Size: 305245MB BusType: 0
17:47:38.748 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000071
17:47:38.748 Disk 2 Vendor: RICOH 02 Size: 305245MB BusType: 0
17:47:38.763 Disk 0 MBR read successfully
17:47:38.779 Disk 0 MBR scan
17:47:38.779 Disk 0 Windows 7 default MBR code
17:47:38.779 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 7803 MB offset 2048
17:47:38.794 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 15982592
17:47:38.810 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 297340 MB offset 16187392
17:47:38.826 Disk 0 scanning C:\Windows\system32\drivers
17:47:46.657 Service scanning
17:48:13.130 Modules scanning
17:48:13.146 Disk 0 trace - called modules:
17:48:13.177 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:48:13.192 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005792060]
17:48:13.192 3 CLASSPNP.SYS[fffff88001bae43f] -> nt!IofCallDriver -> [0xfffffa8003cf1e40]
17:48:13.208 5 ACPI.sys[fffff88000f9c7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004780050]
17:48:13.208 Scan finished successfully
17:49:52.315 Disk 0 MBR has been saved successfully to "C:\Users\Chris\Desktop\MBR.dat"
17:49:52.315 The log file has been saved successfully to "C:\Users\Chris\Desktop\aswMBR.txt"
Hope this is right... just received a phone call from "Dave" at Windows maintenance Tech (315-636-4810), stating I am sending out malicious error reports to their site, not sure how much to believe that, just odd. Let me know how this is.