Please note that i must end the process svchost.exe to be able to open the browser.
OTL.txt:
OTL logfile created on: 9/1/2011 11:16:14 AM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Maria\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 69.50% Memory free
5.96 Gb Paging File | 5.03 Gb Available in Paging File | 84.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.86 Gb Total Space | 156.63 Gb Free Space | 69.97% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: Maria | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Windows\RtkAudioService.exe File not found
PRC - C:\Windows\Explorer.EXE File not found
PRC - C:\Users\Maria\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)
PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - (RtkAudioService) -- C:\Windows\RtkAudioService.exe File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (SampleCollector) Intel(R) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (TrustedInstaller) -- C:\Windows\servicing\TrustedInstaller.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)
DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/redirectdomain ... &bmod=SNYRIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/ig/redirectdomain ... &bmod=SNYR IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-267834430-2803507182-2688529489-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/redirectdomain ... &bmod=SNYRIE - HKU\S-1-5-21-267834430-2803507182-2688529489-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/ig/redirectdomain ... &bmod=SNYRIE - HKU\S-1-5-21-267834430-2803507182-2688529489-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-267834430-2803507182-2688529489-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/25 11:41:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/08/25 12:03:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Extensions
[2011/08/26 01:22:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\12ig9t47.default\extensions
[2011/08/26 01:22:55 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\12ig9t47.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/08/26 01:50:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/26 01:50:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MARIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\12IG9T47.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2011/08/27 08:57:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/08/11 22:57:31 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/11 20:16:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
O1 HOSTS File: ([2011/08/26 01:28:28 | 004,365,886 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: ::1 ___id___.c.mystat-in.net
O1 - Hosts: ::1 0.gravatar.com
O1 - Hosts: ::1 0.gvt0.com
O1 - Hosts: ::1 0.r.msn.com
O1 - Hosts: ::1 00.eatgoogle.345.pl
O1 - Hosts: ::1 00.eatgoogle.bee.pl
O1 - Hosts: ::1 00.eatgoogle.bij.pl
O1 - Hosts: ::1 00.eatgoogle.orge.pl
O1 - Hosts: ::1 00.eatgoogle.osa.pl
O1 - Hosts: ::1 00.googleeat.345.pl
O1 - Hosts: ::1 00.googleeat.bee.pl
O1 - Hosts: ::1 00.googleeat.bij.pl
O1 - Hosts: ::1 00.googleeat.orge.pl
O1 - Hosts: ::1 00.googleeat.osa.pl
O1 - Hosts: ::1 00.moregoogle.345.pl
O1 - Hosts: ::1 00.moregoogle.bee.pl
O1 - Hosts: ::1 00.moregoogle.bij.pl
O1 - Hosts: ::1 00.moregoogle.osa.pl
O1 - Hosts: ::1 0000.in
O1 - Hosts: ::1 0000a-fast-proxy.de
O1 - Hosts: ::1 000-101.org
O1 - Hosts: ::1 00161dcc.linkbucks.com
O1 - Hosts: 163815 more lines...
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] File not found
O4 - HKLM..\Run: [VAIOMyMemCenter] C:\Program Files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe ()
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files\Sony\VAIO Survey\VAIO Sat Survey.exe ()
O4 - HKLM..\Run: [VWLASU] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-267834430-2803507182-2688529489-1000..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-267834430-2803507182-2688529489-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D10402C1-9CDE-4582-A6B7-6C0D33B0E7BC}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\web\Wallpaper\img11.jpg
O24 - Desktop BackupWallPaper: C:\Windows\web\Wallpaper\img11.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/09/01 11:11:31 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Maria\Desktop\OTL.exe
[2011/08/27 12:29:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/08/27 12:18:29 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2011/08/27 12:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2011/08/27 08:55:10 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/08/27 08:55:10 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/08/27 08:55:09 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/08/26 20:10:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2011/08/26 20:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011/08/26 20:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2011/08/26 20:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2011/08/26 12:44:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/08/26 12:44:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/08/26 12:44:03 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/08/26 01:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/08/26 01:50:12 | 000,214,408 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2011/08/26 01:50:12 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2011/08/26 01:50:12 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2011/08/26 01:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/08/26 01:33:47 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Solid State Networks
[2011/08/26 00:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/08/26 00:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/08/25 21:47:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/08/25 19:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/08/25 19:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/08/25 19:24:36 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/08/25 19:24:18 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011/08/25 19:24:15 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011/08/25 19:24:13 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011/08/25 19:24:12 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/08/25 19:24:12 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011/08/25 19:24:07 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011/08/25 19:12:21 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011/08/25 19:12:07 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011/08/25 19:05:48 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011/08/25 19:03:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/08/25 18:59:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/08/25 18:59:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/08/25 18:59:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/08/25 18:59:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/08/25 18:59:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/08/25 18:59:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/08/25 18:59:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/08/25 18:59:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/08/25 18:59:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/08/25 18:59:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/08/25 18:59:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/08/25 18:58:56 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/08/25 18:58:56 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/08/25 18:58:56 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/08/25 18:58:55 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/08/25 18:58:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/08/25 12:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/08/25 12:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/08/25 12:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011/08/25 12:07:00 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2011/08/25 12:03:19 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Mozilla
[2011/08/25 12:03:19 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Mozilla
[2011/08/25 11:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/08/25 11:27:32 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Sony Corporation
[2011/08/25 11:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/08/25 11:14:09 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/08/25 11:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/08/25 11:11:01 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Adobe
[2011/08/25 11:09:49 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Malwarebytes
[2011/08/25 11:09:44 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/25 11:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/25 11:09:37 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/25 11:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/25 11:02:18 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011/08/25 11:02:17 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/08/25 11:02:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/08/25 11:01:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011/08/25 11:01:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011/08/25 11:01:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011/08/25 11:01:43 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/08/25 11:00:32 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/08/25 11:00:31 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/08/25 11:00:31 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/08/25 11:00:31 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011/08/25 11:00:16 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/08/25 11:00:02 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/08/25 11:00:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/08/25 11:00:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/08/25 11:00:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/08/25 11:00:00 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/08/25 11:00:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/08/25 11:00:00 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/08/25 10:58:32 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/08/25 10:58:29 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/08/25 10:58:28 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/08/25 10:58:28 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/08/25 10:58:27 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/08/25 10:58:26 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/08/25 10:58:26 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/08/25 10:58:26 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/08/25 10:58:25 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/08/25 10:58:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/08/25 10:58:24 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/08/25 10:58:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/08/25 10:58:09 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011/08/25 10:58:09 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011/08/25 10:58:08 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011/08/25 10:57:47 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/08/25 10:57:46 | 003,550,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/08/25 10:57:24 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/08/25 10:57:23 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/08/25 10:57:15 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/08/25 10:56:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/08/25 10:56:08 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011/08/25 10:56:08 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011/08/25 10:55:56 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/08/25 10:55:51 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/08/25 10:55:30 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDTVVDEC.DLL
[2011/08/25 10:55:04 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/08/25 10:54:54 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011/08/25 10:54:45 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/08/25 10:54:29 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/08/25 10:54:28 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/08/25 10:54:18 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/08/25 10:54:09 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/08/25 10:54:08 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011/08/25 10:54:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011/08/25 10:54:08 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011/08/25 10:54:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011/08/25 10:54:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/08/25 10:54:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011/08/25 10:54:06 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/08/25 10:54:03 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011/08/25 10:53:59 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/08/25 10:53:57 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/08/25 10:53:57 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/08/25 10:53:56 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/08/25 10:53:54 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/08/25 10:53:54 | 000,605,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011/08/25 10:53:54 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/08/25 10:53:54 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/08/25 10:53:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011/08/25 10:53:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011/08/25 10:53:48 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/08/25 10:53:48 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/08/25 10:53:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/08/25 10:53:43 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/08/25 10:53:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/08/25 10:53:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011/08/25 10:53:05 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011/08/25 10:52:38 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/08/25 10:52:38 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/08/25 10:52:36 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/08/25 10:52:35 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/08/25 10:52:35 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/08/25 10:52:34 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/08/25 10:52:33 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011/08/25 10:52:33 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/08/25 10:52:33 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/08/25 10:52:29 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/08/25 10:52:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/08/25 10:52:24 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/08/25 10:52:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/08/25 10:52:20 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011/08/25 10:52:14 | 000,220,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/08/25 10:52:14 | 000,098,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/08/25 10:52:13 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/08/25 10:52:10 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011/08/25 10:52:01 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011/08/25 10:52:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011/08/25 10:51:58 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011/08/25 10:40:21 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/08/25 10:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/08/25 10:26:17 | 000,544,656 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2011/08/25 10:24:39 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Macromedia
[2011/08/25 10:24:38 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Adobe
[2011/08/25 10:22:42 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011/08/25 10:22:41 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011/08/25 10:22:27 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011/08/25 10:22:27 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011/08/25 10:22:26 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011/08/25 10:22:15 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011/08/25 10:22:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/08/25 10:17:16 | 000,000,000 | R--D | C] -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/08/25 10:17:16 | 000,000,000 | R--D | C] -- C:\Users\Maria\Searches
[2011/08/25 10:17:16 | 000,000,000 | R--D | C] -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/08/25 10:17:04 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Identities
[2011/08/25 10:16:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Contacts
[2011/08/25 10:16:02 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\VirtualStore
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\AppData\Local\Temporary Internet Files
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Templates
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Start Menu
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\SendTo
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Recent
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\PrintHood
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\NetHood
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Documents\My Videos
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Documents\My Pictures
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Documents\My Music
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\My Documents
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Local Settings
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\AppData\Local\History
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Cookies
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Application Data
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\AppData\Local\Application Data
[2011/08/25 10:15:59 | 000,000,000 | --SD | C] -- C:\Users\Maria\AppData\Roaming\Microsoft
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Videos
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Saved Games
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Pictures
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Music
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Links
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Favorites
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Downloads
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Documents
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Desktop
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/08/25 10:15:59 | 000,000,000 | -H-D | C] -- C:\Users\Maria\AppData
[2011/08/25 10:15:59 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Temp
[2011/08/25 10:15:59 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Microsoft
[2011/08/25 10:15:59 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Media Center Programs
[2011/08/25 00:20:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/08/25 00:06:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/08/25 00:05:51 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2011/08/25 00:02:24 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/08/25 00:02:24 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/08/25 00:02:23 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/08/25 00:02:23 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/08/25 00:02:23 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/08/25 00:02:23 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/08/25 00:02:23 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/08/25 00:02:23 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/08/25 00:02:22 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/08/25 00:02:22 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/08/25 00:02:22 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/08/25 00:02:22 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/08/25 00:02:22 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/08/25 00:02:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/08/25 00:02:19 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/08/25 00:02:19 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/08/25 00:02:19 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/08/25 00:02:19 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/08/25 00:02:18 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/08/25 00:02:18 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/08/25 00:02:18 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/08/25 00:02:18 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/08/25 00:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 2
[2011/08/25 00:02:06 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2011/08/25 00:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update 4
[2011/08/25 00:01:26 | 000,098,304 | ---- | C] (Sony Corporation) -- C:\Windows\System32\VESWinlogon.dll
[2011/08/24 23:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/08/24 23:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/08/24 23:57:44 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxafs.dll
[2011/08/24 23:54:28 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unicows.dll
[2011/08/24 23:54:28 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL
[2011/08/24 23:54:26 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\ArcSoftKsUFilter.dll
[2011/08/24 23:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2011/08/24 23:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2011/08/24 23:51:25 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxhpinst.exe
[2011/08/24 23:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Picture Utility
[2011/08/24 23:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Wireless Wizard
[2011/08/24 23:43:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2011/08/24 23:43:03 | 000,000,000 | ---D | C] -- C:\Program Files\OCA Marker
[2011/08/24 23:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2011/08/24 23:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/08/24 23:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Napster Shared
[2011/08/24 23:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Napster
[2011/08/24 23:40:53 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2011/08/24 23:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/08/24 23:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportsoft
[2011/08/24 23:37:54 | 003,518,464 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\System32\cdintf300.dll
[2011/08/24 23:37:54 | 001,843,200 | ---- | C] (Apache Software Foundation) -- C:\Windows\System32\acXMLParser.dll
[2011/08/24 23:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2011/08/24 23:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\Intuit
[2011/08/24 23:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2011/08/24 23:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SQL Anywhere 10
[2011/08/24 23:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\COMMON FILES
[2011/08/24 23:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/08/24 23:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/08/24 23:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/08/24 23:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Recovery Center
[2011/08/24 23:22:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ========== [2011/09/01 11:13:47 | 000,597,784 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/01 11:13:47 | 000,102,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/01 11:11:34 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Maria\Desktop\OTL.exe
[2011/09/01 11:11:30 | 000,302,592 | ---- | M] () -- C:\Users\Maria\Desktop\wbbuksqy.exe
[2011/09/01 10:56:39 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/01 10:56:38 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/01 10:56:24 | 3081,801,728 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/26 21:30:11 | 000,000,213 | ---- | M] () -- C:\Users\Maria\Desktop\Alien Swarm.url
[2011/08/26 20:10:20 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2011/08/26 10:29:41 | 000,317,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/08/26 01:49:56 | 000,544,656 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2011/08/26 01:49:56 | 000,214,408 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2011/08/26 01:49:56 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2011/08/26 01:49:56 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2011/08/25 12:11:54 | 000,000,213 | ---- | M] () -- C:\Users\Maria\Desktop\Team Fortress 2.url
[2011/08/25 12:07:30 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/08/25 12:07:00 | 000,000,888 | ---- | M] () -- C:\Users\Maria\Desktop\Sandboxed Web Browser.lnk
[2011/08/25 12:07:00 | 000,000,888 | ---- | M] () -- C:\Users\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/08/25 11:41:23 | 000,000,870 | ---- | M] () -- C:\Users\Maria\Desktop\Mozilla Firefox.lnk
[2011/08/25 11:09:44 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/25 11:06:32 | 000,000,357 | ---- | M] () -- C:\Users\Maria\Desktop\Downloads.lnk
[2011/08/25 00:23:53 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/08/25 00:18:19 | 000,000,040 | ---- | M] () -- C:\Windows\System32\ivireg.ivr
[2011/08/24 23:43:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\104D_SONY_VGN-NS230E.mrk
[2011/08/24 23:43:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\104D_SONY_VGN-NS230E.mrk
[2011/08/24 23:43:06 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\Sony_VGN-NS230E.mrk
========== Files Created - No Company Name ========== [2011/09/01 11:11:27 | 000,302,592 | ---- | C] () -- C:\Users\Maria\Desktop\wbbuksqy.exe
[2011/08/26 21:30:11 | 000,000,213 | ---- | C] () -- C:\Users\Maria\Desktop\Alien Swarm.url
[2011/08/26 20:10:20 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2011/08/25 18:59:00 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/08/25 18:59:00 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/08/25 18:59:00 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/08/25 12:11:53 | 000,000,213 | ---- | C] () -- C:\Users\Maria\Desktop\Team Fortress 2.url
[2011/08/25 12:07:30 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/08/25 12:07:15 | 000,000,888 | ---- | C] () -- C:\Users\Maria\Desktop\Sandboxed Web Browser.lnk
[2011/08/25 12:07:15 | 000,000,888 | ---- | C] () -- C:\Users\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/08/25 11:41:23 | 000,000,870 | ---- | C] () -- C:\Users\Maria\Desktop\Mozilla Firefox.lnk
[2011/08/25 11:11:26 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/08/25 11:10:07 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/08/25 11:09:44 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/25 11:06:32 | 000,000,357 | ---- | C] () -- C:\Users\Maria\Desktop\Downloads.lnk
[2011/08/25 10:58:10 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/08/25 10:53:56 | 000,171,520 | ---- | C] () -- C:\Windows\System32\taskeng.exe
[2011/08/25 10:17:20 | 000,000,949 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/08/25 10:17:16 | 000,000,944 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/08/25 10:16:59 | 000,000,915 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/08/25 10:15:59 | 000,000,258 | ---- | C] () -- C:\Users\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/08/25 10:15:59 | 000,000,240 | ---- | C] () -- C:\Users\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/08/25 00:18:17 | 000,000,040 | ---- | C] () -- C:\Windows\System32\ivireg.ivr
[2011/08/25 00:00:44 | 000,001,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2011/08/24 23:59:42 | 000,002,035 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2011/08/24 23:49:42 | 000,001,579 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Startup Assistant.lnk
[2011/08/24 23:43:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\104D_SONY_VGN-NS230E.mrk
[2011/08/24 23:43:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\104D_SONY_VGN-NS230E.mrk
[2011/08/24 23:43:06 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\Sony_VGN-NS230E.mrk
[2011/08/24 23:34:51 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/08/24 23:22:07 | 3081,801,728 | -HS- | C] () -- C:\hiberfil.sys
[2008/10/29 16:12:05 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/10/29 16:12:05 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/10/29 16:12:05 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll
[2008/10/29 16:12:05 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/10/29 16:11:26 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/10/29 16:11:15 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/10/29 16:11:15 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/10/29 16:11:14 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/10/29 16:11:14 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/10/29 15:38:18 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/10/29 15:38:18 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/11/02 05:47:37 | 000,317,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,597,784 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,102,350 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
< End of report >
Extra.txt:
OTL Extras logfile created on: 9/1/2011 11:16:14 AM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Maria\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 69.50% Memory free
5.96 Gb Paging File | 5.03 Gb Available in Paging File | 84.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.86 Gb Total Space | 156.63 Gb Free Space | 69.97% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: Maria | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- %SystemRoot%\winhlp32.exe %1
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_USERS\S-1-5-21-267834430-2803507182-2688529489-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L
Drive [find] -- %SystemRoot%\Explorer.exe File not found
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0439A470-3360-4E48-8FE0-320751EE10FD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{29DD5239-A7E2-48AF-823B-EDD28A867633}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{523565DD-8497-4DAA-B3FB-A7DF48B9DA92}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{7B5F279F-7EC5-4529-9A3D-289635AC2755}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{93BEA38D-F97C-4A2A-9984-9E77AB79DC6A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{F6BACE1C-9A5B-408F-8DAF-31A3BEB5248F}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"TCP Query User{9ED7C454-9578-48C6-9849-0B963BF27CF8}C:\program files\steam\steamapps\doommonk\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\doommonk\team fortress 2\hl2.exe |
"UDP Query User{7F7E33F9-C13C-4124-A778-083BE320A260}C:\program files\steam\steamapps\doommonk\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\doommonk\team fortress 2\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Welcome Center
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = VAIO Presentation Support
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{327B75F0-92AF-420A-988F-FA596A218E0B}" = VAIO Content Folder Watcher
"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Power Management
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie
"{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7E823DA5-43A2-46E8-A75E-5A2A0FDE81A1}" = VAIO Content Metadata Manager Setting
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{91F2D688-B8CB-4461-A92D-6B35279DAE8F}" = VAIO Content Folder Watcher
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{A2052C95-48CC-4AC9-A8D4-FCD89DDD8F2C}" = VAIO Content Folder Watcher
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager
"{BCED773C-99EE-48DD-8915-25733F69F0A8}" = VAIO Wireless Wizard
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CB8A8696-93EC-414E-A752-850AB133F68A}" = VAIO Content Metadata XML Interface Library
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5FBA9C1-21D3-4210-A604-CF9E38238F35}" = VAIO Entertainment Platform
"{DFD0E9A9-F24A-492B-8975-8C938E32408F}" = VAIO Startup Assistant
"{E1D25278-B51A-4163-BC3D-20A4D2D09F98}" = VAIO My Memory Center
"{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}" = VAIO Content Metadata XML Interface Library
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FE697886-F392-4E0D-A0C0-47587BF60992}" = VAIO Content Metadata Manager Setting
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 6.0 (x86 en-US)" = Mozilla Firefox 6.0 (x86 en-US)
"Sandboxie" = Sandboxie 3.56 (32-bit)
"Steam App 38830" = Crimecraft: BLEEDOUT
"Steam App 440" = Team Fortress 2
"Steam App 630" = Alien Swarm
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"YTdetect" = Yahoo! Detect
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 8/25/2011 1:18:31 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 8/25/2011 1:18:31 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 8/25/2011 1:18:32 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 8/25/2011 1:18:32 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 8/25/2011 1:18:32 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 8/25/2011 1:18:32 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 8/25/2011 1:28:21 PM | Computer Name = PC | Source = VSS | ID = 8194
Description =
Error - 8/25/2011 1:31:23 PM | Computer Name = PC | Source = VSS | ID = 8194
Description =
Error - 8/25/2011 2:08:10 PM | Computer Name = PC | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF40 Description:Cannot complete the Security Essentials
installation. You already have other Microsoft antimalware software such as OneCare
installed on your computer. These antivirus programs might conflict with Security
Essentials, prevent it from working properly, or cause severe performance problems.
You should remove other antivirus programs and then run this installation wizard
again. Error code:0x8004FF40.
Error - 8/25/2011 2:23:06 PM | Computer Name = PC | Source = VSS | ID = 8194
Description =
[ System Events ]
Error - 8/26/2011 12:51:03 AM | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8/26/2011 12:51:03 AM | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description =
Error - 8/26/2011 12:51:14 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%842
Error - 8/26/2011 12:51:14 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%842
Error - 8/26/2011 12:51:14 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837
Error - 8/26/2011 12:51:14 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837
Error - 8/26/2011 12:55:52 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%858
Error - 8/26/2011 12:55:52 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%858
Error - 8/26/2011 12:55:52 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837
Error - 8/26/2011 12:55:52 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837
< End of report >