-
Ok, I ran a scan with spybot... it was unable to fix some stuff though
I've attached it's results containing the files that could not be fixed along with the OTL logs
Furthermore I downloaded rootkit unhooker from all 3 links and it keeps giving me this error popup when I run it... "Error loading driver, NSTATUS code: 0xC000036B"
On a sidenote the computer is still giving me the error that windows has detected a change and will result in limited windows functionality and kept taking me back to the user logon screen.. restarting from there worked again though.
Spybot scan
--- Search result list ---
Zango: [SBI $689E03A0] Interface (Registry key, fixing failed)
HKEY_CLASSES_ROOT\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Zango: [SBI $689E03A0] Interface (Registry key, fixing failed)
HKEY_CLASSES_ROOT\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Zango: [SBI $411F0828] Interface (Registry key, fixing failed)
HKEY_CLASSES_ROOT\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Zango: [SBI $411F0828] Interface (Registry key, fixing failed)
HKEY_CLASSES_ROOT\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Zango: [SBI $9432A0E4] Interface (Registry key, fixing failed)
HKEY_CLASSES_ROOT\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Zango: [SBI $9432A0E4] Interface (Registry key, fixing failed)
HKEY_CLASSES_ROOT\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
OTL log
OTL logfile created on: 4/15/2011 1:19:55 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Mohammad\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.91 Gb Total Space | 174.22 Gb Free Space | 60.51% Space Free | Partition Type: NTFS
Computer Name: MOHAMMAD-PC | User Name: Mohammad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Mohammad\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe ()
PRC - C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe ()
PRC - C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe ()
PRC - C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe (Sony Electronics, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
========== Modules (SafeList) ==========
MOD - C:\Users\Mohammad\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (dgdersvc) -- C:\Windows\SysNative\dgdersvc.exe ()
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (dgdersvc) -- C:\Windows\SysWOW64\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys ()
DRV:64bit: - (HssDrv) -- C:\Windows\SysNative\DRIVERS\HssDrv.sys ()
DRV:64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys ()
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\Drivers\TFsExDisk.sys ()
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys ()
DRV:64bit: - (ss_mdm) -- C:\Windows\SysNative\DRIVERS\ss_mdm.sys ()
DRV:64bit: - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\SysNative\DRIVERS\ss_bus.sys ()
DRV:64bit: - (ss_mdfl) -- C:\Windows\SysNative\DRIVERS\ss_mdfl.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys ()
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\DRIVERS\SFEP.sys ()
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\DRIVERS\rimssn64.sys ()
DRV:64bit: - (risdptsk) -- C:\Windows\SysNative\DRIVERS\risdsn64.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\DRIVERS\athrx.sys ()
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys ()
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\DRIVERS\wimfltr.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys ()
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys ()
DRV:64bit: - (s0016mdm) -- C:\Windows\SysNative\DRIVERS\s0016mdm.sys ()
DRV:64bit: - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\SysNative\DRIVERS\s0016unic.sys ()
DRV:64bit: - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\s0016mgmt.sys ()
DRV:64bit: - (s0016obex) -- C:\Windows\SysNative\DRIVERS\s0016obex.sys ()
DRV:64bit: - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\SysNative\DRIVERS\s0016nd5.sys ()
DRV:64bit: - (s0016mdfl) -- C:\Windows\SysNative\DRIVERS\s0016mdfl.sys ()
DRV:64bit: - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\SysNative\DRIVERS\s0016bus.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys ()
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys ()
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys ()
DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys ()
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys ()
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys ()
DRV:64bit: - (CAXHWAZL) -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys ()
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\DRIVERS\ArcSoftKsUFilter.sys ()
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\RootMdm.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (HSFHWAZL) -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS ()
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys ()
DRV:64bit: - (seehcri) -- C:\Windows\SysNative\DRIVERS\seehcri.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (dgderdrv) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (DMICall) -- C:\Windows\SysWOW64\drivers\DMICall.sys (Sony Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.lums.edu.pk:80
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "ooVoo Chat Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1572363&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT1572363&SearchSource=13"
FF - prefs.js..extensions.enabledItems: zotero@chnm.gmu.edu:2.0.9
FF - prefs.js..extensions.enabledItems: zoteroWinWordIntegration@zotero.org:3.0b1
FF - prefs.js..extensions.enabledItems: {6d677280-ddfe-11dc-95ff-0800200c9a66}:0.4
FF - prefs.js..extensions.enabledItems: {48e23fba-bb14-4745-b768-382150cd83fb}:1.0.1
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/16 00:59:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/22 20:30:41 | 000,000,000 | ---D | M]
[2010/02/18 20:54:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Extensions
[2010/02/18 20:54:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011/04/11 21:20:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions
[2009/10/29 20:56:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/30 20:33:53 | 000,000,000 | ---D | M] ("Metal3D") -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{48e23fba-bb14-4745-b768-382150cd83fb}
[2010/04/30 20:32:28 | 000,000,000 | ---D | M] (Orthodox) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{6d677280-ddfe-11dc-95ff-0800200c9a66}
[2010/05/23 00:06:17 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/03/12 00:57:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/11/10 23:15:55 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\zotero@chnm.gmu.edu
[2010/11/22 21:16:21 | 000,000,000 | ---D | M] (Zotero WinWord Integration) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\zoteroWinWordIntegration@zotero.org
[2009/10/06 18:07:30 | 000,000,882 | ---- | M] () -- C:\Users\Mohammad\AppData\Roaming\Mozilla\Firefox\Profiles\wzzo97kb.default\searchplugins\conduit.xml
[2011/04/13 14:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
O1 HOSTS File: ([2006/09/19 02:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ()
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [RegistrationReminder] C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XPS2OneNote.lnk = C:\Users\Mohammad\AppData\Roaming\Microsoft\Installer\{6DD7A9DA-6732-47D2-8362-6A12BD0EA053}\_FBB2488C0F33C1DFE6AC1F.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([community] https in Trusted sites)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messen.../GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll ()
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{807975c6-d75c-11de-9ae1-001dbaf06e9b}\Shell - "" = AutoRun
O33 - MountPoints2\{807975c6-d75c-11de-9ae1-001dbaf06e9b}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/15 00:04:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Mohammad\Desktop\OTL.exe
[2011/04/14 01:28:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/04/13 23:59:34 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Mohammad\Desktop\esetsmartinstaller_enu.exe
[2011/04/13 22:54:40 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Mohammad\Desktop\ATF-Cleaner.exe
[2011/04/11 13:27:35 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/04/11 13:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/04/11 13:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/04/11 12:50:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/04/11 12:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/10 14:22:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/04/10 14:21:08 | 000,040,648 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/04/10 14:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/04/10 14:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/04/02 03:39:33 | 000,000,000 | ---D | C] -- C:\Users\Mohammad\AppData\Roaming\.Get Organized
[2011/04/02 03:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Get Organized
[2011/04/02 03:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Get Organized
[2011/03/23 21:09:15 | 000,000,000 | R-SD | C] -- C:\Users\Mohammad\Documents\My Stationery
[1 C:\Users\Mohammad\Documents\*.tmp files -> C:\Users\Mohammad\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/04/15 00:51:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/15 00:47:59 | 000,034,560 | ---- | M] () -- C:\Windows\SysWow64\drivers\Normandy.sys
[2011/04/15 00:39:02 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874463723-3708051865-952906006-1000UA.job
[2011/04/15 00:04:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Mohammad\Desktop\OTL.exe
[2011/04/14 23:59:02 | 000,124,980 | ---- | M] () -- C:\Users\Mohammad\Desktop\RKUnhookerLE.zip
[2011/04/14 23:57:18 | 000,133,632 | ---- | M] () -- C:\Users\Mohammad\Desktop\RKUnhookerLE.EXE
[2011/04/14 23:26:43 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/14 23:26:43 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/14 21:51:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/14 19:27:16 | 000,002,619 | ---- | M] () -- C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XPS2OneNote.lnk
[2011/04/14 19:26:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/14 19:26:37 | 3081,801,728 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/14 12:49:08 | 000,453,632 | ---- | M] () -- C:\Users\Mohammad\Desktop\CKScanner.exe
[2011/04/14 01:39:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874463723-3708051865-952906006-1000Core.job
[2011/04/14 00:00:20 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Mohammad\Desktop\esetsmartinstaller_enu.exe
[2011/04/13 22:54:41 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Mohammad\Desktop\ATF-Cleaner.exe
[2011/04/12 22:38:06 | 000,003,949 | ---- | M] () -- C:\Users\Mohammad\Get Organized Backup.gbak
[2011/04/11 21:10:13 | 000,002,422 | ---- | M] () -- C:\Users\Mohammad\Desktop\Attach.zip
[2011/04/11 13:27:05 | 000,000,943 | ---- | M] () -- C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/04/11 13:26:47 | 000,000,744 | ---- | M] () -- C:\Users\Mohammad\Desktop\ERUNT.lnk
[2011/04/11 12:50:42 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/10 15:25:08 | 014,022,085 | ---- | M] () -- C:\Users\Mohammad\Documents\LoaderBackup-(2011-04-10).ipd
[2011/04/10 14:44:27 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/04/10 14:44:27 | 000,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/04/10 14:44:27 | 000,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/04/10 14:22:14 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/04/10 14:22:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/04/03 18:00:17 | 000,003,597 | ---- | M] () -- C:\Users\Mohammad\Documents\Get Organized Backup.gbak
[2011/04/02 03:39:14 | 000,001,782 | ---- | M] () -- C:\Users\Public\Desktop\Get Organized.lnk
[2011/03/24 16:22:34 | 000,427,273 | ---- | M] () -- C:\Users\Mohammad\Desktop\IMM5257E.pdf
[2011/03/19 22:34:09 | 000,097,792 | ---- | M] () -- C:\Users\Mohammad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Users\Mohammad\Documents\*.tmp files -> C:\Users\Mohammad\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/04/14 23:58:58 | 000,124,980 | ---- | C] () -- C:\Users\Mohammad\Desktop\RKUnhookerLE.zip
[2011/04/14 23:58:18 | 000,034,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\Normandy.sys
[2011/04/14 23:57:13 | 000,133,632 | ---- | C] () -- C:\Users\Mohammad\Desktop\RKUnhookerLE.EXE
[2011/04/14 12:49:05 | 000,453,632 | ---- | C] () -- C:\Users\Mohammad\Desktop\CKScanner.exe
[2011/04/11 21:10:13 | 000,002,422 | ---- | C] () -- C:\Users\Mohammad\Desktop\Attach.zip
[2011/04/11 13:27:05 | 000,000,943 | ---- | C] () -- C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/04/11 13:26:47 | 000,000,744 | ---- | C] () -- C:\Users\Mohammad\Desktop\ERUNT.lnk
[2011/04/11 12:50:42 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/10 15:25:08 | 014,022,085 | ---- | C] () -- C:\Users\Mohammad\Documents\LoaderBackup-(2011-04-10).ipd
[2011/04/10 14:22:14 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/04/10 14:22:12 | 000,505,176 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/04/10 14:22:11 | 000,238,968 | ---- | C] () -- C:\Windows\SysNative\aswBoot.exe
[2011/04/05 04:06:32 | 000,003,949 | ---- | C] () -- C:\Users\Mohammad\Get Organized Backup.gbak
[2011/04/03 18:00:17 | 000,003,597 | ---- | C] () -- C:\Users\Mohammad\Documents\Get Organized Backup.gbak
[2011/04/02 03:39:14 | 000,001,782 | ---- | C] () -- C:\Users\Public\Desktop\Get Organized.lnk
[2011/03/22 18:49:34 | 000,427,273 | ---- | C] () -- C:\Users\Mohammad\Desktop\IMM5257E.pdf
[2010/11/12 18:59:25 | 000,000,236 | ---- | C] () -- C:\Users\Mohammad\AppData\Roaming\wklnhst.dat
[2010/01/19 21:03:09 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2010/01/01 19:28:07 | 000,000,680 | ---- | C] () -- C:\Users\Mohammad\AppData\Local\d3d9caps.dat
[2009/11/09 07:08:10 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2009/11/09 07:08:10 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2009/11/09 07:08:10 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2009/11/09 07:08:10 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2009/10/20 22:21:52 | 000,157,629 | ---- | C] () -- C:\Windows\hpoins27.dat
[2009/10/16 23:31:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/12 10:16:29 | 000,097,792 | ---- | C] () -- C:\Users\Mohammad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/08 15:22:22 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009/06/08 14:34:06 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/04/10 08:00:57 | 002,192,024 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/04/10 08:00:56 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2009/04/10 08:00:54 | 000,492,496 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/04/10 07:32:10 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/04/10 07:32:10 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/21 07:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/21 07:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/01/18 20:56:22 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl27.dat
[2006/11/02 20:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 17:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 17:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 17:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 14:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== LOP Check ==========
[2011/04/02 04:05:17 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\.Get Organized
[2010/02/15 21:59:05 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Auslogics
[2010/12/22 20:45:47 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Azureus
[2010/08/27 18:30:16 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Barnes & Noble
[2010/02/15 23:17:08 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Blackberry Desktop
[2010/06/05 19:55:38 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\GameRanger
[2010/02/18 20:53:54 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\InterVideo
[2010/11/06 13:06:45 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\LimeWire
[2009/11/21 23:01:32 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Moyea
[2009/12/22 15:34:34 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\ooVoo Details
[2010/05/16 01:07:00 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Orangeline Interactive
[2010/11/06 20:32:44 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\PC Suite
[2010/01/19 23:08:04 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Research In Motion
[2010/11/06 20:14:25 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Samsung
[2010/11/12 18:59:28 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Template
[2011/03/13 23:29:52 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\uTorrent
[2011/04/14 19:25:36 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
-
Extras Log
OTL Extras logfile created on: 4/15/2011 1:19:55 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Mohammad\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.91 Gb Total Space | 174.22 Gb Free Space | 60.51% Space Free | Partition Type: NTFS
Computer Name: MOHAMMAD-PC | User Name: Mohammad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe ()
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l ()
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{155713E8-78A0-41AA-9D70-2DCE055D620C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1A008B85-F471-43AC-8A06-93F444E26A9E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E673756-0A78-4E82-9497-75F21E54A1AD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20D25801-0CC4-4798-BED6-A8D2ECADE18A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{24AA7604-1DCE-4792-9FAA-4726204A09F5}" = rport=139 | protocol=6 | dir=out | app=system |
"{28C1DEAE-BFD9-465B-BB36-111C5E7D3963}" = lport=139 | protocol=6 | dir=in | app=system |
"{28E52C16-3ABF-4022-91D6-1C99C4D91459}" = lport=138 | protocol=17 | dir=in | app=system |
"{36274588-95AA-40FC-8FEE-971EB54D59B4}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B75F420-816F-4125-BB2B-4AECDCD179F1}" = lport=137 | protocol=17 | dir=in | app=system |
"{45424881-00AE-4108-99FC-0FB9881C565A}" = lport=445 | protocol=6 | dir=in | app=system |
"{4B6DC3EB-70D8-4735-8950-B1F24EA7864E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4B89B585-955D-4CE6-AF00-0704C7329DF2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ABF070C2-62CC-42D2-9405-470FE7EE26D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C0FF6FC6-3AF2-4EEF-92C8-2C68F9074F2D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C44DAE88-47AE-49E0-B1BC-84AFDC102518}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D29F7876-9AE1-47A0-A131-58956A413DDE}" = rport=137 | protocol=17 | dir=out | app=system |
"{E7842F55-36B3-4858-BD9B-AAD2298B31D4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F0D4AFD5-0922-454B-99A3-99E7DEC7E728}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6151602-BE9B-4D07-A656-80C48FFD79C5}" = rport=445 | protocol=6 | dir=out | app=system |
"{F9723BFF-651A-4C7C-BE4E-AF0D48189880}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FAB08D62-F533-4B8E-97F2-0C48B9B9872A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07CA0E9E-2FA1-4B16-9638-1DD28DA4F461}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{087D5CCB-BB3A-429B-ACB4-464471D5DD1B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe |
"{12C7DAE0-5F23-4BFF-8B2A-4846A00C1484}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{228AEF3A-4D81-4EF5-BD5A-C49D14BA181F}" = protocol=6 | dir=out | app=system |
"{2E855C6D-BF35-4480-8492-E8ADFEC9DB17}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{32EBCE3E-F502-4C81-9FE6-3AAAF3668672}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{33464665-A6DE-4301-B284-3C70A120C210}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe |
"{38C4E1D2-E81A-442B-A955-75CB0604266D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3AAD2E9F-A8BB-416F-B3EC-F5E98DD1F117}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3CA05C0C-9EB3-4E8A-995A-4159DC552DEE}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{3D5F3AD6-686B-4B8B-8899-45A81E3137B9}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{476A68CD-242D-4D48-9655-78F70DBCB9CB}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4928C6B5-5244-4780-9166-5B19DA31877A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4AD5FA7E-B461-4CD6-A390-15F99C7CEA0D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4F98B787-8054-4B61-921F-308BB1083FEC}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{53F2B96B-6116-44B1-A4F8-238AA2EDDE3E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
"{5C1BC5C3-F14E-48CE-8DEB-2CFA277BD76E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5F748B59-F24E-4A86-A784-7F0A362ADB96}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{6CED5F3C-6584-43C7-A361-C6BCFF0291E2}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{7814B3F8-305F-4BF9-96D8-E95DA98E608A}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{7ED74C9C-0864-41CD-8BD8-42BC385AB589}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83EBDA77-112C-4FFF-9589-1D0FE40AF152}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8EE8C737-0D15-4C0F-AF39-3D7A9F772903}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{91112E42-2FB2-4D1F-B2F4-781820D3EDDC}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
"{9AE80792-A671-4568-8E1B-2512016C5324}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B983D4C-3ED9-4672-99D4-BF8AEE05B89A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9FAB9498-5573-44B2-B09F-5B904A7BD9A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A05EEEC3-111D-42A7-9428-1064CFCACF3D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A3175033-C6A0-48FF-B0E9-A8D28502271F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B4901CF8-7B88-442A-B6D0-B1C4F20D2E07}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B730DD2A-AE46-4C62-A017-79FBDB809481}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe |
"{C131C375-8CB9-4215-A969-37CD5FFD10FA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C453032D-A49C-4269-A995-394D73F9DB8F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C4D028FC-888A-4FA1-B6E9-724D9CB7A1AA}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe |
"{D361B690-2968-444D-B323-9299455CDC86}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D43FFAAD-80D9-47E8-BBC6-ABD04EB35396}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D73F398E-E3A0-4380-950A-C0AF92DF4D74}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D7E7EDFD-7BE0-4C6A-A63C-36C9FA7D6FCE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DBBBF8A1-2C17-4EB4-8C4C-7F48A692C148}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DBCE5B5B-0B88-470F-A950-98FCFA595E00}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E126BE26-F125-4B09-80A5-CE60FCFA2D19}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E2A27BB8-7698-4AF0-97C7-5D6AEE5E38AF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{E7ED5E28-9A19-4C60-8934-318C7CB1AA8C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FC4585ED-43BC-49D5-827E-34352AC8B2D0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FDCCCF2B-263A-4406-8BFD-3341F3EB3093}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FE3D78D7-5582-4E0D-902F-C23F0D243106}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"TCP Query User{C3F477F2-0F46-4AEF-8E84-589C8945E90B}C:\users\mohammad\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\mohammad\downloads\utorrent.exe |
"UDP Query User{1E6BAE9A-B54F-463C-857D-A1FEF3905BEC}C:\users\mohammad\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\mohammad\downloads\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{B6EFD9A5-2ECE-4C22-BAEC-D16E73EA2013}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{005F78AF-110D-398A-8430-BE98950A1E22}" = Google Talk Plugin
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{068F037B-2723-48E3-85F1-4D7D93A29D2A}" = VAIO Content Metadata Intelligent Analyzing Manager
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{0F962B79-D0DC-40D9-96BA-ED1355120CBA}" = QuickBooks Financial Center
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Welcome Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = VAIO Presentation Support
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{2878C3C9-9D91-430F-8F50-885BB23DB001}" = VAIO Content Folder Watcher
"{2B39620B-F959-4C8A-AEEF-B5D29D8012D0}" = BlackBerry Device Software v5.0.0 for the BlackBerry 8520 smartphone
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{327B75F0-92AF-420A-988F-FA596A218E0B}" = VAIO Content Folder Watcher
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{363AA0EF-7672-42C2-AA43-237E1DBFB827}_is1" = Moyea FLV Editor Pro Version: 3.1.13.0
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{376DCC77-BFDA-4AC0-A57E-2CEB000D5E47}" = VAIO Content Metadata Intelligent Analyzing Manager
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47A2CE5C-EA1F-4F58-8A0A-9452CBA795CD}" = Click to Disc
"{4D612FB2-1AE7-4E46-9377-35BB2F06A787}" = Roxio Media Manager
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Power Management
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64DBE9FE-A07D-41A0-B81A-8D416D9647FF}" = VAIO Content Folder Watcher
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie
"{6DD7A9DA-6732-47D2-8362-6A12BD0EA053}" = XPS2OneNote
"{6EB6A82E-4918-481F-9AF8-3129E6D29B7E}" = Sony Home Network Library
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B5983C-80C7-4225-BA72-E92AE1D59C62}" = VAIO My Memory Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{78780A45-B180-4297-AE6D-12C45EC5AD35}" = VAIO Content Metadata Manager Setting
"{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help
"{7B79CD75-F848-4B33-83E3-0EE1A1805A8C}" = VAIO Movie Story
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8DA37A5A-55BF-47B3-A7F7-09FB3F3CF965}" = BlackBerry Device Software v5.0.0 for the BlackBerry 8520 smartphone
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A2F0810-3619-4E86-9072-973FBE1679C5}" = QuickBooks Simple Start 2009
"{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A3365448-B694-468D-BBF0-D7A4CCDF955F}" = BlackBerry® Media Sync
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9D3D707-4A1A-4227-BE6E-F16448B4CB63}" = VAIO Entertainment Platform
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BFD85D24-D4F3-4CCC-B518-D7C4FC29C76D}" = VAIO Content Metadata Intelligent Analyzing Manager
"{C1555BC5-88B1-466B-BC79-062B5715DF92}" = VAIO Content Metadata XML Interface Library
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CC2541A6-BC6A-4099-B711-7911C884AEB8}" = VAIO Content Metadata XML Interface Library
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD7E6232-D41D-4E5B-ABE1-0264B6260309}" = VAIO Content Metadata Intelligent Analyzing Manager
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D47FE987-EA3D-424B-9886-B752501D7CE7}" = VAIO Help and Support
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D613E659-6503-42A8-9617-4F599061EAD5}" = VAIO MusicBox
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
"{DEF97A70-C67D-41E1-837C-6462C97A6F65}" = OpenMG Secure Module 5.3.00
"{DFD0E9A9-F24A-492B-8975-8C938E32408F}" = VAIO Startup Assistant
"{E3453B1B-C91B-4C48-B046-8DF635DD46F2}" = VAIO Content Metadata XML Interface Library
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200
"{EADE97A7-E7AA-43FD-A042-92A68E0187A6}" = VAIO Content Metadata Manager Setting
"{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF85141C-7980-4CB4-B19D-7680731135EC}" = BlackBerry Desktop Software 5.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"am-cakemania" = Cake Mania
"am-cakemaniamainstreettm" = Cake Mania Main Street(TM)
"Applian FLV Player2.0.24" = Applian FLV Player
"Application Manager for VAIO" = Application Manager for VAIO
"avast" = avast! Free Antivirus
"BlackBerry_{EF85141C-7980-4CB4-B19D-7680731135EC}" = BlackBerry Desktop Software 5.0
"Cake Mania-MainStreet ." = Cake Mania-MainStreet .
"Citrus Alarm Clock_is1" = Citrus Alarm Clock 2.2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"DivX Setup.divx.com" = DivX Setup
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"Get Organized_is1" = Get Organized 1.02
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotspot_Shield Toolbar" = Hotspot_Shield Toolbar
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"InstallShield_{DEF97A70-C67D-41E1-837C-6462C97A6F65}" = OpenMG Secure Module 5.3.00
"LimeWire" = LimeWire 5.3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NOOKstudy" = NOOKstudy
"Picasa 3" = Picasa 3
"RealPlayer 12.0" = RealPlayer
"uTorrent" = µTorrent
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 3/30/2011 5:34:27 AM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
Error - 3/31/2011 10:10:09 PM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
Error - 4/1/2011 6:39:12 PM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
Error - 4/3/2011 6:27:32 PM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
Error - 4/7/2011 7:00:07 PM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
Error - 4/8/2011 5:21:49 PM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
Error - 4/10/2011 4:24:20 AM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
Error - 4/10/2011 4:24:53 AM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
Error - 4/10/2011 7:12:13 AM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
Error - 4/10/2011 7:13:34 AM | Computer Name = Mohammad-PC | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 2/9/2011 5:06:26 PM | Computer Name = Mohammad-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 2/9/2011 5:06:39 PM | Computer Name = Mohammad-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 2/9/2011 5:06:48 PM | Computer Name = Mohammad-PC | Source = WinMgmt | ID = 10
Description =
Error - 2/9/2011 5:08:31 PM | Computer Name = Mohammad-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 2/10/2011 10:34:09 AM | Computer Name = Mohammad-PC | Source = WinMgmt | ID = 10
Description =
Error - 2/10/2011 10:35:41 AM | Computer Name = Mohammad-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 2/11/2011 8:09:59 AM | Computer Name = Mohammad-PC | Source = WinMgmt | ID = 10
Description =
Error - 2/11/2011 8:11:45 AM | Computer Name = Mohammad-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 2/11/2011 1:54:19 PM | Computer Name = Mohammad-PC | Source = WinMgmt | ID = 10
Description =
Error - 2/11/2011 1:56:04 PM | Computer Name = Mohammad-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
[ System Events ]
Error - 4/14/2011 10:30:13 AM | Computer Name = Mohammad-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 4/14/2011 10:30:14 AM | Computer Name = Mohammad-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 4/14/2011 2:58:20 PM | Computer Name = Mohammad-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Normandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 4/14/2011 2:58:49 PM | Computer Name = Mohammad-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Normandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 4/14/2011 2:59:52 PM | Computer Name = Mohammad-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Normandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 4/14/2011 3:00:08 PM | Computer Name = Mohammad-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Normandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 4/14/2011 3:41:10 PM | Computer Name = Mohammad-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Normandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 4/14/2011 3:42:30 PM | Computer Name = Mohammad-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Normandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 4/14/2011 3:47:45 PM | Computer Name = Mohammad-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Normandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 4/14/2011 3:47:59 PM | Computer Name = Mohammad-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Normandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
< End of report >
-
Lets try this
Please download Malwarebytes from Here or Here
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform quick scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected .
- When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
- Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
-
The results opened on notepad automatically after the scan
Here they are.....
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6383
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928
4/17/2011 3:36:30 PM
mbam-log-2011-04-17 (15-36-30).txt
Scan type: Quick scan
Objects scanned: 175449
Time elapsed: 5 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
Looks good, the only thing I see wrong is related to Normandy , believe its a game thats not compatible with your system.
How are things running now ?
-
it still gives me the same error message when I start it every now and then... but a restart fixes that every time so far
-
-
I reopened your thread. If you removed those entries that ESET found earlier than there is no need to run it again. Just wanted to be sure there gone
Tell me how things are running and we can dig deeper if need be
-
Thanks for your time!
I uninstalled the hotspot shield toolbar and ran the scan here's the file
C:\$Recycle.Bin\S-1-5-21-2874463723-3708051865-952906006-1000\$RCLN6TY.exe a variant of Win32/HotSpotShield application
C:\$Recycle.Bin\S-1-5-21-2874463723-3708051865-952906006-1000\$RXD5C5H.exe a variant of Win32/HotSpotShield application
C:\$Recycle.Bin\S-1-5-21-2874463723-3708051865-952906006-1000\$RZEK2U2.exe a variant of Win32/Adware.CiDHelp application
I restarted after this scan that's probably why you can still see the hotspot shield toolbar entries
and no I haven't been having any problems so far now =)
-
Run OTL and post a new log and lets take a look
OTL by OldTimer
- Download OTL to your desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output.
- Click the "Scan All Users" checkbox.
- Check the boxes beside LOP Check and Purity Check.
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically. - Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules