Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: System Tool

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.01.2011, 16:13   #1
goliath0011
 
System Tool - Standard

System Tool



Hallo,

ich brauche bitte Hilfe einen Virus zu entfernen.

Ich war am browsen und auf einmal bekomme ich ein Pop-Up zu einen Virus SCanner und ich wuerde benachrichtigt dass der computer bedroht ist.
Ich habe McAfee auf meinem Laptop aber anscheinend ist es durch durchgekommen.

Der Virus heisst System Tool und ich kann kein anderes Program oeffnen und musste nun im Safe Mode einen restart durchfuehren.

Ich habe hier gelesen dass ich einen OTL runterladen muss, brauche leider aber anleitung was ich genau machen muss.

Kann mir bitte jemand unbedingt helfen?

Vielen Dank fuer die Hilfe schon mal jetzt

Alt 23.01.2011, 16:17   #2
markusg
/// Malware-holic
 
System Tool - Standard

System Tool



na klar können wir.
kennst du evtl. noch die seite wo dus dier geholt hast? wenn ja als private nachicht an mich
3.
Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten
__________________

__________________

Alt 23.01.2011, 16:20   #3
goliath0011
 
System Tool - Standard

System Tool



wow, das war ja super schnell.

die seite weiss ich nicht mehr 100% aber es war eine seite fuer innendekoration, da ich gerade nach moebel suche.

wie kann ich dir die protokolle schicken oder hochladen?

Habe es hier versucht mit Attachment, aber meine Protokolle sind zu gross.
__________________

Alt 23.01.2011, 16:21   #4
goliath0011
 
System Tool - Standard

System Tool



OTL ProtokollOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23/01/2011 14:51:38 - Run 1
OTL by OldTimer - Version 3.2.20.4     Folder = C:\Users\Mimsy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 67.00% Memory free
6.00 Gb Paging File | 6.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.16 Gb Total Space | 94.41 Gb Free Space | 53.60% Space Free | Partition Type: NTFS
Drive F: | 114.58 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: MIMSY-PC | User Name: Mimsy | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Mimsy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Mimsy\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\WindowsCodecs.dll (Microsoft Corporation)
MOD - C:\Windows\System32\EhStorShell.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SOHDs) -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (uCamMonitor) -- C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Welcome
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
IE - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Sky.com - your home for the latest news, sport and entertainment
IE - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/16 07:56:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/01/11 13:06:18 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101102191445.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [HotKeysCmds]  File not found
O4 - HKLM..\Run: [IgfxTray]  File not found
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Persistence]  File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000..\RunOnce: [nMaDgHm02400] C:\ProgramData\nMaDgHm02400\nMaDgHm02400.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O7 - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} -  File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2307587143-1150151103-1544206896-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-us.cab (MSN Photo Upload Tool)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} hxxp://192.168.0.5/AVC_AX_742.cab (AMCCtrl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-gb.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Mimsy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mimsy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/06/17 13:26:52 | 000,000,047 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{f228c769-0565-11de-bca1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f228c769-0565-11de-bca1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\kis2009.exe -- [2008/06/17 13:27:02 | 010,019,937 | R--- | M] (Kaspersky Labs GmbH)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: McMPFSvc - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SafeBootNet: mfefirek - C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfefirek.sys - C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfehidk - C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfehidk.sys - C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfevtp - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/01/23 14:48:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mimsy\Desktop\OTL.exe
[2011/01/23 14:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/01/23 13:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\nMaDgHm02400
[2011/01/19 10:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/01/19 10:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/01/19 10:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/01/19 10:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/01/19 10:40:10 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/01/16 17:51:08 | 000,000,000 | ---D | C] -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
[2011/01/16 17:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
[2011/01/16 17:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2011/01/12 10:22:49 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/01/12 10:22:42 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/01/10 13:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/01/09 16:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/01/09 16:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/01/08 14:13:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FM Genie Scout 11
[2011/01/08 14:13:52 | 000,000,000 | ---D | C] -- C:\FM Genie Scout 11
[2011/01/02 14:45:14 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/01/02 14:44:34 | 000,039,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2011/01/02 14:44:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/01/02 14:36:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2011/01/02 14:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2011/01/02 14:35:48 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2011/01/02 14:35:48 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2011/01/02 14:35:48 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011/01/02 14:34:50 | 000,000,000 | ---D | C] -- C:\Users\Mimsy\AppData\Local\Windows Live
[2011/01/02 14:32:14 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/01/23 14:48:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mimsy\Desktop\OTL.exe
[2011/01/23 14:27:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/23 14:26:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/23 14:26:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/23 14:26:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/01/23 13:59:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/23 13:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/21 13:05:14 | 000,142,948 | ---- | M] () -- C:\Users\Mimsy\CV - Robert Cohen.pdf
[2011/01/19 10:53:50 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/01/19 10:40:36 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/01/19 10:10:32 | 000,067,584 | ---- | M] () -- C:\Users\Mimsy\Documents\CV - Robert Cohen.doc
[2011/01/19 09:52:56 | 000,211,518 | ---- | M] () -- C:\Users\Mimsy\Genting.pdf
[2011/01/19 09:50:55 | 000,331,852 | ---- | M] () -- C:\Users\Mimsy\ComfortDelGro.pdf
[2011/01/19 09:49:39 | 000,220,014 | ---- | M] () -- C:\Users\Mimsy\Sembcorp.pdf
[2011/01/19 09:47:55 | 000,333,468 | ---- | M] () -- C:\Users\Mimsy\DBS Group.pdf
[2011/01/19 09:47:06 | 000,215,117 | ---- | M] () -- C:\Users\Mimsy\OCBC Bank.pdf
[2011/01/19 09:44:59 | 000,218,804 | ---- | M] () -- C:\Users\Mimsy\United Overseas.pdf
[2011/01/19 09:44:17 | 000,333,599 | ---- | M] () -- C:\Users\Mimsy\Keppel Corporation.pdf
[2011/01/19 09:43:39 | 000,334,453 | ---- | M] () -- C:\Users\Mimsy\Keppel Land.pdf
[2011/01/19 09:40:58 | 000,253,016 | ---- | M] () -- C:\Users\Mimsy\Top List.pdf
[2011/01/19 09:39:54 | 000,336,982 | ---- | M] () -- C:\Users\Mimsy\Singapore Telecom.pdf
[2011/01/14 11:37:44 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\FM Genie Scout 11.lnk
[2011/01/10 14:51:41 | 000,038,229 | ---- | M] () -- C:\Users\Mimsy\Documents\Robert and Miriam  6.png
[2011/01/10 13:32:52 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/10 13:32:51 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/01/09 16:16:02 | 000,339,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/01/08 11:19:44 | 000,000,256 | ---- | M] () -- C:\Users\Mimsy\Application Data\Microsoft\Internet Explorer\Quick Launch\Home  Mail Online.url
[2011/01/04 03:03:14 | 000,627,494 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/04 03:03:14 | 000,116,318 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/28 15:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
 
========== Files Created - No Company Name ==========
 
[2011/01/19 11:56:29 | 000,067,584 | ---- | C] () -- C:\Users\Mimsy\Documents\CV - Robert Cohen.doc
[2011/01/19 10:53:50 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/01/19 10:40:36 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/01/19 09:52:56 | 000,211,518 | ---- | C] () -- C:\Users\Mimsy\Genting.pdf
[2011/01/19 09:50:55 | 000,331,852 | ---- | C] () -- C:\Users\Mimsy\ComfortDelGro.pdf
[2011/01/19 09:49:39 | 000,220,014 | ---- | C] () -- C:\Users\Mimsy\Sembcorp.pdf
[2011/01/19 09:47:55 | 000,333,468 | ---- | C] () -- C:\Users\Mimsy\DBS Group.pdf
[2011/01/19 09:47:06 | 000,215,117 | ---- | C] () -- C:\Users\Mimsy\OCBC Bank.pdf
[2011/01/19 09:44:59 | 000,218,804 | ---- | C] () -- C:\Users\Mimsy\United Overseas.pdf
[2011/01/19 09:44:17 | 000,333,599 | ---- | C] () -- C:\Users\Mimsy\Keppel Corporation.pdf
[2011/01/19 09:43:39 | 000,334,453 | ---- | C] () -- C:\Users\Mimsy\Keppel Land.pdf
[2011/01/19 09:40:58 | 000,253,016 | ---- | C] () -- C:\Users\Mimsy\Top List.pdf
[2011/01/19 09:39:54 | 000,336,982 | ---- | C] () -- C:\Users\Mimsy\Singapore Telecom.pdf
[2011/01/14 11:37:44 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\FM Genie Scout 11.lnk
[2011/01/10 14:51:41 | 000,038,229 | ---- | C] () -- C:\Users\Mimsy\Documents\Robert and Miriam  6.png
[2011/01/09 16:03:15 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/01/09 16:03:15 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/02 14:43:56 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/01/02 14:43:28 | 000,001,227 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/01/02 14:42:29 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/01/02 14:41:46 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2010/08/16 07:47:25 | 000,001,294 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/03/17 11:02:04 | 000,015,360 | ---- | C] () -- C:\Windows\System32\AVC_AX_742_JPEG.dll
[2010/03/17 11:00:48 | 000,176,128 | ---- | C] () -- C:\Windows\System32\AVC_AX_742_H264.dll
[2010/03/01 17:25:56 | 000,135,168 | ---- | C] () -- C:\Windows\System32\utf8_2_font.dll
[2010/01/14 10:39:38 | 000,005,632 | ---- | C] () -- C:\Windows\System32\AVC_AX_742_SCALE.dll
[2010/01/08 15:13:08 | 000,877,056 | ---- | C] () -- C:\Windows\System32\avcodec-52.45.0.dll
[2010/01/08 15:13:08 | 000,102,912 | ---- | C] () -- C:\Windows\System32\swscale-0.7.2.dll
[2010/01/08 15:13:08 | 000,077,312 | ---- | C] () -- C:\Windows\System32\avformat-52.46.0.dll
[2010/01/08 15:13:08 | 000,049,152 | ---- | C] () -- C:\Windows\System32\avutil-50.7.0.dll
[2010/01/08 15:13:06 | 000,004,608 | ---- | C] () -- C:\Windows\System32\avdevice-52.2.0.dll
[2009/12/29 11:54:49 | 000,000,000 | ---- | C] () -- C:\Users\Mimsy\AppData\Roaming\wklnhst.dat
[2009/10/02 12:27:24 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/09/24 07:04:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/09 19:58:17 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2009/03/08 13:18:18 | 000,020,992 | ---- | C] () -- C:\Users\Mimsy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/27 23:14:51 | 000,001,356 | ---- | C] () -- C:\Users\Mimsy\AppData\Local\d3d9caps.dat
[2008/05/17 12:40:23 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008/05/17 12:34:58 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2008/05/17 12:13:04 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/04/21 21:22:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/02/05 00:09:01 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll
[2007/10/30 17:44:52 | 000,393,216 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007/09/11 23:57:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/09/11 23:54:26 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/08/17 13:41:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/11/14 20:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2010/03/08 19:30:17 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Facebook
[2010/01/18 09:25:38 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\ICAClient
[2009/11/08 10:06:25 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\InterVideo
[2009/08/06 14:02:22 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\My Games
[2011/01/02 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Sports Interactive
[2009/12/29 11:54:51 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Template
[2011/01/23 14:26:36 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010/08/30 16:49:08 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Adobe
[2009/10/16 19:53:24 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Apple Computer
[2009/02/27 23:31:26 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\ArcSoft
[2008/05/17 12:46:49 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\ATI
[2009/04/12 10:44:22 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\DivX
[2010/03/08 19:30:17 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Facebook
[2009/03/07 10:28:18 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Google
[2010/09/28 10:15:28 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\HP
[2010/09/18 00:06:46 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\HpUpdate
[2010/01/18 09:25:38 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\ICAClient
[2008/04/21 20:32:15 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Identities
[2008/04/21 21:01:47 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\InstallShield
[2009/11/08 10:06:25 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\InterVideo
[2008/05/17 12:28:02 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Macromedia
[2006/11/02 12:37:34 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Media Center Programs
[2010/02/13 12:59:29 | 000,000,000 | --SD | M] -- C:\Users\Mimsy\AppData\Roaming\Microsoft
[2009/08/06 14:02:22 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\My Games
[2009/12/05 09:34:28 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Roxio
[2010/11/12 16:10:09 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Skype
[2010/11/12 16:05:10 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\skypePM
[2009/12/18 10:43:13 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Sony Corporation
[2011/01/02 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Sports Interactive
[2009/12/29 11:54:51 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Template
[2010/08/16 07:57:04 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2010/03/08 19:30:18 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Mimsy\AppData\Roaming\Facebook\uninstall.exe
[2010/11/17 15:36:11 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Mimsy\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2009/07/18 10:24:24 | 000,061,440 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{E9459BCF-0982-498B-ABA7-26C34323493F}\ARPICON.exe
[2009/07/18 10:24:24 | 000,049,152 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{E9459BCF-0982-498B-ABA7-26C34323493F}\liteico.exe.827545C6_7013_4DE1_8E6C_DAEE4C57F54A.exe
[2009/07/18 10:24:24 | 000,061,440 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{E9459BCF-0982-498B-ABA7-26C34323493F}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe
[2009/07/18 10:24:24 | 000,061,440 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{E9459BCF-0982-498B-ABA7-26C34323493F}\pncico.exe.C76E2E86_AE54_4AF5_997C_63EBB83C7651.exe
[2008/05/17 12:21:49 | 000,010,134 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}\ARPPRODUCTICON.exe
[2008/05/17 12:21:49 | 000,009,158 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 09:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 02:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 02:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 09:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006/11/02 09:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 09:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008/10/29 06:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 06:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 03:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 02:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 02:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 09:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009/04/11 06:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 06:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 02:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006/11/02 09:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008/01/21 02:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 06:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 06:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/04/11 06:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009/04/11 06:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008/01/21 02:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008/01/21 02:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 02:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 02:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008/01/21 02:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008/01/21 02:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008/01/21 03:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 03:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 03:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 10:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 10:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 11:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 11:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

< End of report >
         
--- --- ---
[2011/01/23 15:08:38 | 000,000,000 | R--D | M] -- C:\Users\Mimsy\Desktop
[2011/01/23 14:48:56 | 003,407,872 | -HS- | M] () -- C:\Users\Mimsy\NTUSER.DAT
[2011/01/23 14:48:56 | 000,262,144 | -H-- | M] () -- C:\Users\Mimsy\ntuser.dat.LOG1
[2011/01/23 14:48:44 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Local\Temp
[2011/01/23 14:48:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mimsy\Desktop\OTL.exe
[2011/01/23 14:30:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/01/23 14:27:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/23 14:26:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/01/23 14:26:36 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011/01/23 14:26:35 | 000,524,288 | -HS- | M] () -- C:\Users\Mimsy\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2011/01/23 14:26:35 | 000,065,536 | -HS- | M] () -- C:\Users\Mimsy\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2011/01/23 14:26:31 | 003,576,488 | -H-- | M] () -- C:\Users\Mimsy\AppData\Local\IconCache.db
[2011/01/23 13:59:21 | 000,000,000 | ---D | M] -- C:\Program Files\Steam
[2011/01/23 13:59:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/23 13:42:44 | 000,000,000 | ---D | M] -- C:\ProgramData\nMaDgHm02400
[2011/01/23 13:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/23 11:39:21 | 000,000,000 | R--D | M] -- C:\Users\Mimsy\Favorites
[2011/01/21 13:17:45 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Local\Windows Live
[2011/01/21 13:05:14 | 000,142,948 | ---- | M] () -- C:\Users\Mimsy\CV - Robert Cohen.pdf
[2011/01/20 08:55:07 | 000,000,000 | R--D | M] -- C:\Users\Mimsy\Documents
[2011/01/19 10:53:50 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/01/19 10:53:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/01/19 10:53:47 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/01/19 10:52:54 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/01/19 10:52:53 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Apple
[2011/01/19 10:40:51 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2011/01/19 10:40:36 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/01/19 10:40:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/01/19 10:10:32 | 000,067,584 | ---- | M] () -- C:\Users\Mimsy\Documents\CV - Robert Cohen.doc
[2011/01/19 09:52:56 | 000,211,518 | ---- | M] () -- C:\Users\Mimsy\Genting.pdf
[2011/01/19 09:50:55 | 000,331,852 | ---- | M] () -- C:\Users\Mimsy\ComfortDelGro.pdf
[2011/01/19 09:49:39 | 000,220,014 | ---- | M] () -- C:\Users\Mimsy\Sembcorp.pdf
[2011/01/19 09:47:55 | 000,333,468 | ---- | M] () -- C:\Users\Mimsy\DBS Group.pdf
[2011/01/19 09:47:06 | 000,215,117 | ---- | M] () -- C:\Users\Mimsy\OCBC Bank.pdf
[2011/01/19 09:44:59 | 000,218,804 | ---- | M] () -- C:\Users\Mimsy\United Overseas.pdf
[2011/01/19 09:44:17 | 000,333,599 | ---- | M] () -- C:\Users\Mimsy\Keppel Corporation.pdf
[2011/01/19 09:43:39 | 000,334,453 | ---- | M] () -- C:\Users\Mimsy\Keppel Land.pdf
[2011/01/19 09:40:58 | 000,253,016 | ---- | M] () -- C:\Users\Mimsy\Top List.pdf
[2011/01/19 09:39:54 | 000,336,982 | ---- | M] () -- C:\Users\Mimsy\Singapore Telecom.pdf
[2011/01/16 17:51:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
[2011/01/16 17:51:11 | 000,000,000 | ---D | M] -- C:\Program Files\SopCast
[2011/01/16 17:51:08 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
[2011/01/14 11:37:44 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\FM Genie Scout 11.lnk
[2011/01/14 11:37:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FM Genie Scout 11
[2011/01/13 20:11:36 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Steam
[2011/01/10 14:51:41 | 000,038,229 | ---- | M] () -- C:\Users\Mimsy\Documents\Robert and Miriam 6.png
[2011/01/10 13:32:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/01/10 13:32:52 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/10 13:32:52 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/01/10 13:32:51 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/01/10 13:32:50 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2011/01/09 17:56:35 | 000,000,000 | R--D | M] -- C:\Users\Mimsy\Pictures
[2011/01/09 16:17:53 | 000,083,992 | ---- | M] () -- C:\Users\Mimsy\AppData\Local\GDIPFONTCACHEV1.DAT
[2011/01/09 16:16:02 | 000,339,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/01/09 16:03:17 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee Security Scan
[2011/01/08 11:19:44 | 000,000,256 | ---- | M] () -- C:\Users\Mimsy\Application Data\Microsoft\Internet Explorer\Quick Launch\Home Mail Online.url
[2011/01/04 03:03:14 | 000,735,454 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011/01/04 03:03:14 | 000,627,494 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/04 03:03:14 | 000,116,318 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/02 20:27:45 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\Tracing
[2011/01/02 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Sports Interactive
[2011/01/02 18:02:11 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Local\Microsoft
[2011/01/02 14:45:23 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2011/01/02 14:44:35 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/01/02 14:43:56 | 000,002,634 | -HS- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[2011/01/02 14:43:56 | 000,001,158 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/01/02 14:43:28 | 000,001,227 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/01/02 14:42:29 | 000,001,037 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/01/02 14:41:46 | 000,002,025 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/01/02 14:41:04 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2011/01/02 14:38:45 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\microsoft shared
[2011/01/02 14:37:32 | 000,000,000 | ---D | M] -- C:\Program Files\Bing Bar Installer
[2011/01/02 14:36:49 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar
[2010/12/28 15:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010/09/29 12:56:17 | 000,001,294 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2010/08/30 19:57:43 | 000,082,056 | ---- | M] () -- C:\Users\Mimsy\AppData\Roaming\GDIPFONTCACHEV1.DAT
[2010/08/05 10:19:55 | 000,020,992 | ---- | M] () -- C:\Users\Mimsy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/29 11:54:49 | 000,000,000 | ---- | M] () -- C:\Users\Mimsy\AppData\Roaming\wklnhst.dat
[2009/10/02 20:06:50 | 000,001,356 | ---- | M] () -- C:\Users\Mimsy\AppData\Local\d3d9caps.dat
[2009/07/09 19:58:17 | 000,000,032 | ---- | M] () -- C:\ProgramData\ezsid.dat
[2008/01/21 02:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

========== Files - Modified Within 30 Days ==========

[2011/01/23 14:48:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mimsy\Desktop\OTL.exe
[2011/01/23 14:27:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/23 14:26:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/23 14:26:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/23 14:26:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/01/23 13:59:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/23 13:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/21 13:05:14 | 000,142,948 | ---- | M] () -- C:\Users\Mimsy\CV - Robert Cohen.pdf
[2011/01/19 10:53:50 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/01/19 10:40:36 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/01/19 10:10:32 | 000,067,584 | ---- | M] () -- C:\Users\Mimsy\Documents\CV - Robert Cohen.doc
[2011/01/19 09:52:56 | 000,211,518 | ---- | M] () -- C:\Users\Mimsy\Genting.pdf
[2011/01/19 09:50:55 | 000,331,852 | ---- | M] () -- C:\Users\Mimsy\ComfortDelGro.pdf
[2011/01/19 09:49:39 | 000,220,014 | ---- | M] () -- C:\Users\Mimsy\Sembcorp.pdf
[2011/01/19 09:47:55 | 000,333,468 | ---- | M] () -- C:\Users\Mimsy\DBS Group.pdf
[2011/01/19 09:47:06 | 000,215,117 | ---- | M] () -- C:\Users\Mimsy\OCBC Bank.pdf
[2011/01/19 09:44:59 | 000,218,804 | ---- | M] () -- C:\Users\Mimsy\United Overseas.pdf
[2011/01/19 09:44:17 | 000,333,599 | ---- | M] () -- C:\Users\Mimsy\Keppel Corporation.pdf
[2011/01/19 09:43:39 | 000,334,453 | ---- | M] () -- C:\Users\Mimsy\Keppel Land.pdf
[2011/01/19 09:40:58 | 000,253,016 | ---- | M] () -- C:\Users\Mimsy\Top List.pdf
[2011/01/19 09:39:54 | 000,336,982 | ---- | M] () -- C:\Users\Mimsy\Singapore Telecom.pdf
[2011/01/14 11:37:44 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\FM Genie Scout 11.lnk
[2011/01/10 14:51:41 | 000,038,229 | ---- | M] () -- C:\Users\Mimsy\Documents\Robert and Miriam 6.png
[2011/01/10 13:32:52 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/10 13:32:51 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/01/09 16:16:02 | 000,339,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/01/08 11:19:44 | 000,000,256 | ---- | M] () -- C:\Users\Mimsy\Application Data\Microsoft\Internet Explorer\Quick Launch\Home Mail Online.url
[2011/01/04 03:03:14 | 000,627,494 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/04 03:03:14 | 000,116,318 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/28 15:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll

========== LOP Check ==========

[2010/03/08 19:30:17 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Facebook
[2010/01/18 09:25:38 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\ICAClient
[2009/11/08 10:06:25 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\InterVideo
[2009/08/06 14:02:22 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\My Games
[2011/01/02 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Sports Interactive
[2009/12/29 11:54:51 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Template
[2011/01/23 14:26:36 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/08/30 16:49:08 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Adobe
[2009/10/16 19:53:24 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Apple Computer
[2009/02/27 23:31:26 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\ArcSoft
[2008/05/17 12:46:49 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\ATI
[2009/04/12 10:44:22 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\DivX
[2010/03/08 19:30:17 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Facebook
[2009/03/07 10:28:18 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Google
[2010/09/28 10:15:28 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\HP
[2010/09/18 00:06:46 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\HpUpdate
[2010/01/18 09:25:38 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\ICAClient
[2008/04/21 20:32:15 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Identities
[2008/04/21 21:01:47 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\InstallShield
[2009/11/08 10:06:25 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\InterVideo
[2008/05/17 12:28:02 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Macromedia
[2006/11/02 12:37:34 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Media Center Programs
[2010/02/13 12:59:29 | 000,000,000 | --SD | M] -- C:\Users\Mimsy\AppData\Roaming\Microsoft
[2009/08/06 14:02:22 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\My Games
[2009/12/05 09:34:28 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Roxio
[2010/11/12 16:10:09 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Skype
[2010/11/12 16:05:10 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\skypePM
[2009/12/18 10:43:13 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Sony Corporation
[2011/01/02 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Sports Interactive
[2009/12/29 11:54:51 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Template
[2010/08/16 07:57:04 | 000,000,000 | ---D | M] -- C:\Users\Mimsy\AppData\Roaming\Yahoo!

< %APPDATA%\*.exe /s >
[2010/03/08 19:30:18 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Mimsy\AppData\Roaming\Facebook\uninstall.exe
[2010/11/17 15:36:11 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Mimsy\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2009/07/18 10:24:24 | 000,061,440 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{E9459BCF-0982-498B-ABA7-26C34323493F}\ARPICON.exe
[2009/07/18 10:24:24 | 000,049,152 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{E9459BCF-0982-498B-ABA7-26C34323493F}\liteico.exe.827545C6_7013_4DE1_8E6C_DAEE4C57F54A.exe
[2009/07/18 10:24:24 | 000,061,440 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{E9459BCF-0982-498B-ABA7-26C34323493F}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe
[2009/07/18 10:24:24 | 000,061,440 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{E9459BCF-0982-498B-ABA7-26C34323493F}\pncico.exe.C76E2E86_AE54_4AF5_997C_63EBB83C7651.exe
[2008/05/17 12:21:49 | 000,010,134 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}\ARPPRODUCTICON.exe
[2008/05/17 12:21:49 | 000,009,158 | R--- | M] () -- C:\Users\Mimsy\AppData\Roaming\Microsoft\Installer\{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 09:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 02:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 02:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 09:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 09:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 09:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EXPLORER.EXE >
[2008/10/29 06:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 06:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 03:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 02:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 02:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: IASTORV.SYS >
[2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 09:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 06:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 06:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 02:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 09:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 02:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 06:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 06:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USER32.DLL >
[2009/04/11 06:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009/04/11 06:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008/01/21 02:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

< MD5 for: USERINIT.EXE >
[2008/01/21 02:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 02:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 02:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2IFSL.SYS >
[2008/01/21 02:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008/01/21 02:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/21 03:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 03:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 03:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 10:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 10:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 11:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 11:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

< End of report >

Alt 23.01.2011, 16:27   #5
goliath0011
 
System Tool - Standard

System Tool



Das OTL Extra Protokoll:

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23/01/2011 14:51:38 - Run 1
OTL by OldTimer - Version 3.2.20.4     Folder = C:\Users\Mimsy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 67.00% Memory free
6.00 Gb Paging File | 6.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.16 Gb Total Space | 94.41 Gb Free Space | 53.60% Space Free | Partition Type: NTFS
Drive F: | 114.58 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: MIMSY-PC | User Name: Mimsy | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0299F159-B429-45DF-A571-5532E4B3202D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{089E784B-091C-4420-ABDF-2926B3FD5718}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1FFE0877-1227-4487-9E8C-CB2715CC1771}" = rport=139 | protocol=6 | dir=out | app=system | 
"{25711E39-322E-4B22-993F-229A1A512B76}" = rport=138 | protocol=17 | dir=out | app=system | 
"{2FE9BA88-978E-4B83-B1E4-3867CE2D74B9}" = lport=138 | protocol=17 | dir=in | app=system | 
"{452B74D4-B0EA-4B6D-94F3-5E58BC9223F2}" = rport=445 | protocol=6 | dir=out | app=system | 
"{588AFBE5-6DCA-4524-B859-6E709A776528}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{625F7C43-EF5E-42FE-8133-C8DBD601D52A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{72515411-8227-4CE5-AD79-100F8280D122}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{7F1C7862-870A-4670-9BDC-068017B85D76}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{8BCFF56E-F188-490F-8D18-27FB76A7525F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A535CCF1-3D62-4350-A533-A72895665A30}" = rport=137 | protocol=17 | dir=out | app=system | 
"{AB205E7E-012C-4D55-9D03-40E84CCA38D4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{AEE0FD21-306B-48BF-93D6-421D3AE2EA1F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{D387C5C1-ADE8-4718-A563-328C597A0E09}" = lport=139 | protocol=6 | dir=in | app=system | 
"{EC3BAF2E-1C6A-45F8-ABCD-541DB61DB83C}" = lport=137 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06FA16DE-A1AC-4C26-9660-590D9FFDE406}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{07B2547C-725D-41D1-B4D7-4394431CBA5A}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{0B55822A-12EF-4985-BC5E-6D1E866FAC0B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{275C7281-D3E4-4D79-B6C9-79E50751230D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{297E97AC-3020-4138-B54D-793213EFDDE2}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"{39370D6D-8239-49AE-94C2-C16A0FF31576}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{3D16EC7D-5473-4782-B36D-EB45A04DC78E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{3DFB50F9-45AA-4D67-B346-D0F723300E49}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{42F833D9-5348-42D8-9D7C-1AC63334038A}" = dir=in | app=f:\setup\hpznui01.exe | 
"{4CB9927D-A42F-4DEB-B197-FDA4B1828927}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{4DBC0014-FA0E-4BB6-A870-E6CDBEE5CC73}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{4FD4C4D4-8217-4941-80C4-15B672EC518A}" = protocol=17 | dir=in | app=c:\program files\firaxis games\sid meier's civilization 4\civilization4.exe | 
"{51D2FD5B-7277-4125-9518-B3A8FE60E603}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{52D80595-ABD0-4363-A081-5C42F378E664}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{550C90C1-BB9E-4EE6-B5CD-AACB2C52592B}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{590B63A6-C7AA-492B-84DE-C3F82C752F4C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{65354F7C-F941-4D71-8EFA-A1BB7C832537}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{65A06160-471B-4A08-9F7A-6B05A2BBDD06}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | 
"{6843281A-48BC-4A38-AC40-0E8CF9250D80}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{6CEB151E-6033-4D43-A72F-59A371329E11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{6F4FD49B-78F9-487F-BEE7-29094D1EBE37}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{700791A6-D7F3-49B7-B9CF-0EEF70EDA8DC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{7E6BEF10-11C3-4D60-81E0-F43F18CAA035}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{7F0062BA-FF0E-4655-894C-FB9CD43B3FA9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{80603969-5195-4013-A179-A5B3C53B1045}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{9F50A7E3-D9A8-4E11-9DDC-0A4F2B2CD05B}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{A1A5E0A3-2782-43B4-B5D6-A21551DD8446}" = protocol=6 | dir=in | app=c:\program files\firaxis games\sid meier's civilization 4\civilization4.exe | 
"{A82D94AD-DDD7-405F-A3E8-D66F2B470FAC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{AAED01FB-88EB-4171-BA64-4B72773C3C5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{AB2A85E0-CD28-4253-89E1-BA83A2BDCA6E}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{CFF45ADE-6E06-45F5-AF18-B0804B710938}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2011\fm.exe | 
"{D82ACC75-21CE-477E-90FD-6FA82F80E604}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{D9D5C3E0-F74E-4AD1-8F83-556A261B151F}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{DF36EF0F-EC1E-4B0D-9BF3-FF4373547E99}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2011\fm.exe | 
"{E5DE793C-AF37-417C-9BAA-E92026B68D95}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{EDD042EC-5903-41C5-AD9D-1BDB08793C23}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{F1CF7059-C150-49B4-A46C-DE546CB60149}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{F30B8905-4777-4D8D-BDA1-4C658C771EEA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{F3898316-6B62-45B1-87E4-3A739412B6E3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{F4216966-A5B0-4847-9DB3-462E9B6F01DC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FD926223-0079-4E95-97A5-BC15A10F1D44}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"TCP Query User{89A56462-D736-4354-874D-992B24646DA0}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{9A65989E-7089-4B67-A77B-2DF52C6B9EA4}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00E3E16A-EF37-6F18-2501-821AAB6903AB}" = ccc-core-static
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0299E902-A8ED-7748-4A47-8080C42436F2}" = Catalyst Control Center Core Implementation
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D8189EB-8824-AA13-6A45-8201E3353AC8}" = CCC Help German
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}" = Sky Broadband
"{14F47992-EF70-16D9-1DD6-8A240073CD82}" = ATI Catalyst Install Manager
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{165E861A-D87F-5BED-190E-8EBC4ECCE65E}" = Catalyst Control Center Graphics Light
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{17F8195F-91B9-35A7-E4B9-6E54C0B7B9B3}" = CCC Help Korean
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EDDE5D9-7455-3159-41BE-1BC8C76B8950}" = CCC Help Spanish
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{248BF282-92C4-4C53-09F4-454E81503277}" = Catalyst Control Center Localization Italian
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager
"{28B52CF6-FC4D-38E7-2438-62EB527780FD}" = Catalyst Control Center Graphics Full Existing
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{29ADBAC3-97C3-1963-0F76-1687F73154D7}" = Catalyst Control Center Localization French
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2E0993DB-99D1-3D3D-FDD8-757F7C44BB7F}" = CCC Help French
"{2E2F4CB9-70B3-B6BA-1241-BC53FE5BE5DA}" = Catalyst Control Center Localization Thai
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{31E6A959-22FA-51B9-4E5A-1E2D2C0C8F1E}" = CCC Help Hungarian
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide 
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{356181AD-C50C-394F-20D8-C6CB0A961589}" = Catalyst Control Center Localization Portuguese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46B9C26B-4370-C68D-1743-4F13AC12B4CD}" = CCC Help Turkish
"{495B3F8D-06AA-216A-6159-C9EABA6B7D8E}" = CCC Help Chinese Traditional
"{4A074D34-1F3D-B98F-CFF9-B2794DA33871}" = Catalyst Control Center Localization Danish
"{4A790D47-EBBF-659B-96BD-46AF5D69730B}" = Catalyst Control Center Localization Chinese Traditional
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FE475AA-C4CC-115A-1422-5DFB86FC806D}" = Catalyst Control Center Localization Hungarian
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{5463642B-44B3-34D3-E64E-0ACAA949BB5A}" = CCC Help Finnish
"{568457D9-A55B-D9BC-13EC-14C84E69BD86}" = Catalyst Control Center Graphics Full New
"{56A6F256-5323-4617-3AE8-45B28B559E37}" = CCC Help English
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57A3A36F-626E-8848-D9E0-41FCDC92FECA}" = CCC Help Portuguese
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6788581C-ECDA-326B-EE71-F9BE4635355F}" = Catalyst Control Center Localization Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6CE464DB-CD52-F4F9-FB58-BC934702A499}" = CCC Help Japanese
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7193B0D6-65E4-6FB1-EB23-E9CE6D611BDC}" = CCC Help Czech
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects
"{7CB64BD2-0FB7-E037-6924-EA2B8BE44E7E}" = CCC Help Greek
"{7F6C2F96-3302-784E-BF0D-65D794E39BC2}" = Catalyst Control Center Localization Norwegian
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{84EA9BEB-AFF7-06C6-60DF-608807EA7DF2}" = Catalyst Control Center Localization German
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8550D6A8-0DBC-AC89-F12B-71167346845E}" = Catalyst Control Center Localization Dutch
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A2224A1-7C5F-170C-74B6-6EEF9F92FCC3}" = CCC Help Norwegian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963B65F9-89C7-48BB-8E40-E7583DEC7C8D}" = SonicStage Mastering Studio
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{96E425D4-2DB1-6B29-0944-7DC78E9EEF81}" = Catalyst Control Center Localization Finnish
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E332EEA-DCFC-424B-E499-0D35FFAD4D76}" = Catalyst Control Center Localization Greek
"{9F165569-C622-3F85-0F90-23CF9B0B7E50}" = Catalyst Control Center Localization Turkish
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Easy Media Creator 10 LJ
"{A38F2A2D-F9AC-6303-A14D-DD2D77519627}" = Catalyst Control Center Localization Polish
"{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat  8 Standard - English, Français, Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B07FD2DE-87AB-976B-9E7E-9CD9598D1188}" = CCC Help Italian
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B5978DF3-8A04-4F22-AF67-8CCE52E04B13}" = C4700
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B74686F4-939E-9D89-2C09-3B0FCB3C2B37}" = Catalyst Control Center Localization Japanese
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4
"{B982D59B-B732-C911-51F3-CC962F906573}" = ccc-utility
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFCBC9EC-8ECC-2E8F-85DF-9D02C3B6E8AD}" = CCC Help Thai
"{C1141112-2968-FB36-0DF7-9D61AE6A0DCF}" = CCC Help Chinese Standard
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9B56B00-7A33-378D-E64E-E044BE535A46}" = Catalyst Control Center Localization Chinese Standard
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc
"{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D79FDDB3-D6DD-63CC-BA61-D5406F392979}" = Catalyst Control Center Localization Russian
"{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus
"{DA3C6D93-6EB8-BF5C-2C14-2B1A08284DBD}" = Catalyst Control Center Graphics Previews Vista
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEFB9CA4-6242-B988-E263-CD102219F54F}" = Skins
"{DF02B276-8216-D2FC-1E3D-E6382F8F6D91}" = Catalyst Control Center Localization Swedish
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E40EE28E-1009-B9B3-1E6B-635E878EAFF4}" = CCC Help Danish
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E626EA97-DC4B-B9C2-5120-F826D00623D5}" = Catalyst Control Center Localization Spanish
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E8EF1266-1D1F-C2FB-1E98-2FB9E71B3C7C}" = Catalyst Control Center Graphics Previews Common
"{E9459BCF-0982-498B-ABA7-26C34323493F}" = Citrix Presentation Server Client - Web Only
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{ED1273B9-C028-C97D-BBF4-B667AD1644AE}" = CCC Help Dutch
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}" = Branding
"{F2D89AED-46DA-3DAF-CE35-BEA81D3CCE4B}" = CCC Help Polish
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F536B64C-FA0C-AAEE-AE89-E15B12E7C659}" = CCC Help Swedish
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F76F1E24-BFF9-9754-FDB4-595A7DFF8651}" = CCC Help Russian
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{F8ECA4D4-3CB6-3B1C-A20A-884D5744C0FF}" = Catalyst Control Center Localization Czech
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat  8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.1.4 Standard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only)
"Big Fish Games Center" = Big Fish Games Center
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"dt icon module" = 
"FM Genie Scout 11_is1" = FM Genie Scout 11 version 1.00 beta 2
"Google Desktop" = Google Desktop
"gtfirstboot Setting Request" = 
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"Mahjong Towers Eternity" = Mahjong Towers Eternity (remove only)
"MarketingTools" = Vaio Marketing Tools
"McAfee Security Scan" = McAfee Security Scan Plus
"MFU Module" = 
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSC" = McAfee Internet Security
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa2" = Picasa 2
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Shop for HP Supplies" = Shop for HP Supplies
"SopCast" = SopCast 3.3.2
"Steam App 34220" = Football Manager 2011
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Help and Support" = 
"VAIO_My Club VAIO" = My Club VAIO
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2307587143-1150151103-1544206896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 21/11/2009 18:48:46 | Computer Name = Mimsy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 21/11/2009 18:48:46 | Computer Name = Mimsy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1030
 
Error - 21/11/2009 18:48:46 | Computer Name = Mimsy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1030
 
Error - 21/11/2009 18:48:47 | Computer Name = Mimsy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
[ System Events ]
Error - 23/01/2011 10:26:32 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 23/01/2011 10:28:15 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23/01/2011 10:28:26 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23/01/2011 10:28:30 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23/01/2011 10:28:41 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23/01/2011 10:29:18 | Computer Name = Mimsy-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 23/01/2011 10:29:18 | Computer Name = Mimsy-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 23/01/2011 10:29:18 | Computer Name = Mimsy-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 23/01/2011 10:30:01 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23/01/2011 10:30:36 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description = 
 
 
< End of report >
         
--- --- ---

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0299F159-B429-45DF-A571-5532E4B3202D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{089E784B-091C-4420-ABDF-2926B3FD5718}" = lport=445 | protocol=6 | dir=in | app=system |
"{1FFE0877-1227-4487-9E8C-CB2715CC1771}" = rport=139 | protocol=6 | dir=out | app=system |
"{25711E39-322E-4B22-993F-229A1A512B76}" = rport=138 | protocol=17 | dir=out | app=system |
"{2FE9BA88-978E-4B83-B1E4-3867CE2D74B9}" = lport=138 | protocol=17 | dir=in | app=system |
"{452B74D4-B0EA-4B6D-94F3-5E58BC9223F2}" = rport=445 | protocol=6 | dir=out | app=system |
"{588AFBE5-6DCA-4524-B859-6E709A776528}" = lport=2869 | protocol=6 | dir=in | app=system |
"{625F7C43-EF5E-42FE-8133-C8DBD601D52A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{72515411-8227-4CE5-AD79-100F8280D122}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{7F1C7862-870A-4670-9BDC-068017B85D76}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{8BCFF56E-F188-490F-8D18-27FB76A7525F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A535CCF1-3D62-4350-A533-A72895665A30}" = rport=137 | protocol=17 | dir=out | app=system |
"{AB205E7E-012C-4D55-9D03-40E84CCA38D4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AEE0FD21-306B-48BF-93D6-421D3AE2EA1F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D387C5C1-ADE8-4718-A563-328C597A0E09}" = lport=139 | protocol=6 | dir=in | app=system |
"{EC3BAF2E-1C6A-45F8-ABCD-541DB61DB83C}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06FA16DE-A1AC-4C26-9660-590D9FFDE406}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{07B2547C-725D-41D1-B4D7-4394431CBA5A}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{0B55822A-12EF-4985-BC5E-6D1E866FAC0B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{275C7281-D3E4-4D79-B6C9-79E50751230D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{297E97AC-3020-4138-B54D-793213EFDDE2}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{39370D6D-8239-49AE-94C2-C16A0FF31576}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3D16EC7D-5473-4782-B36D-EB45A04DC78E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{3DFB50F9-45AA-4D67-B346-D0F723300E49}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{42F833D9-5348-42D8-9D7C-1AC63334038A}" = dir=in | app=f:\setup\hpznui01.exe |
"{4CB9927D-A42F-4DEB-B197-FDA4B1828927}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{4DBC0014-FA0E-4BB6-A870-E6CDBEE5CC73}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{4FD4C4D4-8217-4941-80C4-15B672EC518A}" = protocol=17 | dir=in | app=c:\program files\firaxis games\sid meier's civilization 4\civilization4.exe |
"{51D2FD5B-7277-4125-9518-B3A8FE60E603}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{52D80595-ABD0-4363-A081-5C42F378E664}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{550C90C1-BB9E-4EE6-B5CD-AACB2C52592B}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{590B63A6-C7AA-492B-84DE-C3F82C752F4C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{65354F7C-F941-4D71-8EFA-A1BB7C832537}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{65A06160-471B-4A08-9F7A-6B05A2BBDD06}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{6843281A-48BC-4A38-AC40-0E8CF9250D80}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6CEB151E-6033-4D43-A72F-59A371329E11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{6F4FD49B-78F9-487F-BEE7-29094D1EBE37}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{700791A6-D7F3-49B7-B9CF-0EEF70EDA8DC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7E6BEF10-11C3-4D60-81E0-F43F18CAA035}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{7F0062BA-FF0E-4655-894C-FB9CD43B3FA9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{80603969-5195-4013-A179-A5B3C53B1045}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{9F50A7E3-D9A8-4E11-9DDC-0A4F2B2CD05B}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{A1A5E0A3-2782-43B4-B5D6-A21551DD8446}" = protocol=6 | dir=in | app=c:\program files\firaxis games\sid meier's civilization 4\civilization4.exe |
"{A82D94AD-DDD7-405F-A3E8-D66F2B470FAC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AAED01FB-88EB-4171-BA64-4B72773C3C5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{AB2A85E0-CD28-4253-89E1-BA83A2BDCA6E}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{CFF45ADE-6E06-45F5-AF18-B0804B710938}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2011\fm.exe |
"{D82ACC75-21CE-477E-90FD-6FA82F80E604}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D9D5C3E0-F74E-4AD1-8F83-556A261B151F}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{DF36EF0F-EC1E-4B0D-9BF3-FF4373547E99}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2011\fm.exe |
"{E5DE793C-AF37-417C-9BAA-E92026B68D95}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EDD042EC-5903-41C5-AD9D-1BDB08793C23}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{F1CF7059-C150-49B4-A46C-DE546CB60149}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F30B8905-4777-4D8D-BDA1-4C658C771EEA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{F3898316-6B62-45B1-87E4-3A739412B6E3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{F4216966-A5B0-4847-9DB3-462E9B6F01DC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FD926223-0079-4E95-97A5-BC15A10F1D44}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"TCP Query User{89A56462-D736-4354-874D-992B24646DA0}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{9A65989E-7089-4B67-A77B-2DF52C6B9EA4}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00E3E16A-EF37-6F18-2501-821AAB6903AB}" = ccc-core-static
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0299E902-A8ED-7748-4A47-8080C42436F2}" = Catalyst Control Center Core Implementation
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D8189EB-8824-AA13-6A45-8201E3353AC8}" = CCC Help German
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}" = Sky Broadband
"{14F47992-EF70-16D9-1DD6-8A240073CD82}" = ATI Catalyst Install Manager
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{165E861A-D87F-5BED-190E-8EBC4ECCE65E}" = Catalyst Control Center Graphics Light
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{17F8195F-91B9-35A7-E4B9-6E54C0B7B9B3}" = CCC Help Korean
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EDDE5D9-7455-3159-41BE-1BC8C76B8950}" = CCC Help Spanish
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{248BF282-92C4-4C53-09F4-454E81503277}" = Catalyst Control Center Localization Italian
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager
"{28B52CF6-FC4D-38E7-2438-62EB527780FD}" = Catalyst Control Center Graphics Full Existing
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{29ADBAC3-97C3-1963-0F76-1687F73154D7}" = Catalyst Control Center Localization French
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2E0993DB-99D1-3D3D-FDD8-757F7C44BB7F}" = CCC Help French
"{2E2F4CB9-70B3-B6BA-1241-BC53FE5BE5DA}" = Catalyst Control Center Localization Thai
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{31E6A959-22FA-51B9-4E5A-1E2D2C0C8F1E}" = CCC Help Hungarian
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide 
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{356181AD-C50C-394F-20D8-C6CB0A961589}" = Catalyst Control Center Localization Portuguese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46B9C26B-4370-C68D-1743-4F13AC12B4CD}" = CCC Help Turkish
"{495B3F8D-06AA-216A-6159-C9EABA6B7D8E}" = CCC Help Chinese Traditional
"{4A074D34-1F3D-B98F-CFF9-B2794DA33871}" = Catalyst Control Center Localization Danish
"{4A790D47-EBBF-659B-96BD-46AF5D69730B}" = Catalyst Control Center Localization Chinese Traditional
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FE475AA-C4CC-115A-1422-5DFB86FC806D}" = Catalyst Control Center Localization Hungarian
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{5463642B-44B3-34D3-E64E-0ACAA949BB5A}" = CCC Help Finnish
"{568457D9-A55B-D9BC-13EC-14C84E69BD86}" = Catalyst Control Center Graphics Full New
"{56A6F256-5323-4617-3AE8-45B28B559E37}" = CCC Help English
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57A3A36F-626E-8848-D9E0-41FCDC92FECA}" = CCC Help Portuguese
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6788581C-ECDA-326B-EE71-F9BE4635355F}" = Catalyst Control Center Localization Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6CE464DB-CD52-F4F9-FB58-BC934702A499}" = CCC Help Japanese
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7193B0D6-65E4-6FB1-EB23-E9CE6D611BDC}" = CCC Help Czech
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects
"{7CB64BD2-0FB7-E037-6924-EA2B8BE44E7E}" = CCC Help Greek
"{7F6C2F96-3302-784E-BF0D-65D794E39BC2}" = Catalyst Control Center Localization Norwegian
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{84EA9BEB-AFF7-06C6-60DF-608807EA7DF2}" = Catalyst Control Center Localization German
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8550D6A8-0DBC-AC89-F12B-71167346845E}" = Catalyst Control Center Localization Dutch
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A2224A1-7C5F-170C-74B6-6EEF9F92FCC3}" = CCC Help Norwegian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963B65F9-89C7-48BB-8E40-E7583DEC7C8D}" = SonicStage Mastering Studio
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{96E425D4-2DB1-6B29-0944-7DC78E9EEF81}" = Catalyst Control Center Localization Finnish
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E332EEA-DCFC-424B-E499-0D35FFAD4D76}" = Catalyst Control Center Localization Greek
"{9F165569-C622-3F85-0F90-23CF9B0B7E50}" = Catalyst Control Center Localization Turkish
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Easy Media Creator 10 LJ
"{A38F2A2D-F9AC-6303-A14D-DD2D77519627}" = Catalyst Control Center Localization Polish
"{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat 8 Standard - English, Français, Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B07FD2DE-87AB-976B-9E7E-9CD9598D1188}" = CCC Help Italian
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B5978DF3-8A04-4F22-AF67-8CCE52E04B13}" = C4700
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B74686F4-939E-9D89-2C09-3B0FCB3C2B37}" = Catalyst Control Center Localization Japanese
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4
"{B982D59B-B732-C911-51F3-CC962F906573}" = ccc-utility
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFCBC9EC-8ECC-2E8F-85DF-9D02C3B6E8AD}" = CCC Help Thai
"{C1141112-2968-FB36-0DF7-9D61AE6A0DCF}" = CCC Help Chinese Standard
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9B56B00-7A33-378D-E64E-E044BE535A46}" = Catalyst Control Center Localization Chinese Standard
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc
"{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D79FDDB3-D6DD-63CC-BA61-D5406F392979}" = Catalyst Control Center Localization Russian
"{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus
"{DA3C6D93-6EB8-BF5C-2C14-2B1A08284DBD}" = Catalyst Control Center Graphics Previews Vista
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEFB9CA4-6242-B988-E263-CD102219F54F}" = Skins
"{DF02B276-8216-D2FC-1E3D-E6382F8F6D91}" = Catalyst Control Center Localization Swedish
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E40EE28E-1009-B9B3-1E6B-635E878EAFF4}" = CCC Help Danish
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E626EA97-DC4B-B9C2-5120-F826D00623D5}" = Catalyst Control Center Localization Spanish
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E8EF1266-1D1F-C2FB-1E98-2FB9E71B3C7C}" = Catalyst Control Center Graphics Previews Common
"{E9459BCF-0982-498B-ABA7-26C34323493F}" = Citrix Presentation Server Client - Web Only
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{ED1273B9-C028-C97D-BBF4-B667AD1644AE}" = CCC Help Dutch
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}" = Branding
"{F2D89AED-46DA-3DAF-CE35-BEA81D3CCE4B}" = CCC Help Polish
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F536B64C-FA0C-AAEE-AE89-E15B12E7C659}" = CCC Help Swedish
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F76F1E24-BFF9-9754-FDB4-595A7DFF8651}" = CCC Help Russian
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{F8ECA4D4-3CB6-3B1C-A20A-884D5744C0FF}" = Catalyst Control Center Localization Czech
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.1.4 Standard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only)
"Big Fish Games Center" = Big Fish Games Center
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"dt icon module" =
"FM Genie Scout 11_is1" = FM Genie Scout 11 version 1.00 beta 2
"Google Desktop" = Google Desktop
"gtfirstboot Setting Request" =
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"Mahjong Towers Eternity" = Mahjong Towers Eternity (remove only)
"MarketingTools" = Vaio Marketing Tools
"McAfee Security Scan" = McAfee Security Scan Plus
"MFU Module" =
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSC" = McAfee Internet Security
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa2" = Picasa 2
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Shop for HP Supplies" = Shop for HP Supplies
"SopCast" = SopCast 3.3.2
"Steam App 34220" = Football Manager 2011
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Help and Support" =
"VAIO_My Club VAIO" = My Club VAIO
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2307587143-1150151103-1544206896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21/11/2009 18:46:36 | Computer Name = Mimsy-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21/11/2009 18:48:46 | Computer Name = Mimsy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 21/11/2009 18:48:46 | Computer Name = Mimsy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1030

Error - 21/11/2009 18:48:46 | Computer Name = Mimsy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1030

Error - 21/11/2009 18:48:47 | Computer Name = Mimsy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ System Events ]
Error - 23/01/2011 10:26:32 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10010
Description =

Error - 23/01/2011 10:28:15 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description =

Error - 23/01/2011 10:28:26 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description =

Error - 23/01/2011 10:28:30 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description =

Error - 23/01/2011 10:28:41 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description =

Error - 23/01/2011 10:29:18 | Computer Name = Mimsy-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 23/01/2011 10:29:18 | Computer Name = Mimsy-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 23/01/2011 10:29:18 | Computer Name = Mimsy-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 23/01/2011 10:30:01 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description =

Error - 23/01/2011 10:30:36 | Computer Name = Mimsy-PC | Source = DCOM | ID = 10005
Description =


< End of report >


Alt 23.01.2011, 16:35   #6
markusg
/// Malware-holic
 
System Tool - Standard

System Tool



schade, ich hätte sonst den betreiber informieren können und den unbekannten installer an av-hersteller gesendet.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

:OTL
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HotKeysCmds] File not found
O4 - HKLM..\Run: [IgfxTray] File not found
O4 - HKLM..\Run: [Persistence] File not found
:Files
C:\ProgramData\nMaDgHm02400\nMaDgHm02400.exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
du solltest im normalen modus starten können
öffne computer,, c: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
lade das archiv in unserem upload channel hoch.
http://www.trojaner-board.de/54791-a...ner-board.html
__________________
--> System Tool

Alt 23.01.2011, 16:47   #7
goliath0011
 
System Tool - Standard

System Tool



danke, bis gleich dann

Alt 23.01.2011, 16:55   #8
goliath0011
 
System Tool - Standard

System Tool



die datei ist zu gross um es hochzuladen sorry.. oder mach ich etwas falsch.

Alt 23.01.2011, 16:58   #9
goliath0011
 
System Tool - Standard

System Tool



ich habe jetzt auch auf meinem desktop eine neue datei bekommen mit dem titel "desktop.ini".

Alt 23.01.2011, 17:11   #10
markusg
/// Malware-holic
 
System Tool - Standard

System Tool



ok dann bei
File-Upload.net
hochladen, link als private nachicht an mich, desktop.ini kannst löschen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2011, 17:28   #11
markusg
/// Malware-holic
 
System Tool - Standard

System Tool



download malwarebytes:
Malwarebytes
instalieren, öffnen, registerkarte aktualisierung, programm updaten.
schalte alle laufenden programme ab, trenne die internetverbindung.
registerkarte scanner, komplett scan, funde entfernen, log posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2011, 17:33   #12
goliath0011
 
System Tool - Standard

System Tool



was meinst du mit der Registerkarte?

Alt 23.01.2011, 17:44   #13
markusg
/// Malware-holic
 
System Tool - Standard

System Tool



da wo scanner optionen updates drann steht, das nennt man registerkarte
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2011, 17:54   #14
goliath0011
 
System Tool - Standard

System Tool



der scan laeuft gerade. ich bin im moment an meinem anderen computer waehrend der scan laeuft, du hast ja gesagt internet verbindung schliessen.

ist das richtig?

habe direkt den full scan gemacht und nicht den registerscan. ist das ok oder soll ich neu starten?

Alt 23.01.2011, 17:59   #15
markusg
/// Malware-holic
 
System Tool - Standard

System Tool



ich sagte ja komplett scan, also full.
und ja ist richtig.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu System Tool
anderes, anleitung, bedingt, benachrichtigt, brauche, browsen, compu, computer, entferne, heiss, laptop, leitung, mcafee, oeffnen, pop-up, program, restart, runterladen, scan, scanner, schei, system, tool, unbedingt, virus, virus angriff



Ähnliche Themen: System Tool


  1. System Tool - Windows XP SP3
    Log-Analyse und Auswertung - 08.04.2011 (13)
  2. system tool
    Plagegeister aller Art und deren Bekämpfung - 24.03.2011 (27)
  3. System Tool entfernen!
    Plagegeister aller Art und deren Bekämpfung - 19.03.2011 (1)
  4. System Tool eingenistet
    Plagegeister aller Art und deren Bekämpfung - 11.03.2011 (60)
  5. *System Tool* eingefangen
    Plagegeister aller Art und deren Bekämpfung - 08.03.2011 (5)
  6. System mit System-Tool befallen
    Plagegeister aller Art und deren Bekämpfung - 07.03.2011 (26)
  7. Diyar - System Tool
    Plagegeister aller Art und deren Bekämpfung - 01.03.2011 (3)
  8. System Tool
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (21)
  9. problem mit system tool
    Mülltonne - 27.02.2011 (1)
  10. System Tool Infektion
    Plagegeister aller Art und deren Bekämpfung - 26.02.2011 (21)
  11. System Tool Malware
    Plagegeister aller Art und deren Bekämpfung - 04.02.2011 (20)
  12. Virus System Tool
    Plagegeister aller Art und deren Bekämpfung - 26.01.2011 (31)
  13. System Tool loswerden
    Plagegeister aller Art und deren Bekämpfung - 20.01.2011 (15)
  14. System Tool
    Plagegeister aller Art und deren Bekämpfung - 11.01.2011 (2)
  15. System Tool entfernen
    Plagegeister aller Art und deren Bekämpfung - 07.01.2011 (1)
  16. System tool
    Log-Analyse und Auswertung - 31.12.2010 (3)
  17. System Tool entfernen
    Anleitungen, FAQs & Links - 31.10.2010 (2)

Zum Thema System Tool - Hallo, ich brauche bitte Hilfe einen Virus zu entfernen. Ich war am browsen und auf einmal bekomme ich ein Pop-Up zu einen Virus SCanner und ich wuerde benachrichtigt dass der - System Tool...
Archiv
Du betrachtest: System Tool auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.