View Single Post
  #6  
Old August 10th, 2008, 07:14 PM
08paras 08paras is offline
New Member
 
Join Date: Jan 2008
Posts: 15
-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [08/10/2006 06:17 PM]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [02/20/2004 05:12 PM]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [04/20/2003 12:08 AM]
"Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [02/14/2006 03:11 PM]
"PartSeal"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [04/20/2003 12:08 AM]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 09:43 PM C:\WINDOWS\Alcmtr.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [08/25/2005 05:21 PM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [04/05/2006 02:21 PM]
"@"="" []
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [02/01/2008 12:55 PM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumpre p 0 -k" []
"THGuard"="C:\Program Files\TrojanHunter 5.0\THGuard.exe" [07/09/2008 06:54 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [08/10/2008 01:42 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\R oyale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale. theme

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [11/16/2007 08:50 AM 633344]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 AM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 06/20/2006 07:11 PM 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GO333C~1\GOEC62~ 1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdcoreservice"


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc


[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{5ac81ab0-84e1-11dc-99e7-0018de98806a}]
AutoRun\command- G:\PortableApps\PortableAppsMenu\PortableAppsMenu. exe

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Genuine Intel(R) CPU T2050 @ 1.60GHz
CPU 1: Genuine Intel(R) CPU T2050 @ 1.60GHz
Percentage of Memory in Use: 54%
Physical Memory (total/avail): 1014.11 MiB / 459.55 MiB
Pagefile Memory (total/avail): 2441.98 MiB / 1888.57 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1934.1 MiB

C: is Fixed (NTFS) - 68.52 GiB total, 22.04 GiB free.
D: is Removable (Unformatted)
E: is Removable (No Media)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE1 - MemoryStick0 Device

\\.\PHYSICALDRIVE2 - SD1 Device

\\.\PHYSICALDRIVE0 - TOSHIBA MK8032GSX - 74.53 GiB - 2 partitions
\PARTITION0 - Unknown - 6.01 GiB
\PARTITION1 (bootable) - Installable File System - 68.52 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

FW: Online Armor Firewall v2.1.0.31 (Tall Emu)
FW: Norton Internet Security 2006 v2006 (Symantec Corporation)
AV: Norton Internet Security 2006 v2006 (Symantec Corporation)
AV: Avira AntiVir PersonalEdition v8.0.1.26 (Avira GmbH)
AV: Symantec AntiVirus Corporate Edition v10.0.1.1000 (Symantec Corporation) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\s ystem32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\XBC\\XBC_NS.exe"="C:\\Program Files\\XBC\\XBC_NS.exe:*:Enabled:XBConnect"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\s ystem32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\Program Files\\Sony\\VAIO Media 5.0\\Vc.exe"="C:\\Program Files\\Sony\\VAIO Media 5.0\\Vc.exe:*:Enabled:[VAIO Media] VAIO Media"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\\Program Files\\Adobe\\Photoshop Elements 5.0\\AdobePhotoshopElementsMediaServer.exe"="C:\\P rogram Files\\Adobe\\Photoshop Elements 5.0\\AdobePhotoshopElementsMediaServer.exe:*isab led:Adobe Photoshop Elements Media Server"
"C:\\Program Files\\Sony\\VAIO Media Registration Tool\\VmpClient.exe"="C:\\Program Files\\Sony\\VAIO Media Registration Tool\\VmpClient.exe:*:Enabled:VAIO Media Client registry tool"
"C:\\Program Files\\Sony\\Click to DVD 2\\CtoDvd.exe"="C:\\Program Files\\Sony\\Click to DVD 2\\CtoDvd.exe:*:Enabled:Click to DVD"
"C:\\Program Files\\Sony\\VAIO Media Integrated Server\\VMISrv.exe"="C:\\Program Files\\Sony\\VAIO Media Integrated Server\\VMISrv.exe:*:Enabled:[VAIO Media] Integrated Server"
"C:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\SV_Httpd.exe"="C:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\SV_Httpd.exe:*:Enabled:[VAIO Media] HTTP Server"
"C:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\UPnPFramework.exe"="C:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\UPnPFramework.exe:*:Enabled:[VAIO Media] UPnP Server"
"C:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\VMConsole.exe"="C:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\VMConsole.exe:*:Enabled:[VAIO Media] SNAC Server"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjou r"
"C:\\Program Files\\iTunes.exe"="C:\\Program Files\\iTunes.exe:*:Enabled:iTunes"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\The Flying Nun\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TUESDAY
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\The Flying Nun
LOGONSERVER=\\TUESDAY
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\THEFLY~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\THEFLY~1\LOCALS~1\Temp
USERDOMAIN=TUESDAY
USERNAME=The Flying Nun
USERPROFILE=C:\Documents and Settings\The Flying Nun
windir=C:\WINDOWS







-- End of Deckard's System Scanner: finished at 2008-08-10 13:54:43
Reply With Quote