Jump to content

pordster

Honorary Members
  • Posts

    23
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi, Thank you for your help. The first link you have sent does not seem to work?
  2. ComboFix 11-07-22.02 - Jordan 22/07/2011 23:40:02.5.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3070.1975 [GMT 1:00] Running from: c:\users\Jordan\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2011-06-22 to 2011-07-22 ))))))))))))))))))))))))))))))) . . 2011-07-22 22:47 . 2011-07-22 22:47 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-07-22 22:47 . 2011-07-22 22:47 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-22 09:42 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FA1EBFF-F71D-48A6-996E-083955933A49}\mpengine.dll 2011-07-21 09:00 . 2011-07-21 09:22 -------- d-----w- c:\users\Jordan\AppData\Roaming\Windows Live Writer 2011-07-21 09:00 . 2011-07-21 09:00 -------- d-----w- c:\users\Jordan\AppData\Local\Windows Live Writer 2011-07-20 17:18 . 2011-07-22 09:40 -------- d-----w- c:\program files\Microsoft Silverlight 2011-07-20 17:17 . 2011-07-20 17:17 6260088 ----a-w- c:\program files\Common Files\Windows Live\.cache\db629c281cc47000c\Silverlight.4.0.exe 2011-07-20 17:15 . 2011-07-22 22:37 -------- d-----w- c:\users\Jordan\AppData\Local\Windows Live 2011-07-19 11:53 . 2011-07-19 11:53 388096 ----a-r- c:\users\Jordan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-06-27 18:08 . 2011-06-27 18:08 0 ----a-w- c:\users\Jordan\AppData\Local\BIT39E4.tmp 2011-06-26 22:57 . 2011-06-26 23:03 0 ----a-w- c:\users\Jordan\AppData\Local\Ivonoboxeboda.bin 2011-06-26 22:53 . 2011-06-27 18:15 -------- d-----w- c:\programdata\iF28601ImEdM28601 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-20 17:19 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-06 18:52 . 2010-12-18 15:43 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 18:52 . 2010-12-18 15:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-28 03:00 . 2011-06-16 03:58 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-05-24 18:14 . 2010-02-15 16:57 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-13 15:03 . 2011-05-13 15:03 49016 ----a-w- c:\windows\system32\sirenacm.dll 2011-05-04 02:43 . 2011-06-16 03:57 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-05-04 02:43 . 2011-06-16 03:57 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-05-04 02:43 . 2011-06-16 03:57 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-05-03 04:50 . 2011-06-16 03:58 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 02:57 . 2011-06-16 03:58 311296 ----a-w- c:\windows\system32\drivers\srv.sys 2011-04-29 02:57 . 2011-06-16 03:58 309760 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 02:57 . 2011-06-16 03:58 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-27 02:33 . 2011-06-16 03:58 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-04-25 04:56 . 2011-06-16 03:58 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-04-25 02:35 . 2011-06-16 03:58 338944 ----a-w- c:\windows\system32\drivers\afd.sys 2010-07-30 20:31 . 2010-07-30 20:31 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-04-23 262144] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-29 6111232] "Skytel"="Skytel.exe" [2008-04-29 1826816] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152] "AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-03-26 1093632] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-11-03 36864] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 479232] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-15 149280] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-06 1047656] . c:\users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [2010-7-31 142336] PMB Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-7-3 327680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [2008-5-16 295606] Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-05-13 06:45 98304 ----a-w- c:\windows\System32\VESWinlogon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" "Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1ca9c7161b3d982;Google Update Service (gupdate1ca9c7161b3d982);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 133104] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-30 30192] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 133104] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-05 104288] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-03-05 350048] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-03-05 63328] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-03 1343400] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-04-03 229376] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032] S2 RtkHDMIService;RtkHDMIService;c:\windows\RtkAudioService.exe [2008-04-29 98304] S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [2007-11-10 104960] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-04-24 411488] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-01-31 17408] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 01873098 *Deregistered* - 01873098 *Deregistered* - CO_Mon *Deregistered* - eeCtrl *Deregistered* - EraserUtilRebootDrv *Deregistered* - IDSvix86 *Deregistered* - SYMDNS *Deregistered* - SymEvent *Deregistered* - SYMFW *Deregistered* - SYMNDISV *Deregistered* - SYMREDRV *Deregistered* - SYMTDI . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HPService REG_MULTI_SZ HPSLPSVC HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder . 2011-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 21:15] . 2011-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 21:15] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.club-vaio.com uInternet Settings,ProxyOverride = <local> TCP: DhcpNameServer = 80.58.61.250 80.58.61.254 TCP: Interfaces\{6A15F037-A716-41E8-8743-92B5BF8B6261}: DhcpNameServer = 192.168.100.1 TCP: Interfaces\{B0843D91-B886-40FD-8674-F54AF50F7DAC}: DhcpNameServer = 80.58.61.250 80.58.61.254 DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} - hxxp://gateway.kings-school.co.uk:8080/webconnect5.6/windows/ptdownloader.cab FF - ProfilePath - c:\users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\8rzvtzqt.default\ FF - prefs.js: browser.startup.homepage - hxxps://admin.1and1.co.uk/xml/config/Login;jsessionid=1928AB7FF46F4242D2E2CD6E6CC1C8B5.TCpfix93b?__reuse=1295566200810 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-750481325-487018170-2717093295-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-750481325-487018170-2717093295-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(2772) c:\windows\system32\btmmhook.dll . Completion time: 2011-07-22 23:50:20 ComboFix-quarantined-files.txt 2011-07-22 22:50 ComboFix2.txt 2011-07-19 15:39 ComboFix3.txt 2011-01-15 18:04 . Pre-Run: 133,896,122,368 bytes free Post-Run: 133,616,459,776 bytes free . - - End Of File - - C6D8769A07EE8B98E626E711BDA583D4 2011/07/22 16:08:02.0152 6920 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56 2011/07/22 16:08:02.0615 6920 ================================================================================ 2011/07/22 16:08:02.0615 6920 SystemInfo: 2011/07/22 16:08:02.0615 6920 2011/07/22 16:08:02.0615 6920 OS Version: 6.1.7600 ServicePack: 0.0 2011/07/22 16:08:02.0615 6920 Product type: Workstation 2011/07/22 16:08:02.0615 6920 ComputerName: JORDAN-LAPTOP 2011/07/22 16:08:02.0616 6920 UserName: Jordan 2011/07/22 16:08:02.0616 6920 Windows directory: C:\Windows 2011/07/22 16:08:02.0616 6920 System windows directory: C:\Windows 2011/07/22 16:08:02.0616 6920 Processor architecture: Intel x86 2011/07/22 16:08:02.0616 6920 Number of processors: 2 2011/07/22 16:08:02.0616 6920 Page size: 0x1000 2011/07/22 16:08:02.0616 6920 Boot type: Normal boot 2011/07/22 16:08:02.0616 6920 ================================================================================ 2011/07/22 16:08:03.0163 6920 Initialize success 2011/07/22 16:08:05.0930 2064 ================================================================================ 2011/07/22 16:08:05.0930 2064 Scan started 2011/07/22 16:08:05.0930 2064 Mode: Manual; 2011/07/22 16:08:05.0930 2064 ================================================================================ 2011/07/22 16:08:07.0280 2064 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/07/22 16:08:07.0346 2064 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 2011/07/22 16:08:07.0405 2064 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/07/22 16:08:07.0535 2064 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/07/22 16:08:07.0616 2064 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 2011/07/22 16:08:07.0668 2064 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 2011/07/22 16:08:07.0833 2064 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys 2011/07/22 16:08:07.0930 2064 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 2011/07/22 16:08:08.0125 2064 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 2011/07/22 16:08:08.0207 2064 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 2011/07/22 16:08:08.0391 2064 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 2011/07/22 16:08:08.0462 2064 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 2011/07/22 16:08:08.0498 2064 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 2011/07/22 16:08:08.0606 2064 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 2011/07/22 16:08:08.0677 2064 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys 2011/07/22 16:08:08.0702 2064 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/07/22 16:08:08.0790 2064 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys 2011/07/22 16:08:08.0942 2064 ApfiltrService (9325e49d555d8f12ce1735227dbb3d80) C:\Windows\system32\DRIVERS\Apfiltr.sys 2011/07/22 16:08:09.0126 2064 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 2011/07/22 16:08:09.0264 2064 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 2011/07/22 16:08:09.0322 2064 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 2011/07/22 16:08:09.0363 2064 ArcSoftKsUFilter (6b3ab8f67b37402a4174caa45002903e) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 2011/07/22 16:08:09.0421 2064 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/07/22 16:08:09.0544 2064 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 2011/07/22 16:08:09.0758 2064 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/07/22 16:08:10.0025 2064 atksgt (72bc628af75c4c3250f2a3bac260265a) C:\Windows\system32\DRIVERS\atksgt.sys 2011/07/22 16:08:10.0249 2064 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 2011/07/22 16:08:10.0374 2064 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/07/22 16:08:10.0451 2064 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/07/22 16:08:10.0576 2064 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/07/22 16:08:10.0667 2064 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys 2011/07/22 16:08:10.0695 2064 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/07/22 16:08:10.0788 2064 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/07/22 16:08:10.0860 2064 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/07/22 16:08:10.0895 2064 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/07/22 16:08:11.0028 2064 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/07/22 16:08:11.0159 2064 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/07/22 16:08:11.0232 2064 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/07/22 16:08:11.0326 2064 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/07/22 16:08:11.0352 2064 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys 2011/07/22 16:08:11.0471 2064 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys 2011/07/22 16:08:11.0564 2064 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys 2011/07/22 16:08:11.0855 2064 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/07/22 16:08:11.0936 2064 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 2011/07/22 16:08:12.0118 2064 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 2011/07/22 16:08:12.0178 2064 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/07/22 16:08:12.0379 2064 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/07/22 16:08:12.0436 2064 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 2011/07/22 16:08:12.0475 2064 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/07/22 16:08:12.0605 2064 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 2011/07/22 16:08:12.0668 2064 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/07/22 16:08:12.0708 2064 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/07/22 16:08:12.0849 2064 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 2011/07/22 16:08:12.0927 2064 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys 2011/07/22 16:08:13.0140 2064 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/07/22 16:08:13.0212 2064 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 2011/07/22 16:08:13.0249 2064 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys 2011/07/22 16:08:13.0383 2064 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/07/22 16:08:13.0460 2064 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 2011/07/22 16:08:13.0675 2064 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 2011/07/22 16:08:13.0917 2064 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 2011/07/22 16:08:13.0947 2064 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 2011/07/22 16:08:14.0056 2064 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/07/22 16:08:14.0163 2064 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/07/22 16:08:14.0251 2064 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 2011/07/22 16:08:14.0308 2064 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/07/22 16:08:14.0401 2064 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/07/22 16:08:14.0478 2064 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/07/22 16:08:14.0536 2064 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/07/22 16:08:14.0650 2064 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/07/22 16:08:14.0700 2064 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/07/22 16:08:14.0754 2064 FTDIBUS (b7aa8283ec551d3a3b924e520e0621a7) C:\Windows\system32\drivers\ftdibus.sys 2011/07/22 16:08:14.0836 2064 FTSER2K (596d31583ce332b5514520d74837f434) C:\Windows\system32\drivers\ftser2k.sys 2011/07/22 16:08:14.0925 2064 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 2011/07/22 16:08:15.0042 2064 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/07/22 16:08:15.0137 2064 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2011/07/22 16:08:15.0281 2064 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/07/22 16:08:15.0370 2064 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys 2011/07/22 16:08:15.0513 2064 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/07/22 16:08:15.0570 2064 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/07/22 16:08:15.0600 2064 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 2011/07/22 16:08:15.0655 2064 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 2011/07/22 16:08:15.0784 2064 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 2011/07/22 16:08:15.0900 2064 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/07/22 16:08:16.0046 2064 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys 2011/07/22 16:08:16.0202 2064 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys 2011/07/22 16:08:16.0265 2064 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 2011/07/22 16:08:16.0402 2064 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 2011/07/22 16:08:16.0446 2064 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/07/22 16:08:16.0497 2064 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys 2011/07/22 16:08:16.0549 2064 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys 2011/07/22 16:08:16.0712 2064 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 2011/07/22 16:08:16.0833 2064 IntcAzAudAddService (2deb2538c9372568bb67b5fdf2359790) C:\Windows\system32\drivers\RTKVHDA.sys 2011/07/22 16:08:16.0998 2064 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 2011/07/22 16:08:17.0037 2064 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/07/22 16:08:17.0083 2064 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/07/22 16:08:17.0230 2064 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/07/22 16:08:17.0259 2064 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/07/22 16:08:17.0298 2064 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/07/22 16:08:17.0441 2064 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 2011/07/22 16:08:17.0496 2064 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/07/22 16:08:17.0550 2064 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/07/22 16:08:17.0700 2064 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/07/22 16:08:17.0746 2064 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys 2011/07/22 16:08:17.0788 2064 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys 2011/07/22 16:08:17.0842 2064 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys 2011/07/22 16:08:17.0996 2064 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/07/22 16:08:18.0060 2064 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/07/22 16:08:18.0083 2064 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/07/22 16:08:18.0224 2064 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/07/22 16:08:18.0247 2064 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/07/22 16:08:18.0287 2064 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/07/22 16:08:18.0345 2064 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 2011/07/22 16:08:18.0484 2064 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 2011/07/22 16:08:18.0525 2064 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/07/22 16:08:18.0556 2064 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/07/22 16:08:18.0698 2064 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/07/22 16:08:18.0746 2064 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2011/07/22 16:08:18.0787 2064 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/07/22 16:08:18.0951 2064 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 2011/07/22 16:08:18.0982 2064 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 2011/07/22 16:08:19.0009 2064 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/07/22 16:08:19.0043 2064 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 2011/07/22 16:08:19.0200 2064 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/07/22 16:08:19.0236 2064 mrxsmb10 (c108952d3660375dcb716b222912e868) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/07/22 16:08:19.0262 2064 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/07/22 16:08:19.0316 2064 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 2011/07/22 16:08:19.0451 2064 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 2011/07/22 16:08:19.0512 2064 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/07/22 16:08:19.0554 2064 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/07/22 16:08:19.0608 2064 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/07/22 16:08:19.0774 2064 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/07/22 16:08:19.0798 2064 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/07/22 16:08:19.0823 2064 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/07/22 16:08:19.0850 2064 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/07/22 16:08:19.0878 2064 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/07/22 16:08:20.0030 2064 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/07/22 16:08:20.0059 2064 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/07/22 16:08:20.0088 2064 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/07/22 16:08:20.0133 2064 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/07/22 16:08:20.0301 2064 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 2011/07/22 16:08:20.0449 2064 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/07/22 16:08:20.0495 2064 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/07/22 16:08:20.0533 2064 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/07/22 16:08:20.0690 2064 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/07/22 16:08:20.0721 2064 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 2011/07/22 16:08:20.0776 2064 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/07/22 16:08:20.0809 2064 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 2011/07/22 16:08:21.0101 2064 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys 2011/07/22 16:08:21.0394 2064 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/07/22 16:08:21.0460 2064 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/07/22 16:08:21.0496 2064 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/07/22 16:08:21.0570 2064 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys 2011/07/22 16:08:21.0727 2064 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/07/22 16:08:21.0783 2064 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys 2011/07/22 16:08:21.0810 2064 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys 2011/07/22 16:08:21.0958 2064 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/07/22 16:08:22.0003 2064 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/07/22 16:08:22.0051 2064 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/07/22 16:08:22.0075 2064 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys 2011/07/22 16:08:22.0221 2064 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/07/22 16:08:22.0257 2064 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 2011/07/22 16:08:22.0286 2064 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 2011/07/22 16:08:22.0316 2064 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/07/22 16:08:22.0344 2064 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/07/22 16:08:22.0510 2064 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/07/22 16:08:22.0728 2064 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/07/22 16:08:22.0752 2064 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 2011/07/22 16:08:22.0796 2064 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/07/22 16:08:22.0846 2064 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys 2011/07/22 16:08:23.0017 2064 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 2011/07/22 16:08:23.0178 2064 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/07/22 16:08:23.0212 2064 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/07/22 16:08:23.0236 2064 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/07/22 16:08:23.0304 2064 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/07/22 16:08:23.0444 2064 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/07/22 16:08:23.0529 2064 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/07/22 16:08:23.0553 2064 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/07/22 16:08:23.0706 2064 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 2011/07/22 16:08:23.0730 2064 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/07/22 16:08:23.0757 2064 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/07/22 16:08:23.0818 2064 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 2011/07/22 16:08:23.0974 2064 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/07/22 16:08:24.0001 2064 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/07/22 16:08:24.0037 2064 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys 2011/07/22 16:08:24.0077 2064 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 2011/07/22 16:08:24.0215 2064 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys 2011/07/22 16:08:24.0284 2064 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/07/22 16:08:24.0416 2064 rimsptsk (f2993908be03181c781228daadc55230) C:\Windows\system32\DRIVERS\rimsptsk.sys 2011/07/22 16:08:24.0439 2064 risdptsk (cd6e3947724b337f9bc1524b710231eb) C:\Windows\system32\DRIVERS\risdptsk.sys 2011/07/22 16:08:24.0521 2064 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/07/22 16:08:24.0667 2064 RTHDMIAzAudService (f175b21f20b60958295f9221f11fed9f) C:\Windows\system32\drivers\RtHDMIV.sys 2011/07/22 16:08:24.0736 2064 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 2011/07/22 16:08:24.0891 2064 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/07/22 16:08:24.0923 2064 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 2011/07/22 16:08:24.0976 2064 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/07/22 16:08:25.0148 2064 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/07/22 16:08:25.0172 2064 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/07/22 16:08:25.0211 2064 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 2011/07/22 16:08:25.0373 2064 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys 2011/07/22 16:08:25.0442 2064 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/07/22 16:08:25.0460 2064 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/07/22 16:08:25.0485 2064 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/07/22 16:08:25.0634 2064 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/07/22 16:08:25.0693 2064 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys 2011/07/22 16:08:25.0852 2064 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/07/22 16:08:25.0885 2064 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/07/22 16:08:25.0929 2064 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/07/22 16:08:26.0117 2064 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/07/22 16:08:26.0198 2064 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys 2011/07/22 16:08:26.0231 2064 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys 2011/07/22 16:08:26.0258 2064 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys 2011/07/22 16:08:26.0433 2064 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 2011/07/22 16:08:26.0518 2064 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 2011/07/22 16:08:26.0659 2064 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 2011/07/22 16:08:26.0701 2064 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 2011/07/22 16:08:26.0737 2064 SymIM (8eab28dd6cd25355b951ae460fa86b48) C:\Windows\system32\DRIVERS\SymIMv.sys 2011/07/22 16:08:26.0851 2064 Tcpip (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\drivers\tcpip.sys 2011/07/22 16:08:27.0051 2064 TCPIP6 (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\DRIVERS\tcpip.sys 2011/07/22 16:08:27.0200 2064 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 2011/07/22 16:08:27.0229 2064 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 2011/07/22 16:08:27.0254 2064 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys 2011/07/22 16:08:27.0278 2064 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 2011/07/22 16:08:27.0427 2064 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 2011/07/22 16:08:27.0494 2064 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/07/22 16:08:27.0639 2064 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 2011/07/22 16:08:27.0661 2064 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 2011/07/22 16:08:27.0703 2064 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 2011/07/22 16:08:27.0892 2064 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/07/22 16:08:27.0939 2064 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 2011/07/22 16:08:27.0961 2064 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 2011/07/22 16:08:28.0131 2064 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/07/22 16:08:28.0157 2064 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 2011/07/22 16:08:28.0187 2064 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys 2011/07/22 16:08:28.0221 2064 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys 2011/07/22 16:08:28.0368 2064 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 2011/07/22 16:08:28.0392 2064 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 2011/07/22 16:08:28.0443 2064 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/07/22 16:08:28.0465 2064 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/07/22 16:08:28.0610 2064 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys 2011/07/22 16:08:28.0707 2064 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/07/22 16:08:28.0738 2064 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/07/22 16:08:28.0891 2064 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/07/22 16:08:28.0916 2064 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/07/22 16:08:28.0983 2064 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 2011/07/22 16:08:29.0061 2064 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 2011/07/22 16:08:29.0104 2064 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 2011/07/22 16:08:29.0155 2064 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 2011/07/22 16:08:29.0259 2064 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 2011/07/22 16:08:29.0325 2064 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/07/22 16:08:29.0353 2064 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/07/22 16:08:29.0487 2064 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 2011/07/22 16:08:29.0585 2064 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/07/22 16:08:29.0702 2064 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 2011/07/22 16:08:29.0765 2064 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 2011/07/22 16:08:29.0886 2064 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/07/22 16:08:29.0898 2064 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/07/22 16:08:29.0965 2064 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 2011/07/22 16:08:30.0000 2064 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/07/22 16:08:30.0200 2064 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/07/22 16:08:30.0235 2064 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys 2011/07/22 16:08:30.0262 2064 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/07/22 16:08:30.0336 2064 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys 2011/07/22 16:08:30.0589 2064 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/07/22 16:08:30.0651 2064 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/07/22 16:08:30.0782 2064 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys 2011/07/22 16:08:30.0852 2064 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 2011/07/22 16:08:30.0911 2064 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/07/22 16:08:31.0082 2064 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys 2011/07/22 16:08:31.0176 2064 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys 2011/07/22 16:08:31.0232 2064 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/07/22 16:08:31.0252 2064 Boot (0x1200) (441163ebdf1808b7ccd9064192a56c53) \Device\Harddisk0\DR0\Partition0 2011/07/22 16:08:31.0261 2064 ================================================================================ 2011/07/22 16:08:31.0261 2064 Scan finished 2011/07/22 16:08:31.0261 2064 ================================================================================ 2011/07/22 16:08:31.0273 6648 Detected object count: 0 2011/07/22 16:08:31.0273 6648 Actual detected object count: 0 Results of screen317's Security Check version 0.99.17 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! ESET Online Scanner v3 SonicStage Mastering Studio Audio Filter Custom Preset WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 17 Java 6 Update 4 Out of date Java installed! Flash Player Out of Date! Adobe Flash Player 10.0.42.34 Mozilla Firefox (3.6.18) Firefox Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log```````````` Computer performing fine apart from start menu doesn't show anything in the place where it usually shows the most used items and the icons at the bottom of the taskbar have lost their shortcuts but I have just deleted them and replaced them and that has solved that. Thanks
  3. Hi, Could someone please tell me what to do from here on HJT. I have attached the log below. MBAM last report shows nothing. Thanks Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:56:40, on 19/07/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16800) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\ProgramData\ujErFEInePntXg.exe C:\Windows\system32\attrib.exe C:\Windows\system32\conhost.exe C:\ProgramData\32038648.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conhost.exe C:\Windows\system32\attrib.exe C:\Windows\system32\conhost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\attrib.exe C:\Windows\system32\conhost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe InitApp O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ujErFEInePntXg] C:\ProgramData\ujErFEInePntXg.exe O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} (PowerTerm Downloader Class) - http://gateway.kings-school.co.uk:8080/webconnect5.6/windows/ptdownloader.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1ca9c7161b3d982) (gupdate1ca9c7161b3d982) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: RtkHDMIService - Realtek Semiconductor - C:\Windows\RtkAudioService.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10816 bytes I decided to run combo fix while I was awaiting for a reply here. This was the log (I have edited the hosts file which I think is why it has denied rights to it.): ComboFix 11-07-19.01 - Jordan 19/07/2011 16:25:13.4.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3070.2096 [GMT 1:00] Running from: c:\users\Jordan\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\32038648.exe c:\programdata\ujErFEInePntXg.exe c:\users\Jordan\AppData\Local\{E0C24949-D0C7-4026-8E9C-D461CA5F7DB2} c:\users\Jordan\AppData\Local\{E0C24949-D0C7-4026-8E9C-D461CA5F7DB2}\chrome.manifest c:\users\Jordan\AppData\Local\{E0C24949-D0C7-4026-8E9C-D461CA5F7DB2}\chrome\content\_cfg.js c:\users\Jordan\AppData\Local\{E0C24949-D0C7-4026-8E9C-D461CA5F7DB2}\chrome\content\overlay.xul c:\users\Jordan\AppData\Local\{E0C24949-D0C7-4026-8E9C-D461CA5F7DB2}\install.rdf c:\users\Jordan\AppData\Roaming\Adobe\plugs c:\users\Jordan\AppData\Roaming\Adobe\plugs\mmc393373696.txt c:\users\Jordan\AppData\Roaming\Adobe\plugs\mmc393381465.txt c:\users\Jordan\AppData\Roaming\Adobe\shed c:\users\Jordan\AppData\Roaming\Adobe\shed\thr1.chm c:\users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Repair c:\users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Repair\Uninstall Windows 7 Repair.lnk c:\users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Repair\Windows 7 Repair.lnk . . ((((((((((((((((((((((((( Files Created from 2011-06-19 to 2011-07-19 ))))))))))))))))))))))))))))))) . . 2011-07-19 15:32 . 2011-07-19 15:32 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-07-19 15:32 . 2011-07-19 15:32 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-19 11:53 . 2011-07-19 11:53 388096 ---ha-r- c:\users\Jordan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-06-27 18:08 . 2011-06-27 18:08 0 ---ha-w- c:\users\Jordan\AppData\Local\BIT39E4.tmp 2011-06-26 22:57 . 2011-06-26 23:03 0 ---ha-w- c:\users\Jordan\AppData\Local\Ivonoboxeboda.bin 2011-06-26 22:53 . 2011-06-27 18:15 -------- d--h--w- c:\programdata\iF28601ImEdM28601 2011-06-24 06:18 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7CC225E-C3BE-4B2C-8486-51CA834BB5E0}\mpengine.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-29 08:11 . 2010-12-18 15:43 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-29 08:11 . 2010-12-18 15:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-28 03:00 . 2011-06-16 03:58 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-05-24 18:14 . 2010-02-15 16:57 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-04 02:43 . 2011-06-16 03:57 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-05-04 02:43 . 2011-06-16 03:57 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-05-04 02:43 . 2011-06-16 03:57 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-05-03 04:50 . 2011-06-16 03:58 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 02:57 . 2011-06-16 03:58 311296 ----a-w- c:\windows\system32\drivers\srv.sys 2011-04-29 02:57 . 2011-06-16 03:58 309760 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 02:57 . 2011-06-16 03:58 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-27 02:33 . 2011-06-16 03:58 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-04-25 04:56 . 2011-06-16 03:58 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-04-25 02:35 . 2011-06-16 03:58 338944 ----a-w- c:\windows\system32\drivers\afd.sys 2011-04-22 19:36 . 2011-05-29 23:11 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-04-22 19:31 . 2011-06-16 03:58 981504 ----a-w- c:\windows\system32\wininet.dll 2011-04-22 19:31 . 2011-06-16 03:58 44544 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-22 18:23 . 2011-06-16 03:58 386048 ----a-w- c:\windows\system32\html.iec 2010-07-30 20:31 . 2010-07-30 20:31 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-04-23 262144] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-29 6111232] "Skytel"="Skytel.exe" [2008-04-29 1826816] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152] "AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-03-26 1093632] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-11-03 36864] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 479232] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-15 149280] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-29 1047656] . c:\users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [2010-7-31 142336] PMB Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-7-3 327680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [2008-5-16 295606] Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-05-13 06:45 98304 ----a-w- c:\windows\System32\VESWinlogon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" "Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1ca9c7161b3d982;Google Update Service (gupdate1ca9c7161b3d982);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 133104] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-30 30192] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 133104] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-05 104288] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-03-05 350048] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-03-05 63328] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-03 1343400] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-04-03 229376] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032] S2 RtkHDMIService;RtkHDMIService;c:\windows\RtkAudioService.exe [2008-04-29 98304] S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [2007-11-10 104960] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-04-24 411488] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-01-31 17408] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] . . --- Other Services/Drivers In Memory --- . *Deregistered* - CO_Mon *Deregistered* - eeCtrl *Deregistered* - EraserUtilRebootDrv *Deregistered* - IDSvix86 *Deregistered* - SYMDNS *Deregistered* - SymEvent *Deregistered* - SYMFW *Deregistered* - SYMNDISV *Deregistered* - SYMREDRV *Deregistered* - SYMTDI . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HPService REG_MULTI_SZ HPSLPSVC HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder . 2011-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 21:15] . 2011-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 21:15] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.club-vaio.com uInternet Settings,ProxyOverride = <local> TCP: DhcpNameServer = 192.168.100.1 TCP: Interfaces\{6A15F037-A716-41E8-8743-92B5BF8B6261}: DhcpNameServer = 192.168.100.1 TCP: Interfaces\{B0843D91-B886-40FD-8674-F54AF50F7DAC}: DhcpNameServer = 80.58.61.250 80.58.61.254 DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} - hxxp://gateway.kings-school.co.uk:8080/webconnect5.6/windows/ptdownloader.cab FF - ProfilePath - c:\users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\8rzvtzqt.default\ FF - prefs.js: browser.startup.homepage - hxxps://admin.1and1.co.uk/xml/config/Login;jsessionid=1928AB7FF46F4242D2E2CD6E6CC1C8B5.TCpfix93b?__reuse=1295566200810 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . Supplementary scan did not complete! . - - - - ORPHANS REMOVED - - - - . HKCU-Run-ujErFEInePntXg - c:\programdata\ujErFEInePntXg.exe AddRemove-ENGINEER Student Edition Release Wildfire 5.0 Datecode M040 - c:\program files\ProENGINEER Student Edition\uninstall\i486_nt\obj\psuninst.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-07-19 16:39:38 ComboFix-quarantined-files.txt 2011-07-19 15:39 ComboFix2.txt 2011-01-15 18:04 . Pre-Run: 135,156,080,640 bytes free Post-Run: 134,550,142,976 bytes free . - - End Of File - - 7ECB4DB9B03CE453DE9D757E42B90700 I then decided to run dds and the logs are: DDS (Ver_2011-07-14.01) - NTFS_x86 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17 Run by Jordan at 17:24:16 on 2011-07-19 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3070.1792 [GMT 1:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\atiesrxx.exe C:\Windows\system32\atieclxx.exe C:\Windows\RtkAudioService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Windows\system32\taskeng.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Sony\Network Utility\NSUService.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Windows\system32\DllHost.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\DllHost.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Windows\system32\taskeng.exe C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskhost.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\IELowutil.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcrobatInfo.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\System32\svchost.exe -k secsvcs . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.club-vaio.com uProxyOverride = <local> BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\google bae\BAE.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe" uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p mRun: [Apoint] c:\program files\apoint\Apoint.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [skytel] Skytel.exe mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe" mRun: [AML] c:\program files\sony\vaio launcher\AML.exe InitApp mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [iSBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\users\jordan\appdata\roaming\micros~1\windows\startm~1\programs\startup\bbcipl~1.lnk - c:\program files\bbc iplayer desktop\BBC iPlayer Desktop.exe StartupFolder: c:\users\jordan\appdata\roaming\micros~1\windows\startm~1\programs\startup\pmbmed~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-f400-ba7e-000000000003}\_SC_Acrobat.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} - hxxp://gateway.kings-school.co.uk:8080/webconnect5.6/windows/ptdownloader.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab TCP: NameServer = 80.58.61.250 80.58.61.254 TCP: Interfaces\{2EE4A17B-A874-4C52-A158-1A6C14DDFEAF} : DHCPNameServer = 80.58.61.250 80.58.61.254 TCP: Interfaces\{2EE4A17B-A874-4C52-A158-1A6C14DDFEAF}\9434F4E4F4C4F47495 : DHCPNameServer = 195.54.226.10 195.54.225.10 TCP: Interfaces\{2EE4A17B-A874-4C52-A158-1A6C14DDFEAF}\9647E65647 : DHCPNameServer = 172.16.0.3 172.16.0.5 172.16.0.9 TCP: Interfaces\{2EE4A17B-A874-4C52-A158-1A6C14DDFEAF}\9647E65647D23747574656E647 : DHCPNameServer = 172.16.40.1 TCP: Interfaces\{6A15F037-A716-41E8-8743-92B5BF8B6261} : DHCPNameServer = 192.168.100.1 TCP: Interfaces\{879ACEB0-6A83-4FA5-8440-23CF6E9BC808} : DHCPNameServer = 80.58.61.250 80.58.61.254 TCP: Interfaces\{B0843D91-B886-40FD-8674-F54AF50F7DAC} : DHCPNameServer = 80.58.61.250 80.58.61.254 Handler: msdaipp - <Clsid value has no data> Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: VESWinlogon - VESWinlogon.dll mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "c:\program files\windows mail\WinMail.exe" OCInstallUserConfigOE . ================= FIREFOX =================== . FF - ProfilePath - c:\users\jordan\appdata\roaming\mozilla\firefox\profiles\8rzvtzqt.default\ FF - prefs.js: browser.startup.homepage - hxxps://admin.1and1.co.uk/xml/config/Login;jsessionid=1928AB7FF46F4242D2E2CD6E6CC1C8B5.TCpfix93b?__reuse=1295566200810 FF - plugin: c:\program files\common files\ptc\np6_pvapplite9.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} . ---- FIREFOX POLICIES ---- FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . ============= SERVICES / DRIVERS =============== . R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128] R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2008-11-3 229376] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032] R2 RtkHDMIService;RtkHDMIService;c:\windows\RTKAUDIOSERVICE.EXE [2008-5-16 98304] R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects\uCamMonitor.exe [2008-11-3 104960] R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-5-16 411488] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2008-11-3 17408] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-12-17 9344] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1ca9c7161b3d982;Google Update Service (gupdate1ca9c7161b3d982);c:\program files\google\update\GoogleUpdate.exe [2010-1-23 133104] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-11-3 30192] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-23 133104] S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-11-3 104288] S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-11-3 350048] S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-11-3 63328] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-11-3 333088] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-11-3 87328] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-3 1343400] S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-14 17920] . =============== File Associations =============== . ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe", "%1" ShellExec: VCExporterLaunch.exe: open="c:\program files\sony\vaio vp utilities\VCELaunch.exe" "%1" . =============== Created Last 30 ================ . 2011-07-19 16:11:15 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c95555ef-794d-48e7-ac21-acbf34467909}\mpengine.dll 2011-07-19 15:39:42 -------- d-sh--w- C:\$RECYCLE.BIN 2011-07-19 11:53:19 388096 ----a-r- c:\users\jordan\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2011-06-27 18:08:13 0 ----a-w- c:\users\jordan\appdata\local\BIT39E4.tmp 2011-06-26 22:57:44 0 ----a-w- c:\users\jordan\appdata\local\Ivonoboxeboda.bin 2011-06-26 22:53:44 -------- d-----w- c:\programdata\iF28601ImEdM28601 . ==================== Find3M ==================== . 2011-07-06 18:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 18:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-26 06:45:56 256000 ----a-w- c:\windows\PEV.exe 2011-05-28 03:00:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-05-24 18:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-04 02:43:59 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-05-04 02:43:48 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-05-04 02:43:41 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-05-03 04:50:29 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 02:57:34 311296 ----a-w- c:\windows\system32\drivers\srv.sys 2011-04-29 02:57:21 309760 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 02:57:13 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-27 02:33:46 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-04-25 04:56:06 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-04-25 02:35:40 338944 ----a-w- c:\windows\system32\drivers\afd.sys 2011-04-22 19:36:05 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-04-22 19:31:50 981504 ----a-w- c:\windows\system32\wininet.dll 2011-04-22 19:31:26 44544 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-22 18:23:59 386048 ----a-w- c:\windows\system32\html.iec . ============= FINISH: 17:24:46.84 =============== and... . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-07-14.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2 Install Date: 10/02/2010 13:50:06 System Uptime: 19/07/2011 17:03:02 (0 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core2 Duo CPU P8400 @ 2.26GHz | N/A | 2267/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 223 GiB total, 124.735 GiB free. D: is Removable E: is Removable F: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP LaserJet 4000 Series Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: Hewlett-Packard Name: HP LaserJet 4000 Series PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP LaserJet P3005 Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: Hewlett-Packard Name: HP LaserJet P3005 PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart C4500 series Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: HP Name: Photosmart C4500 series PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Symantec Network Security Intermediate Filter Driver Device ID: ROOT\LEGACY_SYMIM\0000 Manufacturer: Name: Symantec Network Security Intermediate Filter Driver PNP Device ID: ROOT\LEGACY_SYMIM\0000 Service: SymIM . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: atksgt Device ID: ROOT\LEGACY_ATKSGT\0000 Manufacturer: Name: atksgt PNP Device ID: ROOT\LEGACY_ATKSGT\0000 Service: atksgt . ==== System Restore Points =================== . RP142: 08/06/2011 21:26:13 - Installed Creo Thumbnail Viewer 1.0 RP143: 08/06/2011 21:26:56 - Installed ProductView Express 9.1 RP144: 15/06/2011 21:52:35 - Windows Update RP145: 17/06/2011 03:00:22 - Windows Update RP146: 17/06/2011 15:18:32 - Windows Update RP147: 22/06/2011 00:17:06 - Windows Update RP148: 24/06/2011 07:18:07 - Windows Update RP149: 27/06/2011 19:26:21 - Installed HiJackThis RP150: 19/07/2011 12:51:59 - Installed HiJackThis RP151: 19/07/2011 17:10:36 - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 1&1 EasyLogin 32 Bit HP CIO Components Installer AAC Decoder Activation Assistant for the 2007 Microsoft Office suites Adobe Acrobat 8 Standard - English, Français, Deutsch Adobe AIR Adobe Anchor Service CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe Common File Installer Adobe CSI CS4 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Dreamweaver CS4 Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Media Player Adobe Output Module Adobe PDF Library Files CS4 Adobe Photoshop Elements 6.0 Adobe Premiere Elements 4.0 Adobe Premiere Elements 4.0 Templates Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Shockwave Player Adobe Type Support CS4 Adobe Update Manager CS4 Adobe XMP Panels CS4 Alps Pointing-device for VAIO Apple Mobile Device Support Apple Software Update ArcSoft Magic-i Visual Effects ArcSoft WebCam Companion 2 ATI Catalyst Install Manager Atlantis - Sky Patrol (remove only) AutoUpdate BBC iPlayer Desktop Belkin N Wireless USB Adapter Setup Big Fish Games Center Big Fish Games Sudoku (remove only) Bonjour Browser Address Error Redirector BufferChm C4580 C4580_Help Cards_Calendar_OrderGift_DoMorePlugout Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Czech Catalyst Control Center Localization Danish Catalyst Control Center Localization Dutch Catalyst Control Center Localization Finnish Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Greek Catalyst Control Center Localization Hungarian Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Norwegian Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Russian Catalyst Control Center Localization Spanish Catalyst Control Center Localization Swedish Catalyst Control Center Localization Thai Catalyst Control Center Localization Turkish ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Choice Guard Click to Disc Click to Disc Editor Compatibility Pack for the 2007 Office system Connect Creo Elements/Pro Schools Edition Release 5.0 Datecode M080 Creo Thumbnail Viewer 1.0 CustomerResearchQFolder Destination Component DeviceDiscovery DeviceManagementQFolder DivX Codec DivX Converter DivX Player DivX Plus DirectShow Filters DivX Plus Web Player DivX Version Checker DMNetVuObserVer1_6_3 DocProc DocProcQFolder Dolby Control Center EPSON Printer Software ESET Online Scanner v3 eSupportQFolder File Uploader FileZilla Client 3.3.5.1 GameShadow GearDrvs GLIC Talk K1 Google Chrome Google Desktop Google Earth Google Talk (remove only) Google Toolbar for Internet Explorer Google Update Helper GPBaseService H.264 Decoder HDAUDIO SoftV92 Data Fax Modem with SmartCP HiJackThis HP Customer Participation Program 11.0 HP Imaging Device Functions 11.0 HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4 HP Photosmart Essential 2.5 HP Photosmart Essential 3.0 HP Smart Web Printing HP Solution Center 11.0 HP Update HPPhotoSmartPhotobookWebPack1 HPProductAssistant HPSSupply Image Optimizer 3.0 iTunes Java 6 Update 17 Java 6 Update 4 Ken Ward's Makeup 0.901 kuler Mahjong Towers Eternity (remove only) Malwarebytes' Anti-Malware version 1.51.1.1800 MarketResearch Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher 2003 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MKV Splitter Mozilla Firefox (3.6.18) MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Music Transfer My Club VAIO Mystery Case Files - Prime Suspects (remove only) Network Nikon Message Center Nikon Transfer OCR Software by I.R.I.S. 11.0 OGA Notifier 2.0.0048.0 OpenMG Secure Module 5.0.00 PanoStandAlone Photoshop Camera Raw Picasa 2 Picture Control Utility ProductView Express 9.1 Programming Editor PS_AIO_04_C4580_ProductContext PS_AIO_04_C4580_Software PS_AIO_04_C4580_Software_Min PSSWCORE QuickTime Realtek High Definition Audio Driver Roxio Central Audio Roxio Central Copy Roxio Central Core Roxio Central Data Roxio Central Tools Roxio Easy Media Creator 10 LJ Roxio Easy Media Creator Home Safari Scan screen-scraper basic edition Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft Office 2007 System (KB2541012) Security Update for Microsoft Office Excel 2007 (KB2541007) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2535818) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Setting Utility Series Shop for HP Supplies Skins Skype™ 4.0 SmartWebPrinting SolutionCenter SonicStage Mastering Studio SonicStage Mastering Studio Audio Filter SonicStage Mastering Studio Audio Filter Custom Preset SonicStage Mastering Studio Plugins Sony Picture Utility Sony Video Shared Library SopCast 3.2.9 Spotify Status Steam Suite Shared Configuration CS4 THE SETTLERS - Rise of an Empire Toolbox TrayApp UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VAIO Content Folder Setting VAIO Content Metadata Intelligent Analyzing Manager VAIO Content Metadata Manager Setting VAIO Content Metadata XML Interface Library VAIO Control Center VAIO Data Restore Tool VAIO DVD Menu Data Basic VAIO Edit Components 6.4 VAIO Entertainment Platform VAIO Event Service VAIO Guide VAIO Launcher Vaio Marketing Tools VAIO Media plus VAIO Movie Story VAIO Movie Story Template Data VAIO MusicBox VAIO MusicBox Sample Music VAIO Original Function Setting VAIO Power Management VAIO Presentation Support VAIO Smart Network VAIO Update 4 VAIO Wallpaper Contents VC80CRTRedist - 8.0.50727.4053 VideoToolkit01 ViewNX Virtual Villagers (remove only) WebReg WIDCOMM Bluetooth Software 6.1.0.2200 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Mobile Device Center Windows Mobile Device Center Driver Update WinDVD BD for VAIO WKO Lite . ==== Event Viewer Messages From Past Week ======== . 19/07/2011 17:19:41, Error: bowser [8003] - The master browser has received a server announcement from the computer JIMS-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2EE4A17B-A874-4C52-A158-1A6C14DDFE. The master browser is stopping or an election is being forced. 19/07/2011 17:06:21, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 19/07/2011 17:05:06, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom SymIM 19/07/2011 17:05:06, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting. 19/07/2011 17:03:24, Error: Service Control Manager [7000] - The atksgt service failed to start due to the following error: This driver has been blocked from loading 19/07/2011 17:03:24, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 19/07/2011 17:03:18, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter 19/07/2011 17:03:18, Error: atikmdag [43029] - Display is not active 19/07/2011 16:32:36, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 19/07/2011 16:21:38, Error: Service Control Manager [7034] - The XAudioService service terminated unexpectedly. It has done this 1 time(s). 19/07/2011 16:20:15, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SymIM 19/07/2011 13:22:45, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 19/07/2011 13:22:18, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 19/07/2011 13:22:18, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 19/07/2011 13:22:18, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 19/07/2011 13:21:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 19/07/2011 13:21:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 19/07/2011 13:21:02, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 19/07/2011 13:21:02, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 19/07/2011 13:21:00, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 19/07/2011 13:20:53, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 19/07/2011 13:20:45, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache DMICall NetBIOS NetBT nsiproxy Psched rdbss spldr SymIM tdx Wanarpv6 WfpLwf 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The VAIO Entertainment File Import Service service depends on the VAIO Entertainment Database Service service which failed to start because of the following error: The dependency service or group failed to start. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 19/07/2011 13:20:45, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 19/07/2011 12:57:19, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243 19/07/2011 12:48:00, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 19/07/2011 09:48:34, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD cdrom CSC DfsC discache DMICall NetBIOS NetBT nsiproxy Psched rdbss spldr SymIM tdx Wanarpv6 WfpLwf . ==== End Of File =========================== I also ran tdskiler but that showed nothing. I then decided to run HJT again and here is the log from that: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:05:08, on 19/07/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16800) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe InitApp O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} (PowerTerm Downloader Class) - http://gateway.kings-school.co.uk:8080/webconnect5.6/windows/ptdownloader.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1ca9c7161b3d982) (gupdate1ca9c7161b3d982) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: RtkHDMIService - Realtek Semiconductor - C:\Windows\RtkAudioService.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11401 bytes Sorry there is alot there but I think it is pretty much solved apart from the fact that I have lost the icons in the taskbar, however, this could have been due to me removing and replacing the javaw file from the windowss file to try and stop getting the virus. Thanks guys
  4. I have removed the virus btu would like someone to look at this HJT log if possible? Thanks in advance Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:28:31, on 25/05/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\Jordan\AppData\Roaming\Smilebox\SmileboxTray.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Users\Jordan\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\HWManager.exe C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Windows\SysWOW64\OSDFORM.exe C:\hp\support\hpsysdrv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe c:\program files (x86)\bbc iplayer desktop\bbc iplayer desktop.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Photoshop.exe C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Users\Jordan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=crossfire&pf=cndt R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [buttons & OSDs control application gen2] "C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP KEYBOARD] "C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [uCam_Menu] "c:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Jordan\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [smileboxTray] "C:\Users\Jordan\AppData\Roaming\Smilebox\SmileboxTray.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe O4 - Startup: LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab O16 - DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} (PowerTerm Downloader Class) - http://gateway.kings-school.co.uk:8080/webconnect5.6/windows/ptdownloader.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: toolbarchrome - {718733BC-AD64-4E5F-AC18-A85FBD75D54D} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\FileZillaFTP\FileZillaServer.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Touch Screen Enhance - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL - MySQL AB - C:\xampp\mysql\bin\mysqld.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Trend Micro RUBotted Service (RUBotSrv) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 19663 bytes
  5. I ran a MalwareBytes scan last night and it showed 3 errors so I asked it to delete them etc and restarted my computer but now any software I try and open it asks me what I would like to run it with, I cant run any scans etc as I cant open anything so what do I do? Thanks
  6. Here is the report: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6419 # api_version=3.0.2 # EOSSerial=e41e93a520a3354cbfa19da78ef9677e # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-01-15 09:39:33 # local_time=2011-01-15 09:39:33 (+0000, GMT Standard Time) # country="United Kingdom" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=512 16777215 100 0 2423828 2423828 0 0 # compatibility_mode=1024 16777215 100 0 2455452 2455452 0 0 # compatibility_mode=5893 16776573 100 94 89635 47588882 0 0 # compatibility_mode=8192 67108863 100 0 4210 4210 0 0 # scanned=190677 # found=0 # cleaned=0 # scan_time=5095
  7. Here is the combofix report: ComboFix 11-01-10.04 - Jordan 15/01/2011 17:50:31.3.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3070.2098 [GMT 0:00] Running from: c:\users\Jordan\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ((((((((((((((((((((((((( Files Created from 2010-12-15 to 2011-01-15 ))))))))))))))))))))))))))))))) . 2011-01-15 17:56 . 2011-01-15 17:56 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-15 17:47 . 2011-01-15 17:48 -------- d-----w- C:\32788R22FWJFW 2011-01-14 20:20 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{20F0A999-4F74-495C-8CF7-9659494B71BD}\mpengine.dll 2011-01-01 16:19 . 2011-01-01 16:19 -------- d-----w- c:\users\Jordan\AppData\Local\Apple Computer 2010-12-26 16:41 . 2010-12-26 16:41 -------- d-----w- c:\users\Jordan\AppData\Local\Apple 2010-12-24 01:08 . 2010-12-24 01:09 -------- d-----w- c:\program files\Ken Ward's Makeup 2010-12-23 18:30 . 2010-12-23 18:30 -------- d-----w- c:\program files\Geeks Ltd 2010-12-18 22:43 . 2010-12-31 13:17 -------- d-----w- c:\users\Jordan\AppData\Local\Adobe 2010-12-18 22:18 . 2010-12-18 22:18 -------- d-----w- c:\users\Jordan\Library 2010-12-18 22:18 . 2010-12-18 22:18 -------- d-----w- c:\users\Jordan\AppData\Roaming\com.adobe.ExMan 2010-12-18 19:57 . 2010-12-18 19:57 388096 ----a-r- c:\users\Jordan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-12-18 19:57 . 2010-12-18 19:57 -------- d-----w- c:\program files\Trend Micro 2010-12-18 15:43 . 2010-12-18 15:43 -------- d-----w- c:\users\Jordan\AppData\Roaming\Malwarebytes 2010-12-18 15:43 . 2010-12-20 18:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-18 15:43 . 2010-12-18 15:43 -------- d-----w- c:\programdata\Malwarebytes 2010-12-18 15:42 . 2011-01-13 00:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-18 15:42 . 2010-12-20 18:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-18 11:32 . 2010-12-18 11:32 -------- d-----w- C:\$AVG 2010-12-18 11:14 . 2010-12-18 11:14 -------- d-----w- c:\users\Jordan\AppData\Roaming\AVG10 2010-12-18 11:13 . 2010-12-18 11:13 -------- d--h--w- c:\programdata\Common Files 2010-12-18 11:12 . 2010-12-19 11:35 -------- d-----w- c:\programdata\AVG10 2010-12-18 11:10 . 2010-12-18 11:10 -------- d-----w- c:\program files\AVG 2010-12-18 03:33 . 2010-12-18 18:30 -------- d-----w- c:\users\Jordan\AppData\Roaming\Toge 2010-12-18 03:33 . 2010-12-18 16:03 -------- d-----w- c:\users\Jordan\AppData\Roaming\Guky 2010-12-18 03:32 . 2010-12-18 03:32 -------- d-----w- c:\windows\Sun 2010-12-18 00:32 . 2010-12-18 11:10 -------- d-----w- c:\programdata\MFAData . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-10-19 10:41 . 2010-02-15 16:57 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-07-30 20:31 . 2010-07-30 20:31 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-04-23 262144] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-29 6111232] "Skytel"="Skytel.exe" [2008-04-29 1826816] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152] "AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-03-26 1093632] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-11-03 36864] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 479232] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-15 149280] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976] c:\users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [2010-7-31 142336] PMB Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-7-3 327680] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [2008-5-16 295606] Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-05-13 06:45 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" "Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1ca9c7161b3d982;Google Update Service (gupdate1ca9c7161b3d982);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 133104] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-30 30192] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-05 104288] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-03-05 350048] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-03-05 63328] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-03 1343400] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-04-03 229376] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032] S2 RtkHDMIService;RtkHDMIService;c:\windows\RtkAudioService.exe [2008-04-29 98304] S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [2007-11-10 104960] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-04-24 411488] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-01-31 17408] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344] S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] --- Other Services/Drivers In Memory --- *Deregistered* - CO_Mon *Deregistered* - eeCtrl *Deregistered* - EraserUtilRebootDrv *Deregistered* - IDSvix86 *Deregistered* - SYMDNS *Deregistered* - SymEvent *Deregistered* - SYMFW *Deregistered* - SYMNDISV *Deregistered* - SYMREDRV *Deregistered* - SYMTDI [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HPService REG_MULTI_SZ HPSLPSVC HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder 2011-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 21:15] 2011-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 21:15] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.club-vaio.com uInternet Settings,ProxyOverride = <local> uInternet Settings,ProxyServer = http=127.0.0.1:8075 DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} - hxxp://gateway.kings-school.co.uk:8080/webconnect5.6/windows/ptdownloader.cab FF - ProfilePath - c:\users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\8rzvtzqt.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.egobba.de/company.htm|http://carbonium.pl/market/raw/ind/5|http://www.erepublik.com/en FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(5460) c:\windows\system32\btmmhook.dll c:\windows\system32\btncopy.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Sony\VAIO Event Service\VESMgr.exe c:\windows\system32\DllHost.exe c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe c:\windows\system32\atieclxx.exe c:\program files\Sony\VAIO Event Service\VESMgrSub.exe c:\windows\system32\DllHost.exe c:\windows\system32\taskhost.exe c:\program files\Sony\VAIO Power Management\SPMgr.exe c:\program files\Sony\VAIO Update 4\VAIOUpdt.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conhost.exe c:\program files\Apoint\ApMsgFwd.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Apoint\Apntex.exe c:\windows\system32\conhost.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\windows\system32\sppsvc.exe c:\windows\system32\taskhost.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\system32\consent.exe . ************************************************************************** . Completion time: 2011-01-15 18:04:45 - machine was rebooted ComboFix-quarantined-files.txt 2011-01-15 18:04 Pre-Run: 150,016,749,568 bytes free Post-Run: 149,653,331,968 bytes free - - End Of File - - A246DE7F71B86AA885EFFCE4C294567E Thanks
  8. Have checked the proxy seetings and they are still unchecked, i.e. how they should be. That is what i set my hompeage to, god knows why! dont really use firefox so yer. I didnt run ESet but I ran tds killer. I am not using norton, its just reminants of it remain which I struggle to get rid of, but have jsut managed to get rid of a bit more so that may have solved it. No AVG is there according to control panel and the directory shows no folder left. It could just have been where I had a disk of it in the dvd drive? Hope that helps, Thanks.
  9. Here is the rootkit report: RkU Version: 3.8.388.590, Type LE (SR2) ============================================== OS Name: Windows 7 Version 6.1.7600 Number of processors #2 ============================================== >Processes ============================================== 0x89F87D40 [112] C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation, VAIO Smart Network) 0x87578A70 [288] C:\Windows\System32\smss.exe (Microsoft Corporation, Windows Session Manager) 0x8A13B600 [300] C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation, VAIO Event Service (Service Module)) 0x85CE74E8 [308] C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe (Symantec Corporation, Symantec Service Framework) 0x891A5530 [456] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client Server Runtime Process) 0x89FA6550 [468] C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe (Symantec Corporation, Symantec Service Framework) 0x895CFD40 [528] C:\Windows\System32\wininit.exe (Microsoft Corporation, Windows Start-Up Application) 0x8783BD40 [536] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client Server Runtime Process) 0x895FC930 [576] C:\Windows\System32\services.exe (Microsoft Corporation, Services and Controller app) 0x89729030 [596] C:\Windows\System32\lsass.exe (Microsoft Corporation, Local Security Authority Process) 0x89729A28 [604] C:\Windows\System32\lsm.exe (Microsoft Corporation, Local Session Manager Service) 0x8A1579D8 [664] C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation, SPMService.exe) 0x8977FA58 [720] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x85D09970 [792] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard, hpwuSchd Application) 0x897A72B0 [796] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x897B52C0 [852] C:\Windows\System32\atiesrxx.exe (AMD, AMD External Events Service Module) 0x897EF030 [892] C:\Windows\System32\winlogon.exe (Microsoft Corporation, Windows Logon Application) 0x897FE030 [940] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x89904D40 [980] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x89914318 [1020] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x89FE2628 [1124] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x899B0030 [1244] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x85DB1500 [1296] C:\Windows\System32\taskhost.exe (Microsoft Corporation, Host Process for Windows Tasks) 0x89FE8A40 [1304] C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc., MgiSvr) 0x89B63530 [1316] C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor, Realtek Audio Service) 0x89BFDD40 [1384] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x89D3CD40 [1504] C:\Windows\System32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App) 0x89B21D40 [1532] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x89D77D40 [1616] C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 0x89D7E030 [1676] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc., Apple Mobile Device Service) 0x89D96448 [1736] C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc., Bonjour Service) 0x89B0F6D8 [1780] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x89DBD030 [1808] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x89DBB8C8 [1844] C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo, RegMgr Module) 0x85E1B448 [1896] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE, Marketing Tools) 0x89DE8AD0 [1920] C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe (Symantec Corporation, Norton PC Checkup Launcher Service) 0x8A16E948 [2064] C:\Windows\System32\dllhost.exe (Microsoft Corporation, COM Surrogate) 0x8A346030 [2176] C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation, VAIO Entertainment UPnP Client Adapter) 0x8A359568 [2232] C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc., Modem Audio Service) 0x88F99030 [2268] C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation, VAIO Entertainment Database Service) 0x8A37F900 [2320] C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation, VAIO Entertainment File Import Service) 0x876038D8 [2464] C:\Windows\System32\dwm.exe (Microsoft Corporation, Desktop Window Manager) 0x85DED8B0 [2752] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation, Nikon Transfer Monitor) 0x85E19D40 [2840] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation, -) 0x85D56D40 [2856] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc., iTunesHelper Module) 0x85DA6860 [2864] C:\Windows\explorer.exe (Microsoft Corporation, Windows Explorer) 0x8A3AE5D8 [3004] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x89B80030 [3040] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x85D18770 [3168] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x85E28668 [3188] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc., Java Platform SE binary) 0x85D92348 [3196] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation, SPMgr.exe) 0x8769B9E0 [3280] C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation, Firefox) 0x8A5F62D0 [3292] C:\Windows\System32\notepad.exe (Microsoft Corporation, Notepad) 0x8608A458 [3324] C:\Windows\System32\wuauclt.exe (Microsoft Corporation, Windows Update) 0x88BFD878 [3408] C:\Windows\System32\WUDFHost.exe (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Host Process) 0x89BBAB38 [3508] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x85CDD838 [3756] C:\Windows\System32\atieclxx.exe (AMD, AMD External Events Client Module) 0x85CA59D8 [3776] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd., Alps Pointing-device Driver) 0x85CE3410 [3828] C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation, VAIO Event Service(Service Sub Module)) 0x85CF43C0 [3936] C:\Windows\System32\dllhost.exe (Microsoft Corporation, COM Surrogate) 0x85D3ED40 [3980] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc., AcroTray) 0x85E79930 [4028] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google, Google Desktop) 0x85E94D40 [4328] C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd., ApMsgFwd) 0x85E9E8B0 [4356] C:\Program Files\iPod\bin\iPodService.exe (Apple Inc., iPodService Module) 0x85EAC728 [4364] C:\Windows\System32\taskeng.exe (Microsoft Corporation, Task Scheduler Engine) 0x85E8CD40 [4464] C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation, VAIO Update) 0x85E54D40 [4584] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation, VAIO Smart Network) 0x85F13D40 [4652] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation, Windows Desktop Gadgets) 0x85E7F4F0 [4668] C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd., Alps Pointing-device Driver for Windows NT/2000/XP/Vista) 0x85F13640 [4692] C:\Windows\System32\conhost.exe (Microsoft Corporation, Console Window Host) 0x86026728 [4760] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x864AE030 [4832] C:\Users\Jordan\Downloads\OTL.exe (OldTimer Tools, -) 0x89DEB030 [4872] C:\Users\Jordan\Downloads\RKUnhookerLE.EXE (UG North, RKULE, SR2 Normandy) 0x85EF9560 [4960] C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation, Microsoft Windows Search Indexer) 0x85EFE4F8 [5060] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation., Bluetooth Tray Application) 0x85EA2030 [5072] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co., HP Digital Imaging Monitor) 0x85C9BD40 [5088] C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe 0x85CBD520 [5108] C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation, Media Check Tool) 0x86328738 [5128] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services) 0x86180030 [5324] C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation, Windows Modules Installer) 0x85F21D40 [5380] C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation., Bluetooth Stack COM Server) 0x85DE6030 [5416] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc., Activation Licensing Service) 0x85F20030 [5512] C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation, Windows Media Player Network Sharing Service) 0x8689DB28 [5536] C:\Windows\System32\notepad.exe (Microsoft Corporation, Notepad) 0x85FAA620 [5964] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation, PresentationFontCache.exe) 0x85B44B30 [4] System 0x86843D40 [4008] C:\Windows\System32\audiodg.exe (Microsoft Corporation, Windows Audio Device Graph Isolation ) ============================================== >Drivers ============================================== 0x91C1A000 C:\Windows\system32\DRIVERS\atikmdag.sys 5328896 bytes (ATI Technologies Inc., ATI Radeon Kernel Mode Driver) 0x93A09000 C:\Windows\system32\DRIVERS\netw5v32.sys 4272128 bytes (Intel Corporation, Intel
  10. Here is the OTL log: OTL logfile created on: 14/01/2011 20:12:32 - Run 1 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Jordan\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 69.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.64 Gb Total Space | 139.62 Gb Free Space | 62.71% Space Free | Partition Type: NTFS Drive F: | 574.94 Mb Total Space | 434.39 Mb Free Space | 75.56% Space Free | Partition Type: UDF Computer Name: JORDAN-LAPTOP | User Name: Jordan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/01/14 20:11:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Downloads\OTL.exe PRC - [2010/12/10 18:30:45 | 000,120,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe PRC - [2010/08/13 07:57:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe PRC - [2010/07/31 20:31:34 | 000,142,336 | ---- | M] () -- C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe PRC - [2010/07/30 20:31:36 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe PRC - [2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/08/24 22:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe PRC - [2009/08/18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/07/14 01:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/14 01:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009/05/29 16:58:46 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe PRC - [2008/11/28 16:40:16 | 000,327,680 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe PRC - [2008/11/03 19:58:44 | 000,036,864 | ---- | M] (Sony NSCE) -- C:\Program Files\Sony\Marketing Tools\MarketingTools.exe PRC - [2008/08/24 11:59:12 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe PRC - [2008/05/13 06:45:06 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe PRC - [2008/05/13 06:45:06 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2008/04/29 04:48:08 | 000,098,304 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE PRC - [2008/04/24 21:06:12 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe PRC - [2008/04/24 21:06:10 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe PRC - [2008/04/23 01:08:04 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\LANUtil.exe PRC - [2008/04/04 03:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe PRC - [2008/04/03 23:52:46 | 000,229,376 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\NSUService.exe PRC - [2008/02/23 00:38:50 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe PRC - [2008/02/23 00:38:50 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe PRC - [2008/02/23 00:38:49 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe PRC - [2008/02/15 19:56:56 | 000,147,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe PRC - [2008/02/15 19:56:54 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2008/02/15 19:56:50 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe PRC - [2007/11/10 01:34:28 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe PRC - [2007/10/30 18:04:08 | 001,804,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2007/10/30 18:04:08 | 000,748,072 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2007/09/11 08:45:04 | 000,124,832 | ---- | M] () -- c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe PRC - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe PRC - [2006/10/23 06:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe ========== Modules (SafeList) ========== MOD - [2011/01/14 20:11:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Downloads\OTL.exe MOD - [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009/07/14 01:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 01:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 01:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009/07/14 01:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 01:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009/07/14 01:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 01:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 01:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 01:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 01:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/12/10 18:30:45 | 000,120,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher) SRV - [2010/11/02 04:36:16 | 000,801,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2010/08/13 07:57:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/07/30 20:31:36 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108) SRV - [2010/07/03 22:30:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/10 14:34:09 | 000,326,792 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009/08/24 22:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe -- (PCCUJobMgr) SRV - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/14 01:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 01:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 01:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009/07/14 01:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 01:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009/07/14 01:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 01:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 01:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/07/14 01:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009/07/14 01:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009/07/14 01:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 01:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 01:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV) SRV - [2009/07/14 01:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 01:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate) SRV - [2008/05/13 06:45:06 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2008/04/29 04:48:08 | 000,098,304 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkHDMIService) SRV - [2008/04/24 21:06:10 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2008/04/03 23:52:46 | 000,229,376 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService) SRV - [2008/03/05 04:58:30 | 000,063,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs) SRV - [2008/03/05 04:56:42 | 000,350,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms) SRV - [2008/03/05 04:54:50 | 000,104,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp) SRV - [2008/03/03 22:45:48 | 000,333,088 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2008/03/03 21:27:14 | 000,087,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper) SRV - [2008/02/21 22:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2008/02/15 19:56:56 | 000,147,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw) SRV - [2008/02/15 19:56:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2008/02/15 19:56:54 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2008/02/15 19:56:50 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw) SRV - [2007/11/28 10:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2007/11/28 10:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2007/11/28 09:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2007/11/10 01:34:28 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor) SRV - [2007/09/11 08:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0) SRV - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - [2009/12/11 07:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009/08/18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009/07/14 01:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009/07/14 01:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009/07/14 01:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009/07/14 01:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009/07/14 01:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009/07/14 01:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009/07/14 01:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009/07/14 01:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009/07/14 01:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009/07/14 01:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009/07/14 01:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009/07/14 01:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009/07/14 01:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009/07/14 01:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009/07/14 01:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009/07/14 01:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009/07/14 01:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009/07/14 01:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009/07/14 01:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009/07/14 01:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009/07/14 01:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009/07/14 01:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009/07/14 01:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009/07/14 01:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009/07/14 01:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009/07/14 01:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009/07/14 01:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009/07/14 01:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009/07/14 01:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009/07/14 01:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/14 01:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009/07/14 01:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009/07/14 01:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009/07/14 01:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009/07/14 01:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009/07/14 01:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009/07/14 01:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009/07/14 01:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009/07/14 01:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009/07/14 00:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009/07/14 00:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2009/07/14 00:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009/07/14 00:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009/07/13 23:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009/07/13 23:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009/07/13 23:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009/07/13 23:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009/07/13 23:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci) DRV - [2009/07/13 23:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009/07/13 23:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009/07/13 23:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009/07/13 23:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009/07/13 23:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009/07/13 23:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009/07/13 23:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009/07/13 23:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009/07/13 23:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009/07/13 23:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009/07/13 23:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009/07/13 22:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 22:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009/07/13 22:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009/07/13 22:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009/07/13 22:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009/07/13 22:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009/07/13 22:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009/07/13 22:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel® DRV - [2009/07/13 22:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009/07/13 22:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009/07/13 22:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009/02/19 11:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2008/12/29 15:49:15 | 000,278,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2008/12/29 15:49:14 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2008/04/29 04:47:43 | 002,126,688 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/04/28 01:19:55 | 000,142,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2008/04/22 22:43:36 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall) DRV - [2008/04/22 00:20:41 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008/04/16 00:04:24 | 000,046,592 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk) DRV - [2008/04/16 00:04:12 | 000,068,096 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2008/02/23 00:38:50 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008/01/31 01:33:28 | 000,017,408 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV - [2007/12/17 01:57:23 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) DRV - [2007/12/13 00:05:02 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007/12/13 00:04:51 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2007/12/13 00:04:44 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2007/12/13 00:04:44 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2007/05/26 08:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2007/04/18 04:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8075 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.egobba.de/company.htm|http://carbonium.pl/market/raw/ind/5|http://www.erepublik.com/en" FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/02/10 12:41:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/20 00:54:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/19 17:21:51 | 000,000,000 | ---D | M] [2010/02/10 13:04:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions [2009/10/04 11:47:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2011/01/14 00:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\8rzvtzqt.default\extensions [2010/02/10 13:04:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\8rzvtzqt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/02/10 13:04:11 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\8rzvtzqt.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010/12/19 15:49:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/12/19 17:21:37 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2010/12/19 17:21:37 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2010/12/19 17:21:37 | 000,000,759 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2010/12/19 17:21:38 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2010/08/14 08:11:48 | 000,001,213 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE) O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} http://gateway.kings-school.co.uk:8080/web...tdownloader.cab (PowerTerm Downloader Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/01/12 23:42:49 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011/01/12 23:42:43 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2011/01/12 23:42:43 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011/01/12 23:42:43 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011/01/12 23:42:42 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2011/01/12 23:42:42 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2011/01/12 23:42:42 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2011/01/12 23:42:42 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011/01/12 23:42:42 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011/01/12 23:42:41 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2011/01/12 23:42:41 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2011/01/12 23:42:41 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2011/01/12 23:42:41 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2011/01/12 23:42:41 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2011/01/12 23:42:41 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2011/01/12 23:42:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011/01/01 16:19:01 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Apple Computer [2010/12/26 16:41:14 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Apple [2010/12/24 01:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ken Ward's Makeup [2010/12/24 01:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\Ken Ward's Makeup [2010/12/23 18:30:58 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Geeks Ltd [2010/12/23 18:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\Geeks Ltd [2010/12/20 00:37:31 | 000,000,000 | ---D | C] -- C:\Windows\E80F62FF5D3C4A1984099721F2928206.TMP [2010/12/19 23:48:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010/12/19 14:25:41 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010/12/19 14:12:53 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010/12/19 14:12:51 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/12/19 14:12:51 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/12/19 14:12:50 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2010/12/19 14:12:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/12/19 14:12:25 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/12/19 14:12:22 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/12/19 14:12:22 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/12/19 14:12:22 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/12/19 14:12:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/12/19 14:12:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/12/19 14:12:22 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/12/19 14:12:22 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010/12/19 14:12:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/12/19 14:12:21 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/12/19 14:12:21 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/12/19 14:12:15 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010/12/19 14:12:15 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010/12/19 14:12:15 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010/12/19 14:12:15 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2010/12/19 14:12:12 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/12/19 14:04:10 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\tdsskiller [2010/12/18 23:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/12/18 22:43:24 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Adobe [2010/12/18 22:18:31 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Library [2010/12/18 22:18:31 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\com.adobe.ExMan [2010/12/18 19:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010/12/18 19:57:43 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2010/12/18 15:43:12 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Malwarebytes [2010/12/18 15:43:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/18 15:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2010/12/18 15:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/12/18 15:42:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/18 15:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/12/18 11:32:55 | 000,000,000 | ---D | C] -- C:\$AVG [2010/12/18 11:14:50 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\AVG10 [2010/12/18 11:13:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2010/12/18 11:12:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10 [2010/12/18 11:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2010/12/18 03:33:01 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Toge [2010/12/18 03:33:01 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Guky [2010/12/18 03:32:50 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010/12/18 01:06:13 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010/12/18 00:32:38 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/14 20:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/14 19:57:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/14 00:37:34 | 000,010,560 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/14 00:37:34 | 000,010,560 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/14 00:30:31 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/14 00:28:16 | 2414,374,912 | -HS- | M] () -- C:\hiberfil.sys [2011/01/09 22:57:40 | 000,000,240 | ---- | M] () -- C:\Users\Jordan\Desktop\HP Windows 7 Full Feature Printer Software alert 1.url [2010/12/24 01:08:12 | 000,000,946 | ---- | M] () -- C:\Users\Jordan\Desktop\Ken Ward's Makeup.lnk [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/20 11:04:04 | 000,450,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/12/20 00:35:45 | 000,005,115 | ---- | M] () -- C:\ProgramData\N360BUOptions.ini [2010/12/19 14:02:28 | 001,232,020 | ---- | M] () -- C:\Users\Jordan\Desktop\tdsskiller.zip [2010/12/19 12:14:45 | 199,507,152 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/12/18 19:57:43 | 000,002,969 | ---- | M] () -- C:\Users\Jordan\Desktop\HiJackThis.lnk [2010/12/18 15:43:04 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/18 03:12:36 | 000,002,157 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/12/18 02:19:21 | 000,001,059 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk [2010/12/18 00:29:23 | 000,000,120 | ---- | M] () -- C:\Users\Jordan\AppData\Local\Xmofuqolezibaha.dat [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/09 22:57:39 | 000,000,240 | ---- | C] () -- C:\Users\Jordan\Desktop\HP Windows 7 Full Feature Printer Software alert 1.url [2010/12/24 01:08:12 | 000,000,946 | ---- | C] () -- C:\Users\Jordan\Desktop\Ken Ward's Makeup.lnk [2010/12/20 00:35:45 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini [2010/12/19 14:02:12 | 001,232,020 | ---- | C] () -- C:\Users\Jordan\Desktop\tdsskiller.zip [2010/12/18 19:57:43 | 000,002,969 | ---- | C] () -- C:\Users\Jordan\Desktop\HiJackThis.lnk [2010/12/18 15:43:04 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/18 01:05:47 | 199,507,152 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010/12/18 00:29:23 | 000,000,120 | ---- | C] () -- C:\Users\Jordan\AppData\Local\Xmofuqolezibaha.dat [2010/02/17 15:35:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/02/15 17:41:26 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLdw.DAT [2010/02/15 17:38:54 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLdu.DAT [2009/12/30 16:56:32 | 000,000,268 | RH-- | C] () -- C:\Users\Jordan\AppData\Roaming\Gems [2009/12/30 14:41:35 | 000,000,268 | RH-- | C] () -- C:\Users\Jordan\AppData\Roaming\Grand Piano [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/03/01 20:05:23 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2008/12/29 15:49:14 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2008/12/29 15:49:14 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2008/11/04 21:39:31 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2008/11/03 20:07:13 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2008/11/03 20:02:09 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll [2008/11/03 19:40:40 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2007/10/30 17:44:52 | 000,393,216 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2007/09/11 23:57:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2001/11/14 20:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2010/12/18 11:14:50 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\AVG10 [2010/07/31 20:31:44 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1 [2010/12/18 22:18:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\com.adobe.ExMan [2010/02/10 13:03:51 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Ericom [2010/12/18 16:03:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Guky [2010/02/10 13:03:51 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\InterVideo [2010/02/10 13:03:55 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\LimeWire [2010/02/10 13:04:11 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Nikon [2010/02/10 13:04:17 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Sports Interactive [2010/12/13 19:21:05 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Spotify [2010/02/10 13:04:27 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Tific [2010/12/18 18:30:30 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Toge [2010/12/18 00:59:23 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Usri [2010/12/18 00:50:37 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Zexyf [2010/12/18 20:41:11 | 000,016,236 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Thanks
  11. Thank you very much, have disabled the proxy settings and it now actually lets me connect to the internet. Here is the dds report, will work my way through the rest: DDS (Ver_10-12-12.02) - NTFSx86 Run by Jordan at 20:07:17.64 on 14/01/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3070.2062 [GMT 0:00] SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\RtkAudioService.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe C:\Program Files\Sony\Network Utility\NSUService.exe C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Windows\system32\DllHost.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\atieclxx.exe C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\taskhost.exe C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\taskeng.exe C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Jordan\Downloads\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.club-vaio.com uInternet Settings,ProxyOverride = <local> uInternet Settings,ProxyServer = http=127.0.0.1:8075 BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\progra~1\google~1\BAE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe" uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun mRun: [Apoint] c:\program files\apoint\Apoint.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [skytel] Skytel.exe mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe" mRun: [AML] c:\program files\sony\vaio launcher\AML.exe InitApp mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [iSBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript StartupFolder: c:\users\jordan\appdata\roaming\micros~1\windows\startm~1\programs\startup\bbcipl~1.lnk - c:\program files\bbc iplayer desktop\BBC iPlayer Desktop.exe StartupFolder: c:\users\jordan\appdata\roaming\micros~1\windows\startm~1\programs\startup\pmbmed~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-f400-ba7e-000000000003}\_SC_Acrobat.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} - hxxp://gateway.kings-school.co.uk:8080/webconnect5.6/windows/ptdownloader.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: VESWinlogon - VESWinlogon.dll AppInit_DLLs: c:\progra~1\google\google~1\GoogleDesktopNetwork3.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\jordan\appdata\roaming\mozilla\firefox\profiles\8rzvtzqt.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.egobba.de/company.htm|http://carbonium.pl/market/raw/ind/5|http://www.erepublik.com/en FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} ---- FIREFOX POLICIES ---- FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false ============= SERVICES / DRIVERS =============== R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128] R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup\norton pc checkup\engine\2.0.2.506\SymcPCCULaunchSvc.exe [2009-12-19 120248] R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2008-11-3 229376] R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\norton pc checkup\norton pc checkup\engine\2.0.2.506\ccSvcHst.exe [2009-12-19 126392] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032] R2 RtkHDMIService;RtkHDMIService;c:\windows\RTKAUDIOSERVICE.EXE [2008-5-16 98304] R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects\uCamMonitor.exe [2008-11-3 104960] R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-5-16 411488] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2008-11-3 17408] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-12-17 9344] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-14 17920] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1ca9c7161b3d982;Google Update Service (gupdate1ca9c7161b3d982);c:\program files\google\update\GoogleUpdate.exe [2010-1-23 133104] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-11-3 30192] S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-11-3 104288] S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-11-3 350048] S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-11-3 63328] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-11-3 333088] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-11-3 87328] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-3 1343400] =============== Created Last 30 ================ 2011-01-12 23:40:37 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{e34f5cd4-95d6-4b1d-997e-e0f998c6be8d}\mpengine.dll 2011-01-01 16:19:01 -------- d-----w- c:\users\jordan\appdata\local\Apple Computer 2010-12-26 16:41:14 -------- d-----w- c:\users\jordan\appdata\local\Apple 2010-12-24 01:08:12 -------- d-----w- c:\program files\Ken Ward's Makeup 2010-12-23 18:30:58 -------- d-----w- c:\program files\Geeks Ltd 2010-12-20 00:37:31 -------- d-----w- c:\windows\E80F62FF5D3C4A1984099721F2928206.TMP 2010-12-19 23:48:48 -------- d-sh--w- C:\$RECYCLE.BIN 2010-12-18 23:17:55 -------- d-----w- c:\program files\ESET 2010-12-18 22:43:24 -------- d-----w- c:\users\jordan\appdata\local\Adobe 2010-12-18 22:18:31 -------- d-----w- c:\users\jordan\Library 2010-12-18 22:18:31 -------- d-----w- c:\users\jordan\appdata\roaming\com.adobe.ExMan 2010-12-18 19:57:43 388096 ----a-r- c:\users\jordan\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2010-12-18 19:57:43 -------- d-----w- c:\program files\Trend Micro 2010-12-18 15:43:12 -------- d-----w- c:\users\jordan\appdata\roaming\Malwarebytes 2010-12-18 15:43:03 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-18 15:43:03 -------- d-----w- c:\progra~2\Malwarebytes 2010-12-18 15:42:59 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-18 15:42:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-18 11:32:55 -------- d-----w- C:\$AVG 2010-12-18 11:14:50 -------- d-----w- c:\users\jordan\appdata\roaming\AVG10 2010-12-18 11:13:39 -------- d--h--w- c:\progra~2\Common Files 2010-12-18 11:12:13 -------- d-----w- c:\progra~2\AVG10 2010-12-18 11:10:39 -------- d-----w- c:\program files\AVG 2010-12-18 03:33:01 -------- d-----w- c:\users\jordan\appdata\roaming\Toge 2010-12-18 03:33:01 -------- d-----w- c:\users\jordan\appdata\roaming\Guky 2010-12-18 00:32:38 -------- d-----w- c:\progra~2\MFAData ==================== Find3M ==================== 2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-02 04:41:36 442880 ----a-w- c:\windows\system32\XpsPrint.dll 2010-11-02 04:41:36 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2010-11-02 04:41:36 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 04:36:16 801792 ----a-w- c:\windows\system32\FntCache.dll 2010-11-02 04:35:51 1074176 ----a-w- c:\windows\system32\DWrite.dll 2010-11-02 04:35:35 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2010-11-02 04:35:34 739840 ----a-w- c:\windows\system32\d2d1.dll 2010-11-02 04:35:34 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2010-11-02 04:35:34 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe 2010-11-02 04:23:44 107520 ----a-w- c:\windows\system32\cdd.dll 2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll 2010-10-20 04:54:18 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-10-20 03:00:24 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-10-20 02:58:41 294400 ----a-w- c:\windows\system32\atmfd.dll 2010-10-19 10:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe ============= FINISH: 20:08:03.86 =============== Thanks
  12. Hi, I had a trojan on my system but I think I have got rid of it as the virus scan shows nothing infected, however when I try to use google chrome it says im trying to connect through a proxy ( which im not). I have also run TDS killer and that showed nothing. What could be causing the chrome issue? Here is the HJT log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:10:20, on 14/01/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8075 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe InitApp O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} (PowerTerm Downloader Class) - http://gateway.kings-school.co.uk:8080/web...tdownloader.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1ca9c7161b3d982) (gupdate1ca9c7161b3d982) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe O23 - Service: RtkHDMIService - Realtek Semiconductor - C:\Windows\RtkAudioService.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11943 bytes Thanks,
  13. Thank you very much, you have been of amazing help to me over the last couple of days and everything seems to be working well now. I will heed your advice, the norton is only a left over trial thing that needs removing. Thanks again.
  14. Here is the combofix report: ComboFix 10-12-18.02 - Jordan 19/12/2010 23:40:17.2.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3070.1925 [GMT 0:00] Running from: c:\users\Jordan\Desktop\ComboFix.exe Command switches used :: c:\users\Jordan\Desktop\CFScript.txt AV: Norton 360 *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} SP: Norton 360 *Disabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FILE :: "c:\users\Jordan\AppData\Local\Ivonoboxeboda.bin" file zipped: c:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\uhas.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\uhas.exe c:\users\Jordan\AppData\Local\Ivonoboxeboda.bin . ((((((((((((((((((((((((( Files Created from 2010-11-19 to 2010-12-19 ))))))))))))))))))))))))))))))) . 2010-12-19 23:46 . 2010-12-19 23:46 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-12-19 17:24 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5636DC48-F26A-4B5F-8F95-7F2E8B909788}\mpengine.dll 2010-12-18 23:17 . 2010-12-18 23:17 -------- d-----w- c:\program files\ESET 2010-12-18 22:43 . 2010-12-18 22:43 -------- d-----w- c:\users\Jordan\AppData\Local\Adobe 2010-12-18 22:18 . 2010-12-18 22:18 -------- d-----w- c:\users\Jordan\Library 2010-12-18 22:18 . 2010-12-18 22:18 -------- d-----w- c:\users\Jordan\AppData\Roaming\com.adobe.ExMan 2010-12-18 19:57 . 2010-12-18 19:57 388096 ----a-r- c:\users\Jordan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-12-18 19:57 . 2010-12-18 19:57 -------- d-----w- c:\program files\Trend Micro 2010-12-18 15:43 . 2010-12-18 15:43 -------- d-----w- c:\users\Jordan\AppData\Roaming\Malwarebytes 2010-12-18 15:43 . 2010-12-18 15:43 -------- d-----w- c:\programdata\Malwarebytes 2010-12-18 15:43 . 2010-11-29 17:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-18 15:42 . 2010-12-18 15:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-18 15:42 . 2010-11-29 17:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-18 11:32 . 2010-12-18 11:32 -------- d-----w- C:\$AVG 2010-12-18 11:14 . 2010-12-18 11:14 -------- d-----w- c:\users\Jordan\AppData\Roaming\AVG10 2010-12-18 11:13 . 2010-12-18 11:13 -------- d--h--w- c:\programdata\Common Files 2010-12-18 11:12 . 2010-12-19 11:35 -------- d-----w- c:\programdata\AVG10 2010-12-18 11:10 . 2010-12-18 11:10 -------- d-----w- c:\program files\AVG 2010-12-18 03:33 . 2010-12-18 18:30 -------- d-----w- c:\users\Jordan\AppData\Roaming\Toge 2010-12-18 03:33 . 2010-12-18 16:03 -------- d-----w- c:\users\Jordan\AppData\Roaming\Guky 2010-12-18 03:32 . 2010-12-18 03:32 -------- d-----w- c:\windows\Sun 2010-12-18 00:32 . 2010-12-18 11:10 -------- d-----w- c:\programdata\MFAData 2010-12-05 17:35 . 2010-12-05 17:35 -------- d-----w- c:\program files\1&1 2010-11-27 10:47 . 2010-11-27 10:47 -------- d-----w- c:\users\Jordan\AppData\Local\Diagnostics 2010-11-26 20:35 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-10-19 10:41 . 2010-02-15 16:57 222080 ------w- c:\windows\system32\MpSigStub.exe 2009-03-31 21:47 . 2008-11-13 22:18 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll 2010-07-30 20:31 . 2010-07-30 20:31 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-04-23 262144] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-29 6111232] "Skytel"="Skytel.exe" [2008-04-29 1826816] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152] "AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-03-26 1093632] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-11-03 36864] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 479232] "osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-15 149280] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976] c:\users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [2010-7-31 142336] PMB Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-7-3 327680] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [2008-5-16 295606] Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-05-13 06:45 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" "Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1ca9c7161b3d982;Google Update Service (gupdate1ca9c7161b3d982);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 133104] R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-30 30192] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-05 104288] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-03-05 350048] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-03-05 63328] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-03 1343400] S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091101.001\IDSvix86.sys [2009-02-09 272432] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe [2010-12-10 120248] S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-04-03 229376] S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe [2009-08-24 126392] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032] S2 RtkHDMIService;RtkHDMIService;c:\windows\RtkAudioService.exe [2008-04-29 98304] S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [2007-11-10 104960] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-04-24 411488] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-01-31 17408] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-06-17 102448] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344] S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008] S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] --- Other Services/Drivers In Memory --- *NewlyCreated* - COMHOST [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HPService REG_MULTI_SZ HPSLPSVC HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder 2010-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 21:15] 2010-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-23 21:15] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.club-vaio.com uInternet Settings,ProxyOverride = *.local DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} - hxxp://gateway.kings-school.co.uk:8080/webconnect5.6/windows/ptdownloader.cab FF - ProfilePath - c:\users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\8rzvtzqt.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.egobba.de/company.htm|http://carbonium.pl/market/raw/ind/5|http://www.erepublik.com/en FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr] "ImagePath"="\"c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Norton\{170fa89a-6886-4c9e-b17b-12bccdd80788}\Common Client\ccIPC] @Denied: (C D) (Everyone) [HKEY_LOCAL_MACHINE\SOFTWARE\Norton\{170fa89a-6886-4c9e-b17b-12bccdd80788}\Common Client\ccIPC\Channels] @Denied: (C D) (Everyone) "ccSvcHst_UserSession_2936"="{F746661C-603F-4298-9E9C-02A75173DAEC}" "ccSvcHst_UserSession_3908"="{3C217FCA-4C4A-4840-A711-AC6ADCEC40F6}" "ccSvcHst_UserSession_3276"="{E7FE9301-4962-44F9-86F1-1FF8F7B5EFEA}" "ccSvcHst_UserSession_1424"="{C5BCEEA8-9168-4E7C-B559-0C6501C9F7BC}" "ccSvcHst_UserSession_1536"="{D80111B3-7661-4F0B-B2AB-BC0D89B61977}" "ccSvcHst_UserSession_4776"="{B806E15D-5AF6-4736-B91B-456C76AC1AB2}" "ccSvcHst_UserSession_8112"="{943853A3-A7D8-4EAD-8A4E-05EEB8739F81}" "ccSvcHst_UserSession_3556"="{78FD7EAE-E648-4C77-9B85-FCE464CD775F}" "ccSvcHst_PCCUJobMgr"="{17766DA7-CFB3-460F-BB82-7437D3F046A4}" "ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{17766DA7-CFB3-460F-BB82-7437D3F046A4}" "ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{17766DA7-CFB3-460F-BB82-7437D3F046A4}" "ccSettingsService"="{17766DA7-CFB3-460F-BB82-7437D3F046A4}" "ccSvcHst_UserSession_4624"="{B3594150-E63A-4348-BAE9-FE61D1BD6398}" [HKEY_LOCAL_MACHINE\SOFTWARE\Norton\{170fa89a-6886-4c9e-b17b-12bccdd80788}\Common Client\ccIPC\Endpoints] @Denied: (C D) (Everyone) "{6992A515-E41C-4EE6-B762-365EF2E84F5B}"="" "{F746661C-603F-4298-9E9C-02A75173DAEC}"="" "{1194D2D7-EFDE-4C29-85D3-93F6138F01CC}"="" "{3C217FCA-4C4A-4840-A711-AC6ADCEC40F6}"="" "{C3C87983-B3A5-432E-8CBF-0237694A8D47}"="" "{E7FE9301-4962-44F9-86F1-1FF8F7B5EFEA}"="" "{1E4F3F6C-0B77-40EB-BE46-B477E698249D}"="" "{C5BCEEA8-9168-4E7C-B559-0C6501C9F7BC}"="" "{72C12B2D-F601-4D71-B84A-2230D12687F6}"="" "{D80111B3-7661-4F0B-B2AB-BC0D89B61977}"="" "{B806E15D-5AF6-4736-B91B-456C76AC1AB2}"="" "{859F7DB3-362D-46F2-B4A0-8A3D534A85DF}"="" "{943853A3-A7D8-4EAD-8A4E-05EEB8739F81}"="" "{FD5CBA54-3154-42F4-9C77-C1C415673257}"="" "{78FD7EAE-E648-4C77-9B85-FCE464CD775F}"="" "{17766DA7-CFB3-460F-BB82-7437D3F046A4}"="" "{B3594150-E63A-4348-BAE9-FE61D1BD6398}"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Common Client\ccService\Channels] @Denied: (C D) (Everyone) "ccSvcHst_ccAppPlgMgr_2652"="{76C5A641-B350-4FE8-8215-B41B9AFEF289}" "ccSvcHst_Seshlp_2652"="{76C5A641-B350-4FE8-8215-B41B9AFEF289}" "ccSvcHst_ccAppPlgMgr_3552"="{94A71E84-64D6-4450-A719-DCB077F4FDE3}" "ccSvcHst_Seshlp_4656"="{E302A6A7-ECC9-4726-8DF8-66C29C36AFE2}" "ccSvcHst_ccAppPlgMgr_4656"="{E302A6A7-ECC9-4726-8DF8-66C29C36AFE2}" "ccSvcHst_ccAppPlgMgr_5200"="{AE94B9CC-1912-4752-9D28-D37C9C69386E}" "ccSvcHst_Seshlp_5200"="{AE94B9CC-1912-4752-9D28-D37C9C69386E}" "ccSvcHst_ccAppPlgMgr_4588"="{DC756E64-41CE-4469-868D-021137D8B91F}" "ccSvcHst_Seshlp_4588"="{DC756E64-41CE-4469-868D-021137D8B91F}" "ccSvcHst_ccAppPlgMgr_5100"="{7E246ACF-9B32-4733-BD61-6F6BD34DCD2B}" "ccSvcHst_Seshlp_5100"="{7E246ACF-9B32-4733-BD61-6F6BD34DCD2B}" "ccSvcHst_ccAppPlgMgr_2908"="{906CDF59-F131-4A88-9CC4-CD69FBEB9A7E}" "ccSvcHst_Seshlp_2908"="{906CDF59-F131-4A88-9CC4-CD69FBEB9A7E}" "ccSvcHst_ccAppPlgMgr_3112"="{ED307D8C-E313-4738-9A83-2F3C442A7FA4}" "ccSvcHst_ccAppPlgMgr_4688"="{C2372788-E65A-48D5-BC00-EAC41C0B3F3A}" "ccSvcHst_Seshlp_4688"="{C2372788-E65A-48D5-BC00-EAC41C0B3F3A}" "ccSvcHst_ccSetMgr"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "ccSvcHst_CLTNetCnService"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "cltIPCServer_Channel"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "ccSvcHst_LiveUpdate Notice"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "ccSettingsService"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineCallbackIPC"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "SNDServiceRequestChannel"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "SNDLocationChannel"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "ccSvcHst_ccAppPlgMgr_2352"="{2C8EFE96-CEAD-473D-8FB3-1D639F50945C}" "ccSvcHst_Seshlp_2352"="{2C8EFE96-CEAD-473D-8FB3-1D639F50945C}" "ToasterNotify\\SessionID_1"="{2C8EFE96-CEAD-473D-8FB3-1D639F50945C}" "{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{2C8EFE96-CEAD-473D-8FB3-1D639F50945C}" "ccSvcHst_ccEvtMgr"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "ccEvtCli"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "NortonNetServiceIPC"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "IPS_COMMAND_CHANNEL"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "NetMapServiceIPC"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "_tpDataSvcComm_"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" "ShieldDataServiceChannel"="{8AD2F79D-6BC6-46A1-AD7E-91923B0D3FAC}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2010-12-19 23:48:24 ComboFix-quarantined-files.txt 2010-12-19 23:48 ComboFix2.txt 2010-12-19 14:38 Pre-Run: 124,107,513,856 bytes free Post-Run: 124,047,675,392 bytes free - - End Of File - - 37FBF90FEE5108566C74E8E002360B8F Thanks
  15. Have just done a HiJack scan and fixed the ones mentioned previously and its now actually done something, I attach the HiJack this report below: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:22:29, on 19/12/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe InitApp O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - .DEFAULT User Startup: uhas.exe (User 'Default user') O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {7EC816D4-6FC3-4C58-A7DA-A770EE461602} (PowerTerm Downloader Class) - http://gateway.kings-school.co.uk:8080/web...tdownloader.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1ca9c7161b3d982) (gupdate1ca9c7161b3d982) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe O23 - Service: RtkHDMIService - Realtek Semiconductor - C:\Windows\RtkAudioService.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 13165 bytes Thanks again
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.