Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

really bad virus please help

Started by Michael Tyrrell , Nov 19 2011 12:15 PM

  • Please log in to reply

#1
Michael Tyrrell
Posted 19 November 2011 - 12:15 PM

Michael Tyrrell

    New Member

  • Member
  • Pip
  • 1 posts
I have a really bad virus i think and have several problems. My internet icon is showing as not connected but reads connection status unknown
class not registered, i have no sound, i caan not use system restore, ive tried resetting to factory settings with the program that my sony vaio came with
to no avail,my security settings are saying there is no antivirus software but i have the free virgin media security running, plus a few other problems.
Ive ran microsofts malicious software removal tool and thats come back with no problems the scan from virgins security is coming back clear aswel so i have
no idea where my problem lies. Ihave now come here in the hope someone can help me, ive ran the otl program and have no idea what it is telling me so i have pasted it below. Please can anyone help.

OTL logfile created on: 19/11/2011 17:42:39 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\mike tyrrell\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.81 Gb Available Physical Memory | 40.31% Memory free
4.94 Gb Paging File | 3.51 Gb Available in Paging File | 71.12% Paging File free
Paging file location(s): C:\pagefile.sys 3067 3067 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 268.36 Gb Total Space | 174.49 Gb Free Space | 65.02% Space Free | Partition Type: NTFS

Computer Name: MIKETYRRELL-PC | User Name: mike tyrrell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/19 17:42:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\mike tyrrell\Downloads\OTL.exe
PRC - [2011/11/10 18:45:36 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/11/10 15:42:54 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/10/20 15:25:00 | 000,154,632 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Virgin Media Security\10.0.35.57164\RpsSecurityAwareR.exe
PRC - [2011/10/20 15:24:58 | 000,269,480 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Virgin Media Security\10.0.35.57164\Rps.exe
PRC - [2011/10/20 13:02:44 | 010,315,064 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
PRC - [2011/10/20 13:02:44 | 010,204,472 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe
PRC - [2011/10/14 06:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/10/14 06:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/09/27 12:52:40 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011/09/27 12:50:18 | 001,526,080 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011/03/23 13:12:38 | 001,406,264 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
PRC - [2011/03/23 13:12:34 | 002,032,952 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe
PRC - [2010/09/17 21:14:14 | 000,196,320 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2010/09/17 21:14:14 | 000,138,640 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2010/09/17 20:32:42 | 001,006,672 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2010/09/17 20:32:42 | 000,112,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2009/12/17 12:25:08 | 000,149,136 | ---- | M] () -- C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe
PRC - [2009/12/17 12:25:02 | 001,148,560 | ---- | M] () -- C:\Program Files\TwonkyMedia\twonkymediaserver.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/10/27 00:22:18 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/20 23:52:46 | 000,542,560 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
PRC - [2007/08/15 04:05:18 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/08/15 04:05:18 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/06/20 22:34:52 | 000,499,712 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
PRC - [2007/06/15 19:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/15 12:09:16 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MemMapFile\6.0.6000.0__31bf3856ad364e35\MemMapFile.dll
MOD - [2011/11/15 12:09:15 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MSASState\6.0.6000.0__31bf3856ad364e35\MSASState.dll
MOD - [2011/10/13 22:28:26 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/13 22:26:21 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/13 22:23:59 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010/10/21 16:23:26 | 000,841,728 | ---- | M] () -- C:\Program Files\Virgin Media\Virgin Media Security\10.0.35.57164\xulrunner\js3250.dll
MOD - [2010/09/17 21:14:12 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2010/09/17 21:14:12 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2010/09/17 20:32:56 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_36.dll
MOD - [2010/09/17 20:32:56 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_36.dll
MOD - [2009/08/11 20:18:28 | 000,497,664 | ---- | M] () -- C:\Windows\System32\ac3filter.acm
MOD - [2009/01/07 19:55:00 | 000,622,693 | ---- | M] () -- C:\Windows\System32\BSShell.dll
MOD - [2009/01/07 19:52:50 | 000,098,403 | ---- | M] () -- C:\Windows\System32\Bs2Res.dll
MOD - [2009/01/07 19:52:16 | 000,122,976 | ---- | M] () -- C:\Windows\System32\BsMobileSDK.dll
MOD - [2008/03/07 13:54:22 | 017,907,824 | ---- | M] () -- C:\Windows\System32\BsLangInDepRes.dll
MOD - [2006/11/02 09:39:43 | 000,053,248 | ---- | M] () -- C:\Windows\System32\KBDDRU1.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (CLTNetCnService)
SRV - [2011/11/07 04:02:46 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/10/28 21:45:28 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/10/20 15:25:00 | 000,154,632 | ---- | M] (Virgin Media) [Auto | Running] -- C:\Program Files\Virgin Media\Virgin Media Security\10.0.35.57164\RpsSecurityAwareR.exe -- (Radialpoint Security Services)
SRV - [2011/10/20 13:02:44 | 010,315,064 | ---- | M] (Radialpoint SafeCare Inc.) [Auto | Running] -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe -- (ServicepointService)
SRV - [2011/10/14 06:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 06:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/09/27 12:50:18 | 001,526,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/09/27 12:46:44 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/09/23 14:35:34 | 001,086,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2011/04/01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/03/23 13:12:38 | 001,406,264 | ---- | M] (Virgin Media) [Auto | Running] -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe -- (HsdService)
SRV - [2010/09/17 21:14:14 | 000,196,320 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV - [2010/06/11 10:07:06 | 000,009,216 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe -- (TunerFreeMCEService)
SRV - [2010/05/20 15:15:00 | 000,110,736 | R--- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/03/11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/12/17 12:25:08 | 000,149,136 | ---- | M] () [Auto | Running] -- C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe -- (TwonkyMedia)
SRV - [2009/09/08 17:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009/08/24 21:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe -- (DfSdkS)
SRV - [2009/01/07 19:53:38 | 001,417,324 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2009/01/07 19:53:22 | 000,098,407 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2008/09/12 14:01:28 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/01/19 07:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/27 00:22:18 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/09/29 04:11:44 | 000,292,128 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007/08/28 23:27:12 | 000,131,072 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007/08/28 23:27:10 | 000,192,512 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007/08/15 04:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/06/28 15:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007/06/28 15:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007/06/20 22:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007/06/20 22:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007/06/20 22:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2007/06/20 22:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2007/06/20 22:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2007/06/20 22:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2007/01/10 23:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2006/12/14 09:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 09:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 08:46:16 | 000,057,344 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)


========== Driver Services (SafeList) ==========

DRV - [2011/08/01 12:44:26 | 000,404,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SRS_AE_i386.sys -- (SRS_AE_Service)
DRV - [2011/07/07 15:46:56 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/09/17 21:14:16 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010/09/17 21:14:16 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/09/17 21:14:16 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/09/17 21:14:16 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/09/01 08:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/07/02 10:08:32 | 000,384,752 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SRS_HDAL_i386.sys -- (SRS_HDAL_Service)
DRV - [2010/06/23 19:51:40 | 006,628,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2009/12/30 11:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/12/15 14:41:30 | 000,268,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV - [2009/05/26 10:35:50 | 008,235,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/01/08 02:20:04 | 000,031,880 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2009/01/07 23:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009/01/03 16:40:12 | 000,039,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2008/12/07 12:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2008/12/07 12:44:50 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2008/07/02 14:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2008/01/21 19:27:50 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2007/11/08 03:04:27 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007/11/08 03:04:27 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007/10/27 00:22:27 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/27 00:01:20 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/26 12:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/09/19 21:38:18 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007/08/29 01:58:45 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007/08/07 00:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/06/06 00:00:39 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/05/26 08:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://webstore.iso...araudersL.html"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\mike tyrrell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\mike tyrrell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mike tyrrell\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mike tyrrell\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\mike tyrrell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011/11/17 16:16:41 | 000,000,000 | ---D | M]

[2011/11/10 18:53:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mike tyrrell\AppData\Roaming\Mozilla\Extensions
[2011/11/10 18:53:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mike tyrrell\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/09/02 21:09:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mike tyrrell\AppData\Roaming\Mozilla\Firefox\extensions
[2011/11/17 05:49:01 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\mike tyrrell\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...SNYK_en-GBGB384
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa3\npPicasa3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: James White = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: The Godfather: Five Families = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl\1.0_0\
CHR - Extension: Tesco Food = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffibhmnkceoelgabpnpaaojflglampjb\0.41_0\
CHR - Extension: Good Food = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkffnoliaheoidfeejcmnidkkgilkja\2_0\
CHR - Extension: StumbleUpon = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\3.10.11.1_0\
CHR - Extension: Radialpoint SPD Extension = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\
CHR - Extension: Cooliris = C:\Users\mike tyrrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\noocneohefmdhonidldnlhaainpiomkp\1.12.3.48771_0\

Hosts file not found
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (Groove Folder Synchronization) - {5CDD127D-11F8-3FEC-7AD3-7ED85E605307} - C:\Windows\System32\ifmoon.dll (Microsoft Corporation)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O4 - HKLM..\Run: [AppMon Utility] C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe (Sony Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DHSClient.exe] C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ServiceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Virgin Media Security] C:\Program Files\Virgin Media\Virgin Media Security\10.0.35.57164\RPS.exe (Virgin Media)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Backup & Storage] "C:\Program Files\VirginMedia\V Stuff Backup\Backup & Storage.exe" /delayed File not found
O4 - HKCU..\Run: [SRSHDAudioLab] "C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" auto File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: live.com ([help] http in Trusted sites)
O15 - HKCU\..Trusted Domains: live.com ([safety] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51945BDB-CB4A-4F00-8F2E-551E07BDBAF6}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\System32\skype4com.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\VAIO Aqua Breeze Wallpaper 1280x900.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\VAIO Aqua Breeze Wallpaper 1280x900.jpg
O27 - HKLM IFEO\arcregister.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\backitup.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\backup & storage.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\cdspeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\itunes.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\magic-i visual effects.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\NeroStartSmart.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\recode.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setupneromobile.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\Shell.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\showtime.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\vmserversettingsicon.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\vmsetup.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\WinDVD.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/17 16:16:58 | 000,092,112 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmtdi.sys
[2011/11/17 16:16:49 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011/11/17 16:16:49 | 000,080,464 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmactmon.sys
[2011/11/17 16:16:49 | 000,064,080 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmevtmgr.sys
[2011/11/17 10:45:07 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\SoftwareDetectionScripts
[2011/11/17 01:24:33 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\{{userdatapath.company}}
[2011/11/17 01:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2011/11/17 01:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/11/15 22:30:59 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/11/15 22:27:49 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/11/15 20:41:25 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{F924B1D0-63DE-4BC6-8D68-D424C75E2D5A}
[2011/11/15 20:40:55 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{A1085CC8-8D45-4107-939A-7C43EBD82CB8}
[2011/11/15 16:09:17 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/11/14 22:01:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\2091
[2011/11/13 18:58:49 | 000,028,160 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\System32\DfSdkBt.exe
[2011/11/13 05:52:54 | 000,000,000 | ---D | C] -- C:\TuneUp Duplicates
[2011/11/13 04:13:13 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe
[2011/11/13 03:30:25 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2011/11/13 03:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Companion
[2011/11/13 03:05:08 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUpMedia
[2011/11/13 03:05:06 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\TuneUpMedia
[2011/11/13 03:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2011/11/10 18:53:30 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\Prism
[2011/11/10 18:53:30 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\Prism
[2011/11/10 18:52:55 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\Unity
[2011/11/09 01:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2011/11/09 01:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2011/11/08 19:34:09 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cooliris
[2011/11/08 00:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\SRS Labs
[2011/11/07 23:59:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\3033
[2011/11/07 22:42:20 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\SRS Labs
[2011/11/07 22:38:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SRS Labs
[2011/11/07 21:39:05 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/11/07 21:10:00 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{1923B427-5AB9-4389-90AF-9578E2DACE1D}
[2011/11/07 21:09:38 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{AE0AD2B6-F436-4EB5-A31F-48759FAE7247}
[2011/11/07 21:09:06 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{990999BF-0116-46CF-BA06-ED4A9227C752}
[2011/11/07 20:24:00 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\SlimWare Utilities Inc
[2011/11/07 03:45:51 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\HandBrake
[2011/11/07 03:45:51 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\HandBrake
[2011/11/07 03:37:16 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\KeePass
[2011/11/07 03:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\KeePass Password Safe 2
[2011/11/07 03:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/07 02:48:53 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\Secunia PSI
[2011/11/07 02:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/11/07 02:38:17 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\Dropbox
[2011/11/07 02:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/11/07 02:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/11/07 02:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011/11/07 02:05:28 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\InstallPad
[2011/11/06 22:38:41 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{CFC8FC17-CC63-4168-9BC9-A4F7C973D076}
[2011/11/06 22:38:11 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{3969308A-BFA1-4428-9AEE-15C3405DD606}
[2011/11/05 20:23:04 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{5A746519-C499-4607-B3FF-634F4F008EC0}
[2011/11/05 20:22:31 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{2FD8D776-0534-4521-A3B4-52FE1DDBDCBA}
[2011/11/05 20:22:30 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\{3B644585-05AE-482D-BB5C-B23F2520A167}
[2011/11/05 20:22:18 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\Windows Live Writer
[2011/11/05 20:22:18 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\Windows Live Writer
[2011/11/05 16:01:05 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2011/11/05 16:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\W3i
[2011/11/05 16:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\W3i
[2011/11/05 16:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater
[2011/11/05 16:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2011/11/05 15:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011/11/05 15:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2011/11/05 14:29:43 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\Ilivid Player
[2011/11/05 14:28:40 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\PackageAware
[2011/11/05 04:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/11/04 03:26:47 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\Documents\Bluetooth
[2011/11/04 03:25:38 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\bluesoleil
[2011/11/04 03:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\IVT Corporation
[2011/11/04 02:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
[2011/11/04 02:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2011/11/04 02:19:28 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\PC_Drivers_Headquarters
[2011/11/04 02:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
[2011/11/04 02:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2011/11/04 01:48:30 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\PC Unleashed Online
[2011/11/04 01:48:30 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\DriverCure
[2011/11/04 01:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Unleashed Online
[2011/11/04 01:10:51 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Roaming\Thinstall
[2011/11/04 01:10:51 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\Thinstall
[2011/11/02 13:26:21 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/11/02 13:26:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/11/02 13:26:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/11/02 01:51:34 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\Cooliris
[2011/11/01 20:20:36 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\ElevatedDiagnostics
[2011/11/01 19:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2011/11/01 00:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/10/28 20:55:33 | 000,000,000 | ---D | C] -- C:\Users\mike tyrrell\AppData\Local\DFX
[2011/10/28 20:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\DFX
[2011/10/28 20:52:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DFX
[2011/10/28 18:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011/10/24 14:29:02 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2011/10/24 14:29:02 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2011/10/22 11:21:38 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll
[2009/02/03 12:21:10 | 000,239,104 | ---- | C] (Igor Pavlov) -- C:\Users\mike tyrrell\AppData\Roaming\7za.exe

========== Files - Modified Within 30 Days ==========

[2011/11/19 17:45:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/19 17:32:43 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/19 17:32:43 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/19 17:17:38 | 000,209,600 | ---- | M] () -- C:\Users\mike tyrrell\AppData\Roaming\nvModes.001
[2011/11/19 16:28:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/19 16:28:11 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/18 15:35:46 | 000,209,600 | ---- | M] () -- C:\Users\mike tyrrell\AppData\Roaming\nvModes.dat
[2011/11/17 23:17:02 | 000,000,272 | ---- | M] () -- C:\Windows\reimage.ini
[2011/11/17 17:12:13 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/11/17 17:10:03 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/11/17 16:19:02 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\Virgin Media Security.lnk
[2011/11/17 15:13:09 | 000,902,948 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/17 15:13:09 | 000,258,816 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/17 14:23:12 | 000,004,524 | ---- | M] () -- C:\Windows\System32\LOCALSERVICE.INI
[2011/11/17 14:23:10 | 000,000,968 | ---- | M] () -- C:\Windows\System32\bscs.ini
[2011/11/17 12:01:34 | 000,003,330 | ---- | M] () -- C:\Users\mike tyrrell\AppData\Roaming\EventStore.xml
[2011/11/17 12:01:34 | 000,001,878 | ---- | M] () -- C:\Users\mike tyrrell\AppData\Roaming\FulfillmentStateMachineStore.xml
[2011/11/17 12:01:34 | 000,000,738 | ---- | M] () -- C:\Users\mike tyrrell\AppData\Roaming\SubscriptionStore.xml
[2011/11/17 12:01:34 | 000,000,583 | ---- | M] () -- C:\Users\mike tyrrell\AppData\Roaming\UpgradeStore.xml
[2011/11/17 12:01:34 | 000,000,412 | ---- | M] () -- C:\Users\mike tyrrell\AppData\Roaming\ConfigurationStore.xml
[2011/11/17 12:01:33 | 000,000,545 | ---- | M] () -- C:\Users\mike tyrrell\AppData\Roaming\CampaignStore.xml
[2011/11/17 12:01:33 | 000,000,541 | ---- | M] () -- C:\Users\mike tyrrell\AppData\Roaming\UpdateStore.xml
[2011/11/17 11:37:08 | 000,000,626 | ---- | M] () -- C:\ProgramData\SharedProperties.xml
[2011/11/15 16:09:18 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/11/14 22:01:02 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At11.job
[2011/11/13 18:55:33 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\One-Click-Optimizer.lnk
[2011/11/13 18:55:33 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 2010 Advanced.lnk
[2011/11/13 16:39:17 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2011/11/13 04:46:34 | 000,409,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/11/13 04:38:09 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2011/11/10 18:51:47 | 000,000,215 | ---- | M] () -- C:\Users\mike tyrrell\Desktop\Iron Grip Marauders.url
[2011/11/10 18:45:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/08 21:59:38 | 000,001,004 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/11/08 15:06:04 | 000,002,094 | ---- | M] () -- C:\Users\mike tyrrell\Desktop\NewDatabase.kdbx
[2011/11/07 22:51:59 | 000,000,938 | ---- | M] () -- C:\Users\mike tyrrell\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/11/07 03:36:42 | 000,000,902 | ---- | M] () -- C:\Users\mike tyrrell\Desktop\KeePass 2.lnk
[2011/11/07 03:14:31 | 000,002,077 | ---- | M] () -- C:\Users\mike tyrrell\Desktop\Google Chrome.lnk
[2011/11/07 03:14:31 | 000,002,039 | ---- | M] () -- C:\Users\mike tyrrell\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/07 03:13:40 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1833641859-2639002678-4112119867-1000Core1cc9cfb3f90871b.job
[2011/11/07 02:29:23 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/11/05 18:29:00 | 000,000,000 | -HS- | M] () -- C:\Windows\admtask.exe
[2011/11/05 18:23:00 | 000,000,000 | -HS- | M] () -- C:\Windows\aexswdusr.exe
[2011/11/05 18:17:00 | 000,000,000 | -HS- | M] () -- C:\Windows\ause3.exe
[2011/11/05 04:16:15 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/11/05 04:13:18 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/04 03:26:47 | 000,000,106 | ---- | M] () -- C:\Windows\System32\LOCALDEVICE.INI
[2011/11/04 03:20:23 | 000,000,000 | ---- | M] () -- C:\Windows\System32\BSPRINT.INI
[2011/11/04 03:20:09 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/11/04 03:18:49 | 000,000,032 | ---- | M] () -- C:\Windows\0
[2011/11/04 03:18:49 | 000,000,000 | ---- | M] () -- C:\Windows\System32\0
[2011/11/04 02:18:46 | 000,002,338 | ---- | M] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2011/11/03 01:59:07 | 000,001,728 | ---- | M] () -- C:\Users\mike tyrrell\Desktop\PeerBlock.lnk
[2011/10/28 18:38:31 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2011/10/24 14:29:02 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2011/10/24 14:29:02 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2011/10/22 11:21:38 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll

========== Files Created - No Company Name ==========

[2011/11/17 23:16:13 | 000,000,272 | ---- | C] () -- C:\Windows\reimage.ini
[2011/11/17 16:19:02 | 000,002,141 | ---- | C] () -- C:\Users\Public\Desktop\Virgin Media Security.lnk
[2011/11/17 11:34:04 | 000,000,545 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\CampaignStore.xml
[2011/11/17 11:34:04 | 000,000,541 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\UpdateStore.xml
[2011/11/17 10:45:13 | 000,003,330 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\EventStore.xml
[2011/11/17 10:45:09 | 000,001,878 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\FulfillmentStateMachineStore.xml
[2011/11/17 10:45:09 | 000,000,738 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\SubscriptionStore.xml
[2011/11/17 10:45:09 | 000,000,583 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\UpgradeStore.xml
[2011/11/17 10:45:09 | 000,000,412 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\ConfigurationStore.xml
[2011/11/17 10:45:07 | 000,000,626 | ---- | C] () -- C:\ProgramData\SharedProperties.xml
[2011/11/13 18:55:33 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\One-Click-Optimizer.lnk
[2011/11/13 18:55:33 | 000,001,001 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 2010 Advanced.lnk
[2011/11/10 18:51:47 | 000,000,215 | ---- | C] () -- C:\Users\mike tyrrell\Desktop\Iron Grip Marauders.url
[2011/11/08 15:06:04 | 000,002,094 | ---- | C] () -- C:\Users\mike tyrrell\Desktop\NewDatabase.kdbx
[2011/11/08 00:01:35 | 000,404,256 | ---- | C] () -- C:\Windows\System32\drivers\SRS_AE_i386.sys
[2011/11/07 23:59:17 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At11.job
[2011/11/07 22:34:51 | 000,268,912 | ---- | C] () -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys
[2011/11/07 03:36:42 | 000,000,914 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
[2011/11/07 03:36:42 | 000,000,902 | ---- | C] () -- C:\Users\mike tyrrell\Desktop\KeePass 2.lnk
[2011/11/07 03:13:40 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1833641859-2639002678-4112119867-1000Core1cc9cfb3f90871b.job
[2011/11/07 02:48:41 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011/11/07 02:29:23 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/11/05 15:06:36 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/11/05 15:06:36 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/11/05 15:06:36 | 000,152,064 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2011/11/05 04:16:15 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/11/05 04:13:18 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/04 18:29:00 | 000,000,000 | -HS- | C] () -- C:\Windows\admtask.exe
[2011/11/04 03:26:46 | 000,004,524 | ---- | C] () -- C:\Windows\System32\LOCALSERVICE.INI
[2011/11/04 03:26:44 | 000,000,106 | ---- | C] () -- C:\Windows\System32\LOCALDEVICE.INI
[2011/11/04 03:20:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\BSPRINT.INI
[2011/11/04 03:18:49 | 000,000,032 | ---- | C] () -- C:\Windows\0
[2011/11/04 03:18:49 | 000,000,000 | ---- | C] () -- C:\Windows\System32\0
[2011/11/04 02:18:46 | 000,002,338 | ---- | C] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2011/10/31 22:50:33 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/29 17:23:00 | 000,000,000 | -HS- | C] () -- C:\Windows\aexswdusr.exe
[2011/10/29 17:17:03 | 000,000,000 | -HS- | C] () -- C:\Windows\ause3.exe
[2011/10/09 17:30:39 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/10/04 18:23:53 | 000,001,004 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/03/11 23:24:37 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv5
[2010/09/15 00:21:42 | 000,384,752 | ---- | C] () -- C:\Windows\System32\drivers\SRS_HDAL_i386.sys
[2010/09/09 21:56:30 | 000,025,773 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\UserTile.png
[2010/09/06 18:49:12 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/08/03 18:59:17 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/07/23 15:37:23 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/07/22 14:05:04 | 000,000,200 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\wklnhst.dat
[2010/07/03 19:39:22 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/06/21 11:42:10 | 000,000,205 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\default.rss
[2010/06/17 14:50:54 | 000,001,860 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2010/06/16 16:23:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/06/16 14:40:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/06/16 14:40:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/06/15 18:51:21 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2010/06/15 18:11:48 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2010/06/15 18:07:23 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2010/06/15 12:08:38 | 000,054,272 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/15 11:53:02 | 000,001,356 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Local\d3d9caps.dat
[2010/06/15 11:52:47 | 000,209,600 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\nvModes.dat
[2010/06/15 11:52:47 | 000,209,600 | ---- | C] () -- C:\Users\mike tyrrell\AppData\Roaming\nvModes.001
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/01/07 19:55:56 | 000,405,589 | ---- | C] () -- C:\Windows\System32\BsUI.dll
[2009/01/07 19:55:34 | 000,278,647 | ---- | C] () -- C:\Windows\System32\outlookAddin.dll
[2009/01/07 19:55:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\HtmPrintHelper.dll
[2009/01/07 19:55:00 | 000,622,693 | ---- | C] () -- C:\Windows\System32\BSShell.dll
[2009/01/07 19:52:50 | 000,098,403 | ---- | C] () -- C:\Windows\System32\Bs2Res.dll
[2009/01/07 19:52:16 | 000,122,976 | ---- | C] () -- C:\Windows\System32\BsMobileSDK.dll
[2009/01/07 19:52:08 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BsMobileCSps.dll
[2009/01/07 19:49:48 | 000,000,968 | ---- | C] () -- C:\Windows\System32\bscs.ini
[2008/12/07 12:44:54 | 000,030,088 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2008/10/22 15:30:30 | 000,081,920 | ---- | C] () -- C:\Windows\System32\BsVistaCommon.dll
[2008/03/07 13:54:22 | 017,907,824 | ---- | C] () -- C:\Windows\System32\BsLangInDepRes.dll
[2007/11/21 18:38:59 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/11/21 18:04:41 | 000,000,033 | ---- | C] () -- C:\Windows\System32\elcric.dat
[2007/11/20 07:49:33 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/10/01 15:13:12 | 001,511,424 | ---- | C] () -- C:\Windows\System32\HDX4MediaReveal.dll
[2007/08/29 02:03:14 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007/04/16 11:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 000,409,912 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,902,948 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,258,816 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:38:02 | 000,053,248 | ---- | C] () -- C:\Windows\System32\KBDDRU1.DLL
[2006/11/02 08:35:53 | 000,053,248 | ---- | C] () -- C:\Windows\System32\MddRes.exe
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 21:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 20 November 2011 - 09:47 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
If one of the following will not run then just skip to the next one then go back and try the things that wouldn't run again after finishing the others.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

Rightclick on Malwarebytes' Anti-Malware and select Run As Administrator and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Run OTL (Vista or Win 7 => right click and Run As Administrator)
select the All option in the Extra Registry group then Run Scan.
You should get two logs. Please copy and paste both of them.

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP