Hi,

I have run Spybot several times always finding Click.GiftLoad, everytime Spybot has not been able to remove it.
Malwarebytes and Microsoft Security Essentials have not found it (both up-to-date).

See below as per the "Before you post" guidlines for DDS log and Scan results


DDS.txt

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Matt at 16:34:02.37 on 18/04/2011
Internet Explorer: 8.0.6001.19048
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.3069.1898 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\RtkAudioService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Matt\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.co.uk/
uDefault_Page_URL = hxxp://www.club-vaio.com
mDefault_Page_URL = hxxp://www.club-vaio.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_04\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\progra~1\google~1\BAE.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [<NO NAME>]
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_04\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: VESWinlogon - VESWinlogon.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R1 MpKsle4387db3;MpKsle4387db3;c:\programdata\microsoft\microsoft antimalware\definition updates\{8c473098-1d3a-43be-a768-0cbe3aedc503}\MpKsle4387db3.sys [2011-4-18 28752]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2011-4-14 229376]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
R2 RtkHDMIService;RtkHDMIService;c:\windows\RTKAUDIOSERVICE.EXE [2008-5-16 98304]
R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects\uCamMonitor.exe [2011-4-14 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-5-16 411488]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2011-4-14 17408]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-12-17 9344]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-5-16 28464]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2011-4-14 104288]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2011-4-14 350048]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2011-4-14 63328]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2011-4-14 333088]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2011-4-14 87328]
S3 VUAgent;VUAgent;c:\program files\sony\vaio update 5\VUAgent.exe [2011-4-14 722288]
.
=============== Created Last 30 ================
.
2011-04-18 14:55:58 28752 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{8c473098-1d3a-43be-a768-0cbe3aedc503}\MpKsle4387db3.sys
2011-04-18 14:55:36 6792528 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{8c473098-1d3a-43be-a768-0cbe3aedc503}\mpengine.dll
2011-04-15 17:54:37 -------- d-----w- c:\windows\system32\Adobe
2011-04-15 17:25:26 -------- d-----w- c:\users\matt\Drivers & Installers
2011-04-15 16:43:31 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-04-15 16:43:31 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-04-15 16:43:31 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-04-15 16:43:31 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-04-15 16:43:31 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-04-15 16:40:32 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-04-15 16:40:19 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-04-15 16:36:36 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-04-15 16:36:31 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-14 18:33:16 -------- d-----w- c:\program files\Microsoft
2011-04-14 18:33:00 -------- d-----w- c:\program files\Windows Live SkyDrive
2011-04-14 18:32:27 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-04-14 18:28:26 484632 ----a-w- c:\program files\common files\windows live\.cache\be44d2641cbfad1\DXSETUP.exe
2011-04-14 18:28:25 74520 ----a-w- c:\program files\common files\windows live\.cache\be44d2641cbfad1\DSETUP.dll
2011-04-14 18:28:25 1670936 ----a-w- c:\program files\common files\windows live\.cache\be44d2641cbfad1\dsetup32.dll
2011-04-14 18:24:06 -------- d-----w- c:\program files\common files\Windows Live
2011-04-14 18:14:18 6792528 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-04-14 18:14:07 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-14 17:51:06 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-04-14 17:51:06 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-04-14 17:51:02 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-14 17:51:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-14 17:41:12 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-04-14 17:36:59 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-04-14 17:34:58 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-04-14 17:32:36 -------- d-----w- c:\users\matt\appdata\local\Microsoft Help
2011-04-14 17:20:43 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-04-14 17:20:42 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-04-14 17:20:41 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-04-14 17:20:41 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-04-14 17:20:41 11264 ----a-w- c:\windows\system32\icardres.dll
2011-04-14 17:20:39 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-04-14 17:15:36 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-04-14 17:15:30 83968 ----a-w- c:\windows\system32\mscories.dll
2011-04-14 17:13:07 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-04-14 17:13:03 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-04-14 17:13:03 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-04-14 17:12:17 -------- d-----w- c:\program files\MSXML 4.0
2011-04-14 16:46:08 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-04-14 16:46:05 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-04-14 16:45:57 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-04-14 16:38:35 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2011-04-14 16:37:43 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-04-14 16:36:56 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-04-14 16:35:58 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-04-14 16:34:20 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-04-14 16:34:18 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-04-14 16:34:14 24064 ----a-w- c:\windows\system32\amxread.dll
2011-04-14 16:34:14 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-04-14 16:34:07 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-04-14 16:34:05 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-04-14 16:34:05 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-04-14 16:34:03 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-04-14 16:34:03 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-04-14 16:34:02 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-04-14 16:34:02 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-04-14 16:34:02 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-04-14 16:31:11 90112 ----a-w- c:\windows\system32\wshext.dll
2011-04-14 16:31:11 180224 ----a-w- c:\windows\system32\scrobj.dll
2011-04-14 16:31:11 172032 ----a-w- c:\windows\system32\scrrun.dll
2011-04-14 16:31:11 155648 ----a-w- c:\windows\system32\wscript.exe
2011-04-14 16:31:11 135168 ----a-w- c:\windows\system32\wshom.ocx
2011-04-14 16:31:11 135168 ----a-w- c:\windows\system32\cscript.exe
2011-04-14 16:27:10 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2011-04-14 16:27:10 31744 ----a-w- c:\windows\system32\msvidc32.dll
2011-04-14 16:27:10 22528 ----a-w- c:\windows\system32\msyuv.dll
2011-04-14 16:27:10 13312 ----a-w- c:\windows\system32\msrle32.dll
2011-04-14 16:27:10 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2011-04-14 16:27:09 91136 ----a-w- c:\windows\system32\avifil32.dll
2011-04-14 16:27:09 82944 ----a-w- c:\windows\system32\mciavi32.dll
2011-04-14 16:27:09 65024 ----a-w- c:\windows\system32\avicap32.dll
2011-04-14 16:27:09 123904 ----a-w- c:\windows\system32\msvfw32.dll
2011-04-14 16:27:06 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-04-14 16:23:25 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-04-14 16:23:19 98304 ----a-w- c:\windows\system32\cabview.dll
2011-04-14 16:09:34 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-04-14 16:09:18 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-04-14 16:09:11 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-04-14 16:09:11 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-04-14 02:24:20 -------- d-----w- c:\progra~2\Roaming
2011-04-14 02:23:52 -------- d-----w- c:\program files\Cisco
2011-04-14 02:23:51 -------- d-----w- c:\program files\common files\Intel
2011-04-14 02:23:20 -------- d-----w- c:\program files\common files\InterVideo
2011-04-14 02:21:48 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-04-14 02:21:38 -------- d-----w- C:\Documentation
2011-04-14 02:16:08 86016 ----a-w- c:\windows\system32\SonyAIwd.dll
2011-04-14 02:16:08 155648 ----a-w- c:\windows\system32\SonyAIwo.dll
2011-04-14 02:16:08 147456 ----a-w- c:\windows\system32\SonyAIds.dll
2011-04-14 02:14:44 -------- d-----w- c:\program files\common files\Sonic Shared
2011-04-14 02:10:24 212480 ----a-w- c:\windows\system32\PCDLIB32.DLL
2011-04-14 02:10:23 55808 ----a-w- c:\windows\system32\ArcSoftKsUFilter.dll
2011-04-14 02:10:23 245408 ----a-w- c:\windows\system32\unicows.dll
2011-04-14 02:10:23 17408 ----a-w- c:\windows\system32\drivers\ArcSoftKsUFilter.sys
2011-04-14 02:10:21 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2011-04-14 02:10:21 32768 ------w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2011-04-14 02:10:21 225280 ------w- c:\program files\common files\installshield\iscript\iscript.dll
2011-04-14 02:10:21 176128 ------w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2011-04-14 02:10:20 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2011-04-14 02:07:33 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-04-14 02:07:18 -------- d-----w- c:\program files\DivX
2011-04-14 02:05:13 -------- d-----w- c:\program files\Google BAE
2011-04-14 02:03:55 -------- d-----w- c:\program files\ATI Technologies
2011-04-14 02:03:52 -------- d-----w- c:\program files\ATI
2011-04-14 01:56:03 129520 ------w- c:\windows\system32\pxafs.dll
2011-04-14 01:55:22 -------- d-----w- c:\progra~2\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2011-04-14 01:55:20 -------- d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2011-04-14 01:54:34 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-04-14 01:54:34 32656 ----a-w- c:\windows\system32\msonpmon.dll
2011-04-14 01:53:55 -------- d-----w- c:\windows\PCHEALTH
2011-04-14 01:51:44 -------- d-----w- c:\windows\Sonysys
2011-04-13 20:17:30 -------- d-----w- c:\windows\pss
2011-04-13 19:26:25 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-13 19:26:25 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-04-13 19:23:45 -------- d-----w- c:\users\matt\appdata\roaming\Malwarebytes
2011-04-13 19:23:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-13 19:23:37 -------- d-----w- c:\progra~2\Malwarebytes
2011-04-13 19:23:33 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-13 19:23:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-13 19:22:12 -------- d-----w- c:\program files\CCleaner
2011-04-13 19:19:35 -------- d-----w- C:\Update
2011-04-13 19:18:51 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{a1f1fa77-e5fc-4f57-aec4-483044eaa31b}\gapaengine.dll
2011-04-13 19:04:39 -------- d-----w- c:\program files\Microsoft Security Client
2011-04-13 18:48:30 -------- d-----w- c:\users\matt\appdata\local\Sony_NSCE
2011-04-13 18:48:12 -------- d-----w- c:\users\matt\appdata\local\Google
2011-04-13 18:48:11 -------- d-----w- c:\users\matt\appdata\local\ATI
.
==================== Find3M ====================
.
2011-03-10 16:12:54 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 16:12:54 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-03-03 15:00:15 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 12:53:48 2040832 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 14:49:43 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-22 06:21:28 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 06:17:08 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 06:16:53 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 06:16:40 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-02-22 06:16:40 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-02-22 05:20:39 385024 ----a-w- c:\windows\system32\html.iec
2011-02-22 04:43:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-02-22 04:42:38 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-16 15:29:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-16 13:24:56 292864 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 16:34:57.74 ===============


Scan results

Click.GiftLoad: [SBI $89783858] User settings (Registry value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION\svchost.exe


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2011-04-13 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2011-03-18 Includes\Adware.sbi (*)
2011-03-22 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-12-14 Includes\Dialer.sbi (*)
2011-03-08 Includes\DialerC.sbi (*)
2011-02-24 Includes\HeavyDuty.sbi (*)
2011-03-29 Includes\Hijackers.sbi (*)
2011-03-29 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-12-14 Includes\Keyloggers.sbi (*)
2011-03-08 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2011-04-05 Includes\Malware.sbi (*)
2011-04-12 Includes\MalwareC.sbi (*)
2011-02-24 Includes\PUPS.sbi (*)
2011-03-15 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2011-03-08 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2011-02-24 Includes\Spyware.sbi (*)
2011-03-15 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-12-28 Includes\Trojans.sbi (*)
2011-04-12 Includes\TrojansC-02.sbi (*)
2011-04-11 Includes\TrojansC-03.sbi (*)
2011-03-08 Includes\TrojansC-04.sbi (*)
2011-04-11 Includes\TrojansC-05.sbi (*)
2011-03-08 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

Please download ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1) by Atribune to your desktop.

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up
Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility.




Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please





OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Thank you for your help.

Malwarebytes Report

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6406

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19048

20/04/2011 15:58:07
mbam-log-2011-04-20 (15-58-07).txt

Scan type: Quick scan
Objects scanned: 152879
Time elapsed: 7 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL - OTL.txt

OTL logfile created on: 20/04/2011 16:11:57 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Matt\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.65 Gb Total Space | 174.17 Gb Free Space | 78.23% Space Free | Partition Type: NTFS

Computer Name: MATT-LAPTOP | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Matt\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
PRC - c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)


========== Modules (SafeList) ==========

MOD - C:\Users\Matt\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (RtkHDMIService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
SRV - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (NSUService) -- C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (uCamMonitor) -- C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (AdobeActiveFileMonitor6.0) -- c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (IviRegMgr) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)


========== Driver Services (SafeList) ==========

DRV - (MpKsl095164ae) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C42FA10E-F60A-47B2-A9AA-B1257245CE50}\MpKsl095164ae.sys (Microsoft Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2981045036-4059575804-4117387274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKU\S-1-5-21-2981045036-4059575804-4117387274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-2981045036-4059575804-4117387274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
IE - HKU\S-1-5-21-2981045036-4059575804-4117387274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2981045036-4059575804-4117387274-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2011/04/13 20:38:38 | 000,432,311 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14882 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2981045036-4059575804-4117387274-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2981045036-4059575804-4117387274-1000..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O7 - HKU\S-1-5-21-2981045036-4059575804-4117387274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/20 16:00:47 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Matt\Desktop\OTL.exe
[2011/04/20 15:45:40 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Matt\Desktop\ATF-Cleaner.exe
[2011/04/18 16:30:56 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\ERUNT
[2011/04/18 16:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/04/18 16:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/04/18 16:26:12 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Matt\Desktop\erunt-setup.exe
[2011/04/15 18:58:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/04/15 18:54:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2011/04/15 18:25:26 | 000,000,000 | ---D | C] -- C:\Users\Matt\Drivers & Installers
[2011/04/15 17:43:31 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/04/15 17:43:31 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/04/15 17:43:31 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/04/15 17:40:32 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011/04/15 17:40:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/04/15 17:38:53 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/15 17:38:53 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/15 17:38:53 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/15 17:38:53 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/15 17:38:52 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/15 17:38:52 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/15 17:38:52 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/15 17:38:52 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/15 17:38:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/15 17:38:51 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/15 17:38:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/15 17:38:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/15 17:38:51 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/15 17:38:51 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/15 17:38:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/15 17:38:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/15 17:38:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/15 17:38:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/04/15 17:36:31 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/15 17:36:31 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/14 20:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/04/14 19:45:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/04/14 19:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2011/04/14 19:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/04/14 19:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/04/14 19:33:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/04/14 19:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/04/14 19:32:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/04/14 19:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/04/14 19:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/04/14 19:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/04/14 19:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/04/14 19:14:07 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/04/14 18:56:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/04/14 18:56:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/04/14 18:56:15 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/04/14 18:56:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/04/14 18:56:15 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/04/14 18:56:15 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/04/14 18:56:14 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/04/14 18:56:14 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/04/14 18:56:14 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/04/14 18:56:14 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/04/14 18:56:14 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/04/14 18:56:14 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/04/14 18:56:14 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/04/14 18:56:14 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/04/14 18:56:14 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/04/14 18:56:14 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/04/14 18:56:14 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/04/14 18:56:13 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/04/14 18:56:13 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/04/14 18:56:13 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/04/14 18:56:13 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/04/14 18:56:13 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/04/14 18:56:13 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/04/14 18:51:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/04/14 18:51:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/04/14 18:51:02 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/04/14 18:51:01 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/04/14 18:35:56 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/04/14 18:35:56 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/04/14 18:35:56 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/04/14 18:35:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/04/14 18:35:56 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/04/14 18:35:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2011/04/14 18:35:55 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/04/14 18:35:55 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/14 18:35:55 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/04/14 18:35:55 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/04/14 18:35:55 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/04/14 18:35:54 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011/04/14 18:35:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/04/14 18:35:54 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/04/14 18:35:54 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/04/14 18:35:53 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/14 18:35:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/04/14 18:35:52 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/04/14 18:35:52 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/04/14 18:35:51 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2011/04/14 18:35:51 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/04/14 18:35:51 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/04/14 18:35:51 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2011/04/14 18:34:58 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011/04/14 18:32:36 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Microsoft Help
[2011/04/14 18:20:43 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011/04/14 18:20:42 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011/04/14 18:20:41 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/04/14 18:20:41 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011/04/14 18:20:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011/04/14 18:20:39 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011/04/14 18:15:36 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011/04/14 18:15:30 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011/04/14 18:13:07 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011/04/14 18:13:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011/04/14 18:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/14 18:10:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/04/14 18:10:17 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/04/14 18:10:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/04/14 18:10:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/04/14 18:10:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/04/14 18:10:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/04/14 18:10:14 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/04/14 18:10:13 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/04/14 18:10:13 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/04/14 18:10:13 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/04/14 18:10:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/04/14 18:10:06 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/04/14 18:10:06 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/04/14 18:10:06 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/04/14 18:10:06 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/04/14 18:10:06 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/04/14 17:46:08 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011/04/14 17:46:05 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011/04/14 17:45:57 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011/04/14 17:39:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/04/14 17:39:13 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/04/14 17:39:09 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/04/14 17:39:09 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/04/14 17:39:04 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/04/14 17:39:03 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/04/14 17:39:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/04/14 17:39:03 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/04/14 17:39:02 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/04/14 17:39:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/04/14 17:39:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/04/14 17:38:33 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/04/14 17:38:32 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011/04/14 17:38:32 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011/04/14 17:38:32 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011/04/14 17:38:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011/04/14 17:38:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/04/14 17:38:32 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011/04/14 17:38:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/04/14 17:38:09 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011/04/14 17:38:08 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/04/14 17:37:43 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/04/14 17:37:43 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/04/14 17:37:40 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/04/14 17:37:40 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/04/14 17:37:34 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/04/14 17:37:33 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/04/14 17:37:33 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/04/14 17:37:33 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/04/14 17:37:32 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/04/14 17:37:32 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/04/14 17:37:31 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011/04/14 17:37:31 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/04/14 17:37:31 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/04/14 17:37:22 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/04/14 17:37:07 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/04/14 17:36:56 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/04/14 17:36:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011/04/14 17:36:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011/04/14 17:36:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011/04/14 17:36:36 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/14 17:36:23 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011/04/14 17:36:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011/04/14 17:36:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011/04/14 17:36:16 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011/04/14 17:36:08 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/14 17:36:08 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/04/14 17:36:08 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/14 17:36:08 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011/04/14 17:36:06 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/14 17:36:05 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/14 17:36:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011/04/14 17:35:58 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/04/14 17:35:55 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011/04/14 17:35:44 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011/04/14 17:35:43 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/04/14 17:35:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/04/14 17:35:31 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011/04/14 17:35:28 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/14 17:35:26 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011/04/14 17:35:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011/04/14 17:35:20 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/04/14 17:35:19 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/04/14 17:35:17 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/04/14 17:35:16 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/04/14 17:35:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/04/14 17:35:13 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/04/14 17:35:09 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/04/14 17:35:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/04/14 17:34:20 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/04/14 17:34:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011/04/14 17:34:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011/04/14 17:34:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011/04/14 17:34:05 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011/04/14 17:34:03 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/04/14 17:34:02 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/04/14 17:34:02 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/04/14 17:33:57 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/04/14 17:33:57 | 000,220,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/04/14 17:33:57 | 000,098,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/04/14 17:33:52 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011/04/14 17:33:45 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/04/14 17:33:45 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/04/14 17:33:45 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/04/14 17:33:45 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/04/14 17:33:41 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011/04/14 17:33:41 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011/04/14 17:33:37 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011/04/14 17:33:34 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsquirt.exe
[2011/04/14 17:33:32 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/04/14 17:33:32 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/04/14 17:33:31 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/14 17:33:30 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011/04/14 17:33:29 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/04/14 17:33:28 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011/04/14 17:33:27 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011/04/14 17:33:26 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/04/14 17:31:11 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011/04/14 17:31:11 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011/04/14 17:31:11 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/04/14 17:27:09 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011/04/14 17:27:09 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011/04/14 17:27:09 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011/04/14 17:27:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011/04/14 17:27:06 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011/04/14 17:09:35 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011/04/14 17:09:34 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011/04/14 17:09:18 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011/04/14 17:09:18 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011/04/14 17:09:18 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011/04/14 17:09:11 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011/04/14 17:09:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/04/14 16:55:53 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/04/14 03:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Recovery Center
[2011/04/14 03:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2011/04/14 03:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2011/04/14 03:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2011/04/14 03:23:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2011/04/14 03:23:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterVideo WinDVD
[2011/04/14 03:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo
[2011/04/14 03:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[2011/04/14 03:22:06 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/04/14 03:22:06 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/04/14 03:22:06 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/04/14 03:22:06 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/04/14 03:22:05 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/04/14 03:22:05 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/04/14 03:22:05 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/04/14 03:22:05 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/04/14 03:22:05 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/04/14 03:22:05 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/04/14 03:22:05 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/04/14 03:22:05 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/04/14 03:22:04 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/04/14 03:22:02 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/04/14 03:22:01 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/04/14 03:22:01 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/04/14 03:22:01 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/04/14 03:22:01 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/04/14 03:22:01 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/04/14 03:22:01 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/04/14 03:22:01 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/04/14 03:22:00 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/04/14 03:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 2
[2011/04/14 03:21:48 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2011/04/14 03:21:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2011/04/14 03:21:38 | 000,000,000 | ---D | C] -- C:\Documentation
[2011/04/14 03:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Edit Components 6
[2011/04/14 03:16:08 | 000,155,648 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIwo.dll
[2011/04/14 03:16:08 | 000,147,456 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIds.dll
[2011/04/14 03:16:08 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIwd.dll
[2011/04/14 03:16:00 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Audio Suite
[2011/04/14 03:15:53 | 000,135,168 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangRUSony.dll
[2011/04/14 03:15:53 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangITSony.dll
[2011/04/14 03:15:53 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangFRSony.dll
[2011/04/14 03:15:53 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangESSony.dll
[2011/04/14 03:15:53 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangDESony.dll
[2011/04/14 03:15:53 | 000,077,824 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangJASony.dll
[2011/04/14 03:15:53 | 000,069,632 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangZHSony.dll
[2011/04/14 03:15:43 | 000,770,048 | ---- | C] (Gracenote) -- C:\Windows\System32\CDDBUISony.dll
[2011/04/14 03:15:43 | 000,655,360 | ---- | C] (Gracenote, Inc.) -- C:\Windows\System32\CDDBControlSony.dll
[2011/04/14 03:15:43 | 000,589,824 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbMusicIDSony.dll
[2011/04/14 03:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/04/14 03:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/04/14 03:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/04/14 03:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2011/04/14 03:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Easy Media Creator 10 LJ
[2011/04/14 03:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2011/04/14 03:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2011/04/14 03:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2011/04/14 03:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SiteAdvisor
[2011/04/14 03:10:31 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/04/14 03:10:24 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL
[2011/04/14 03:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Magic-i Visual Effects
[2011/04/14 03:10:23 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unicows.dll
[2011/04/14 03:10:23 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\ArcSoftKsUFilter.dll
[2011/04/14 03:10:23 | 000,017,408 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys
[2011/04/14 03:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2011/04/14 03:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/04/14 03:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/04/14 03:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2011/04/14 03:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/04/14 03:07:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011/04/14 03:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/04/14 03:05:39 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Video & Photo Suite
[2011/04/14 03:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\Google BAE
[2011/04/14 03:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/04/14 03:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/04/14 03:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/04/14 03:03:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Big Fish Games Center
[2011/04/14 03:01:43 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2011/04/14 02:57:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/04/14 02:56:03 | 001,690,096 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxsfs.dll
[2011/04/14 02:56:03 | 000,547,312 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxdrv.dll
[2011/04/14 02:56:03 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxafs.dll
[2011/04/14 02:56:03 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxhpinst.exe
[2011/04/14 02:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/04/14 02:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2011/04/14 02:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/04/14 02:54:34 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2011/04/14 02:54:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/04/14 02:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/04/14 02:53:55 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/04/14 02:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/04/14 02:52:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/04/14 02:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/04/14 02:52:24 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/04/14 02:51:44 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2011/04/14 02:16:41 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/04/14 02:09:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/04/13 21:17:30 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/04/13 20:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/04/13 20:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/04/13 20:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/04/13 20:23:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Malwarebytes
[2011/04/13 20:23:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/04/13 20:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/13 20:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/13 20:23:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/04/13 20:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/13 20:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/04/13 20:19:35 | 000,000,000 | ---D | C] -- C:\Update
[2011/04/13 20:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/04/13 20:02:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs
[2011/04/13 19:53:46 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Macromedia
[2011/04/13 19:53:35 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Google
[2011/04/13 19:48:30 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Sony_NSCE
[2011/04/13 19:48:22 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Sony Corporation
[2011/04/13 19:48:12 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Google
[2011/04/13 19:48:11 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\ATI
[2011/04/13 19:48:11 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\ATI
[2011/04/13 19:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/04/13 19:46:58 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\VirtualStore
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\Temporary Internet Files
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Templates
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Start Menu
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\SendTo
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Recent
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\PrintHood
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\NetHood
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Videos
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Pictures
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Music
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\My Documents
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Local Settings
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\History
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Cookies
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Application Data
[2011/04/13 19:46:48 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\Application Data
[2011/04/13 19:46:43 | 000,000,000 | --SD | C] -- C:\Users\Matt\AppData\Roaming\Microsoft
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Videos
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Searches
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Pictures
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Music
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Links
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Favorites
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Downloads
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Documents
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Desktop
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\Contacts
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/04/13 19:46:43 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/13 19:46:43 | 000,000,000 | -H-D | C] -- C:\Users\Matt\AppData
[2011/04/13 19:46:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Temp
[2011/04/13 19:46:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\Roaming
[2011/04/13 19:46:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Microsoft
[2011/04/13 19:46:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Media Center Programs
[2011/04/13 19:46:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Identities
[2011/04/13 19:46:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\Bluetooth Software
[2011/04/13 19:46:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\Bluetooth Exchange Folder
[2011/04/13 19:46:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Adobe

========== Files - Modified Within 30 Days ==========

[2011/04/20 16:00:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\OTL.exe
[2011/04/20 15:47:57 | 000,606,620 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/20 15:47:57 | 000,108,796 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/20 15:45:41 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Matt\Desktop\ATF-Cleaner.exe
[2011/04/20 15:40:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/20 15:40:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/20 15:40:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/20 15:39:43 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/19 20:03:13 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/04/18 16:29:17 | 000,000,714 | ---- | M] () -- C:\Users\Matt\Desktop\ERUNT.lnk
[2011/04/18 16:28:25 | 000,625,664 | ---- | M] () -- C:\Users\Matt\Desktop\dds.scr
[2011/04/18 16:26:22 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Matt\Desktop\erunt-setup.exe
[2011/04/15 18:26:37 | 000,000,938 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/04/14 19:51:37 | 000,000,943 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/14 19:49:00 | 000,334,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/14 03:40:54 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/04/14 03:27:43 | 000,000,040 | -H-- | M] () -- C:\Windows\System32\ivireg.ivr
[2011/04/14 03:21:35 | 000,000,000 | ---- | M] () -- C:\Windows\VAIOUpdt.INI
[2011/04/14 03:01:34 | 000,000,002 | ---- | M] () -- C:\Windows\System32\Snyres.oem
[2011/04/14 02:55:52 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2011/04/13 21:16:10 | 000,004,608 | ---- | M] () -- C:\Users\Matt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/13 20:38:38 | 000,432,311 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/04/13 20:26:43 | 000,001,055 | ---- | M] () -- C:\Users\Matt\Desktop\Spybot - Search & Destroy.lnk
[2011/04/13 20:23:38 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/13 20:22:16 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/04/13 20:05:25 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/04/13 20:04:43 | 000,001,808 | ---- | M] () -- C:\Users\Matt\Desktop\Microsoft Security Essentials.lnk
[2011/04/13 19:47:09 | 000,000,000 | RH-- | M] () -- C:\Windows\System32\drivers\Sony_VGN-FW11E.mrk

========== Files Created - No Company Name ==========

[2011/04/18 16:29:17 | 000,000,714 | ---- | C] () -- C:\Users\Matt\Desktop\ERUNT.lnk
[2011/04/18 16:28:17 | 000,625,664 | ---- | C] () -- C:\Users\Matt\Desktop\dds.scr
[2011/04/15 18:26:37 | 000,000,938 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/04/14 18:56:16 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/04/14 18:56:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/04/14 18:56:14 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/04/14 18:37:45 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/04/14 18:10:08 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/04/14 18:10:08 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/04/14 18:10:08 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/04/14 17:36:18 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/04/14 17:15:49 | 000,000,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2011/04/14 03:27:39 | 000,000,040 | -H-- | C] () -- C:\Windows\System32\ivireg.ivr
[2011/04/14 03:21:35 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2011/04/14 03:20:46 | 000,000,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO MusicBox.lnk
[2011/04/14 03:19:31 | 000,001,809 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media plus.lnk
[2011/04/14 03:19:09 | 000,000,947 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Guide.lnk
[2011/04/14 03:18:17 | 000,001,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2011/04/14 03:15:57 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2011/04/14 03:12:13 | 000,000,825 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Club VAIO.lnk
[2011/04/14 03:08:57 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/04/14 03:08:46 | 000,001,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk

[2011/04/14 03:07:07 | 000,000,914 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click to Disc Editor.lnk
[2011/04/14 03:06:03 | 000,001,551 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Movie Story.lnk
[2011/04/14 03:05:39 | 000,001,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click to Disc.lnk
[2011/04/14 03:05:39 | 000,001,850 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Content Exporter.lnk
[2011/04/14 03:01:34 | 000,000,002 | ---- | C] () -- C:\Windows\System32\Snyres.oem
[2011/04/14 03:01:18 | 000,002,034 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 4.0.lnk
[2011/04/14 02:57:51 | 000,000,996 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk
[2011/04/14 02:55:52 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/04/14 02:09:59 | 3219,169,280 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/13 21:16:09 | 000,004,608 | ---- | C] () -- C:\Users\Matt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/13 20:26:43 | 000,001,055 | ---- | C] () -- C:\Users\Matt\Desktop\Spybot - Search & Destroy.lnk
[2011/04/13 20:23:38 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/13 20:23:08 | 000,001,808 | ---- | C] () -- C:\Users\Matt\Desktop\Microsoft Security Essentials.lnk
[2011/04/13 20:22:16 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/04/13 20:05:25 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/04/13 20:04:43 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/04/13 20:04:25 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/04/13 19:53:33 | 000,000,943 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/13 19:47:09 | 000,000,000 | RH-- | C] () -- C:\Windows\System32\drivers\Sony_VGN-FW11E.mrk
[2011/04/13 19:46:47 | 000,000,680 | ---- | C] () -- C:\Users\Matt\AppData\Local\d3d9caps.dat
[2011/04/13 19:46:43 | 000,000,949 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/13 19:46:43 | 000,000,944 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/04/13 19:46:43 | 000,000,915 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/04/13 19:46:43 | 000,000,258 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/04/13 19:46:43 | 000,000,240 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2008/05/16 21:37:14 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/05/16 21:37:14 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/05/16 21:37:14 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/05/16 21:37:14 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/05/16 21:21:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/05/16 20:41:19 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/10/30 18:44:52 | 000,393,216 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007/09/12 00:57:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/09/12 00:54:26 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/04/16 11:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,334,472 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,606,620 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,108,796 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 21:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2011/04/19 20:03:13 | 000,024,114 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

OTL - Extras.txt

OTL Extras logfile created on: 20/04/2011 16:11:57 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Matt\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.65 Gb Total Space | 174.17 Gb Free Space | 78.23% Space Free | Partition Type: NTFS

Computer Name: MATT-LAPTOP | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B9D4953-4090-4134-9505-E292CFCACBAD}" = rport=445 | protocol=6 | dir=out | app=system |
"{330ECF3F-5500-4E3F-ACB5-9202C76B0180}" = lport=139 | protocol=6 | dir=in | app=system |
"{4575D617-FBDB-4732-88F8-5D118FAFC79B}" = lport=445 | protocol=6 | dir=in | app=system |
"{601CEA3E-3B69-4CBA-9CD1-773F0E0D34C8}" = lport=138 | protocol=17 | dir=in | app=system |
"{876528B1-F789-4E36-A7CC-37EB2CA0CC6D}" = rport=138 | protocol=17 | dir=out | app=system |
"{A673481A-05C3-47E7-A135-4DB9DD8AF00E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C5606D2B-CB48-438D-AE76-4843829741EA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CAC6DD75-97C9-43A7-B0A5-1FDEDC246116}" = rport=139 | protocol=6 | dir=out | app=system |
"{D21E586B-B21D-4197-8483-A838B84C24C6}" = lport=137 | protocol=17 | dir=in | app=system |
"{E4ECBAC8-7A70-4E93-9FB8-602718B845F1}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{239130E1-4A69-4C88-8A48-3E33A993045C}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{3CE2FECE-3725-4041-82F7-20F19CA42A58}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{66C0B7F9-1809-462D-8F27-5D2F7E7A078A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{94B689EA-77EC-44D6-A56E-73BAF0986D1F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9FD059AF-E40E-436D-8609-6C16D9CA02EA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AF2D3EC4-8911-488B-AB52-778049D44267}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{B6B1C0AD-7729-4F1E-8FE7-94EFF5593DC1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DDE6EB96-7C6D-4998-844B-B253F89C203D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{ED50C783-8A0E-49C0-B3EA-2E4DFAA36D45}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{02D63222-CF76-E080-74DD-975B1672ED67}" = Catalyst Control Center Core Implementation
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{0405000A-0570-549A-A819-3BCEEAA1B40B}" = Catalyst Control Center Localization Hungarian
"{06786A53-D2D8-47CD-696A-ABC83625EBFE}" = Catalyst Control Center Graphics Light
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14E7357F-487C-3BF6-7955-B898AA76306E}" = CCC Help Russian
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{16D9D199-E8A0-9FBA-DDF3-0E2D7826D694}" = Catalyst Control Center Localization Spanish
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18C24BF9-3B71-6F89-848C-D78C40197216}" = CCC Help Chinese Traditional
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1974FF16-2A0A-76AF-D948-0037B0CB8EB5}" = CCC Help Hungarian
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1E87F957-F850-D9F9-60F3-842955AAF519}" = Catalyst Control Center Localization German
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = VAIO Presentation Support
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi Software
"{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2C3D71B4-85C4-5FA9-859E-1413F94EF642}" = Catalyst Control Center Localization Greek
"{310395F2-9206-159B-43B0-BF63D9F01B61}" = Catalyst Control Center Localization Turkish
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide 
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{43DA617D-1B80-0B70-FAA0-52AFCE853F40}" = CCC Help Finnish
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4742375A-9BD3-46D0-E0CC-A8819D2E2C54}" = CCC Help Greek
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4BB5D5A7-F75E-D8D9-0DF8-AA2C1F188CEB}" = Catalyst Control Center Localization French
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FCBFEDD-0CBF-A4A8-79D3-E9EAD37336C9}" = CCC Help Chinese Standard
"{54C91EE3-65B9-A931-8382-12B2A02709F8}" = ATI Catalyst Install Manager
"{5511F0CC-59E0-02AD-941F-2323DA2BB377}" = CCC Help Swedish
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A29796D-2566-3ADA-043D-28C51CD7D4C3}" = Catalyst Control Center Localization Chinese Standard
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5D803295-DD78-0143-F64B-0D80852C43E9}" = CCC Help Italian
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Power Management
"{61FD2585-3337-8822-899B-68612742BA2F}" = Catalyst Control Center Localization Russian
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6C7196C0-D205-03E7-39A1-7A23AB69F659}" = CCC Help Czech
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70D43D66-53BF-257F-72FC-96FB33B39276}" = Catalyst Control Center Graphics Full New
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{723F5CDD-839A-FF16-4CFA-C4E0AA54A315}" = ccc-core-static
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{73BD4567-1C4E-8D45-1D28-3D469026A883}" = Skins
"{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting
"{761205A9-41DC-48C9-2CC1-F197D372DBEF}" = Catalyst Control Center Localization Italian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects
"{7E5DEF65-FE91-02F2-C291-22741AC34017}" = Catalyst Control Center Localization Danish
"{826E7114-AA2E-59AA-1916-2A753DC49153}" = ccc-utility
"{8299B94E-7F85-65A9-B0FA-6F6A8A6D4FBD}" = Catalyst Control Center Localization Thai
"{8626472F-7AD7-C83B-66FA-00E0A1C50A26}" = Catalyst Control Center Localization Swedish
"{8662A65A-A2A1-072C-708D-1C1262776F6A}" = CCC Help Thai
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C3CD8CF-7012-51E5-107B-5A8C75701E1A}" = CCC Help Dutch
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{918CFAF6-AC40-F2C8-C044-7FA95C8A7099}" = CCC Help German
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963B65F9-89C7-48BB-8E40-E7583DEC7C8D}" = SonicStage Mastering Studio
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Easy Media Creator 10 LJ
"{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library
"{A55A277A-4336-FACF-991A-52B51B8FAE78}" = Catalyst Control Center Localization Finnish
"{A5D54806-AA49-BBFF-A2D3-76FA3DF096FA}" = Catalyst Control Center Localization Korean
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{AAE442C0-F28B-8D58-1A1C-D566F9BCD294}" = Catalyst Control Center Localization Portuguese
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat 8 Standard - English, Français, Deutsch
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6B0D277-D003-307F-CF94-5F5894DFA3F1}" = Catalyst Control Center Graphics Full Existing
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4
"{BC653BB7-0AF0-22E5-A895-902AD52675CA}" = CCC Help Portuguese
"{BCEABBD6-6EDA-4246-7EDB-D68FCCD78A65}" = Catalyst Control Center Graphics Previews Common
"{BDD17603-CB75-0639-E6DA-0D9AA92A605B}" = CCC Help English
"{BF5F6A06-0FC3-BEC0-9CC1-54D870A9EF97}" = Catalyst Control Center Localization Chinese Traditional
"{C221CE66-9C07-8EA7-8EF6-AAD8E4588AE0}" = CCC Help French
"{C455F37C-E92E-5CEB-382D-8B8EC580266F}" = Catalyst Control Center Localization Norwegian
"{C6F150F6-AE89-30C7-6256-C40CF9328602}" = Catalyst Control Center Graphics Previews Vista
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C93F4E7C-1B31-449B-A304-EF277CF55E39}" = Catalyst Control Center - Branding
"{CBAE1EE5-F6E0-BDEF-0D49-C2AE46BE3B88}" = CCC Help Polish
"{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc
"{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story
"{D3AF5596-546F-5975-39B4-259A197C7E24}" = Catalyst Control Center Localization Japanese
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus
"{DDF57E4A-66B5-E9CC-C2A2-F2C98C57912C}" = CCC Help Turkish
"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E27D2C9F-83A1-A34C-E366-26EADB9270F7}" = Catalyst Control Center Localization Dutch
"{E2E7667F-C286-D110-7F9D-FC397A2607A8}" = CCC Help Danish
"{E7821540-B8F8-304F-1B97-C43D8582EB18}" = CCC Help Norwegian
"{E8CA49A5-25C6-D80A-ED46-9D48A8B5D5F5}" = CCC Help Japanese
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F06300A2-87AE-042F-DE0F-1A5E380877C5}" = Catalyst Control Center Localization Czech
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20E6529-0B46-FC26-378F-62CD640A98C4}" = Catalyst Control Center Localization Polish
"{F485E43D-18B1-4B40-AF4B-EDA78E91DA80}" = Dolby Control Center
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F754B561-ACAD-A3FA-AF54-3E5F9E662B04}" = CCC Help Korean
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{F8821B6D-B6C9-E676-9B7D-3269F36A1769}" = CCC Help Spanish
"{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 8 Standard - English, Français, Deutsch" = Adobe Acrobat 8 Standard - English, Français, Deutsch
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"dt icon module" =
"ERUNT_is1" = ERUNT 1.1j
"gtfirstboot Setting Request" =
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketingTools" = Vaio Marketing Tools
"MFU Module" =
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"ProInst" = Intel PROSet Wireless
"VAIO Help and Support" =
"VAIO_My Club VAIO" = My Club VAIO
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13/04/2011 14:47:31 | Computer Name = Matt-Laptop | Source = ESENT | ID = 215
Description = WinMail (4968) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 13/04/2011 14:55:50 | Computer Name = Matt-Laptop | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6001.18000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 113c Start Time: 01cbfa0c3080c154 Termination Time: 0

Error - 13/04/2011 15:04:24 | Computer Name = Matt-Laptop | Source = SPP | ID = 16387
Description =

Error - 13/04/2011 15:04:24 | Computer Name = Matt-Laptop | Source = System Restore | ID = 8193
Description =

Error - 13/04/2011 15:04:34 | Computer Name = Matt-Laptop | Source = SPP | ID = 16387
Description =

Error - 13/04/2011 15:04:34 | Computer Name = Matt-Laptop | Source = System Restore | ID = 8193
Description =

Error - 13/04/2011 15:07:21 | Computer Name = Matt-Laptop | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 13/04/2011 15:07:23 | Computer Name = Matt-Laptop | Source = WinMgmt | ID = 10
Description =

Error - 13/04/2011 15:27:13 | Computer Name = Matt-Laptop | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp
0x47918b89, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6,
exception code 0xc000071b, fault offset 0x00088ed9, process id 0x4f8, application
start time 0x01cbfa0df9c4b213.

Error - 13/04/2011 15:27:22 | Computer Name = Matt-Laptop | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 14/04/2011 12:10:08 | Computer Name = Matt-Laptop | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 14/04/2011 12:10:08 | Computer Name = Matt-Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 14/04/2011 12:10:08 | Computer Name = Matt-Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 14/04/2011 12:10:08 | Computer Name = Matt-Laptop | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 14/04/2011 12:10:08 | Computer Name = Matt-Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 14/04/2011 12:10:08 | Computer Name = Matt-Laptop | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 14/04/2011 12:10:08 | Computer Name = Matt-Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 14/04/2011 12:10:08 | Computer Name = Matt-Laptop | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 14/04/2011 12:18:04 | Computer Name = Matt-Laptop | Source = HTTP | ID = 15016
Description =

Error - 14/04/2011 12:18:10 | Computer Name = Matt-Laptop | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Hi,

This will remove click giftload

Run OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL



:processes
killallprocesses


:OTL


:Services

:Reg
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION]
"svchost.exe"=-

:Files


:Commands
[purity]
[emptytemp]
[RESETHOSTS]
[start explorer]
[Reboot]

Then click the Run Fix button at the top <--Not run scan
Let the program run unhindered, reboot when it is done
Then post the results of the log

Hi, see log from OTL below.


All processes killed
========== PROCESSES ==========
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION\\svchost.exe deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 171 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Matt
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 49038089 bytes
->Flash cache emptied: 1030 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17268 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 47.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.22.3 log created on 04202011_174222

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

How are things running now ?

Everything is running fine now. Just completed a scan with Spybot and it has found no threats.

Thank you very much for your time and help!

Your very welcome :)

Open OTL and click on CleanUp and it will remove programs we have used and there backups from your system


How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/So_how_did_I_get_infected_in_the_first_place_t57817.html)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)



Safe Surfn
Ken