Trojan Agent3.CKJE and Trojan PSW.Generic10.AIXT in Steam

Posted 11/24/2012 9:30 AM
#94740
User avatar

russ4570 Member

Date Joined Nov 2016
Total Posts: 5
Hi. Thaanks for the responce. I have read [url=jqs@sun.com]jqs@sun.com[/url]; c:\program files\Java\jre6\lib\deploy\jqs\ff <br/>FF - ExtSQL: 2012-10-28 18:46; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} <br/>FF - ExtSQL: 2012-10-28 18:46; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} <br/>FF - ExtSQL: 2012-11-13 17:23; {88c7f2aa-f93f-432c-8f0e-b7d85967a527}; c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\4fa742lb.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} <br/>. <br/>. <br/>************************************************************************** <br/>. <br/>catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2012-11-24 10:34 <br/>Windows 5.1.2600 Service Pack 3 NTFS <br/>. <br/>scanning hidden processes ... <br/>. <br/>scanning hidden autostart entries ... <br/>. <br/>scanning hidden files ... <br/>. <br/>scan completed successfully <br/>hidden files: 0 <br/>. <br/>************************************************************************** <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_USERS\S-1-5-21-1454471165-789336058-1801674531-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] <br/>"??"=hex:fc,ad,4d,33,86,25,93,d8,02,27,5d,2e,bb,8c,22,3f,60,db,60,6a,0e,2d,bd, <br/> 14,32,da,47,a1,53,d9,24,7a,60,ee,f9,a8,cb,04,e3,35,e3,d5,51,b8,aa,7b,0e,ca,\ <br/>"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49 <br/>. <br/>[HKEY_USERS\S-1-5-21-1454471165-789336058-1801674531-1004\Software\SecuROM\License information*] <br/>"datasecu"=hex:6c,40,f3,6b,7d,c3,a4,31,3f,0e,36,a9,de,a4,c5,7b,a9,85,c1,2e,03, <br/> 8f,51,3e,47,d5,9d,b8,a0,6a,45,d6,9a,9f,a6,5d,37,40,19,b4,63,a0,74,3d,77,99,\ <br/>"rkeysecu"=hex:f5,cb,0a,b7,66,66,ab,c0,c6,13,7f,f5,52,28,54,7d <br/>. <br/>--------------------- DLLs Loaded Under Running Processes --------------------- <br/>. <br/>- - - - - - - > 'winlogon.exe'(960) <br/>c:\windows\system32\Ati2evxx.dll <br/>c:\windows\system32\atiadlxx.dll <br/>. <br/>Completion time: 2012-11-24 10:34:54 <br/>ComboFix-quarantined-files.txt 2012-11-24 00:34 <br/>. <br/>Pre-Run: 14,177,292,288 bytes free <br/>Post-Run: 14,419,365,888 bytes free <br/>. <br/>WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe <br/>[boot loader] <br/>timeout=2 <br/>default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS <br/>[operating systems] <br/>c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons <br/>UnsupportedDebug="do not select this" /debug <br/>multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect <br/>. <br/>- - End Of File - - AA058A98C4F6CD23E14220BA6ACFD361
Posted 11/24/2012 9:54 PM
#94747
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Download OTL by OldTimer, saving it to your desktop: http://oldtimer.geekstogo.com/OTL.exe <br/> <br/> <br/>• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. <br/>• Select All Users <br/>• Under the Custom Scan box paste this in: <br/> <br/> <br/> <br/>netsvcs <br/>activex <br/>msconfig <br/>%SYSTEMDRIVE%\*. <br/>%PROGRAMFILES%\*.exe <br/>%LOCALAPPDATA%\*.exe <br/>%windir%\Installer\*.* <br/>%windir%\system32\tasks\*.* <br/>%systemroot%\Fonts\*.exe <br/>%systemroot%\*. /mp /s <br/>/md5start <br/>consrv.dll <br/>explorer.exe <br/>winlogon.exe <br/>regedit.exe <br/>Userinit.exe <br/>svchost.exe <br/>MRESP50.SYS <br/>CBPSp50.sys <br/>/md5stop <br/>C:\Windows\assembly\tmp\U\*.* /s <br/>%Temp%\smtmp\1\*.* <br/>%Temp%\smtmp\2\*.* <br/>%Temp%\smtmp\3\*.* <br/>%Temp%\smtmp\4\*.* <br/>>C:\commands.txt echo list vol /raw /hide /c <br/>/wait <br/>>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c <br/>/wait <br/>type c:\diskreport.txt /c <br/>/wait <br/>erase c:\commands.txt /hide /c <br/>/wait <br/>erase c:\diskreport.txt /hide /c <br/>CREATERESTOREPOINT <br/> [/b] <br/> <br/> <br/> <br/>• <br/>• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. <br/>• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. <br/>• Post both logs

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 11/24/2012 10:26 PM
#94748
User avatar

russ4570 Member

Date Joined Nov 2016
Total Posts: 5
As requested. <br/>OTL then Extras. (If steam is not started at computer start up then AVG does not find it!) <br/>Thanks for the assistance. <br/> <br/>OTL logfile created on: 25/11/2012 9:16:04 AM - Run 1 <br/>OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Desktop <br/>Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation <br/>Internet Explorer (Version = 6.0.2900.5512) <br/>Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy <br/> <br/>3.25 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 82.31% Memory free <br/>7.09 Gb Paging File | 6.47 Gb Available in Paging File | 91.27% Paging File free <br/>Paging file location(s): C:\pagefile.sys 4092 4092 [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files <br/>Drive C: | 39.06 Gb Total Space | 13.03 Gb Free Space | 33.36% Space Free | Partition Type: NTFS <br/>Drive D: | 426.69 Gb Total Space | 233.17 Gb Free Space | 54.65% Space Free | Partition Type: NTFS <br/>Drive E: | 603.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS <br/> <br/>Computer Name: USER-DCB363FC2E | User Name: User | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: All users | Quick Scan <br/>Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Processes (SafeList) ==========[/color] <br/> <br/>PRC - [2012/11/25 09:00:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe <br/>PRC - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe <br/>PRC - [2012/08/05 11:56:56 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe <br/>PRC - [2012/07/31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe <br/>PRC - [2012/07/26 03:23:08 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe <br/>PRC - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe <br/>PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe <br/>PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe <br/>PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe <br/>PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe <br/>PRC - [2011/04/19 14:28:26 | 006,606,232 | ---- | M] (Telstra) -- C:\Program Files\Telstra\Mobile Broadband Manager\TelstraUCM.exe <br/>PRC - [2010/09/02 17:39:44 | 000,230,768 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe <br/>PRC - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe <br/>PRC - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe <br/>PRC - [2010/05/07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- D:\Logitech\LWS\Webcam Software\LWS.exe <br/>PRC - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- D:\Logitech\LWS\Webcam Software\CameraHelperShell.exe <br/>PRC - [2008/04/14 22:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe <br/>PRC - [2007/11/01 17:13:26 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PCM4Everio\EverioService.exe <br/> <br/> <br/>[color=#E56717]========== Modules (No Company Name) ==========[/color] <br/> <br/>MOD - [2012/10/26 14:07:03 | 020,317,008 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll <br/>MOD - [2012/10/26 14:06:58 | 001,099,616 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll <br/>MOD - [2012/10/26 14:06:58 | 000,902,480 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll <br/>MOD - [2012/10/26 14:06:58 | 000,190,816 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll <br/>MOD - [2012/10/26 14:06:58 | 000,123,232 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll <br/>MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll <br/>MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll <br/>MOD - [2010/11/12 09:23:44 | 000,330,584 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll <br/>MOD - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe <br/>MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- D:\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll <br/>MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- D:\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll <br/>MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- D:\Logitech\LWS\Webcam Software\QTXml4.dll <br/>MOD - [2010/05/07 18:36:20 | 000,921,944 | ---- | M] () -- D:\Logitech\LWS\Webcam Software\QtNetwork4.dll <br/>MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- D:\Logitech\LWS\Webcam Software\QTGui4.dll <br/>MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- D:\Logitech\LWS\Webcam Software\QTCore4.dll <br/>MOD - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- D:\Logitech\LWS\Webcam Software\CameraHelperShell.exe <br/>MOD - [2010/03/11 03:35:38 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\sso4ml3.dll <br/>MOD - [2009/08/03 03:53:56 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\sso2mdu.dll <br/>MOD - [2009/08/03 03:53:54 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\sso2ml3.dll <br/>MOD - [2007/11/01 17:13:08 | 000,012,288 | ---- | M] () -- C:\Program Files\CyberLink\PCM4Everio\Kernel\common\CLEverioDetector.dll <br/>MOD - [2006/10/26 13:56:46 | 000,757,008 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL <br/> <br/> <br/>[color=#E56717]========== Services (SafeList) ==========[/color] <br/> <br/>SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) <br/>SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) <br/>SRV - [2012/11/18 21:36:41 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) <br/>SRV - [2012/10/28 18:46:16 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) <br/>SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) <br/>SRV - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) <br/>SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) <br/>SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) <br/>SRV - [2010/09/02 17:39:44 | 000,230,768 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe -- (SwiCardDetectSvc) <br/>SRV - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) <br/> <br/> <br/>[color=#E56717]========== Driver Services (SafeList) ==========[/color] <br/> <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) <br/>DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) <br/>DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) <br/>DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) <br/>DRV - File not found [Kernel | System | Stopped] -- -- (Changer) <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys -- (catchme) <br/>DRV - [2012/08/24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) <br/>DRV - [2012/07/26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) <br/>DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX) <br/>DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86) <br/>DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) <br/>DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim) <br/>DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter) <br/>DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) <br/>DRV - [2010/11/10 12:49:50 | 004,323,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) <br/>DRV - [2010/11/10 12:48:12 | 000,283,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) <br/>DRV - [2010/08/04 12:20:12 | 005,243,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) <br/>DRV - [2010/07/28 20:27:36 | 006,108,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) <br/>DRV - [2010/07/16 11:04:44 | 000,114,688 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet) <br/>DRV - [2010/07/16 11:04:44 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) <br/>DRV - [2010/07/16 11:04:44 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) <br/>DRV - [2010/07/16 11:04:44 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) <br/>DRV - [2010/07/16 11:04:44 | 000,007,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter) <br/>DRV - [2010/05/07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) <br/>DRV - [2009/11/18 09:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) <br/>DRV - [2009/11/18 09:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) <br/>DRV - [2007/11/22 15:55:52 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) <br/>DRV - [2007/07/20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) <br/>DRV - [2004/05/05 02:25:02 | 000,023,296 | ---- | M] (Magic Control Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\U2S2KXP.sys -- (U2SP) <br/> <br/> <br/>[color=#E56717]========== Standard Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Internet Explorer ==========[/color] <br/> <br/>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm <br/> <br/> <br/>IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/>IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/> <br/> <br/>IE - HKU\S-1-5-21-1454471165-789336058-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ <br/>IE - HKU\S-1-5-21-1454471165-789336058-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/>IE - HKU\S-1-5-21-1454471165-789336058-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local <br/> <br/>[color=#E56717]========== FireFox ==========[/color] <br/> <br/>FF - prefs.js..browser.search.defaultthis.engineName: " " <br/>FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}" <br/>FF - prefs.js..browser.search.selectedEngine: " " <br/>FF - prefs.js..browser.search.update: false <br/>FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/" <br/>FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35 <br/>FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189 <br/>FF - user.js - File not found <br/> <br/>FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () <br/>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found <br/>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () <br/>FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) <br/>FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found <br/>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) <br/> <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/09/11 16:47:44 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 17:43:23 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/28 18:46:16 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/28 18:46:11 | 000,000,000 | ---D | M] <br/> <br/>[2010/09/06 11:41:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions <br/>[2012/11/13 17:23:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4fa742lb.default\extensions <br/>[2012/08/30 17:46:22 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4fa742lb.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} <br/>[2012/11/13 17:23:07 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4fa742lb.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} <br/>[2012/08/29 11:12:56 | 000,000,000 | ---D | M] (English (Australian) Dictionary) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4fa742lb.default\extensions\en-AU@dictionaries.addons.mozilla.org <br/>[2011/05/14 13:51:15 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4fa742lb.default\searchplugins\conduit.xml <br/>[2012/10/28 18:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions <br/>[2012/10/28 18:46:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} <br/>[2012/10/28 18:46:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} <br/>[2012/07/03 17:43:23 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK <br/>[2012/10/28 18:46:16 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll <br/>[2012/08/29 11:12:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml <br/>[2012/10/28 18:46:15 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml <br/> <br/>[color=#E56717]========== Chrome ==========[/color] <br/> <br/>CHR - homepage: http://www.google.com <br/>CHR - homepage: http://www.google.com <br/>CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll <br/>CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer <br/>CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll <br/>CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll <br/>CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll <br/>CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll <br/>CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL <br/>CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll <br/>CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll <br/>CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll <br/>CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll <br/>CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll <br/>CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll <br/>CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll <br/>CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll <br/>CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll <br/>CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll <br/>CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll <br/>CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll <br/>CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll <br/>CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll <br/>CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll <br/>CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll <br/>CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll <br/>CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll <br/>CHR - Extension: Google Drive = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ <br/>CHR - Extension: YouTube = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ <br/>CHR - Extension: Google Search = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ <br/>CHR - Extension: AVG Safe Search = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\ <br/>CHR - Extension: AVG Do Not Track = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\ <br/>CHR - Extension: Gmail = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ <br/> <br/>O1 HOSTS File: ([2012/11/24 10:34:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts <br/>O1 - Hosts: 127.0.0.1 localhost <br/>O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) <br/>O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) <br/>O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) <br/>O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) <br/>O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) <br/>O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) <br/>O4 - HKLM..\Run: [BigPondWirelessBroadbandCM] C:\Program Files\Telstra\Mobile Broadband Manager\TelstraUCM.exe (Telstra) <br/>O4 - HKLM..\Run: [EverioService] C:\Program Files\CyberLink\PCM4Everio\EverioService.exe (CyberLink Corp.) <br/>O4 - HKLM..\Run: [LWS] D:\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) <br/>O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) <br/>O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) <br/>O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () <br/>O4 - HKLM..\Run: [UpdatePDRShortCut] D:\CyberLink\PowerDirector10\PowerDirector10\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) <br/>O4 - HKU\S-1-5-21-1454471165-789336058-1801674531-1004..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) <br/>O4 - Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = D:\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech) <br/>O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 <br/>O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 <br/>O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 <br/>O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 <br/>O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 <br/>O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 <br/>O7 - HKU\S-1-5-21-1454471165-789336058-1801674531-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-21-1454471165-789336058-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 <br/>O7 - HKU\S-1-5-21-1454471165-789336058-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 <br/>O7 - HKU\S-1-5-21-1454471165-789336058-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) <br/>O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) <br/>O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) <br/>O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) <br/>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) <br/>O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) <br/>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) <br/>O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) <br/>O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) <br/>O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) <br/>O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) <br/>O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) <br/>O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp <br/>O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp <br/>O32 - HKLM CDRom: AutoRun - 1 <br/>O32 - AutoRun File - [2010/09/04 10:48:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] <br/>O32 - AutoRun File - [2004/08/28 10:52:48 | 000,000,051 | R--- | M] () - E:\autorun.inf -- [ CDFS ] <br/>O34 - HKLM BootExecute: (autocheck autochk *) <br/>O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) <br/>O35 - HKLM\..comfile [open] -- "%1" %* <br/>O35 - HKLM\..exefile [open] -- "%1" %* <br/>O37 - HKLM\...com [@ = ComFile] -- "%1" %* <br/>O37 - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) <br/> <br/>NetSvcs: 6to4 - File not found <br/>NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found <br/>NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found <br/>NetSvcs: Ias - File not found <br/>NetSvcs: Iprip - File not found <br/>NetSvcs: Irmon - File not found <br/>NetSvcs: NWCWorkstation - File not found <br/>NetSvcs: Nwsapagent - File not found <br/>NetSvcs: WmdmPmSp - File not found <br/> <br/>ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) <br/>ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML) <br/>ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow <br/>ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 <br/>ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation <br/>ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll <br/>ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java <br/>ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack <br/>ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe <br/>ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring <br/>ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install <br/>ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT <br/>ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow <br/>ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx <br/>ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help <br/>ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf <br/>ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes <br/>ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 <br/>ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser <br/>ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW <br/>ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools <br/>ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements <br/>ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player <br/>ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access <br/>ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework <br/>ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders <br/>ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install <br/>ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll <br/>ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe <br/>ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install <br/>ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding <br/>ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - <br/>ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts <br/>ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler <br/>ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 <br/>ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash <br/>ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help <br/>ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface <br/>ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP <br/>ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE <br/>ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP <br/>ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE <br/> <br/>MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) <br/>MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) <br/>MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) <br/>MsConfig - State: "system.ini" - 0 <br/>MsConfig - State: "win.ini" - 0 <br/>MsConfig - State: "bootini" - 0 <br/>MsConfig - State: "services" - 0 <br/>MsConfig - State: "startup" - 2 <br/> <br/>CREATERESTOREPOINT <br/>Restore point Set: OTL Restore Point <br/> <br/>[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] <br/> <br/>[2012/11/25 09:00:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe <br/>[2012/11/24 10:41:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER <br/>[2012/11/24 10:31:43 | 000,000,000 | RHSD | C] -- C:\cmdcons <br/>[2012/11/24 10:30:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe <br/>[2012/11/24 10:30:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe <br/>[2012/11/24 10:30:10 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe <br/>[2012/11/24 10:30:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe <br/>[2012/11/24 10:28:38 | 000,000,000 | ---D | C] -- C:\Qoobox <br/>[2012/11/24 10:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt <br/>[2012/11/24 10:03:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent <br/>[2012/11/24 09:22:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\User\My Documents\cc cleaner registry back up <br/>[2012/11/24 09:18:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner <br/>[2012/11/14 18:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Atari <br/>[2012/11/14 17:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Profiles <br/>[2012/10/28 18:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox <br/>[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] <br/>[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files - Modified Within 30 Days ==========[/color] <br/> <br/>[2012/11/25 09:15:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job <br/>[2012/11/25 09:03:41 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job <br/>[2012/11/25 09:03:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl <br/>[2012/11/25 09:03:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat <br/>[2012/11/25 09:00:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe <br/>[2012/11/25 08:26:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job <br/>[2012/11/25 08:02:46 | 101,103,245 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm <br/>[2012/11/24 10:34:04 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts <br/>[2012/11/24 10:31:46 | 000,000,327 | RHS- | M] () -- C:\boot.ini <br/>[2012/11/24 09:18:47 | 000,000,482 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk <br/>[2012/11/19 18:27:04 | 000,092,323 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm <br/>[2012/11/14 18:07:18 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Deer Hunter - The 2005 Season.lnk <br/>[2012/11/13 17:22:54 | 000,017,925 | ---- | M] () -- D:\Documents and Settings\User\My Documents\Deer Hunter Cheats.pdf <br/>[2012/11/01 21:14:09 | 000,123,904 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini <br/>[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] <br/>[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files Created - No Company Name ==========[/color] <br/> <br/>[2012/11/24 10:31:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak <br/>[2012/11/24 10:31:44 | 000,260,272 | RHS- | C] () -- C:\cmldr <br/>[2012/11/24 10:30:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe <br/>[2012/11/24 10:30:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe <br/>[2012/11/24 10:30:10 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe <br/>[2012/11/24 10:30:10 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe <br/>[2012/11/24 10:30:10 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe <br/>[2012/11/24 09:18:47 | 000,000,482 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk <br/>[2012/11/14 18:07:18 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Deer Hunter - The 2005 Season.lnk <br/>[2012/11/13 17:22:54 | 000,017,925 | ---- | C] () -- D:\Documents and Settings\User\My Documents\Deer Hunter Cheats.pdf <br/>[2012/09/04 20:00:17 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\dt.dat <br/>[2012/05/01 18:51:07 | 000,088,576 | ---- | C] () -- C:\WINDOWS\UNINSTCC.EXE <br/>[2012/04/16 18:48:33 | 000,000,305 | ---- | C] () -- C:\WINDOWS\game.ini <br/>[2012/02/20 16:36:02 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin <br/>[2012/02/20 16:36:00 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin <br/>[2012/02/20 16:36:00 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin <br/>[2012/02/20 16:35:53 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin <br/>[2011/05/04 20:30:09 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll <br/>[2011/03/05 08:18:42 | 000,139,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys <br/>[2011/03/05 08:18:27 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\User\Application Data\PnkBstrK.sys <br/>[2011/03/05 08:17:39 | 000,111,928 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe <br/>[2011/03/05 08:17:38 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe <br/>[2011/03/05 08:17:38 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe <br/>[2010/09/06 11:01:38 | 000,123,904 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini <br/> <br/>[color=#E56717]========== ZeroAccess Check ==========[/color] <br/> <br/>[2012/03/27 18:36:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/>"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 22:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Apartment <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] <br/>"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 22:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Free <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] <br/>"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 22:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Both <br/> <br/>[color=#E56717]========== LOP Check ==========[/color] <br/> <br/>[2010/09/06 11:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo <br/>[2012/05/19 10:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012 <br/>[2012/05/18 17:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 <br/>[2012/09/15 14:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ChairGun3 <br/>[2011/03/16 19:20:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files <br/>[2012/03/10 15:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core <br/>[2012/03/10 15:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts <br/>[2012/11/25 08:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData <br/>[2012/03/10 15:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield <br/>[2012/03/10 13:27:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Telstra <br/>[2012/04/28 20:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} <br/>[2010/09/06 11:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ashampoo <br/>[2012/05/19 09:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG2012 <br/>[2010/11/09 20:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Command & Conquer 3 Tiberium Wars <br/>[2011/03/29 08:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GARMIN <br/>[2012/03/13 18:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech <br/>[2012/03/10 13:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Sierra Wireless <br/>[2012/03/10 13:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Telstra <br/>[2012/11/24 09:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent <br/> <br/>[color=#E56717]========== Purity Check ==========[/color] <br/> <br/> <br/> <br/>[color=#E56717]========== Custom Scans ==========[/color] <br/> <br/>[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color] <br/>[2012/05/19 09:53:23 | 000,000,000 | ---D | M] -- C:\$AVG <br/>[2010/09/06 16:18:21 | 000,000,000 | ---D | M] -- C:\ATI <br/>[2012/11/24 10:31:46 | 000,000,000 | RHSD | M] -- C:\cmdcons <br/>[2010/09/04 10:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings <br/>[2012/03/28 17:43:51 | 000,000,000 | ---D | M] -- C:\F5U109 <br/>[2010/09/04 11:27:43 | 000,000,000 | ---D | M] -- C:\Intel <br/>[2010/11/13 16:47:08 | 000,000,000 | R--D | M] -- C:\MSOCache <br/>[2012/02/20 16:34:30 | 000,000,000 | ---D | M] -- C:\NVIDIA <br/>[2012/10/28 18:47:22 | 000,000,000 | R--D | M] -- C:\Program Files <br/>[2012/11/24 10:34:56 | 000,000,000 | ---D | M] -- C:\Qoobox <br/>[2012/11/24 10:41:54 | 000,000,000 | -HSD | M] -- C:\RECYCLER <br/>[2011/05/14 19:31:47 | 000,000,000 | -HSD | M] -- C:\System Volume Information <br/>[2012/11/24 10:34:09 | 000,000,000 | ---D | M] -- C:\WINDOWS <br/> <br/>[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color] <br/>Invalid Environment Variable: LOCALAPPDATA <br/> <br/>[color=#A23BEC]< %windir%\Installer\*.* >[/color] <br/>[2011/11/17 22:56:41 | 001,435,136 | ---- | M] () -- C:\WINDOWS\Installer\13ff4c5.msi <br/>[2012/04/16 18:48:29 | 008,742,912 | ---- | M] () -- C:\WINDOWS\Installer\141128.msi <br/>[2012/04/16 19:02:49 | 005,521,920 | ---- | M] () -- C:\WINDOWS\Installer\14112d.msi <br/>[2012/03/27 18:54:05 | 000,766,976 | ---- | M] () -- C:\WINDOWS\Installer\166aa1.msi <br/>[2012/03/27 18:54:46 | 000,799,232 | ---- | M] () -- C:\WINDOWS\Installer\166ab7.msi <br/>[2012/02/20 16:36:44 | 001,598,464 | ---- | M] () -- C:\WINDOWS\Installer\28b29.msi <br/>[2012/05/04 18:24:55 | 031,876,096 | ---- | M] () -- C:\WINDOWS\Installer\2c765c.msi <br/>[2012/09/17 17:15:14 | 000,022,016 | ---- | M] () -- C:\WINDOWS\Installer\2d0af6.msi <br/>[2012/11/18 17:45:16 | 002,208,768 | ---- | M] () -- C:\WINDOWS\Installer\36bc2.msi <br/>[2011/03/05 08:17:16 | 031,465,472 | ---- | M] () -- C:\WINDOWS\Installer\3c430.msi <br/>[2012/03/10 14:21:13 | 000,228,352 | ---- | M] () -- C:\WINDOWS\Installer\41ab1d.msi <br/>[2012/04/28 19:57:33 | 001,769,984 | ---- | M] () -- C:\WINDOWS\Installer\4b90bf.msi <br/>[2012/04/28 20:01:25 | 001,530,368 | ---- | M] () -- C:\WINDOWS\Installer\4b9102.msi <br/>[2012/04/28 20:01:53 | 002,002,432 | ---- | M] () -- C:\WINDOWS\Installer\4b910d.msi <br/>[2012/04/28 20:02:21 | 001,718,784 | ---- | M] () -- C:\WINDOWS\Installer\4b9113.msi <br/>[2012/04/28 20:03:22 | 004,288,000 | ---- | M] () -- C:\WINDOWS\Installer\4b9117.msi <br/>[2010/09/30 17:35:00 | 001,094,144 | ---- | M] () -- C:\WINDOWS\Installer\5a111.msi <br/>[2012/03/10 15:05:28 | 003,582,976 | ---- | M] () -- C:\WINDOWS\Installer\5d5e8.msi <br/>[2010/09/08 11:02:12 | 000,331,264 | ---- | M] () -- C:\WINDOWS\Installer\5ec01f.msi <br/>[2012/03/27 18:36:41 | 002,109,440 | ---- | M] () -- C:\WINDOWS\Installer\617d5.msi <br/>[2012/09/11 16:47:47 | 005,174,272 | ---- | M] () -- C:\WINDOWS\Installer\635d0.msi <br/>[2012/10/06 08:01:05 | 000,900,096 | ---- | M] () -- C:\WINDOWS\Installer\63c4f.msi <br/>[2012/10/06 08:01:32 | 000,203,776 | ---- | M] () -- C:\WINDOWS\Installer\63c5f.msi <br/>[2012/06/25 18:08:37 | 001,259,008 | ---- | M] () -- C:\WINDOWS\Installer\708b5.msi <br/>[2012/08/30 18:38:36 | 000,282,112 | ---- | M] () -- C:\WINDOWS\Installer\78f642.msi <br/>[2010/09/06 11:39:43 | 000,424,448 | ---- | M] () -- C:\WINDOWS\Installer\81db3e.msi <br/>[2010/09/06 11:43:22 | 003,940,352 | ---- | M] () -- C:\WINDOWS\Installer\81db42.msi <br/>[2010/09/04 10:59:46 | 000,264,704 | ---- | M] () -- C:\WINDOWS\Installer\84fc4.msi <br/>[2012/03/13 18:27:53 | 000,064,512 | ---- | M] () -- C:\WINDOWS\Installer\878a04.msi <br/>[2012/03/13 18:28:02 | 000,027,136 | ---- | M] () -- C:\WINDOWS\Installer\878a0a.msi <br/>[2012/03/13 18:28:33 | 000,119,296 | ---- | M] () -- C:\WINDOWS\Installer\878a10.msi <br/>[2012/03/13 18:28:37 | 000,023,552 | ---- | M] () -- C:\WINDOWS\Installer\878a16.msi <br/>[2012/03/13 18:29:22 | 000,240,640 | ---- | M] () -- C:\WINDOWS\Installer\878a1c.msi <br/>[2012/03/13 18:29:27 | 000,023,040 | ---- | M] () -- C:\WINDOWS\Installer\878a22.msi <br/>[2012/03/13 18:29:30 | 000,023,552 | ---- | M] () -- C:\WINDOWS\Installer\878a28.msi <br/>[2012/03/13 18:29:55 | 000,030,208 | ---- | M] () -- C:\WINDOWS\Installer\878a2e.msi <br/>[2012/03/13 18:30:06 | 000,024,576 | ---- | M] () -- C:\WINDOWS\Installer\878a34.msi <br/>[2012/03/13 18:30:10 | 000,023,552 | ---- | M] () -- C:\WINDOWS\Installer\878a3a.msi <br/>[2012/03/13 18:30:13 | 000,023,040 | ---- | M] () -- C:\WINDOWS\Installer\878a40.msi <br/>[2012/03/13 18:30:21 | 000,030,720 | ---- | M] () -- C:\WINDOWS\Installer\878a46.msi <br/>[2012/03/13 18:30:24 | 000,030,208 | ---- | M] () -- C:\WINDOWS\Installer\878a4c.msi <br/>[2012/03/13 18:30:28 | 000,023,040 | ---- | M] () -- C:\WINDOWS\Installer\878a52.msi <br/>[2012/03/27 18:41:12 | 000,539,648 | ---- | M] () -- C:\WINDOWS\Installer\9277c.msi <br/>[2012/03/27 18:41:52 | 000,537,088 | ---- | M] () -- C:\WINDOWS\Installer\92780.msi <br/>[2012/03/27 18:42:31 | 000,493,056 | ---- | M] () -- C:\WINDOWS\Installer\92784.msi <br/>[2012/03/10 13:19:11 | 002,145,280 | ---- | M] () -- C:\WINDOWS\Installer\9a60b.msi <br/>[2012/08/05 15:22:45 | 009,474,048 | ---- | M] () -- C:\WINDOWS\Installer\b405d4.msi <br/>[2010/11/13 16:47:26 | 002,397,184 | ---- | M] () -- C:\WINDOWS\Installer\b781fc.msi <br/>[2010/11/13 16:47:32 | 000,501,248 | ---- | M] () -- C:\WINDOWS\Installer\b78202.msi <br/>[2010/11/13 16:47:36 | 001,713,152 | ---- | M] () -- C:\WINDOWS\Installer\b78208.msi <br/>[2010/11/13 16:47:42 | 002,022,912 | ---- | M] () -- C:\WINDOWS\Installer\b7820e.msi <br/>[2010/11/13 16:47:46 | 001,640,960 | ---- | M] () -- C:\WINDOWS\Installer\b78214.msi <br/>[2010/11/13 16:47:49 | 000,048,128 | ---- | M] () -- C:\WINDOWS\Installer\b7821d.msi <br/>[2010/11/13 16:47:54 | 001,647,616 | ---- | M] () -- C:\WINDOWS\Installer\b78223.msi <br/>[2010/11/13 16:47:57 | 000,501,248 | ---- | M] () -- C:\WINDOWS\Installer\b78229.msi <br/>[2010/11/13 16:48:01 | 002,319,872 | ---- | M] () -- C:\WINDOWS\Installer\b7822f.msi <br/>[2010/11/13 16:48:08 | 000,513,024 | ---- | M] () -- C:\WINDOWS\Installer\b78235.msi <br/>[2010/11/13 16:48:13 | 000,516,608 | ---- | M] () -- C:\WINDOWS\Installer\b7823c.msi <br/>[2010/11/13 16:48:18 | 000,506,880 | ---- | M] () -- C:\WINDOWS\Installer\b78243.msi <br/>[2010/11/13 16:48:22 | 000,501,248 | ---- | M] () -- C:\WINDOWS\Installer\b78249.msi <br/>[2010/11/13 16:48:26 | 001,652,736 | ---- | M] () -- C:\WINDOWS\Installer\b7824f.msi <br/>[2010/11/13 16:48:29 | 001,652,736 | ---- | M] () -- C:\WINDOWS\Installer\b78255.msi <br/>[2010/11/13 16:48:34 | 001,652,736 | ---- | M] () -- C:\WINDOWS\Installer\b7825b.msi <br/>[2010/11/13 16:48:37 | 000,501,248 | ---- | M] () -- C:\WINDOWS\Installer\b78261.msi <br/>[2010/11/13 16:48:40 | 001,640,960 | ---- | M] () -- C:\WINDOWS\Installer\b78267.msi <br/>[2010/11/13 16:49:35 | 018,181,632 | ---- | M] () -- C:\WINDOWS\Installer\b7826f.msi <br/>[2012/03/13 19:21:23 | 001,605,120 | ---- | M] () -- C:\WINDOWS\Installer\b8739f.msi <br/>[2012/08/29 19:25:33 | 000,392,704 | ---- | M] () -- C:\WINDOWS\Installer\d08e06.msi <br/>[2012/08/29 19:26:39 | 002,404,864 | ---- | M] () -- C:\WINDOWS\Installer\d08e62.msi <br/>[2012/08/29 19:28:28 | 000,282,112 | ---- | M] () -- C:\WINDOWS\Installer\d08e66.msi <br/>[2012/08/29 19:29:42 | 000,282,112 | ---- | M] () -- C:\WINDOWS\Installer\d08e6a.msi <br/>[2010/09/06 16:19:00 | 000,219,648 | ---- | M] () -- C:\WINDOWS\Installer\fae39e.msi <br/>[2010/09/06 16:19:00 | 000,435,712 | ---- | M] () -- C:\WINDOWS\Installer\fae3a4.msi <br/>[2010/09/06 16:19:02 | 001,597,440 | ---- | M] () -- C:\WINDOWS\Installer\fae3ab.msi <br/>[2012/04/28 20:02:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Installer\wix{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}.SchedServiceConfig.rmi <br/> <br/>[color=#A23BEC]< %windir%\system32\tasks\*.* >[/color] <br/> <br/>[color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color] <br/> <br/>[color=#A23BEC]< %systemroot%\*. /mp /s >[/color] <br/> <br/>[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] <br/>[2008/04/14 22:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\erdnt\cache\explorer.exe <br/>[2008/04/14 22:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe <br/>[2008/04/14 22:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe <br/> <br/>[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color] <br/>[2008/04/14 22:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\erdnt\cache\regedit.exe <br/>[2008/04/14 22:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\regedit.exe <br/>[2008/04/14 22:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\system32\dllcache\regedit.exe <br/> <br/>[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] <br/>[2008/04/14 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\erdnt\cache\svchost.exe <br/>[2008/04/14 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe <br/>[2008/04/14 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe <br/> <br/>[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] <br/>[2008/04/14 22:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\erdnt\cache\userinit.exe <br/>[2008/04/14 22:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe <br/>[2008/04/14 22:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe <br/> <br/>[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] <br/>[2008/04/14 22:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\erdnt\cache\winlogon.exe <br/>[2008/04/14 22:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe <br/>[2008/04/14 22:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe <br/> <br/>[color=#A23BEC]< C:\Windows\assembly\tmp\U\*.* /s >[/color] <br/>[2010/09/04 10:47:43 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini <br/>[2010/09/04 10:51:31 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT <br/>[2011/04/19 19:22:55 | 000,000,878 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job <br/>[2011/04/19 19:22:56 | 000,000,882 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job <br/>[2012/05/02 19:18:36 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\1\*.* >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\2\*.* >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\3\*.* >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\4\*.* >[/color] <br/> <br/>[color=#A23BEC]< type c:\diskreport.txt /c >[/color] <br/>Microsoft DiskPart version 5.1.3565 <br/>Copyright (C) 1999-2003 Microsoft Corporation. <br/>On computer: USER-DCB363FC2E <br/> Volume ### Ltr Label Fs Type Size Status Info <br/> ---------- --- ----------- ----- ---------- ------- --------- -------- <br/> Volume 0 E DH2005 CDFS DVD-ROM 603 MB <br/> Volume 1 C Windows NTFS Partition 39 GB Healthy System <br/> Volume 2 D Documents a NTFS Partition 427 GB Healthy <br/> Volume 3 F Removeable 0 B <br/> Volume 4 H Removeable 0 B <br/> <br/>< End of report > <br/> <br/>OTL Extras logfile created on: 25/11/2012 9:16:05 AM - Run 1 <br/>OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Desktop <br/>Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation <br/>Internet Explorer (Version = 6.0.2900.5512) <br/>Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy <br/> <br/>3.25 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 82.31% Memory free <br/>7.09 Gb Paging File | 6.47 Gb Available in Paging File | 91.27% Paging File free <br/>Paging file location(s): C:\pagefile.sys 4092 4092 [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files <br/>Drive C: | 39.06 Gb Total Space | 13.03 Gb Free Space | 33.36% Space Free | Partition Type: NTFS <br/>Drive D: | 426.69 Gb Total Space | 233.17 Gb Free Space | 54.65% Space Free | Partition Type: NTFS <br/>Drive E: | 603.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS <br/> <br/>Computer Name: USER-DCB363FC2E | User Name: User | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: All users | Quick Scan <br/>Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Extra Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== File Associations ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] <br/>.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* <br/>.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l <br/> <br/>[color=#E56717]========== Shell Spawning ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] <br/>batfile [open] -- "%1" %* <br/>cmdfile [open] -- "%1" %* <br/>comfile [open] -- "%1" %* <br/>cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* <br/>exefile [open] -- "%1" %* <br/>https [open] -- Reg Error: Key error. <br/>InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l <br/>piffile [open] -- "%1" %* <br/>regfile [merge] -- Reg Error: Key error. <br/>scrfile [config] -- "%1" <br/>scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l <br/>scrfile [open] -- "%1" /S <br/>txtfile [edit] -- Reg Error: Key error. <br/>Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 <br/>Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) <br/>Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) <br/>Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/> <br/>[color=#E56717]========== Security Center Settings ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] <br/>"FirstRunDisabled" = 1 <br/>"AntiVirusDisableNotify" = 0 <br/>"FirewallDisableNotify" = 0 <br/>"UpdatesDisableNotify" = 0 <br/>"AntiVirusOverride" = 0 <br/>"FirewallOverride" = 0 <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] <br/> <br/>[color=#E56717]========== System Restore Settings ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] <br/>"DisableSR" = 0 <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] <br/>"Start" = 0 <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] <br/>"Start" = 2 <br/> <br/>[color=#E56717]========== Firewall Settings ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] <br/>"EnableFirewall" = 1 <br/>"DoNotAllowExceptions" = 0 <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] <br/> <br/>[color=#E56717]========== Authorized Applications List ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] <br/>"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) <br/>"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] <br/>"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) <br/>"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) <br/>"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) <br/>"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) <br/>"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) <br/>"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) <br/>"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- () <br/>"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- () <br/>"D:\Activision\Wolfenstein\MP\Wolf2MP.exe" = D:\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM) -- (Activision) <br/>"D:\Activision\Wolfenstein\MP\Wolf2MPLite.exe" = D:\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM) -- (Activision) <br/>"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) <br/>"C:\Program Files\Steam\SteamApps\common\call of duty black ops\BlackOps.exe" = C:\Program Files\Steam\SteamApps\common\call of duty black ops\BlackOps.exe:*:Enabled:Call of Duty: Black Ops -- () <br/>"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) <br/>"D:\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = D:\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- () <br/>"D:\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = D:\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH) <br/>"D:\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = D:\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH) <br/>"C:\Program Files\Steam\SteamApps\common\sniper ghost warrior\Sniper_x86.exe" = C:\Program Files\Steam\SteamApps\common\sniper ghost warrior\Sniper_x86.exe:*:Enabled:Sniper: Ghost Warrior -- (City Interactive) <br/>"D:\UBISOFT\Ghost Recon Advanced Warfighter 2\graw2.exe" = D:\UBISOFT\Ghost Recon Advanced Warfighter 2\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2 -- () <br/>"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) <br/>"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.) <br/>"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) <br/>"D:\EA Games\Command & Conquer Generals Zero Hour\patchget.dat" = D:\EA Games\Command & Conquer Generals Zero Hour\patchget.dat:*:Enabled:patchgrabber -- (Electronic Arts) <br/>"D:\uTorrent\uTorrent.exe" = D:\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) <br/>"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.) <br/>"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.) <br/>"D:\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe" = D:\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe:*:Enabled:Frontlines Game -- (Kaos Studios) <br/>"C:\Program Files\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe" = C:\Program Files\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe:*:Enabled:Call of Duty: Black Ops - Multiplayer -- () <br/>"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.) <br/>"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.) <br/>"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.) <br/>"D:\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe" = D:\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2 -- (Crytek GmbH) <br/> <br/> <br/>[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] <br/>"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) <br/>"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam <br/>"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video <br/>"{08E3DDC8-E020-5903-31AE-D6B593FE8323}" = Catalyst Control Center InstallProxy <br/>"{0C305FC9-42C8-4FBE-819D-9C72CB356F09}" = Telstra Mobile Broadband Manager <br/>"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime <br/>"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects <br/>"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi <br/>"{16115E10-502B-4EA0-BD39-4DA329AD89E2}" = BELKIN F5U109 V1.25 <br/>"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main <br/>"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter <br/>"{1829AFBC-19F5-B1FE-73B1-30FF9DA49062}" = ATI Catalyst Install Manager <br/>"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin <br/>"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes <br/>"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35 <br/>"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor <br/>"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP <br/>"{39CEE1F2-12B6-4C50-9131-04BFCA110578}" = PowerCinema NE for Everio <br/>"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT <br/>"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater <br/>"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth <br/>"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 <br/>"{68D87115-D09B-4CB3-AC58-308582DC7775}" = TTS MasterTune Delphi Manuals v180 <br/>"{6E4F4268-876D-485B-9CCE-6C67263682CF}" = TTS DataMaster-HD Delphi v183 <br/>"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery <br/>"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 <br/>"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection <br/>"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable <br/>"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update <br/>"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour <br/>"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable <br/>"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher <br/>"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software <br/>"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 <br/>"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 <br/>"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 <br/>"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 <br/>"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 <br/>"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 <br/>"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 <br/>"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 <br/>"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 <br/>"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 <br/>"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 <br/>"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 <br/>"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 <br/>"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 <br/>"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 <br/>"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 <br/>"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 <br/>"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 <br/>"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 <br/>"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin <br/>"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper <br/>"{ABEC4C47-2E98-49BF-AF8E-06316B6B2BB9}" = AVG 2012 <br/>"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3 <br/>"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10 <br/>"{B1064B6C-3549-447C-8E64-44B8824316A4}" = TTS Software Updater v121 <br/>"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application <br/>"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012 <br/>"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call <br/>"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer <br/>"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX <br/>"{C711E88C-9DC2-4254-A989-D6E017844DDF}" = Frontlines: Fuel of War <br/>"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver <br/>"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software <br/>"{DFD89DF9-8A24-4389-91AC-64EF4C8AE3AE}" = TTS VTune-HD v180 <br/>"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) <br/>"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support <br/>"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express <br/>"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 <br/>"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker <br/>"{EFA1781B-D89B-4072-9102-583562741E4A}" = TTS MasterTune-HD Delphi v184 <br/>"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support <br/>"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver <br/>"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour <br/>"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2 <br/>"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein <br/>"{FCE7F6A7-4AE6-4926-A15F-7B4EF6881438}_is1" = Hawke ChairGun Pro 1.0.5b <br/>"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook <br/>"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin <br/>"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE <br/>"AVG" = AVG 2012 <br/>"CCleaner" = CCleaner <br/>"Deer Hunter 2005_is1" = Deer Hunter - The 2005 Season <br/>"ENTERPRISER" = Microsoft Office Enterprise 2007 <br/>"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor <br/>"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10 <br/>"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) <br/>"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour <br/>"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein <br/>"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.1.0 <br/>"Logitech Vid" = Logitech Vid HD <br/>"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 <br/>"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US) <br/>"MozillaMaintenanceService" = Mozilla Maintenance Service <br/>"NewBlue Art Effects for PDR10" = Art Effects for PDR10 <br/>"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager <br/>"PunkBusterSvc" = PunkBuster Services <br/>"Steam App 34830" = Sniper: Ghost Warrior <br/>"Steam App 42700" = Call of Duty: Black Ops <br/>"Steam App 42710" = Call of Duty: Black Ops - Multiplayer <br/>"Telstra Mobile Broadband Manager" = Telstra Mobile Broadband Manager <br/>"uTorrent" = µTorrent <br/>"WinRAR archiver" = WinRAR 4.20 (32-bit) <br/> <br/>[color=#E56717]========== Last 20 Event Log Errors ==========[/color] <br/> <br/>[ Application Events ] <br/>Error - 31/10/2012 5:00:35 AM | Computer Name = USER-DCB363FC2E | Source = Application Hang | ID = 1002 <br/>Description = Hanging application TelstraUCM.exe, version 3.4.10414.0, hang module <br/> hungapp, version 0.0.0.0, hang address 0x00000000. <br/> <br/>Error - 12/11/2012 5:36:53 AM | Computer Name = USER-DCB363FC2E | Source = MsiInstaller | ID = 1013 <br/>Description = Product: Adobe Reader 6.0.1 -- Setup has detected that you already <br/> have a more functional product installed. Setup will now terminate. <br/> <br/>Error - 14/11/2012 3:52:16 AM | Computer Name = USER-DCB363FC2E | Source = ESENT | ID = 490 <br/>Description = svchost (1384) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" <br/> for read / write access failed with system error 32 (0x00000020): "The process <br/>cannot access the file because it is being used by another process. ". The open <br/> file operation will fail with error -1032 (0xfffffbf8). <br/> <br/>Error - 14/11/2012 3:52:45 AM | Computer Name = USER-DCB363FC2E | Source = ESENT | ID = 490 <br/>Description = svchost (1384) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" <br/> for read / write access failed with system error 32 (0x00000020): "The process <br/>cannot access the file because it is being used by another process. ". The open <br/> file operation will fail with error -1032 (0xfffffbf8). <br/> <br/>Error - 14/11/2012 3:56:39 AM | Computer Name = USER-DCB363FC2E | Source = Application Error | ID = 1000 <br/>Description = Faulting application trophyviewer.exe, version 0.0.0.0, faulting module <br/> trophyviewer.exe, version 0.0.0.0, fault address 0x0012b931. <br/> <br/>Error - 14/11/2012 4:07:35 AM | Computer Name = USER-DCB363FC2E | Source = MsiInstaller | ID = 1013 <br/>Description = Product: Adobe Reader 6.0.1 -- Setup has detected that you already <br/> have a more functional product installed. Setup will now terminate. <br/> <br/>Error - 14/11/2012 4:52:54 AM | Computer Name = USER-DCB363FC2E | Source = Application Error | ID = 1000 <br/>Description = Faulting application crysis2.exe, version 1.9.0.0, faulting module <br/> cryrenderd3d9.dll, version 1.9.0.0, fault address 0x001b8400. <br/> <br/>Error - 15/11/2012 7:07:50 AM | Computer Name = USER-DCB363FC2E | Source = Application Error | ID = 1000 <br/>Description = Faulting application dh2005.exe, version 0.0.0.0, faulting module <br/>dh2005.exe, version 0.0.0.0, fault address 0x0016de3a. <br/> <br/>Error - 16/11/2012 12:11:01 AM | Computer Name = USER-DCB363FC2E | Source = Application Error | ID = 1000 <br/>Description = Faulting application dh2005.exe, version 0.0.0.0, faulting module <br/>dh2005.exe, version 0.0.0.0, fault address 0x0016de3a. <br/> <br/>Error - 24/11/2012 6:21:19 AM | Computer Name = USER-DCB363FC2E | Source = Application Error | ID = 1000 <br/>Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting <br/> module mshtml.dll, version 6.0.2900.5512, fault address 0x000a60c8. <br/> <br/>[ System Events ] <br/>Error - 23/11/2012 7:55:06 PM | Computer Name = USER-DCB363FC2E | Source = Service Control Manager | ID = 7034 <br/>Description = The iPod Service service terminated unexpectedly. It has done this <br/> 1 time(s). <br/> <br/>Error - 23/11/2012 7:55:18 PM | Computer Name = USER-DCB363FC2E | Source = Service Control Manager | ID = 7034 <br/>Description = The PnkBstrA service terminated unexpectedly. It has done this 1 <br/>time(s). <br/> <br/>Error - 23/11/2012 8:15:51 PM | Computer Name = USER-DCB363FC2E | Source = Dhcp | ID = 1002 <br/>Description = The IP address lease 10.192.168.176 for the Network Card with network <br/> address 00A0C6000000 has been denied by the DHCP server 10.96.53.1 (The DHCP Server <br/> sent a DHCPNACK message). <br/> <br/>Error - 23/11/2012 8:28:33 PM | Computer Name = USER-DCB363FC2E | Source = Service Control Manager | ID = 7034 <br/>Description = The Skype C2C Service service terminated unexpectedly. It has done <br/> this 1 time(s). <br/> <br/>Error - 23/11/2012 8:28:33 PM | Computer Name = USER-DCB363FC2E | Source = Service Control Manager | ID = 7034 <br/>Description = The Process Monitor service terminated unexpectedly. It has done <br/>this 1 time(s). <br/> <br/>Error - 23/11/2012 8:31:11 PM | Computer Name = USER-DCB363FC2E | Source = Dhcp | ID = 1002 <br/>Description = The IP address lease 10.96.53.3 for the Network Card with network <br/>address 00A0C6000000 has been denied by the DHCP server 10.230.11.222 (The DHCP Server <br/> sent a DHCPNACK message). <br/> <br/>Error - 23/11/2012 8:47:01 PM | Computer Name = USER-DCB363FC2E | Source = PSched | ID = 14103 <br/>Description = QoS [Adapter {48CDCBF2-D74D-45D6-938A-B44660EF301B}]: The netcard driver <br/> failed the query for OID_GEN_LINK_SPEED. <br/> <br/>Error - 23/11/2012 8:47:01 PM | Computer Name = USER-DCB363FC2E | Source = Dhcp | ID = 1002 <br/>Description = The IP address lease 10.230.11.221 for the Network Card with network <br/> address 00A0C6000000 has been denied by the DHCP server 10.192.166.1 (The DHCP Server <br/> sent a DHCPNACK message). <br/> <br/>Error - 23/11/2012 9:06:24 PM | Computer Name = USER-DCB363FC2E | Source = Dhcp | ID = 1002 <br/>Description = The IP address lease 10.192.166.15 for the Network Card with network <br/> address 00A0C6000000 has been denied by the DHCP server 10.230.59.73 (The DHCP Server <br/> sent a DHCPNACK message). <br/> <br/>Error - 24/11/2012 7:04:11 PM | Computer Name = USER-DCB363FC2E | Source = Dhcp | ID = 1002 <br/>Description = The IP address lease 10.192.164.135 for the Network Card with network <br/> address 00A0C6000000 has been denied by the DHCP server 10.230.53.113 (The DHCP <br/>Server sent a DHCPNACK message). <br/> <br/> <br/>< End of report >
Posted 11/25/2012 12:33 PM
#94752
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Please give an update on how things are running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 11/26/2012 7:47 AM
#94759
User avatar

russ4570 Member

Date Joined Nov 2016
Total Posts: 5
No joy I'm afraid. I thought I was waiting for you to review the OTL files in my last post. Did I miss something. Just scanned the computer and same virus in same location. <br/> <br/>Is there something else I should do to assist your diagnosis? <br/> <br/>See attached word doc for a screen dump of the AVG search screen. <br/> <br/>Regards Russ
Post attachments:
Posted 11/26/2012 2:34 PM
#94761
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
>>>>> Did I miss something. <<<<< <br/> <br/>No, not at all, but there are no threats in the log, but we have to eliminate the "threat" <br/> <br/>I actually think it's a false positive, I´ll therefore suggest you have it checked here: <br/> <br/> <br/> <br/> <br/>Please upload and have the "infected" file scanned: <br/> <br/>Here: http://www.virustotal.com/ <br/> <br/>Post back the results.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 11/27/2012 6:36 AM
#94763
User avatar

russ4570 Member

Date Joined Nov 2016
Total Posts: 5
OK. Thanks for the help. <br/>I scanned the two files <br/>vgui2_s.dll & FileSystem_Steam.dll <br/>that were identified in the AVG report using the Virus Total that you recommended. <br/>Both came up negative. <br/>links to results below <br/>https://www.virustotal.com/file/0750fb4571c90522ca592096a9a40dca57d6a04e713202819914474682033148/analysis/1353997154/ <br/>https://www.virustotal.com/file/8189dc241ae33723ff4579d4067252679f0c01b1d009e5b222d22924b48070a6/analysis/ <br/> <br/>Thanks, whilst searching for help on his topic I has seen a few say that there have been false positives in steam recently (in last 30 days). I just assumed that steam and AVG would have fixed the errors in that time???
Posted 11/27/2012 6:21 PM
#94765
User avatar

John1992T Member

Date Joined Nov 2016
Total Posts: 1
Hello.. I saw this post and I have the exact same problem :( <br/>- I can't run steam without AVG noticing me that I have this Trojan Agent3.CKJE <br/>It really sucks and I can't play any games from steam :(
Posted 11/28/2012 5:57 AM
#94769
User avatar

Advanced member

I apologize for my intervention but this seems more an more like a false positive detection. <br/> <br/>I think it's better if you all contact AVG Support and see what they have to say about this. <br/> <br/>Cheers!
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Wednesday, December 7, 2016, 9:44 AM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 37,967 registered members. Please welcome our newest member, ConcepcionJAbbate.
There are currently no users on-line.