Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot access microsoft update, host process for windows services has

Started by SilverNightwing , Jun 07 2010 08:09 AM

  • This topic is locked This topic is locked

#31
ali.B
Posted 09 June 2010 - 09:47 AM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
  • 0

Advertisements

#32
SilverNightwing
Posted 09 June 2010 - 09:53 AM

SilverNightwing

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
OTL logfile....

OTL logfile created on: 09/06/2010 16:51:43 - Run 3
OTL by OldTimer - Version 3.2.5.3 Folder = c:\Users\Pete\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916.86 Gb Total Space | 661.00 Gb Free Space | 72.09% Space Free | Partition Type: NTFS
Drive D: | 14.63 Gb Total Space | 8.54 Gb Free Space | 58.34% Space Free | Partition Type: FAT32
Drive E: | 628.73 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 7.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: PETE-PC
Current User Name: Pete
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/07 14:18:02 | 000,571,904 | ---- | M] (OldTimer Tools) -- c:\Users\Pete\Downloads\OTL.exe
PRC - [2010/06/03 01:38:26 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/06/03 01:38:25 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/06/03 01:37:58 | 000,722,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/06/03 01:37:57 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/05/11 16:59:02 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/05/11 16:59:00 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/04/05 12:02:36 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/12 19:41:16 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2010/03/12 19:41:16 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/10/26 15:45:46 | 000,542,272 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
PRC - [2009/10/26 15:45:38 | 000,843,032 | ---- | M] () -- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
PRC - [2009/09/10 15:58:25 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2009/08/19 11:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 11:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/06 10:11:48 | 002,338,816 | ---- | M] () -- C:\INQ1 Modem\INQ1 Mobile Modem.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/02/13 13:52:10 | 004,915,200 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/13 16:36:46 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
PRC - [2007/10/15 09:15:08 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/10/15 09:14:48 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2007/05/28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (SafeList) ==========

MOD - [2010/06/07 14:18:02 | 000,571,904 | ---- | M] (OldTimer Tools) -- c:\Users\Pete\Downloads\OTL.exe
MOD - [2009/04/11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Stereo Service)
SRV - [2010/06/08 18:48:42 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/05/11 16:59:02 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/05/11 16:59:00 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/03/12 19:41:16 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/24 12:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


========== Driver Services (SafeList) ==========

DRV - [2010/06/08 17:55:26 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2010/06/03 01:38:26 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/03 01:38:25 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/05/11 16:59:00 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/04/03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/03/12 19:41:16 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2010/01/31 04:25:08 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/10/15 15:08:01 | 000,015,600 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009/08/21 21:24:04 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/01 20:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/03/19 20:11:52 | 000,103,680 | ---- | M] (AMOI Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\INQ1usbser.sys -- (INQ1usbser)
DRV - [2008/02/14 17:03:10 | 002,061,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/12 15:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/10/03 06:30:32 | 000,065,024 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qcusbser6k.sys -- (qcusbser6k)
DRV - [2007/10/03 06:30:32 | 000,065,024 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qcusbpcsync.sys -- (qcusbpcsync)
DRV - [2007/10/03 06:30:32 | 000,065,024 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qcusbnmea.sys -- (qcusbnmea)
DRV - [2007/10/03 06:30:32 | 000,065,024 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qcusbmdm6k.sys -- (qcusbmdm6k)
DRV - [2007/09/11 08:19:16 | 000,114,208 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/01/09 10:22:28 | 000,006,144 | ---- | M] (Chic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/08/28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006/08/28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B A5 3C 25 25 06 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/04/23 21:15:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/06/03 01:41:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/05 12:02:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/08 19:03:08 | 000,000,000 | ---D | M]

[2009/04/23 12:53:08 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\Mozilla\Extensions
[2010/06/08 21:22:11 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\Mozilla\Firefox\Profiles\4j46tnui.default\extensions
[2010/03/26 23:38:50 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\Pete\AppData\Roaming\Mozilla\Firefox\Profiles\4j46tnui.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/05/24 09:47:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Pete\AppData\Roaming\Mozilla\Firefox\Profiles\4j46tnui.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/24 09:47:23 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Pete\AppData\Roaming\Mozilla\Firefox\Profiles\4j46tnui.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/04/19 23:02:52 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Pete\AppData\Roaming\Mozilla\Firefox\Profiles\4j46tnui.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/09/23 22:56:11 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\Mozilla\Firefox\Profiles\4j46tnui.default\extensions\[email protected]
[2010/05/07 21:49:42 | 000,002,273 | ---- | M] () -- C:\Users\Pete\AppData\Roaming\Mozilla\Firefox\Profiles\4j46tnui.default\searchplugins\ask.xml
[2010/05/07 21:49:42 | 000,000,908 | ---- | M] () -- C:\Users\Pete\AppData\Roaming\Mozilla\Firefox\Profiles\4j46tnui.default\searchplugins\bing.xml
[2010/06/08 19:03:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/08 19:03:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/08 19:03:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/17 12:08:32 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/17 12:08:32 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/17 12:08:32 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/17 12:08:33 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/06/09 14:27:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Pete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Pete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Pete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk.disabled ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: adobe.com ([get] http in Trusted sites)
O15 - HKCU\..Trusted Domains: depositfiles.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: download.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: kingdomofloathing.com ([www2] http in Trusted sites)
O15 - HKCU\..Trusted Domains: kingdomofloathing.com ([www5] http in Trusted sites)
O15 - HKCU\..Trusted Domains: kingdomofloathing.com ([www6] http in Trusted sites)
O15 - HKCU\..Trusted Domains: kingdomofloathing.com ([www7] http in Trusted sites)
O15 - HKCU\..Trusted Domains: savefile.com ([www] http in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1275578454109 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://cdnimg.piczo....st_uploader.cab (Image Uploader Control)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Pete\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Pete\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003/08/11 20:57:37 | 000,000,209 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2008/09/12 19:56:36 | 000,172,032 | R--- | M] () - J:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/08/29 21:18:00 | 000,000,029 | R--- | M] () - J:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/09 14:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/06/09 14:33:22 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/06/09 14:33:22 | 000,000,000 | ---D | C] -- C:\Users\Pete\AppData\Local\temp
[2010/06/09 14:32:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/06/09 14:17:20 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/06/09 14:17:18 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/06/08 18:53:08 | 000,000,000 | ---D | C] -- C:\Users\Pete\Desktop\JavaRa
[2010/06/07 16:51:23 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/06/07 16:51:23 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/06/07 16:51:23 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/06/07 16:39:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/07 15:59:41 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/07 14:04:10 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/07 14:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/06 01:35:21 | 000,000,000 | ---D | C] -- C:\Users\Pete\SecurityScans
[2010/06/06 01:35:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Baseline Security Analyzer 2
[2010/06/06 01:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2010/06/04 02:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/06/04 02:05:34 | 000,000,000 | ---D | C] -- C:\Users\Pete\AppData\Roaming\uTorrent
[2010/06/03 16:38:25 | 000,000,000 | ---D | C] -- C:\Users\Pete\AppData\Roaming\Malwarebytes
[2010/06/03 16:38:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/03 16:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/03 16:38:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/03 16:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/03 13:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/06/03 13:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/06/03 13:30:45 | 000,000,000 | ---D | C] -- C:\Users\Pete\Documents\Simply Super Software
[2010/06/03 13:30:43 | 000,000,000 | ---D | C] -- C:\Users\Pete\AppData\Roaming\Simply Super Software
[2010/06/03 13:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/05/21 13:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/05/21 13:50:32 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/05/11 16:59:03 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/05/01 17:59:37 | 000,000,000 | ---D | C] -- C:\Users\Pete\Documents\My Spore Creations
[2010/05/01 17:59:21 | 000,000,000 | ---D | C] -- C:\Users\Pete\AppData\Roaming\SPORE
[2010/05/01 17:56:42 | 000,000,000 | RH-D | C] -- C:\Users\Pete\AppData\Roaming\SecuROM
[2010/05/01 16:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010/05/01 16:48:16 | 000,000,000 | ---D | C] -- C:\Users\Pete\AppData\Local\Downloaded Installations
[2010/05/01 15:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/04/05 21:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\POPWWPROFILES
[2010/04/05 21:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/04/03 22:55:32 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/03/21 01:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2009/05/18 05:03:07 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd2.dll
[2009/05/18 05:03:07 | 000,040,960 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd2.dll
[2009/05/18 05:03:07 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd2.dll

========== Files - Modified Within 90 Days ==========

[2010/06/09 16:53:16 | 007,340,032 | -HS- | M] () -- C:\Users\Pete\ntuser.dat
[2010/06/09 15:02:34 | 000,034,805 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/06/09 15:02:33 | 000,034,805 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/06/09 15:02:22 | 000,005,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/09 15:02:22 | 000,005,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/09 15:02:19 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/09 15:02:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/09 15:02:15 | 3219,517,440 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/09 14:53:15 | 002,672,312 | ---- | M] () -- C:\Users\Pete\Desktop\esetsmartinstaller_enu.exe
[2010/06/09 14:34:21 | 000,524,288 | -HS- | M] () -- C:\Users\Pete\ntuser.dat{db585d79-f202-11dd-ae45-ccdc24adaeb0}.TMContainer00000000000000000001.regtrans-ms
[2010/06/09 14:34:21 | 000,065,536 | -HS- | M] () -- C:\Users\Pete\ntuser.dat{db585d79-f202-11dd-ae45-ccdc24adaeb0}.TM.blf
[2010/06/09 14:27:32 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/06/09 14:27:29 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/06/09 13:59:30 | 060,860,587 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/06/09 00:45:47 | 003,220,750 | -H-- | M] () -- C:\Users\Pete\AppData\Local\IconCache.db
[2010/06/09 00:41:12 | 000,313,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/08 21:13:00 | 000,000,680 | ---- | M] () -- C:\Users\Pete\AppData\Local\d3d9caps.dat
[2010/06/08 18:52:29 | 000,071,798 | ---- | M] () -- C:\Users\Pete\Desktop\JavaRa.zip
[2010/06/08 17:55:26 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\netbt.sys
[2010/06/07 16:38:24 | 003,703,927 | R--- | M] () -- C:\Users\Pete\Desktop\Combo-Fix.exe
[2010/06/07 16:23:02 | 176,180,118 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/06/06 01:50:37 | 000,000,734 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100606-021717.backup
[2010/06/06 01:44:30 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/06/06 01:35:01 | 000,000,996 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.1.lnk
[2010/06/06 01:25:48 | 000,001,834 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2010/06/06 01:13:32 | 000,068,096 | ---- | M] () -- C:\Users\Pete\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/03 01:38:26 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/06/03 01:38:25 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/05/28 01:09:00 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010/05/21 13:58:06 | 000,000,215 | ---- | M] () -- C:\Users\Pete\Desktop\Altitude.url
[2010/05/21 13:56:51 | 000,000,790 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/05/12 00:33:02 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/05/11 16:59:03 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/05/11 16:59:00 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/05/01 17:56:32 | 000,001,086 | ---- | M] () -- C:\Users\Pete\Desktop\Spore.lnk
[2010/05/01 17:09:37 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010/05/01 17:09:26 | 000,003,076 | ---- | M] () -- C:\Windows\System32\ealregsnapshot1.reg
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe
[2010/04/13 19:00:49 | 000,002,057 | ---- | M] () -- C:\Users\Public\Desktop\Prince of Persia Warrior Within.lnk
[2010/04/13 18:43:41 | 000,385,963 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100603-013842.backup
[2010/04/03 22:55:32 | 000,056,424 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/04/03 22:55:32 | 000,007,772 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010/04/03 18:26:56 | 000,276,196 | ---- | M] () -- C:\Windows\System32\NvApps.xml
[2010/04/03 18:26:56 | 000,066,714 | ---- | M] () -- C:\Windows\System32\NvwsApps.xml
[2010/04/02 17:17:34 | 000,179,091 | ---- | M] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/28 05:06:49 | 000,381,019 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100413-184341.backup
[2010/03/24 00:58:38 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2010/03/21 16:46:08 | 000,016,896 | ---- | M] () -- C:\Users\Pete\Documents\Opening.doc
[2010/03/21 01:46:09 | 000,001,914 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk

========== Files Created - No Company Name ==========

[2010/06/09 14:53:04 | 002,672,312 | ---- | C] () -- C:\Users\Pete\Desktop\esetsmartinstaller_enu.exe
[2010/06/08 21:17:12 | 3219,517,440 | -HS- | C] () -- C:\hiberfil.sys
[2010/06/08 18:52:24 | 000,071,798 | ---- | C] () -- C:\Users\Pete\Desktop\JavaRa.zip
[2010/06/07 16:51:23 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/06/07 16:51:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/06/07 16:51:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/06/07 16:51:23 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/06/07 16:51:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/06/07 16:38:02 | 003,703,927 | R--- | C] () -- C:\Users\Pete\Desktop\Combo-Fix.exe
[2010/06/06 01:35:01 | 000,000,996 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.1.lnk
[2010/06/06 01:25:48 | 000,001,834 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2010/06/03 13:30:45 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/06/03 13:30:45 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar3.dll
[2010/06/03 13:30:45 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/06/03 13:30:45 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/05/28 01:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/05/21 13:58:06 | 000,000,215 | ---- | C] () -- C:\Users\Pete\Desktop\Altitude.url
[2010/05/21 13:50:35 | 000,000,790 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/05/01 17:56:32 | 000,001,086 | ---- | C] () -- C:\Users\Pete\Desktop\Spore.lnk
[2010/05/01 16:48:58 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010/05/01 16:48:35 | 000,003,076 | ---- | C] () -- C:\Windows\System32\ealregsnapshot1.reg
[2010/04/13 19:00:49 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\Prince of Persia Warrior Within.lnk
[2010/04/03 22:55:32 | 000,007,772 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010/04/03 18:26:56 | 000,276,196 | ---- | C] () -- C:\Windows\System32\NvApps.xml
[2010/04/03 18:26:56 | 000,066,714 | ---- | C] () -- C:\Windows\System32\NvwsApps.xml
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/21 16:45:38 | 000,016,896 | ---- | C] () -- C:\Users\Pete\Documents\Opening.doc
[2010/03/21 02:23:54 | 000,230,424 | ---- | C] () -- C:\img2-001.raw
[2010/03/21 01:46:09 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2009/10/15 20:44:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009/09/25 11:33:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/25 11:33:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\netbt.sys
[2009/08/20 14:11:39 | 000,000,023 | ---- | C] () -- C:\Windows\System32\PCSuiteConfigFile.ini
[2009/08/20 14:11:39 | 000,000,000 | ---- | C] () -- C:\Windows\System32\PCSuiteShareFile.ini
[2009/08/20 14:11:39 | 000,000,000 | ---- | C] () -- C:\Windows\System32\PCSuiteParamFile.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/07/29 19:09:34 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
[2009/06/26 18:21:02 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2009/06/23 01:29:25 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/06/23 01:29:25 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/18 05:03:14 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsnpstd2.dll
[2009/05/18 05:03:14 | 000,015,541 | ---- | C] () -- C:\Windows\snpstd2.ini
[2009/05/18 05:03:09 | 000,302,720 | ---- | C] () -- C:\Windows\System32\drivers\snpstd2.sys
[2009/04/30 17:48:03 | 000,000,030 | ---- | C] () -- C:\Windows\BOBBLESAVE.ini
[2009/03/23 00:40:38 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/10/26 20:38:08 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2008/09/06 00:19:38 | 000,000,374 | ---- | C] () -- C:\Windows\wininit.ini
[2008/08/16 21:17:15 | 000,000,770 | ---- | C] () -- C:\Windows\Sof2.INI
[2008/07/30 22:43:58 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2009/04/23 21:39:49 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\BSplayer
[2009/02/04 19:02:25 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\BSplayer Pro
[2010/01/31 04:34:53 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\DAEMON Tools Lite
[2008/11/30 21:54:52 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\Nokia
[2010/01/28 16:44:21 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\OpenOffice.org
[2009/01/02 17:24:14 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\Opera
[2008/08/04 15:53:38 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\PC Suite
[2010/06/03 13:35:40 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\Simply Super Software
[2010/05/01 18:00:00 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\SPORE
[2009/10/15 14:54:12 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\SystemRequirementsLab
[2008/10/26 18:21:40 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\Template
[2010/06/06 01:13:10 | 000,000,000 | ---D | M] -- C:\Users\Pete\AppData\Roaming\uTorrent
[2010/06/09 14:34:22 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >
  • 0

#33
ali.B
Posted 09 June 2010 - 10:12 AM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Yes you may remove the online scanner.

Congratulations your logs appear clean :)

Reset and Re-enable your System Restore

The following will implement some cleanup procedures as well as reset System Restore points:
  • Click START then RUN
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    Posted Image

NEXT

  • Open OTL to run it. (Vista users, right click on OTL and "Run as administrator")
  • Click on the CleanUp button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes


Recommendations

See Here for a list of recommendations for free Antivirus\AntiSpyware applications.


  • Keep Your windows up to date by regularly checking their website at:
    http://windowsupdate.microsoft.com/

  • SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.

  • SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.


  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

  • Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
    secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
    blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
    Here

    If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.
    • NoScript - for blocking ads and other potential website attacks
    • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling

  • Click Here to learn how to keep a backup of your important files

  • FileHippo Update Checkker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.


Thank you :)
  • 0

#34
SilverNightwing
Posted 09 June 2010 - 11:16 AM

SilverNightwing

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Thankyou! Thankyou so much. I'm incredibly grateful, and I'll pass on the word to others with pc problems. You're brilliant.

Problem solved.

Silver
  • 0

#35
ali.B
Posted 09 June 2010 - 11:17 AM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP