2 OTL logs and the TDSSKiller log below
OTL logfile created on: 23/02/2012 6:28:33 PM - Run 2
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
3.25 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 77.44% Memory free
4.59 Gb Paging File | 3.91 Gb Available in Paging File | 85.21% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 41.05 Gb Free Space | 27.54% Space Free | Partition Type: NTFS
Drive E: | 586.62 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: WIZZCOM | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/02/19 16:43:02 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2012/01/19 10:16:20 | 000,324,976 | ---- | M] (SpeechGrid) -- C:\Program Files\SpeechGrid\SpeechGrid.exe
PRC - [2012/01/19 10:16:20 | 000,055,664 | ---- | M] (SpeechGrid) -- C:\Program Files\SpeechGrid\SpeechGridService.exe
PRC - [2011/10/11 15:00:32 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/11 15:00:20 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/10/11 15:00:08 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/11 15:00:08 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/07/29 09:38:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/04/08 08:58:56 | 000,788,992 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2011/02/25 14:59:52 | 000,073,728 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\AthServer.exe
PRC - [2010/12/27 10:30:00 | 000,499,796 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2010/06/21 15:02:00 | 000,308,640 | ---- | M] (Panasonic Corporation) -- C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
PRC - [2009/07/24 23:18:19 | 000,091,440 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2009/03/29 07:41:38 | 003,325,952 | ---- | M] (Electronic Arts) -- C:\Program Files\Electronic Arts\EADM\Core.exe
PRC - [2008/05/02 03:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 03:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/14 10:42:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/11 13:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2006/08/03 14:29:02 | 000,244,520 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
PRC - [2006/08/03 10:44:52 | 000,529,968 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
PRC - [2006/04/10 14:24:20 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
PRC - [2006/03/28 05:13:26 | 000,069,632 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2006/03/21 08:23:38 | 000,327,680 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2005/12/01 16:06:52 | 000,327,680 | ---- | M] (Telstra) -- C:\Program Files\Telstra\Toolbar\bpumTray.exe
PRC - [2005/01/31 10:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ========== MOD - [2012/02/20 21:38:41 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
MOD - [2012/02/20 21:37:55 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll
MOD - [2012/02/20 21:37:46 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll
MOD - [2012/02/20 21:37:11 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012/02/20 20:55:10 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012/02/20 20:54:55 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012/02/20 20:53:59 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012/02/20 20:52:27 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
MOD - [2012/02/20 20:44:12 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012/02/19 17:28:27 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/11/04 01:58:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/13 22:46:50 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/11 15:00:22 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/07/29 09:39:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 09:38:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/24 23:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 23:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/08 16:38:44 | 001,410,048 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2011/04/08 08:58:56 | 000,788,992 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2011/02/25 14:59:52 | 000,073,728 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\AthServer.exe
MOD - [2011/01/12 13:44:48 | 000,167,424 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
MOD - [2010/12/27 10:30:02 | 000,231,424 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WjAth.dll
MOD - [2010/12/27 10:30:02 | 000,024,576 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\IAthWcAPI.dll
MOD - [2009/07/24 23:18:15 | 000,064,664 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.87-8876480SL\Program\clntutil.dll
MOD - [2008/04/14 10:42:03 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/14 10:41:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 10:41:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/06/09 14:37:54 | 000,034,304 | ---- | M] () -- C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
MOD - [2006/06/09 14:37:42 | 000,064,000 | ---- | M] () -- C:\Program Files\Canon\Easy-WebPrint\EWPCore.dll
MOD - [2005/12/01 14:34:24 | 000,061,440 | ---- | M] () -- C:\Program Files\Telstra\Toolbar\bpumRes.dll
========== Win32 Services (SafeList) ========== SRV - [2012/01/19 10:16:20 | 000,055,664 | ---- | M] (SpeechGrid) [Auto | Running] -- C:\Program Files\SpeechGrid\SpeechGridService.exe -- (SpeechGridService)
SRV - [2011/10/11 15:00:20 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 15:00:08 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/12/27 10:30:00 | 000,499,796 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2010/12/27 10:29:56 | 000,360,529 | ---- | M] (wireless) [On_Demand | Stopped] -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe -- (jswpsapi)
SRV - [2010/01/26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/05/02 03:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/04/14 10:42:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2005/01/31 10:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ========== DRV - [2012/02/19 16:34:46 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/02/12 22:29:06 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/10/11 15:00:32 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/11 15:00:32 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/12/27 10:30:00 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2010/12/27 10:29:58 | 000,057,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2010/12/03 11:08:42 | 001,756,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2010/07/29 00:25:42 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/02/11 22:32:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/01/08 10:42:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/09/01 03:05:02 | 001,060,224 | ---- | M] (Compro Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VMHybrid.sys -- (VMHybrid)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/05/06 16:31:50 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2008/04/14 05:16:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/02/29 04:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/02/29 04:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 04:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/02/27 15:31:28 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/08/23 02:08:28 | 000,003,712 | ---- | M] (Logitech Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2006/07/19 13:29:08 | 000,027,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2006/07/19 13:28:56 | 000,071,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2006/07/19 13:27:46 | 000,055,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2006/07/19 13:27:26 | 000,013,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2006/06/22 04:54:12 | 000,004,501 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2006/01/27 11:49:56 | 000,167,296 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wfcxvcap.sys -- (WFCXVCAP)
DRV - [2006/01/27 11:48:56 | 000,021,248 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wfcxdtun.sys -- (wfcxdtun)
DRV - [2006/01/27 11:47:26 | 000,010,368 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wfcxxbar.sys -- (wfcxxbar)
DRV - [2006/01/27 11:46:46 | 000,015,872 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wfcxtcap.sys -- (wfcxtcap)
DRV - [2005/12/09 19:18:40 | 004,123,136 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/05/27 20:16:22 | 000,913,280 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2005/05/27 20:08:00 | 000,007,136 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005/05/27 20:01:28 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/01/05 05:13:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/12/07 11:25:20 | 000,126,720 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.com/?ocid=OIE8HP&PC=B8DFIE - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?ocid=OIE8HP&PC=B8DFIE - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin: C:\Program Files\Musicnotes\npsibelius.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2009/05/24 17:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2009/05/24 17:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2012/02/02 14:00:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\k1ix5eay.default\extensions
[2006/07/11 22:32:45 | 000,000,000 | ---D | M] ("Google Toolbar for Firefox") -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\k1ix5eay.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/08/26 21:24:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/07/02 22:21:41 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/07/25 20:46:08 | 000,000,703 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.png
[2007/07/25 20:46:08 | 000,000,531 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.src
O1 HOSTS File: ([2009/09/27 20:22:51 | 000,334,518 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11488 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ActivateBand Class) - {4C7B6DE1-99A4-4CF1-8B44-68889900E1D0} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll (Telstra)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (BigPond Toolbar) - {7A431EC4-CC21-4DF7-9DB1-A2CF74C4CC98} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll (Telstra)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\..\Toolbar\WebBrowser: (BigPond Toolbar) - {7A431EC4-CC21-4DF7-9DB1-A2CF74C4CC98} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll (Telstra)
O3 - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BigPond Toolbar] C:\Program Files\Telstra\Toolbar\bpumTray.exe (Telstra)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SpeechGrid] C:\Program Files\SpeechGrid\SpeechGrid.exe (SpeechGrid)
O4 - HKLM..\Run: [SW20] C:\WINDOWS\system32\sw20.exe ()
O4 - HKLM..\Run: [SW24] C:\WINDOWS\system32\sw24.exe ()
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-1177238915-1979792683-839522115-1003..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1177238915-1979792683-839522115-1003..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HD Writer.lnk = C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NCProTray.lnk = C:\Program Files\SEC\Natural Color Pro\NCProTray.exe (Samsung)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF}
http://www.ipix.com/download/ipixx.cab (Reg Error: Key error.)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E}
http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
http://messenger.zone.msn.com/binary/ms ... b56986.cab (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134}
http://lads.myspace.com/upload/MySpaceUploader1006.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab (Reg Error: Key error.)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE}
http://www.nvidia.com/content/DriverDow ... eqlab2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zone.msn.com/binary/Me ... b56907.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {F1D54B0B-B6EA-43B5-BD26-A79D3DBF47E3}
http://bigpondmusic.com/activex/multidownx.cab (Reg Error: Key error.)
O16 - DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691}
http://www.iolo.com/app/ocx/UpgradeVerify.ocx (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFBACA04-E111-4ED6-A710-72FDFE9FAAFD}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logitech\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/22 04:37:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/02/28 22:30:00 | 000,000,110 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{2ac87e50-0dd5-11dc-b207-0016e64a35fe}\Shell - "" = AutoRun
O33 - MountPoints2\{2ac87e50-0dd5-11dc-b207-0016e64a35fe}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2ac87e50-0dd5-11dc-b207-0016e64a35fe}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (smrgdf C:\Program Files\iolo\System Mechanic 6\)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2012/02/21 17:42:00 | 004,729,344 | ---- | C] (AVAST Software) -- C:\Documents and Settings\User\Desktop\aswMBR.exe
[2012/02/21 17:37:30 | 002,060,336 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\User\Desktop\tdsskiller.exe
[2012/02/20 21:22:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/20 21:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/02/20 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/02/20 21:12:35 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\User\Desktop\erunt-setup.exe
[2012/02/19 16:42:51 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2012/02/18 15:54:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\User\My Documents\My Videos
[2012/02/18 15:53:53 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\User\Desktop\dds.scr
[2012/02/12 22:29:06 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/02/12 00:06:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\TV Series
[2012/02/12 00:05:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Bluetooth Exchange Folder
[2012/02/11 14:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/02/10 22:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData
[2012/02/10 22:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2012/02/10 22:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Electronic Arts
[2012/02/10 22:05:48 | 000,447,752 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2012/02/10 22:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2012/02/10 22:05:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Electronic Arts
[2012/02/10 21:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2012/02/10 18:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\TP-LINK
[2012/02/10 18:52:33 | 000,405,582 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\jswscsup.dll
[2012/02/10 18:52:33 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\jswscimd.sys
[2012/02/10 18:52:33 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\jswscimd.sys
[2012/02/10 18:52:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TP-LINK
[2012/02/10 18:52:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Application Data\Atheros
[2012/02/10 18:52:27 | 000,499,796 | ---- | C] (Atheros) -- C:\WINDOWS\System32\acs.exe
[2012/02/10 18:52:12 | 001,269,854 | ---- | C] (Devicescape) -- C:\WINDOWS\System32\dsa.dll
[2012/02/10 18:52:12 | 000,254,022 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsfwDS.dll
[2012/02/10 18:52:12 | 000,249,924 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.dll
[2012/02/10 18:52:12 | 000,082,017 | ---- | C] (Devicescape, Inc.) -- C:\WINDOWS\System32\dsaNac.dll
[2012/02/10 18:52:12 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.sys
[2012/02/10 18:52:12 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\wsimd.sys
[2012/02/10 18:52:09 | 000,405,504 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapi.dll
[2012/02/10 18:52:09 | 000,360,539 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapiU.dll
[2012/02/10 18:52:09 | 000,311,390 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20U.dll
[2012/02/10 18:52:09 | 000,237,568 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20.dll
[2012/02/10 18:52:09 | 000,127,079 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20resU.dll
[2012/02/10 18:52:09 | 000,127,053 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20res.dll
[2012/02/10 18:52:08 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2012/02/10 18:51:43 | 001,756,384 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athuw.sys
[2012/02/10 18:51:43 | 001,756,384 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athuw.sys
[2012/02/10 18:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TP-LINK
[2012/02/02 14:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Systweak
[2012/02/02 14:00:08 | 000,017,280 | ---- | C] (Systweak Inc., (
www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2012/02/01 14:26:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\SpeechGrid
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/02/23 18:19:20 | 000,000,053 | ---- | M] () -- C:\biosinfo
[2012/02/23 18:18:18 | 000,194,025 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/02/23 18:17:29 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/02/23 18:17:22 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/23 18:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/21 18:09:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2012/02/21 17:59:48 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\User\Desktop\MBR.dat
[2012/02/21 17:42:09 | 004,729,344 | ---- | M] (AVAST Software) -- C:\Documents and Settings\User\Desktop\aswMBR.exe
[2012/02/21 17:37:36 | 002,060,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\User\Desktop\tdsskiller.exe
[2012/02/20 21:17:01 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\User\Desktop\ERUNT.lnk
[2012/02/20 21:15:48 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\User\Desktop\erunt-setup.exe
[2012/02/20 20:59:19 | 000,684,297 | ---- | M] () -- C:\Documents and Settings\User\Desktop\unhide.exe
[2012/02/20 20:42:59 | 000,313,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/19 17:29:04 | 000,435,276 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/19 17:29:04 | 000,068,276 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/19 17:18:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/19 16:43:02 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2012/02/19 16:34:46 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012/02/18 15:54:06 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\User\Desktop\dds.scr
[2012/02/13 17:09:34 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/02/13 17:03:45 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012/02/13 17:03:45 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012/02/12 22:29:06 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/02/12 22:28:42 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/12 20:40:05 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/02/12 15:23:33 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/02/12 14:00:06 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/02/12 12:46:02 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/02/12 00:32:15 | 000,138,240 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/12 00:04:26 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/02/11 22:17:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2012/02/11 10:10:03 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/02/10 18:52:33 | 000,001,928 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2012/02/06 19:24:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/02 14:00:37 | 000,000,237 | ---- | M] () -- C:\user.js
[2012/02/01 14:27:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/02/21 17:59:48 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\User\Desktop\MBR.dat
[2012/02/20 21:17:01 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\User\Desktop\ERUNT.lnk
[2012/02/20 20:58:49 | 000,684,297 | ---- | C] () -- C:\Documents and Settings\User\Desktop\unhide.exe
[2012/02/11 22:17:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2012/02/10 22:06:33 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\EA Download Manager.lnk
[2012/02/10 18:52:33 | 000,035,967 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.cat
[2012/02/10 18:52:33 | 000,035,538 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.cat
[2012/02/10 18:52:33 | 000,005,529 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.inf
[2012/02/10 18:52:33 | 000,002,231 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.inf
[2012/02/10 18:52:33 | 000,001,928 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2012/02/10 18:52:27 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2012/02/10 18:52:12 | 000,042,067 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.cat
[2012/02/10 18:52:12 | 000,042,052 | ---- | C] () -- C:\WINDOWS\System32\wsimd.cat
[2012/02/10 18:52:12 | 000,005,363 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.inf
[2012/02/10 18:52:12 | 000,002,179 | ---- | C] () -- C:\WINDOWS\System32\wsimd.inf
[2012/02/10 18:52:09 | 000,422,000 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2012/02/10 18:51:43 | 000,039,369 | ---- | C] () -- C:\WINDOWS\System32\netathuw.inf
[2012/02/10 18:51:43 | 000,007,488 | ---- | C] () -- C:\WINDOWS\System32\netathuw.cat
[2012/02/02 14:00:37 | 000,000,237 | ---- | C] () -- C:\user.js
[2012/01/30 10:05:38 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\SpeechGrid.lnk
[2011/10/18 17:38:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/10 11:00:29 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/10 11:00:29 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/11/27 22:12:08 | 000,138,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/11/27 22:11:59 | 000,202,448 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/11/27 22:11:53 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/10/17 16:32:27 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2008/09/20 17:44:25 | 000,000,085 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/02/16 20:46:37 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sowdp88.dat
[2006/12/13 19:51:02 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2006/10/25 22:12:11 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\User\Application Data\$_hpcst$.hpc
[2006/06/23 23:25:01 | 000,025,157 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Comma Separated Values (Windows).ADR
[2006/06/23 23:24:43 | 000,009,163 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Comma Separated Values (Windows).EML
[2006/06/22 22:11:53 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
< End of report >
OTL Extras logfile created on: 23/02/2012 6:28:33 PM - Run 2
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
3.25 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 77.44% Memory free
4.59 Gb Paging File | 3.91 Gb Available in Paging File | 85.21% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 41.05 Gb Free Space | 27.54% Space Free | Partition Type: NTFS
Drive E: | 586.62 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: WIZZCOM | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- "C:\Program Files\Opera\Opera.exe" "%1"
[HKEY_USERS\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\opera.exe"
https [open] -- "C:\Program Files\Opera\opera.exe"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Call of Duty\CoDMP.exe" = C:\Call of Duty\CoDMP.exe:*:Enabled:CoDMP
"C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe" = C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe" = C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe" = C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{025C3792-E9C6-432A-92C1-661F99D021CA}" = Ulead Photo Explorer 8.5 SE
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1E2F8094-9DCD-4B87-ADB3-25CC5A0442FF}" = Roxio Backup MyPC
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 21
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3759CC1E-8259-4B0D-862A-078EABFFD97F}" = HP Officejet Pro 8500 A910 Product Improvement Study
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AE5A1B4-D6AE-48D4-A07F-46A806CD53E6}" = HP Officejet Pro 8500 A910 Basic Device Software
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4FBEE8F4-40C1-4DFD-9D53-8CD14622B0DD}" = VideoMate Hybrid TV driver
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{51D7C8E7-A7CB-46F9-B959-EFE6D59DDBE8}" = HD Writer PE 1.0
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{62FE0726-9652-4CD2-9F09-C769D8699C21}" = TL-WN822N Driver
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DE9C4EE-086C-443E-B75E-429751261B05}" = BigPond Broadband Cable
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D2B090D-5E2F-4ED3-9CFF-3730CF0DBE5C}" = VideoMate Hybrid TV driver
"{80530625-7FE2-4FB1-A546-49C674DD665D}" = SpamMATTERS
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8357F925-6FD4-4F00-B686-D0C3C166A34F}" = VideoMate Hybrid TV driver
"{86BB059D-1231-457B-B88F-F9B315A18F90}" = Windows Vista Upgrade Advisor
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}" = HP Officejet Pro 8500 A910 Help
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2C1E44-7685-4D05-8342-B0DC6422FA47}" = Ulead Disc-Direct SDK
"{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}" = Ulead VideoStudio 9.0 SE DVD
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager
"{BE4AA694-815A-4045-BD49-C94F2BED7458}" = WinFast Entertainment Center
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast DTV
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D40491E3-35AB-4757-B1F0-94C9100C2F4E}" = Line Speed Meter
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{E063D6FC-1BD7-4653-BDB8-0A3149258B23}" = BigPond Toolbar
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}" = Windows Resource Kit Tools
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows Driver Package - Nokia Modem (05/22/2008 3.
"Cucusoft MPEG to DVD Burner_is1" = Cucusoft MPEG to DVD Burner 3.21
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"EADM" = EA Download Manager
"Easy-WebPrint" = Easy-WebPrint
"ERUNT_is1" = ERUNT 1.1j
"FLV Player1.33T" = FLV Player
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"KLiteCodecPack_is1" = K-Lite Codec Pack
"Logitech Print Service" = Logitech Print Service
"MDI VIew" = MDI VIew 1.0.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.5.5
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = NeroVision Express 3
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMIX!UninstallKey" = NeroMIX
"NVIDIA Drivers" = NVIDIA Drivers
"PQ_DVD_to_iPod_Video_Converter" = PQ DVD to iPod Video Converter (remove only)
"QcDrv" = Logitech® Camera Driver
"SpeechGrid" = SpeechGrid
"SystemRequirementsLab" = System Requirements Lab
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1177238915-1979792683-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Stamp Search" = Stamp Search
========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
17:37:38.0671 2640 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
17:37:39.0343 2640 ============================================================
17:37:39.0343 2640 Current date / time: 2012/02/21 17:37:39.0343
17:37:39.0343 2640 SystemInfo:
17:37:39.0343 2640
17:37:39.0343 2640 OS Version: 5.1.2600 ServicePack: 3.0
17:37:39.0343 2640 Product type: Workstation
17:37:39.0343 2640 ComputerName: WIZZCOM
17:37:39.0343 2640 UserName: User
17:37:39.0343 2640 Windows directory: C:\WINDOWS
17:37:39.0343 2640 System windows directory: C:\WINDOWS
17:37:39.0343 2640 Processor architecture: Intel x86
17:37:39.0343 2640 Number of processors: 2
17:37:39.0343 2640 Page size: 0x1000
17:37:39.0343 2640 Boot type: Normal boot
17:37:39.0343 2640 ============================================================
17:37:41.0796 2640 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:37:41.0796 2640 \Device\Harddisk0\DR0:
17:37:41.0796 2640 MBR used
17:37:41.0796 2640 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
17:37:41.0828 2640 Initialize success
17:37:41.0828 2640 ============================================================
17:37:59.0515 2304 ============================================================
17:37:59.0515 2304 Scan started
17:37:59.0515 2304 Mode: Manual;
17:37:59.0515 2304 ============================================================
17:38:01.0406 2304 Abiosdsk - ok
17:38:01.0656 2304 abp480n5 - ok
17:38:02.0000 2304 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:38:02.0000 2304 ACPI - ok
17:38:02.0281 2304 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:38:02.0296 2304 ACPIEC - ok
17:38:02.0562 2304 adpu160m - ok
17:38:02.0875 2304 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:38:02.0875 2304 aec - ok
17:38:03.0187 2304 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:38:03.0187 2304 AFD - ok
17:38:03.0437 2304 Aha154x - ok
17:38:03.0687 2304 aic78u2 - ok
17:38:03.0937 2304 aic78xx - ok
17:38:04.0203 2304 AliIde - ok
17:38:04.0453 2304 amsint - ok
17:38:05.0296 2304 AR9271 (8dbeb23baf83d7161a69503bd5fc0162) C:\WINDOWS\system32\DRIVERS\athuw.sys
17:38:05.0781 2304 AR9271 - ok
17:38:06.0031 2304 asc - ok
17:38:06.0281 2304 asc3350p - ok
17:38:06.0531 2304 asc3550 - ok
17:38:06.0812 2304 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
17:38:06.0812 2304 Aspi32 - ok
17:38:07.0093 2304 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:38:07.0093 2304 AsyncMac - ok
17:38:07.0375 2304 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:38:07.0390 2304 atapi - ok
17:38:07.0640 2304 Atdisk - ok
17:38:07.0937 2304 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:38:07.0968 2304 Atmarpc - ok
17:38:08.0250 2304 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:38:08.0250 2304 audstub - ok
17:38:08.0562 2304 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:38:08.0562 2304 avgntflt - ok
17:38:08.0875 2304 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:38:08.0875 2304 avipbb - ok
17:38:09.0156 2304 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:38:09.0156 2304 avkmgr - ok
17:38:09.0484 2304 b57w2k (9948740f9043aca23b8fddf8b9651160) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
17:38:09.0484 2304 b57w2k - ok
17:38:09.0765 2304 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:38:09.0765 2304 Beep - ok
17:38:09.0906 2304 catchme - ok
17:38:10.0187 2304 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:38:10.0187 2304 cbidf2k - ok
17:38:10.0453 2304 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:38:10.0453 2304 CCDECODE - ok
17:38:10.0703 2304 cd20xrnt - ok
17:38:10.0984 2304 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:38:10.0984 2304 Cdaudio - ok
17:38:11.0265 2304 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:38:11.0265 2304 Cdfs - ok
17:38:11.0546 2304 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:38:11.0546 2304 Cdrom - ok
17:38:11.0796 2304 Changer - ok
17:38:12.0046 2304 CmdIde - ok
17:38:12.0328 2304 Cpqarray - ok
17:38:12.0578 2304 dac2w2k - ok
17:38:12.0859 2304 dac960nt - ok
17:38:13.0156 2304 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:38:13.0171 2304 Disk - ok
17:38:13.0765 2304 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:38:14.0031 2304 dmboot - ok
17:38:14.0390 2304 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:38:14.0453 2304 dmio - ok
17:38:14.0718 2304 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:38:14.0734 2304 dmload - ok
17:38:15.0015 2304 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:38:15.0015 2304 DMusic - ok
17:38:15.0296 2304 dpti2o - ok
17:38:15.0562 2304 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:38:15.0562 2304 drmkaud - ok
17:38:15.0859 2304 drvmcdb (381f95341248d5ea8b91ea8793846ee7) C:\WINDOWS\system32\drivers\drvmcdb.sys
17:38:15.0906 2304 drvmcdb - ok
17:38:16.0218 2304 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:38:16.0218 2304 Fastfat - ok
17:38:16.0484 2304 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:38:16.0484 2304 Fdc - ok
17:38:16.0765 2304 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:38:16.0765 2304 Fips - ok
17:38:17.0015 2304 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:38:17.0015 2304 Flpydisk - ok
17:38:17.0312 2304 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:38:17.0359 2304 FltMgr - ok
17:38:17.0640 2304 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
17:38:17.0718 2304 FsUsbExDisk - ok
17:38:17.0984 2304 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:38:17.0984 2304 Fs_Rec - ok
17:38:18.0281 2304 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:38:18.0328 2304 Ftdisk - ok
17:38:18.0406 2304 gdrv (ec2539f4c674bd9e1ac2187101ee77cc) C:\WINDOWS\gdrv.sys
17:38:19.0093 2304 gdrv - ok
17:38:19.0421 2304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
17:38:19.0421 2304 GEARAspiWDM - ok
17:38:19.0421 2304 GMSIPCI - ok
17:38:19.0718 2304 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:38:19.0718 2304 Gpc - ok
17:38:20.0046 2304 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:38:20.0046 2304 HDAudBus - ok
17:38:20.0312 2304 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:38:20.0312 2304 HidUsb - ok
17:38:20.0578 2304 hpn - ok
17:38:20.0953 2304 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:38:20.0968 2304 HTTP - ok
17:38:21.0218 2304 i2omgmt - ok
17:38:21.0468 2304 i2omp - ok
17:38:21.0765 2304 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:38:21.0765 2304 i8042prt - ok
17:38:22.0046 2304 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:38:22.0046 2304 Imapi - ok
17:38:22.0312 2304 ini910u - ok
17:38:23.0890 2304 IntcAzAudAddService (b12a9fc49cd2765a43829d834f518aed) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:38:23.0921 2304 IntcAzAudAddService - ok
17:38:24.0187 2304 IntelIde - ok
17:38:24.0468 2304 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:38:24.0468 2304 intelppm - ok
17:38:24.0734 2304 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:38:24.0734 2304 Ip6Fw - ok
17:38:25.0031 2304 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:38:25.0046 2304 IpFilterDriver - ok
17:38:25.0328 2304 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:38:25.0343 2304 IpInIp - ok
17:38:25.0656 2304 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:38:25.0671 2304 IpNat - ok
17:38:25.0937 2304 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:38:25.0953 2304 IPSec - ok
17:38:26.0203 2304 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:38:26.0203 2304 IRENUM - ok
17:38:26.0484 2304 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:38:26.0515 2304 isapnp - ok
17:38:26.0796 2304 ivusb (de96bbf842059a67d876b692076d8875) C:\WINDOWS\system32\DRIVERS\ivusb.sys
17:38:26.0812 2304 ivusb - ok
17:38:27.0109 2304 JSWSCIMD (ad67795900aa8c05cc4570f5349e0639) C:\WINDOWS\system32\DRIVERS\jswscimd.sys
17:38:27.0125 2304 JSWSCIMD - ok
17:38:27.0390 2304 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:38:27.0390 2304 Kbdclass - ok
17:38:27.0656 2304 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:38:27.0656 2304 kbdhid - ok
17:38:27.0968 2304 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:38:27.0984 2304 kmixer - ok
17:38:28.0265 2304 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:38:28.0265 2304 KSecDD - ok
17:38:28.0562 2304 L8042Kbd (0f5ae6805ef05dbbe205e5b196cadf31) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
17:38:28.0578 2304 L8042Kbd - ok
17:38:28.0843 2304 L8042mou (ee1c6c057a83f93ad9ae7cdf12f0baa0) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
17:38:28.0875 2304 L8042mou - ok
17:38:28.0906 2304 Lavasoft Kernexplorer - ok
17:38:29.0187 2304 Lbd - ok
17:38:29.0453 2304 LBeepKE (8a46225365a3e9d55cb8a7f27f016ba4) C:\WINDOWS\system32\Drivers\LBeepKE.sys
17:38:29.0453 2304 LBeepKE - ok
17:38:29.0718 2304 lbrtfdc - ok
17:38:30.0000 2304 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
17:38:30.0000 2304 LHidFilt - ok
17:38:30.0281 2304 LHidKe (eaed22460dad9ccd9c9a58c78e717497) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
17:38:30.0296 2304 LHidKe - ok
17:38:30.0578 2304 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
17:38:30.0593 2304 LMouFilt - ok
17:38:30.0875 2304 LMouKE (d1fd76ea56cd653d7b55a0fac96ee416) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
17:38:30.0906 2304 LMouKE - ok
17:38:31.0187 2304 LUsbFilt (144011d14bd35f4e36136ae057b1aadd) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
17:38:31.0187 2304 LUsbFilt - ok
17:38:31.0484 2304 LVUSBSta (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\drivers\lvusbsta.sys
17:38:31.0484 2304 LVUSBSta - ok
17:38:31.0781 2304 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
17:38:31.0796 2304 MBAMSwissArmy - ok
17:38:32.0062 2304 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:38:32.0062 2304 mnmdd - ok
17:38:32.0359 2304 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:38:32.0375 2304 Modem - ok
17:38:32.0640 2304 motmodem (5023875a94b0766d98a62a72bc4cb055) C:\WINDOWS\system32\DRIVERS\motmodem.sys
17:38:32.0656 2304 motmodem - ok
17:38:32.0921 2304 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:38:32.0921 2304 Mouclass - ok
17:38:33.0187 2304 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:38:33.0187 2304 mouhid - ok
17:38:33.0453 2304 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:38:33.0468 2304 MountMgr - ok
17:38:33.0734 2304 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
17:38:33.0750 2304 MPE - ok
17:38:34.0000 2304 mraid35x - ok
17:38:34.0328 2304 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:38:34.0328 2304 MRxDAV - ok
17:38:34.0718 2304 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:38:34.0765 2304 MRxSmb - ok
17:38:35.0046 2304 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:38:35.0046 2304 Msfs - ok
17:38:35.0312 2304 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:38:35.0312 2304 MSKSSRV - ok
17:38:35.0593 2304 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:38:35.0593 2304 MSPCLOCK - ok
17:38:35.0875 2304 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:38:35.0875 2304 MSPQM - ok
17:38:36.0140 2304 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:38:36.0140 2304 mssmbios - ok
17:38:36.0406 2304 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:38:36.0421 2304 MSTEE - ok
17:38:36.0734 2304 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:38:36.0734 2304 Mup - ok
17:38:37.0031 2304 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:38:37.0062 2304 NABTSFEC - ok
17:38:37.0375 2304 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:38:37.0453 2304 NDIS - ok
17:38:37.0718 2304 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:38:37.0718 2304 NdisIP - ok
17:38:38.0000 2304 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:38:38.0000 2304 NdisTapi - ok
17:38:38.0265 2304 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:38:38.0265 2304 Ndisuio - ok
17:38:38.0562 2304 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:38:38.0562 2304 NdisWan - ok
17:38:38.0859 2304 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:38:38.0859 2304 NDProxy - ok
17:38:39.0125 2304 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:38:39.0125 2304 NetBIOS - ok
17:38:39.0453 2304 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:38:39.0453 2304 NetBT - ok
17:38:39.0859 2304 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:38:39.0859 2304 Npfs - ok
17:38:40.0125 2304 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
17:38:40.0171 2304 NPPTNT2 - ok
17:38:40.0609 2304 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:38:40.0921 2304 Ntfs - ok
17:38:41.0218 2304 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:38:41.0218 2304 Null - ok
17:38:43.0515 2304 nv (70cb8915895ccb92ddf23ce890c4f5be) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:38:45.0281 2304 nv - ok
17:38:45.0609 2304 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:38:45.0625 2304 NwlnkFlt - ok
17:38:45.0890 2304 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:38:45.0906 2304 NwlnkFwd - ok
17:38:46.0234 2304 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:38:46.0234 2304 Parport - ok
17:38:46.0515 2304 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:38:46.0515 2304 PartMgr - ok
17:38:46.0781 2304 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:38:46.0781 2304 ParVdm - ok
17:38:47.0062 2304 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:38:47.0062 2304 pccsmcfd - ok
17:38:47.0359 2304 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:38:47.0375 2304 PCI - ok
17:38:47.0640 2304 PCIDump - ok
17:38:47.0906 2304 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:38:47.0906 2304 PCIIde - ok
17:38:48.0203 2304 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:38:48.0250 2304 Pcmcia - ok
17:38:48.0515 2304 PDCOMP - ok
17:38:48.0765 2304 PDFRAME - ok
17:38:49.0015 2304 PDRELI - ok
17:38:49.0281 2304 PDRFRAME - ok
17:38:49.0593 2304 pepifilter (2a3efd6c3f116675d149da5e36a010a4) C:\WINDOWS\system32\DRIVERS\lv302af.sys
17:38:49.0609 2304 pepifilter - ok
17:38:49.0859 2304 perc2 - ok
17:38:50.0125 2304 perc2hib - ok
17:38:50.0718 2304 PID_08A0 (cebefeae6156f4fee41f56be89ea9c96) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
17:38:51.0015 2304 PID_08A0 - ok
17:38:51.0312 2304 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:38:51.0312 2304 PptpMiniport - ok
17:38:51.0609 2304 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:38:51.0609 2304 PSched - ok
17:38:51.0890 2304 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:38:51.0890 2304 Ptilink - ok
17:38:52.0171 2304 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:38:52.0203 2304 PxHelp20 - ok
17:38:52.0453 2304 ql1080 - ok
17:38:52.0718 2304 Ql10wnt - ok
17:38:52.0968 2304 ql12160 - ok
17:38:53.0218 2304 ql1240 - ok
17:38:53.0468 2304 ql1280 - ok
17:38:53.0734 2304 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:38:53.0734 2304 RasAcd - ok
17:38:54.0015 2304 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:38:54.0015 2304 Rasl2tp - ok
17:38:54.0281 2304 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:38:54.0281 2304 RasPppoe - ok
17:38:54.0546 2304 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:38:54.0546 2304 Raspti - ok
17:38:54.0875 2304 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:38:54.0875 2304 Rdbss - ok
17:38:55.0156 2304 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:38:55.0156 2304 RDPCDD - ok
17:38:55.0484 2304 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:38:55.0484 2304 rdpdr - ok
17:38:55.0796 2304 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:38:55.0796 2304 RDPWD - ok
17:38:56.0109 2304 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:38:56.0109 2304 redbook - ok
17:38:56.0406 2304 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:38:56.0421 2304 Secdrv - ok
17:38:56.0687 2304 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:38:56.0687 2304 serenum - ok
17:38:56.0968 2304 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:38:56.0968 2304 Serial - ok
17:38:57.0250 2304 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
17:38:57.0250 2304 Sfloppy - ok
17:38:57.0500 2304 Simbad - ok
17:38:57.0796 2304 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:38:57.0796 2304 SLIP - ok
17:38:58.0062 2304 Sparrow - ok
17:38:58.0328 2304 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:38:58.0328 2304 splitter - ok
17:38:58.0609 2304 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:38:58.0640 2304 sr - ok
17:38:59.0031 2304 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:38:59.0078 2304 Srv - ok
17:38:59.0359 2304 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:38:59.0359 2304 ssmdrv - ok
17:38:59.0656 2304 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
17:38:59.0656 2304 StillCam - ok
17:38:59.0937 2304 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:38:59.0937 2304 streamip - ok
17:39:00.0218 2304 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:39:00.0218 2304 swenum - ok
17:39:00.0531 2304 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:39:00.0531 2304 swmidi - ok
17:39:00.0828 2304 symc810 - ok
17:39:01.0078 2304 symc8xx - ok
17:39:01.0328 2304 sym_hi - ok
17:39:01.0578 2304 sym_u3 - ok
17:39:01.0875 2304 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:39:01.0875 2304 sysaudio - ok
17:39:02.0250 2304 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:39:02.0281 2304 Tcpip - ok
17:39:02.0640 2304 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
17:39:02.0640 2304 Tcpip6 - ok
17:39:02.0906 2304 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:39:02.0921 2304 TDPIPE - ok
17:39:03.0187 2304 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:39:03.0203 2304 TDTCP - ok
17:39:03.0453 2304 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:39:03.0468 2304 TermDD - ok
17:39:03.0718 2304 TosIde - ok
17:39:04.0000 2304 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
17:39:04.0000 2304 tunmp - ok
17:39:04.0281 2304 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:39:04.0296 2304 Udfs - ok
17:39:04.0546 2304 ultra - ok
17:39:04.0953 2304 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:39:05.0000 2304 Update - ok
17:39:05.0281 2304 upperdev - ok
17:39:05.0578 2304 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:39:05.0593 2304 USBAAPL - ok
17:39:05.0890 2304 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:39:05.0906 2304 usbaudio - ok
17:39:06.0187 2304 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:39:06.0187 2304 usbccgp - ok
17:39:06.0453 2304 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:39:06.0453 2304 usbehci - ok
17:39:06.0750 2304 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:39:06.0750 2304 usbhub - ok
17:39:07.0000 2304 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:39:07.0015 2304 usbprint - ok
17:39:07.0281 2304 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:39:07.0281 2304 usbscan - ok
17:39:07.0578 2304 usbsermptxp (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys
17:39:07.0593 2304 usbsermptxp - ok
17:39:07.0859 2304 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:39:07.0875 2304 USBSTOR - ok
17:39:08.0140 2304 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:39:08.0140 2304 usbuhci - ok
17:39:08.0453 2304 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:39:08.0500 2304 usbvideo - ok
17:39:08.0828 2304 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
17:39:08.0828 2304 usb_rndisx - ok
17:39:09.0109 2304 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:39:09.0109 2304 VgaSave - ok
17:39:09.0375 2304 ViaIde - ok
17:39:09.0984 2304 VMHybrid (210235b818921866a0bc1eca1be07eda) C:\WINDOWS\system32\DRIVERS\VMHybrid.sys
17:39:10.0328 2304 VMHybrid - ok
17:39:10.0593 2304 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:39:10.0625 2304 VolSnap - ok
17:39:10.0921 2304 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:39:10.0921 2304 Wanarp - ok
17:39:11.0234 2304 wceusbsh (4a954a20a4c73d6db13c0fe25f3f1b0c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
17:39:11.0265 2304 wceusbsh - ok
17:39:11.0703 2304 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:39:11.0703 2304 Wdf01000 - ok
17:39:11.0953 2304 WDICA - ok
17:39:12.0250 2304 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:39:12.0250 2304 wdmaud - ok
17:39:12.0546 2304 wfcxdtun (d1e884ba0c48379abe8f4eb9ce3b6d70) C:\WINDOWS\system32\drivers\wfcxdtun.sys
17:39:12.0562 2304 wfcxdtun - ok
17:39:12.0859 2304 wfcxtcap (9c041fdb40fa8b4946b8c845a3613eac) C:\WINDOWS\system32\drivers\wfcxtcap.sys
17:39:12.0875 2304 wfcxtcap - ok
17:39:13.0187 2304 WFCXVCAP (4233c389a7ced0c6549baedb174861d0) C:\WINDOWS\system32\drivers\wfcxvcap.sys
17:39:13.0203 2304 WFCXVCAP - ok
17:39:13.0484 2304 wfcxxbar (4df0d04eadd0e7408c7069148b6f7edd) C:\WINDOWS\system32\drivers\wfcxxbar.sys
17:39:13.0484 2304 wfcxxbar - ok
17:39:13.0562 2304 WFIOCTL - ok
17:39:14.0000 2304 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:39:14.0015 2304 WpdUsb - ok
17:39:14.0328 2304 WSIMD (0091d78c5f8fde0cdf2b214823de6e48) C:\WINDOWS\system32\DRIVERS\wsimd.sys
17:39:14.0328 2304 WSIMD - ok
17:39:14.0609 2304 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:39:14.0609 2304 WSTCODEC - ok
17:39:14.0921 2304 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:39:14.0953 2304 WudfPf - ok
17:39:15.0234 2304 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:39:15.0265 2304 WudfRd - ok
17:39:15.0312 2304 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:39:15.0515 2304 \Device\Harddisk0\DR0 - ok
17:39:15.0531 2304 Boot (0x1200) (23b5e4b8101dacac0e9f63556f1262c6) \Device\Harddisk0\DR0\Partition0
17:39:15.0531 2304 \Device\Harddisk0\DR0\Partition0 - ok
17:39:15.0531 2304 ============================================================
17:39:15.0531 2304 Scan finished
17:39:15.0531 2304 ============================================================
17:39:15.0546 1416 Detected object count: 0
17:39:15.0546 1416 Actual detected object count: 0
17:39:37.0171 1048 Deinitialize success