Hi Cypher,
Glad you are able to help me.
There were no problems obtaining the logs you requested.
21:08:32.0453 2284 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
21:08:33.0781 2284 ============================================================
21:08:33.0781 2284 Current date / time: 2012/05/21 21:08:33.0781
21:08:33.0781 2284 SystemInfo:
21:08:33.0781 2284
21:08:33.0781 2284 OS Version: 5.1.2600 ServicePack: 3.0
21:08:33.0781 2284 Product type: Workstation
21:08:33.0781 2284 ComputerName: THINKVANTAGE
21:08:33.0781 2284 UserName: Admin New
21:08:33.0781 2284 Windows directory: C:\WINDOWS
21:08:33.0781 2284 System windows directory: C:\WINDOWS
21:08:33.0781 2284 Processor architecture: Intel x86
21:08:33.0781 2284 Number of processors: 2
21:08:33.0781 2284 Page size: 0x1000
21:08:33.0781 2284 Boot type: Normal boot
21:08:33.0781 2284 ============================================================
21:08:36.0187 2284 Drive \Device\Harddisk0\DR0 - Size: 0x12A2480000 (74.54 Gb), SectorSize: 0x200, Cylinders: 0x2602, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:08:36.0187 2284 ============================================================
21:08:36.0187 2284 \Device\Harddisk0\DR0:
21:08:36.0187 2284 MBR partitions:
21:08:36.0187 2284 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8DABD20
21:08:36.0187 2284 ============================================================
21:08:36.0234 2284 C: <-> \Device\Harddisk0\DR0\Partition0
21:08:36.0234 2284 ============================================================
21:08:36.0234 2284 Initialize success
21:08:36.0234 2284 ============================================================
21:08:45.0484 1620 ============================================================
21:08:45.0484 1620 Scan started
21:08:45.0484 1620 Mode: Manual;
21:08:45.0484 1620 ============================================================
21:08:45.0781 1620 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
21:08:45.0781 1620 Aavmker4 - ok
21:08:45.0781 1620 Abiosdsk - ok
21:08:45.0828 1620 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:08:45.0828 1620 abp480n5 - ok
21:08:45.0843 1620 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
21:08:45.0843 1620 ac97intc - ok
21:08:45.0875 1620 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:08:45.0875 1620 ACPI - ok
21:08:45.0906 1620 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:08:45.0906 1620 ACPIEC - ok
21:08:45.0921 1620 ADIHdAudAddService (62701bd138d063deb603189b3e56f760) C:\WINDOWS\system32\drivers\ADIHdAud.sys
21:08:45.0921 1620 ADIHdAudAddService - ok
21:08:45.0953 1620 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
21:08:45.0953 1620 ADM8511 - ok
21:08:46.0031 1620 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:08:46.0046 1620 AdobeFlashPlayerUpdateSvc - ok
21:08:46.0062 1620 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:08:46.0062 1620 adpu160m - ok
21:08:46.0093 1620 AEAudioService (9f59ae2de835641fbb0c6afd80d8fa9b) C:\WINDOWS\system32\drivers\AEAudio.sys
21:08:46.0093 1620 AEAudioService - ok
21:08:46.0109 1620 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:08:46.0109 1620 aec - ok
21:08:46.0171 1620 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:08:46.0171 1620 AFD - ok
21:08:46.0218 1620 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
21:08:46.0218 1620 agp440 - ok
21:08:46.0218 1620 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:08:46.0218 1620 agpCPQ - ok
21:08:46.0250 1620 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:08:46.0250 1620 Aha154x - ok
21:08:46.0265 1620 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:08:46.0265 1620 aic78u2 - ok
21:08:46.0265 1620 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:08:46.0265 1620 aic78xx - ok
21:08:46.0296 1620 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
21:08:46.0296 1620 Alerter - ok
21:08:46.0328 1620 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
21:08:46.0328 1620 ALG - ok
21:08:46.0328 1620 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
21:08:46.0328 1620 AliIde - ok
21:08:46.0343 1620 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:08:46.0343 1620 alim1541 - ok
21:08:46.0343 1620 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:08:46.0343 1620 amdagp - ok
21:08:46.0359 1620 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
21:08:46.0359 1620 amsint - ok
21:08:46.0390 1620 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
21:08:46.0390 1620 AppMgmt - ok
21:08:46.0421 1620 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
21:08:46.0421 1620 asc - ok
21:08:46.0421 1620 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:08:46.0421 1620 asc3350p - ok
21:08:46.0437 1620 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:08:46.0437 1620 asc3550 - ok
21:08:46.0562 1620 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:08:46.0562 1620 aspnet_state - ok
21:08:46.0593 1620 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:08:46.0593 1620 aswFsBlk - ok
21:08:46.0640 1620 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
21:08:46.0640 1620 aswMon2 - ok
21:08:46.0656 1620 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
21:08:46.0656 1620 aswRdr - ok
21:08:46.0718 1620 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
21:08:46.0718 1620 aswSnx - ok
21:08:46.0750 1620 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
21:08:46.0750 1620 aswSP - ok
21:08:46.0750 1620 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
21:08:46.0765 1620 aswTdi - ok
21:08:46.0796 1620 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:08:46.0796 1620 AsyncMac - ok
21:08:46.0812 1620 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:08:46.0812 1620 atapi - ok
21:08:46.0812 1620 Atdisk - ok
21:08:46.0828 1620 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:08:46.0828 1620 Atmarpc - ok
21:08:46.0859 1620 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
21:08:46.0859 1620 AudioSrv - ok
21:08:46.0906 1620 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:08:46.0906 1620 audstub - ok
21:08:47.0031 1620 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
21:08:47.0031 1620 avast! Antivirus - ok
21:08:47.0046 1620 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:08:47.0046 1620 Beep - ok
21:08:47.0093 1620 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
21:08:47.0109 1620 BITS - ok
21:08:47.0125 1620 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
21:08:47.0125 1620 Browser - ok
21:08:47.0140 1620 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:08:47.0140 1620 cbidf - ok
21:08:47.0140 1620 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:08:47.0140 1620 cbidf2k - ok
21:08:47.0156 1620 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:08:47.0156 1620 cd20xrnt - ok
21:08:47.0171 1620 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:08:47.0171 1620 Cdaudio - ok
21:08:47.0187 1620 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:08:47.0187 1620 Cdfs - ok
21:08:47.0203 1620 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:08:47.0203 1620 Cdrom - ok
21:08:47.0218 1620 Changer - ok
21:08:47.0250 1620 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
21:08:47.0250 1620 CiSvc - ok
21:08:47.0250 1620 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
21:08:47.0250 1620 ClipSrv - ok
21:08:47.0359 1620 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:08:47.0359 1620 clr_optimization_v2.0.50727_32 - ok
21:08:47.0390 1620 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:08:47.0390 1620 CmdIde - ok
21:08:47.0390 1620 COMSysApp - ok
21:08:47.0406 1620 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:08:47.0406 1620 Cpqarray - ok
21:08:47.0437 1620 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
21:08:47.0437 1620 CryptSvc - ok
21:08:47.0453 1620 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:08:47.0453 1620 dac2w2k - ok
21:08:47.0468 1620 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:08:47.0468 1620 dac960nt - ok
21:08:47.0515 1620 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
21:08:47.0515 1620 DcomLaunch - ok
21:08:47.0562 1620 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
21:08:47.0562 1620 Dhcp - ok
21:08:47.0578 1620 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:08:47.0578 1620 Disk - ok
21:08:47.0625 1620 DLABOIOM (efae981c8ba3dad4103a76bcb5955b07) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
21:08:47.0625 1620 DLABOIOM - ok
21:08:47.0640 1620 DLACDBHM (8d45ac148fd8c1a25204aeca1397fa7e) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:08:47.0640 1620 DLACDBHM - ok
21:08:47.0656 1620 DLADResN (3e34a0991efdaf8cfa97441c3a51fc81) C:\WINDOWS\system32\DLA\DLADResN.SYS
21:08:47.0656 1620 DLADResN - ok
21:08:47.0656 1620 DLAIFS_M (2aef49904bde7398d0f09b6a603738ef) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
21:08:47.0656 1620 DLAIFS_M - ok
21:08:47.0671 1620 DLAOPIOM (46fa268a829384256179f4ccb6eb308f) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
21:08:47.0671 1620 DLAOPIOM - ok
21:08:47.0671 1620 DLAPoolM (26e89839af248625a4e7c4cf5873375d) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
21:08:47.0671 1620 DLAPoolM - ok
21:08:47.0687 1620 DLARTL_N (94accf8f7b87fbeaa27266927319e6ba) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
21:08:47.0687 1620 DLARTL_N - ok
21:08:47.0687 1620 DLAUDFAM (5e914bd7f68dde3fb4bffe005162c1e6) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
21:08:47.0687 1620 DLAUDFAM - ok
21:08:47.0703 1620 DLAUDF_M (8c3cfb22a7fb3be67e0c321fa10b8b50) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
21:08:47.0703 1620 DLAUDF_M - ok
21:08:47.0703 1620 dmadmin - ok
21:08:47.0750 1620 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:08:47.0750 1620 dmboot - ok
21:08:47.0765 1620 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:08:47.0781 1620 dmio - ok
21:08:47.0796 1620 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:08:47.0796 1620 dmload - ok
21:08:47.0828 1620 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
21:08:47.0828 1620 dmserver - ok
21:08:47.0843 1620 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:08:47.0843 1620 DMusic - ok
21:08:47.0875 1620 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
21:08:47.0875 1620 Dnscache - ok
21:08:47.0906 1620 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
21:08:47.0921 1620 Dot3svc - ok
21:08:47.0937 1620 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:08:47.0937 1620 dpti2o - ok
21:08:47.0968 1620 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:08:47.0968 1620 drmkaud - ok
21:08:47.0968 1620 DRVMCDB (ab6c5c26fff9b3c456aeaf7e0093c2fe) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:08:47.0968 1620 DRVMCDB - ok
21:08:47.0984 1620 DRVNDDM (4a307ade1638d9358b6eb90076481cc6) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:08:47.0984 1620 DRVNDDM - ok
21:08:48.0015 1620 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
21:08:48.0015 1620 E100B - ok
21:08:48.0062 1620 e1express (8942419786970adb32b05bb7950aee72) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
21:08:48.0062 1620 e1express - ok
21:08:48.0078 1620 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
21:08:48.0093 1620 EapHost - ok
21:08:48.0125 1620 EGATHDRV (938f1ec77ba35858248e584b2d2e9776) C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
21:08:48.0125 1620 EGATHDRV - ok
21:08:48.0140 1620 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
21:08:48.0156 1620 ERSvc - ok
21:08:48.0187 1620 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:08:48.0187 1620 Eventlog - ok
21:08:48.0234 1620 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
21:08:48.0234 1620 EventSystem - ok
21:08:48.0250 1620 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:08:48.0265 1620 Fastfat - ok
21:08:48.0296 1620 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:08:48.0312 1620 FastUserSwitchingCompatibility - ok
21:08:48.0312 1620 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:08:48.0328 1620 Fdc - ok
21:08:48.0375 1620 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:08:48.0375 1620 Fips - ok
21:08:48.0375 1620 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:08:48.0375 1620 Flpydisk - ok
21:08:48.0421 1620 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:08:48.0421 1620 FltMgr - ok
21:08:48.0531 1620 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:08:48.0531 1620 FontCache3.0.0.0 - ok
21:08:48.0562 1620 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
21:08:48.0578 1620 fssfltr - ok
21:08:48.0765 1620 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
21:08:48.0765 1620 fsssvc - ok
21:08:48.0812 1620 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:08:48.0812 1620 Fs_Rec - ok
21:08:48.0843 1620 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:08:48.0843 1620 Ftdisk - ok
21:08:48.0921 1620 getPlusHelper (0879dc7444a201df84e69c5dd5083d61) C:\Program Files\NOS\bin\getPlus_Helper.dll
21:08:48.0921 1620 getPlusHelper - ok
21:08:48.0953 1620 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:08:48.0953 1620 Gpc - ok
21:08:48.0968 1620 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:08:48.0984 1620 HDAudBus - ok
21:08:49.0046 1620 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:08:49.0046 1620 helpsvc - ok
21:08:49.0062 1620 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
21:08:49.0078 1620 HidServ - ok
21:08:49.0093 1620 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:08:49.0093 1620 HidUsb - ok
21:08:49.0140 1620 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
21:08:49.0140 1620 hkmsvc - ok
21:08:49.0171 1620 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
21:08:49.0171 1620 hpn - ok
21:08:49.0203 1620 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:08:49.0203 1620 HTTP - ok
21:08:49.0234 1620 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
21:08:49.0250 1620 HTTPFilter - ok
21:08:49.0265 1620 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
21:08:49.0265 1620 i2omgmt - ok
21:08:49.0281 1620 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:08:49.0281 1620 i2omp - ok
21:08:49.0296 1620 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:08:49.0296 1620 i8042prt - ok
21:08:49.0375 1620 ialm (4007984827e19e6a5b6faf8532eaefba) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:08:49.0375 1620 ialm - ok
21:08:49.0406 1620 ibmfilter (d4193760493da47d4d4580589e27f0ca) C:\WINDOWS\system32\drivers\ibmfilter.sys
21:08:49.0421 1620 ibmfilter - ok
21:08:49.0562 1620 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:08:49.0562 1620 IDriverT - ok
21:08:49.0687 1620 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:08:49.0687 1620 idsvc - ok
21:08:49.0734 1620 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:08:49.0734 1620 Imapi - ok
21:08:49.0765 1620 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
21:08:49.0781 1620 ImapiService - ok
21:08:49.0812 1620 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:08:49.0812 1620 ini910u - ok
21:08:49.0828 1620 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:08:49.0828 1620 IntelIde - ok
21:08:49.0859 1620 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:08:49.0859 1620 intelppm - ok
21:08:49.0859 1620 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:08:49.0875 1620 Ip6Fw - ok
21:08:49.0906 1620 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:08:49.0906 1620 IpFilterDriver - ok
21:08:49.0906 1620 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:08:49.0906 1620 IpInIp - ok
21:08:49.0937 1620 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:08:49.0937 1620 IpNat - ok
21:08:49.0953 1620 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:08:49.0953 1620 IPSec - ok
21:08:49.0953 1620 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:08:49.0968 1620 IRENUM - ok
21:08:49.0984 1620 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:08:49.0984 1620 isapnp - ok
21:08:50.0140 1620 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
21:08:50.0140 1620 JavaQuickStarterService - ok
21:08:50.0156 1620 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:08:50.0156 1620 Kbdclass - ok
21:08:50.0187 1620 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:08:50.0187 1620 kbdhid - ok
21:08:50.0218 1620 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:08:50.0218 1620 kmixer - ok
21:08:50.0218 1620 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:08:50.0218 1620 KSecDD - ok
21:08:50.0265 1620 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
21:08:50.0281 1620 lanmanserver - ok
21:08:50.0328 1620 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
21:08:50.0343 1620 lanmanworkstation - ok
21:08:50.0343 1620 lbrtfdc - ok
21:08:50.0359 1620 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
21:08:50.0375 1620 LmHosts - ok
21:08:50.0406 1620 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
21:08:50.0406 1620 MBAMProtector - ok
21:08:50.0515 1620 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:08:50.0515 1620 MBAMService - ok
21:08:50.0546 1620 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
21:08:50.0546 1620 Messenger - ok
21:08:50.0578 1620 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:08:50.0578 1620 mnmdd - ok
21:08:50.0609 1620 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
21:08:50.0625 1620 mnmsrvc - ok
21:08:50.0640 1620 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:08:50.0640 1620 Modem - ok
21:08:50.0656 1620 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:08:50.0671 1620 Mouclass - ok
21:08:50.0703 1620 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:08:50.0703 1620 mouhid - ok
21:08:50.0718 1620 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:08:50.0718 1620 MountMgr - ok
21:08:50.0750 1620 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:08:50.0765 1620 mraid35x - ok
21:08:50.0765 1620 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:08:50.0765 1620 MRxDAV - ok
21:08:50.0812 1620 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:08:50.0828 1620 MRxSmb - ok
21:08:50.0843 1620 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
21:08:50.0859 1620 MSDTC - ok
21:08:50.0859 1620 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:08:50.0859 1620 Msfs - ok
21:08:50.0875 1620 MSIServer - ok
21:08:50.0890 1620 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:08:50.0890 1620 MSKSSRV - ok
21:08:50.0890 1620 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:08:50.0906 1620 MSPCLOCK - ok
21:08:50.0906 1620 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:08:50.0906 1620 MSPQM - ok
21:08:50.0937 1620 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:08:50.0937 1620 mssmbios - ok
21:08:50.0968 1620 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:08:50.0968 1620 Mup - ok
21:08:51.0000 1620 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
21:08:51.0000 1620 napagent - ok
21:08:51.0031 1620 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:08:51.0046 1620 NDIS - ok
21:08:51.0046 1620 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:08:51.0062 1620 NdisTapi - ok
21:08:51.0062 1620 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:08:51.0078 1620 Ndisuio - ok
21:08:51.0078 1620 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:08:51.0078 1620 NdisWan - ok
21:08:51.0109 1620 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:08:51.0109 1620 NDProxy - ok
21:08:51.0140 1620 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:08:51.0156 1620 NetBIOS - ok
21:08:51.0171 1620 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:08:51.0171 1620 NetBT - ok
21:08:51.0187 1620 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:08:51.0203 1620 NetDDE - ok
21:08:51.0203 1620 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:08:51.0218 1620 NetDDEdsdm - ok
21:08:51.0234 1620 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:08:51.0234 1620 Netlogon - ok
21:08:51.0265 1620 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
21:08:51.0265 1620 Netman - ok
21:08:51.0390 1620 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:08:51.0390 1620 NetTcpPortSharing - ok
21:08:51.0437 1620 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
21:08:51.0437 1620 Nla - ok
21:08:51.0484 1620 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:08:51.0500 1620 Npfs - ok
21:08:51.0515 1620 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:08:51.0515 1620 Ntfs - ok
21:08:51.0531 1620 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:08:51.0531 1620 NtLmSsp - ok
21:08:51.0578 1620 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
21:08:51.0593 1620 NtmsSvc - ok
21:08:51.0625 1620 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:08:51.0625 1620 Null - ok
21:08:51.0734 1620 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:08:51.0750 1620 nv - ok
21:08:51.0781 1620 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:08:51.0796 1620 NwlnkFlt - ok
21:08:51.0796 1620 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:08:51.0796 1620 NwlnkFwd - ok
21:08:51.0937 1620 OAcat (e39c22f9970f70adea735546ba4850c9) C:\Program Files\Tall Emu\Online Armor\OAcat.exe
21:08:51.0937 1620 OAcat - ok
21:08:51.0968 1620 OADevice (57b641cd45e3dbd784aba7174724f4e0) C:\WINDOWS\system32\drivers\OADriver.sys
21:08:51.0968 1620 OADevice - ok
21:08:51.0984 1620 OAmon (f21b332dab65c9601267d8fc8c04899b) C:\WINDOWS\system32\drivers\OAmon.sys
21:08:51.0984 1620 OAmon - ok
21:08:51.0984 1620 OAnet (5577a7f637f02621cb643f0f470872fc) C:\WINDOWS\system32\drivers\OAnet.sys
21:08:52.0000 1620 OAnet - ok
21:08:52.0046 1620 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:08:52.0046 1620 ose - ok
21:08:52.0078 1620 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
21:08:52.0093 1620 Parport - ok
21:08:52.0093 1620 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:08:52.0093 1620 PartMgr - ok
21:08:52.0140 1620 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:08:52.0140 1620 ParVdm - ok
21:08:52.0156 1620 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:08:52.0156 1620 PCI - ok
21:08:52.0156 1620 PCIDump - ok
21:08:52.0187 1620 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:08:52.0187 1620 PCIIde - ok
21:08:52.0218 1620 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:08:52.0218 1620 Pcmcia - ok
21:08:52.0218 1620 PDCOMP - ok
21:08:52.0234 1620 PDFRAME - ok
21:08:52.0234 1620 PDRELI - ok
21:08:52.0250 1620 PDRFRAME - ok
21:08:52.0281 1620 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
21:08:52.0281 1620 perc2 - ok
21:08:52.0296 1620 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:08:52.0296 1620 perc2hib - ok
21:08:52.0312 1620 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
21:08:52.0328 1620 Pfc - ok
21:08:52.0359 1620 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:08:52.0375 1620 PlugPlay - ok
21:08:52.0375 1620 pmem (fa292805788528c083f416e151b60ab6) C:\WINDOWS\System32\drivers\pmemnt.sys
21:08:52.0375 1620 pmem - ok
21:08:52.0406 1620 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:08:52.0406 1620 PolicyAgent - ok
21:08:52.0437 1620 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:08:52.0453 1620 PptpMiniport - ok
21:08:52.0453 1620 PrivateDisk - ok
21:08:52.0468 1620 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
21:08:52.0468 1620 Processor - ok
21:08:52.0468 1620 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:08:52.0484 1620 ProtectedStorage - ok
21:08:52.0500 1620 psadd (651d3abc1d82d61b6cfb40cb947b3db3) C:\WINDOWS\system32\DRIVERS\psadd.sys
21:08:52.0515 1620 psadd - ok
21:08:52.0546 1620 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
21:08:52.0546 1620 PSI - ok
21:08:52.0546 1620 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:08:52.0546 1620 Ptilink - ok
21:08:52.0562 1620 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:08:52.0562 1620 PxHelp20 - ok
21:08:52.0593 1620 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:08:52.0593 1620 ql1080 - ok
21:08:52.0593 1620 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:08:52.0593 1620 Ql10wnt - ok
21:08:52.0625 1620 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:08:52.0625 1620 ql12160 - ok
21:08:52.0640 1620 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:08:52.0640 1620 ql1240 - ok
21:08:52.0656 1620 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:08:52.0656 1620 ql1280 - ok
21:08:52.0687 1620 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:08:52.0687 1620 RasAcd - ok
21:08:52.0718 1620 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
21:08:52.0734 1620 RasAuto - ok
21:08:52.0750 1620 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:08:52.0750 1620 Rasl2tp - ok
21:08:52.0796 1620 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
21:08:52.0812 1620 RasMan - ok
21:08:52.0828 1620 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:08:52.0828 1620 RasPppoe - ok
21:08:52.0828 1620 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:08:52.0843 1620 Raspti - ok
21:08:52.0890 1620 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:08:52.0890 1620 Rdbss - ok
21:08:52.0890 1620 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:08:52.0906 1620 RDPCDD - ok
21:08:52.0921 1620 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:08:52.0921 1620 rdpdr - ok
21:08:52.0968 1620 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
21:08:52.0968 1620 RDPWD - ok
21:08:52.0968 1620 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
21:08:52.0984 1620 RDSessMgr - ok
21:08:53.0015 1620 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:08:53.0015 1620 redbook - ok
21:08:53.0046 1620 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
21:08:53.0046 1620 RemoteAccess - ok
21:08:53.0078 1620 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
21:08:53.0078 1620 RemoteRegistry - ok
21:08:53.0093 1620 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
21:08:53.0093 1620 RpcLocator - ok
21:08:53.0140 1620 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
21:08:53.0156 1620 RpcSs - ok
21:08:53.0203 1620 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
21:08:53.0218 1620 RSVP - ok
21:08:53.0234 1620 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:08:53.0234 1620 SamSs - ok
21:08:53.0281 1620 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
21:08:53.0296 1620 SCardSvr - ok
21:08:53.0343 1620 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
21:08:53.0359 1620 Schedule - ok
21:08:53.0500 1620 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
21:08:53.0500 1620 SeaPort - ok
21:08:53.0531 1620 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:08:53.0531 1620 Secdrv - ok
21:08:53.0562 1620 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
21:08:53.0562 1620 seclogon - ok
21:08:53.0640 1620 Secunia PSI Agent (1ce8490e8919ef5c72275952c202e749) C:\Program Files\Secunia\PSI\PSIA.exe
21:08:53.0656 1620 Secunia PSI Agent - ok
21:08:53.0703 1620 Secunia Update Agent (9337c7c45392a32cac5e59ddac0d0342) C:\Program Files\Secunia\PSI\sua.exe
21:08:53.0718 1620 Secunia Update Agent - ok
21:08:53.0812 1620 SenFiltService (eca77beeb2be8d573cf1b265e44fbfbd) C:\WINDOWS\system32\drivers\Senfilt.sys
21:08:53.0828 1620 SenFiltService - ok
21:08:53.0859 1620 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
21:08:53.0875 1620 SENS - ok
21:08:53.0921 1620 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:08:53.0921 1620 serenum - ok
21:08:53.0937 1620 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
21:08:53.0937 1620 Serial - ok
21:08:53.0953 1620 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:08:53.0953 1620 Sfloppy - ok
21:08:54.0000 1620 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
21:08:54.0015 1620 SharedAccess - ok
21:08:54.0062 1620 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:08:54.0078 1620 ShellHWDetection - ok
21:08:54.0078 1620 Simbad - ok
21:08:54.0125 1620 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:08:54.0125 1620 sisagp - ok
21:08:54.0218 1620 SkypeUpdate (68ea68d03bf58389fe6ad2b38fad798c) C:\Program Files\Skype\Updater\Updater.exe
21:08:54.0218 1620 SkypeUpdate - ok
21:08:54.0265 1620 smi2 (3ba9d0c8a0fbd9fb4029b6cd87c8ce0b) C:\Program Files\SMI2\smi2.sys
21:08:54.0265 1620 smi2 - ok
21:08:54.0312 1620 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:08:54.0312 1620 Sparrow - ok
21:08:54.0328 1620 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:08:54.0328 1620 splitter - ok
21:08:54.0375 1620 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
21:08:54.0375 1620 Spooler - ok
21:08:54.0421 1620 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:08:54.0421 1620 sr - ok
21:08:54.0453 1620 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
21:08:54.0468 1620 srservice - ok
21:08:54.0500 1620 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:08:54.0515 1620 Srv - ok
21:08:54.0531 1620 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
21:08:54.0546 1620 SSDPSRV - ok
21:08:54.0593 1620 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
21:08:54.0609 1620 stisvc - ok
21:08:54.0765 1620 SvcOnlineArmor (05cc0b4927e9110afe68212771601a2f) C:\Program Files\Tall Emu\Online Armor\oasrv.exe
21:08:54.0781 1620 SvcOnlineArmor - ok
21:08:54.0890 1620 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:08:54.0890 1620 swenum - ok
21:08:54.0906 1620 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:08:54.0921 1620 swmidi - ok
21:08:54.0921 1620 SwPrv - ok
21:08:54.0968 1620 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
21:08:54.0968 1620 symc810 - ok
21:08:54.0984 1620 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:08:54.0984 1620 symc8xx - ok
21:08:55.0000 1620 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:08:55.0000 1620 sym_hi - ok
21:08:55.0000 1620 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:08:55.0015 1620 sym_u3 - ok
21:08:55.0015 1620 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:08:55.0031 1620 sysaudio - ok
21:08:55.0062 1620 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
21:08:55.0078 1620 SysmonLog - ok
21:08:55.0109 1620 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
21:08:55.0125 1620 TapiSrv - ok
21:08:55.0171 1620 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:08:55.0171 1620 Tcpip - ok
21:08:55.0218 1620 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:08:55.0218 1620 TDPIPE - ok
21:08:55.0218 1620 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:08:55.0234 1620 TDTCP - ok
21:08:55.0265 1620 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:08:55.0265 1620 TermDD - ok
21:08:55.0281 1620 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
21:08:55.0296 1620 TermService - ok
21:08:55.0343 1620 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:08:55.0359 1620 Themes - ok
21:08:55.0390 1620 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
21:08:55.0406 1620 TlntSvr - ok
21:08:55.0421 1620 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
21:08:55.0437 1620 TosIde - ok
21:08:55.0453 1620 TPM (a147180fc61769bf4eb6ff94d499970c) C:\WINDOWS\system32\DRIVERS\tpm.sys
21:08:55.0468 1620 TPM - ok
21:08:55.0468 1620 TPM12 (41b3fc80a578cab4b4e0e39371f71012) C:\WINDOWS\system32\DRIVERS\nsctpm12.sys
21:08:55.0468 1620 TPM12 - ok
21:08:55.0531 1620 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
21:08:55.0531 1620 TrkWks - ok
21:08:55.0593 1620 TVT Backup Service - ok
21:08:55.0609 1620 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:08:55.0625 1620 Udfs - ok
21:08:55.0640 1620 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
21:08:55.0656 1620 ultra - ok
21:08:55.0687 1620 UMWdf (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
21:08:55.0703 1620 UMWdf - ok
21:08:55.0750 1620 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:08:55.0765 1620 Update - ok
21:08:55.0781 1620 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
21:08:55.0796 1620 upnphost - ok
21:08:55.0812 1620 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
21:08:55.0828 1620 UPS - ok
21:08:55.0843 1620 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:08:55.0859 1620 usbccgp - ok
21:08:55.0875 1620 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:08:55.0875 1620 usbehci - ok
21:08:55.0890 1620 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:08:55.0890 1620 usbhub - ok
21:08:55.0937 1620 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:08:55.0937 1620 usbscan - ok
21:08:55.0984 1620 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:08:55.0984 1620 USBSTOR - ok
21:08:56.0031 1620 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:08:56.0031 1620 usbuhci - ok
21:08:56.0046 1620 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:08:56.0046 1620 VgaSave - ok
21:08:56.0078 1620 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:08:56.0078 1620 viaagp - ok
21:08:56.0109 1620 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:08:56.0109 1620 ViaIde - ok
21:08:56.0140 1620 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:08:56.0140 1620 VolSnap - ok
21:08:56.0187 1620 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
21:08:56.0203 1620 VSS - ok
21:08:56.0218 1620 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
21:08:56.0234 1620 W32Time - ok
21:08:56.0265 1620 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:08:56.0265 1620 Wanarp - ok
21:08:56.0265 1620 WDICA - ok
21:08:56.0281 1620 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:08:56.0296 1620 wdmaud - ok
21:08:56.0328 1620 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
21:08:56.0343 1620 WebClient - ok
21:08:56.0437 1620 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
21:08:56.0437 1620 winmgmt - ok
21:08:56.0578 1620 WmcCds (20263dafd033d30f151bb87568386769) c:\program files\windows media connect\mswmccds.exe
21:08:56.0578 1620 WmcCds - ok
21:08:56.0593 1620 WmcCdsLs (1dd015a69235dcfae18b5f98fb50be23) C:\Program Files\Windows Media Connect\mswmcls.exe
21:08:56.0593 1620 WmcCdsLs - ok
21:08:56.0609 1620 WmdmPmSN (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\MsPMSNSv.dll
21:08:56.0625 1620 WmdmPmSN - ok
21:08:56.0671 1620 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
21:08:56.0671 1620 Wmi - ok
21:08:56.0718 1620 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:08:56.0718 1620 WmiApSrv - ok
21:08:56.0750 1620 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
21:08:56.0765 1620 wscsvc - ok
21:08:56.0781 1620 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
21:08:56.0796 1620 wuauserv - ok
21:08:56.0843 1620 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
21:08:56.0859 1620 WZCSVC - ok
21:08:56.0890 1620 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
21:08:56.0906 1620 xmlprov - ok
21:08:56.0921 1620 MBR (0x1B8) (11f03b5fcd06665162e3cac4d011d806) \Device\Harddisk0\DR0
21:08:57.0312 1620 \Device\Harddisk0\DR0 - ok
21:08:57.0312 1620 Boot (0x1200) (454c583290ee61efcba14a195d49715f) \Device\Harddisk0\DR0\Partition0
21:08:57.0312 1620 \Device\Harddisk0\DR0\Partition0 - ok
21:08:57.0312 1620 ============================================================
21:08:57.0312 1620 Scan finished
21:08:57.0312 1620 ============================================================
21:08:57.0328 2108 Detected object count: 0
21:08:57.0328 2108 Actual detected object count: 0
21:16:18.0218 3016 Deinitialize success
OTL logfile created on: 21/05/2012 9:20:20 PM - Run 2
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\Admin New\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
1012.73 Mb Total Physical Memory | 455.05 Mb Available Physical Memory | 44.93% Memory free
2.37 Gb Paging File | 1.89 Gb Available in Paging File | 79.53% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.84 Gb Total Space | 43.71 Gb Free Space | 61.70% Space Free | Partition Type: NTFS
Computer Name: THINKVANTAGE | User Name: Admin New | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/05/21 21:19:01 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin New\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/06 19:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/21 08:04:30 | 000,987,704 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2010/12/21 08:04:30 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2010/12/21 08:04:30 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2009/12/05 08:53:38 | 001,282,248 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/08/01 09:10:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
========== Modules (No Company Name) ========== MOD - [2012/05/21 14:18:48 | 001,761,792 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12052101\algo.dll
MOD - [2012/05/20 13:15:36 | 001,761,792 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12052001\algo.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2012/04/26 19:18:16 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/12/21 08:04:30 | 000,987,704 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010/12/21 08:04:30 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/03/29 08:51:54 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/12/05 08:53:38 | 003,291,336 | ---- | M] (Tall Emu) [Auto | Stopped] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2009/12/05 08:53:38 | 001,282,248 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\oacat.exe -- (OAcat)
SRV - [2004/08/11 04:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Windows Media Connect\mswmccds.exe -- (WmcCds) Windows Media Connect (WMC)
SRV - [2004/08/11 01:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect\mswmcls.exe -- (WmcCdsLs) Windows Media Connect (WMC)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PrivateDiskM.sys -- (PrivateDisk)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/06 19:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 19:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 19:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/06 19:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 19:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 19:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 18:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/09/01 04:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/12/05 08:28:06 | 000,024,656 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2009/12/05 08:27:56 | 000,029,776 | ---- | M] (Tall Emu Pty Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2009/12/05 08:27:52 | 000,223,312 | ---- | M] (Tall Emu) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2007/05/01 08:29:20 | 000,017,792 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tpm.sys -- (TPM)
DRV - [2007/02/19 01:56:46 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2005/08/11 17:49:28 | 000,393,088 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/08/02 22:15:38 | 000,013,184 | ---- | M] (IBM) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ibmfilter.sys -- (ibmfilter)
DRV - [2005/08/01 09:10:00 | 000,092,700 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/08/01 09:10:00 | 000,087,004 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/08/01 09:10:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/08/01 09:10:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/08/01 09:10:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/08/01 09:10:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/08/01 09:10:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/07/07 13:03:34 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/07/07 13:02:56 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/04/21 19:28:32 | 000,013,056 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nsctpm12.sys -- (TPM12)
DRV - [2003/09/19 05:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2001/08/17 12:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3249661728-368586479-842761599-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.sympatico.ca/IE - HKU\S-1-5-21-3249661728-368586479-842761599-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3249661728-368586479-842761599-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3249661728-368586479-842761599-1007\..\SearchScopes\{20C439A8-FD60-48CE-B12F-41792AE89D4E}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-3249661728-368586479-842761599-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2012/05/18 15:37:36 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/04/16 13:29:13 | 000,000,000 | ---D | M]
[2012/03/29 12:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/19 02:40:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2012/03/29 12:19:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/03/29 12:18:32 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
========== Chrome ========== CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2010/02/17 11:11:22 | 000,612,589 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1
www.accuserveadsystem.comO1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1
www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1
www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 data2.activshopper.com #[Trackware.ActivShopper]
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 127.0.0.1 ads.ad2games.com
O1 - Hosts: 127.0.0.1 content.ad20.net
O1 - Hosts: 16208 more lines...
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [cssauth] "C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe" silent File not found
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-3249661728-368586479-842761599-1007..\Run: [RepairSolutions] C:\Program Files\RepairSolutions\RepairSolutions.exe (Innova Electronics Corp)
O4 - HKU\S-1-5-21-3249661728-368586479-842761599-1007..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3249661728-368586479-842761599-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}
http://security.symantec.com/sscv6/Shar ... vSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944}
http://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}
http://www.eset.eu/buxus/docs/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}
http://security.symantec.com/sscv6/Shar ... /cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftup ... 7910773562 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE}
http://download.microsoft.com/download/ ... anager.cab (Microsoft Download Manager ActiveX control)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D}
http://h30155.www3.hp.com/ediags/hpfix/ ... gh.cab?326 (QDiagHUpdateObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DBDA6A3-47D2-469D-B02D-8742533214ED}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63381534-5A33-44E8-A56F-F37424D66488}: DhcpNameServer = 209.91.128.11 204.187.88.10
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - Reg Error: Value error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/23 15:13:18 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2012/05/21 21:03:18 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Admin New\Desktop\tdsskiller.exe
[2012/05/18 17:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin New\Start Menu\Programs\HiJackThis
[2012/05/18 15:35:56 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Admin New\Desktop\mbam-setup-1.61.0.1400.exe
[2012/05/18 15:30:03 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin New\Desktop\OTL.exe
[2012/05/18 15:08:06 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Admin New\Desktop\aswMBR.exe
[2012/05/18 14:36:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin New\My Documents\My Videos
[2012/05/18 14:31:45 | 000,607,260 | ---- | C] (Swearware) -- C:\Documents and Settings\Admin New\Desktop\dds.com
[2012/05/18 13:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin New\Desktop\Autoruns
[2012/05/18 13:30:13 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Admin New\Desktop\dds.scr
[2012/05/08 15:29:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
[2012/05/08 15:29:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/05/08 15:19:39 | 000,854,088 | ---- | C] (BillP Studios) -- C:\Documents and Settings\Admin New\Desktop\wpsetup.exe
[2012/04/30 14:57:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Live Add-in
[2012/04/30 14:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2012/04/30 14:56:29 | 000,054,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2012/04/30 14:56:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2012/04/30 14:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2012/04/30 14:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin New\My Documents\My Downloads
[2012/04/30 14:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Download Manager
[2012/04/30 14:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Download Manager
[2012/04/30 13:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\E_
[2012/04/30 13:09:31 | 000,000,000 | ---D | C] -- C:\080707MyDocuments01
[2012/04/30 13:08:46 | 000,000,000 | ---D | C] -- C:\San Drive
[2012/04/30 13:07:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\C_
[2012/04/30 13:06:47 | 000,000,000 | ---D | C] -- C:\Lexar Drive
[2012/04/30 13:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2012/04/30 13:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\FAR
[2012/04/30 13:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2012/04/30 13:04:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/04/30 13:04:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2012/04/30 10:04:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin New\Application Data\U3
[2012/04/29 04:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin New\Application Data\InfraRecorder
[2012/04/29 04:20:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\InfraRecorder
[2012/04/29 04:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\InfraRecorder
[2012/04/28 11:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Dell Computer
[1 C:\Documents and Settings\Admin New\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Admin New\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\Admin New\Application Data\*.tmp files -> C:\Documents and Settings\Admin New\Application Data\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/05/21 21:19:01 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin New\Desktop\OTL.exe
[2012/05/21 21:03:23 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Admin New\Desktop\tdsskiller.exe
[2012/05/21 20:52:28 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/21 20:51:42 | 1061,998,592 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/21 20:51:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/18 17:20:02 | 000,002,455 | ---- | M] () -- C:\Documents and Settings\Admin New\Desktop\HiJackThis.lnk
[2012/05/18 17:10:26 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Admin New\Desktop\HiJackThis.msi
[2012/05/18 16:26:32 | 000,002,353 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Download Manager.lnk
[2012/05/18 15:37:36 | 000,711,240 | ---- | M] () -- C:\WINDOWS\is-921J3.exe
[2012/05/18 15:37:36 | 000,010,498 | ---- | M] () -- C:\WINDOWS\is-921J3.msg
[2012/05/18 15:37:36 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/18 15:37:36 | 000,000,442 | ---- | M] () -- C:\WINDOWS\is-921J3.lst
[2012/05/18 15:35:56 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Admin New\Desktop\mbam-setup-1.61.0.1400.exe
[2012/05/18 15:27:08 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Admin New\Desktop\MBR.dat
[2012/05/18 15:08:06 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Admin New\Desktop\aswMBR.exe
[2012/05/18 14:31:54 | 000,607,260 | ---- | M] (Swearware) -- C:\Documents and Settings\Admin New\Desktop\dds.com
[2012/05/18 14:04:46 | 000,294,216 | ---- | M] () -- C:\Documents and Settings\Admin New\Desktop\gmer.zip
[2012/05/18 13:42:23 | 000,535,772 | ---- | M] () -- C:\Documents and Settings\Admin New\Desktop\Autoruns.zip
[2012/05/18 13:30:15 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Admin New\Desktop\dds.scr
[2012/05/08 15:19:47 | 000,854,088 | ---- | M] (BillP Studios) -- C:\Documents and Settings\Admin New\Desktop\wpsetup.exe
[2012/05/01 21:07:15 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Admin New\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/05/01 21:07:13 | 000,438,896 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/01 21:07:13 | 000,070,716 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/01 21:05:49 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/30 14:02:05 | 000,224,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/29 04:20:16 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\Admin New\Application Data\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk
[2012/04/29 04:20:16 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InfraRecorder.lnk
[2012/04/28 09:56:28 | 004,090,912 | ---- | M] () -- C:\Documents and Settings\Admin New\Desktop\ir052.exe
[2012/04/26 19:18:16 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/26 19:18:16 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/04/22 08:37:46 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[1 C:\Documents and Settings\Admin New\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Admin New\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\Admin New\Application Data\*.tmp files -> C:\Documents and Settings\Admin New\Application Data\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/05/18 17:19:50 | 000,002,455 | ---- | C] () -- C:\Documents and Settings\Admin New\Desktop\HiJackThis.lnk
[2012/05/18 17:10:16 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Admin New\Desktop\HiJackThis.msi
[2012/05/18 15:37:36 | 000,711,240 | ---- | C] () -- C:\WINDOWS\is-921J3.exe
[2012/05/18 15:37:36 | 000,010,498 | ---- | C] () -- C:\WINDOWS\is-921J3.msg
[2012/05/18 15:37:36 | 000,000,442 | ---- | C] () -- C:\WINDOWS\is-921J3.lst
[2012/05/18 15:27:08 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Admin New\Desktop\MBR.dat
[2012/05/18 14:04:46 | 000,294,216 | ---- | C] () -- C:\Documents and Settings\Admin New\Desktop\gmer.zip
[2012/05/18 13:42:20 | 000,535,772 | ---- | C] () -- C:\Documents and Settings\Admin New\Desktop\Autoruns.zip
[2012/04/30 14:13:50 | 000,002,353 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Download Manager.lnk
[2012/04/29 04:20:16 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\Admin New\Application Data\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk
[2012/04/29 04:20:16 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InfraRecorder.lnk
[2012/04/28 09:56:27 | 004,090,912 | ---- | C] () -- C:\Documents and Settings\Admin New\Desktop\ir052.exe
[2012/03/29 11:45:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/29 18:56:09 | 000,000,145 | ---- | C] () -- C:\WINDOWS\hpgmdl01.dat
[2011/01/07 04:21:10 | 000,147,440 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/02 15:53:45 | 000,000,145 | ---- | C] () -- C:\WINDOWS\hpgmdl01.dat.temp
[2011/01/02 15:39:08 | 000,085,319 | ---- | C] () -- C:\WINDOWS\hpgins01.dat.temp
[2011/01/02 15:14:13 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2011/01/02 13:54:20 | 000,000,286 | ---- | C] () -- C:\WINDOWS\hpqgrcpy.INI
[2011/01/01 16:47:42 | 000,085,319 | ---- | C] () -- C:\WINDOWS\hpgins01.dat
< End of report >
OTL Extras logfile created on: 21/05/2012 9:20:20 PM - Run 2
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\Admin New\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
1012.73 Mb Total Physical Memory | 455.05 Mb Available Physical Memory | 44.93% Memory free
2.37 Gb Paging File | 1.89 Gb Available in Paging File | 79.53% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.84 Gb Total Space | 43.71 Gb Free Space | 61.70% Space Free | Partition Type: NTFS
Computer Name: THINKVANTAGE | User Name: Admin New | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-3249661728-368586479-842761599-1007\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator
"{302A1E2E-DD58-4673-BC99-9CC10EC2637A}" = WinPatrol
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{595D0DE8-C38A-4432-B851-47DECC1A99BD}" = HP Unload DLL Patch
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{654977DB-0001-0002-0001-EABD228DDE8B}" = Microsoft Download Manager
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{7DB9BF65-46AC-4803-82AA-14EFCA927789}" = HP Scanjet 4070
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B667052-ECC4-41F2-9490-BA4F2FA0C580}" = hpg4070
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A1E6130-8F5E-4076-899A-D51FF01EDA6C}" = System Migration Assistant 5.0
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{BF90215F-2D7B-4C84-8A24-A03BC41B95DD}" = Rescue and Recovery - Client Security Solution
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C5581A69-DFE3-48A0-A182-0D5EC538BEEB}" = OBD2 DTC Lookup Tool
"{C93A6CFE-2C74-428B-9CFE-6EAF1BE34BFA}" = ArcSoft Collage Creator
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{CF77710A-4915-4FC7-AD3F-9F40BDE0E13E}" = RepairSolutions
"{D444D748-EB5A-4A94-A84C-EA58A9FC52F5}" = OBD-PC Link
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Free Antivirus
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.3.5.1
"HP Photo & Imaging" = HP Image Zone 4.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InfraRecorder" = InfraRecorder
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OnlineArmor_is1" = Online Armor 4.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"Remove Multimedia Center" = Remove Multimedia Center
"Secunia PSI" = Secunia PSI (2.0.0.1003)
"Windows Media Connect" = Windows Media Connect
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 30/04/2012 2:45:27 PM | Computer Name = THINKVANTAGE | Source = MsiInstaller | ID = 10005
Description = Product: Windows Live Communications Platform -- The installer has
encountered an unexpected error installing this package. This may indicate a problem
with this package. The error code is 2762. The arguments are: , ,
Error - 30/04/2012 2:45:27 PM | Computer Name = THINKVANTAGE | Source = MsiInstaller | ID = 10005
Description = Product: Windows Live Communications Platform -- The installer has
encountered an unexpected error installing this package. This may indicate a problem
with this package. The error code is 2762. The arguments are: , ,
Error - 08/05/2012 3:21:17 PM | Computer Name = THINKVANTAGE | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 08/05/2012 3:26:35 PM | Computer Name = THINKVANTAGE | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 08/05/2012 3:26:56 PM | Computer Name = THINKVANTAGE | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 18/05/2012 4:06:42 PM | Computer Name = THINKVANTAGE | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.43.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 18/05/2012 5:06:50 PM | Computer Name = THINKVANTAGE | Source = Service Control Manager | ID = 7000
Description = The PrivateDisk service failed to start due to the following error:
%%3
Error - 19/05/2012 8:52:21 AM | Computer Name = THINKVANTAGE | Source = Service Control Manager | ID = 7000
Description = The PrivateDisk service failed to start due to the following error:
%%3
Error - 20/05/2012 6:02:24 AM | Computer Name = THINKVANTAGE | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{0DBDA6A3-47D2-469D-B02D-8742533214ED}. The
backup browser is stopping.
Error - 21/05/2012 8:52:19 PM | Computer Name = THINKVANTAGE | Source = Service Control Manager | ID = 7000
Description = The PrivateDisk service failed to start due to the following error:
%%3
< End of report >