Combofix detected a rookit during scanning. Had some trouble due to combofix not restarting when it said it was.
Here is the combofix log.
ComboFix 11-12-06.01 - Bob 06/12/2011 15:33:12.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1544 [GMT -6:00]
Running from: c:\documents and settings\Bob\Desktop\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\$NtUninstallKB32587$
c:\windows\$NtUninstallKB32587$\3489483450
c:\windows\$NtUninstallKB32587$\907561299\@
c:\windows\$NtUninstallKB32587$\907561299\bckfg.tmp
c:\windows\$NtUninstallKB32587$\907561299\cfg.ini
c:\windows\$NtUninstallKB32587$\907561299\Desktop.ini
c:\windows\$NtUninstallKB32587$\907561299\keywords
c:\windows\$NtUninstallKB32587$\907561299\kwrd.dll
c:\windows\$NtUninstallKB32587$\907561299\L\nwntowam
c:\windows\$NtUninstallKB32587$\907561299\lsflt7.ver
c:\windows\$NtUninstallKB32587$\907561299\U\00000001.@
c:\windows\$NtUninstallKB32587$\907561299\U\00000002.@
c:\windows\$NtUninstallKB32587$\907561299\U\00000004.@
c:\windows\$NtUninstallKB32587$\907561299\U\80000000.@
c:\windows\$NtUninstallKB32587$\907561299\U\80000004.@
c:\windows\$NtUninstallKB32587$\907561299\U\80000032.@
c:\windows\system\VI30AUT.DLL
.
Infected copy of c:\windows\system32\drivers\i8042prt.sys was found and disinfected
Restored copy from - The cat found it
.
((((((((((((((((((((((((( Files Created from 2011-11-06 to 2011-12-06 )))))))))))))))))))))))))))))))
.
.
2011-12-06 20:38 . 2008-04-14 04:48 52480 -c--a-w- c:\windows\system32\dllcache\i8042prt.sys
2011-12-06 20:38 . 2008-04-14 04:48 52480 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-12-02 00:05 . 2011-12-06 20:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-12-02 00:05 . 2011-12-02 06:02 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-12-02 00:04 . 2011-12-03 15:49 -------- d-----w- c:\program files\SpywareBlaster
2011-12-02 00:03 . 2011-12-02 00:03 -------- d-----w- c:\documents and settings\Bob\Application Data\Malwarebytes
2011-12-02 00:03 . 2011-12-02 00:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-12-02 00:03 . 2011-08-31 23:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-02 00:03 . 2011-12-02 00:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-01 18:45 . 2011-12-01 18:45 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-12-01 18:09 . 2011-12-01 15:55 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-12-01 15:55 . 2011-12-01 15:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-12-01 15:52 . 2011-11-03 18:06 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-12-01 15:51 . 2011-12-01 15:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2011-12-01 15:51 . 2011-12-01 15:51 -------- d-----w- c:\program files\Lavasoft
2011-12-01 14:52 . 2011-12-06 20:16 -------- d-----w- c:\windows\Internet Logs
2011-12-01 14:51 . 2011-12-01 14:51 -------- d-----w- c:\documents and settings\All Users\Application Data\CheckPoint
2011-12-01 14:27 . 2011-12-01 14:27 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-12-01 14:17 . 2011-12-01 14:17 -------- d-----w- c:\program files\Common Files\Java
2011-12-01 14:11 . 2011-12-01 14:11 -------- d-----w- c:\windows\Sun
2011-11-29 00:05 . 2011-11-29 00:05 -------- d-----w- c:\documents and settings\Bob\Application Data\OpenOffice.org
2011-11-29 00:03 . 2011-11-29 00:03 -------- d-----w- c:\program files\OpenOffice.org 3
2011-11-29 00:02 . 2011-10-03 11:06 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-11-29 00:02 . 2011-10-03 11:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-29 00:02 . 2011-10-03 08:37 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-29 00:01 . 2011-12-01 14:16 -------- d-----w- c:\program files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-02 06:05 . 2009-04-29 10:54 26112 ----a-w- c:\windows\system32\userinit.exe
2011-11-14 16:01 . 2011-05-13 15:45 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2009-04-29 11:05 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2009-04-29 10:54 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 16:41 . 2009-04-29 10:54 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 16:41 . 2008-07-29 19:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 16:41 . 2009-04-29 10:54 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-11-13 04:35 . 2011-09-28 01:38 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\tbZone.dll" [2010-12-01 2735200]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\tbZone.dll" [2010-12-01 2735200]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2009-11-07 01:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2009-11-07 01:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-05-08 395776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"RTHDCPL"="RTHDCPL.EXE" [2009-03-27 17567744]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784]
"Parental Control"="c:\program files\Parental Control\bin\pcontrol.exe" [2009-03-20 1104384]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-11-03 738944]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2011-11-10 73360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Bob\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-5-7 376832]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-9-2 604776]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-02-06 22:51 3885408 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [01/12/2011 09:52 64512]
R1 policyappblockservice;Parental Control Application Filter;c:\program files\Parental Control\bin\policyappblock.sys [02/02/2009 14:22 5120]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [03/11/2011 08:44 27016]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [03/11/2011 08:44 497280]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [03/11/2011 12:06 2152152]
R2 privoxy;privoxy;c:\program files\Privoxy\privoxy.exe --service --> c:\program files\Privoxy\privoxy.exe --service [?]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [09/04/2009 05:17 38912]
R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [01/04/2009 20:19 39040]
S2 SqlCSS;SQL Server EXPRESS;c:\windows\System32\svchost.exe -k Sqlses [29/04/2009 04:54 14336]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [07/05/2009 19:19 1684736]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [03/11/2011 12:06 15232]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 06:49 227232]
S3 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [02/12/2010 17:48 218432]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [29/04/2009 04:54 14336]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [07/05/2009 20:35 232872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
Sqlses REG_MULTI_SZ SqlCSS
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-06 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 18:06]
.
2011-07-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://eeepc.asus.com/global
uInternet Settings,ProxyOverride = *.local
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\PolicyLSP.dll
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
FF - ProfilePath - c:\documents and settings\Bob\Application Data\Mozilla\Firefox\Profiles\7enojjr4.default\
.
- - - - ORPHANS REMOVED - - - -
.
Notify-sqlesw32 - sqlesw32.dll
Notify-Sqlseses - sqlesw32.dll
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-SRS Premium Sound - c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-12-06 15:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(756)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(812)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(964)
c:\windows\system32\WININET.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\program files\ASUS\Eee Storage\XPClient.dll
c:\program files\ASUS\Eee Storage\LogicNP.EZShellExtensions.dll
c:\program files\ASUS\Eee Storage\EcaremeDLL.dll
c:\windows\assembly\GAC_MSIL\SqliteShared\1.0.3390.31024__0d0f4b69e50e559b\SqliteShared.dll
c:\windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Privoxy\privoxy.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\iPod\bin\iPodService.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Completion time: 2011-12-06 16:06:16 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-06 22:06
.
Pre-Run: 60,333,555,712 bytes free
Post-Run: 60,461,236,224 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 7798EA394825726951DED9B2BA5BA304
TDSSKiller Log
16:07:34.0484 3612 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
16:07:35.0109 3612 ============================================================
16:07:35.0109 3612 Current date / time: 2011/12/06 16:07:35.0109
16:07:35.0109 3612 SystemInfo:
16:07:35.0109 3612
16:07:35.0109 3612 OS Version: 5.1.2600 ServicePack: 3.0
16:07:35.0109 3612 Product type: Workstation
16:07:35.0109 3612 ComputerName: ASUS1005HA
16:07:35.0109 3612 UserName: Bob
16:07:35.0109 3612 Windows directory: C:\WINDOWS
16:07:35.0109 3612 System windows directory: C:\WINDOWS
16:07:35.0109 3612 Processor architecture: Intel x86
16:07:35.0109 3612 Number of processors: 2
16:07:35.0109 3612 Page size: 0x1000
16:07:35.0109 3612 Boot type: Normal boot
16:07:35.0109 3612 ============================================================
16:07:35.0781 3612 Initialize success
16:07:40.0796 0144 ============================================================
16:07:40.0796 0144 Scan started
16:07:40.0796 0144 Mode: Manual;
16:07:40.0796 0144 ============================================================
16:07:41.0140 0144 Abiosdsk - ok
16:07:41.0156 0144 abp480n5 - ok
16:07:41.0234 0144 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:07:41.0234 0144 ACPI - ok
16:07:41.0281 0144 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:07:41.0281 0144 ACPIEC - ok
16:07:41.0296 0144 adpu160m - ok
16:07:41.0343 0144 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:07:41.0343 0144 aec - ok
16:07:41.0484 0144 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:07:41.0484 0144 AFD - ok
16:07:41.0500 0144 Aha154x - ok
16:07:41.0515 0144 aic78u2 - ok
16:07:41.0546 0144 aic78xx - ok
16:07:41.0562 0144 AliIde - ok
16:07:41.0687 0144 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
16:07:41.0734 0144 Ambfilt - ok
16:07:41.0828 0144 amsint - ok
16:07:41.0953 0144 AR5416 (e0ee769d14128014965e03b433f5f46e) C:\WINDOWS\system32\DRIVERS\athw.sys
16:07:42.0000 0144 AR5416 - ok
16:07:42.0093 0144 asc - ok
16:07:42.0109 0144 asc3350p - ok
16:07:42.0125 0144 asc3550 - ok
16:07:42.0203 0144 AsusACPI (12415a4b61ded200fe9932b47a35fa42) C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
16:07:42.0203 0144 AsusACPI - ok
16:07:42.0250 0144 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:07:42.0250 0144 AsyncMac - ok
16:07:42.0390 0144 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:07:42.0390 0144 atapi - ok
16:07:42.0406 0144 Atdisk - ok
16:07:42.0468 0144 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:07:42.0468 0144 Atmarpc - ok
16:07:42.0609 0144 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:07:42.0609 0144 audstub - ok
16:07:42.0671 0144 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:07:42.0671 0144 Beep - ok
16:07:42.0843 0144 btaudio (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys
16:07:42.0843 0144 btaudio - ok
16:07:42.0890 0144 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
16:07:42.0906 0144 BTDriver - ok
16:07:43.0031 0144 BTKRNL (70455baffc078b6152d1e52376296467) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
16:07:43.0046 0144 BTKRNL - ok
16:07:43.0203 0144 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
16:07:43.0203 0144 BTWDNDIS - ok
16:07:43.0234 0144 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
16:07:43.0234 0144 btwhid - ok
16:07:43.0265 0144 BTWUSB (2cfc2bd8785f82a42fcad83de1fa5a36) C:\WINDOWS\system32\Drivers\btwusb.sys
16:07:43.0265 0144 BTWUSB - ok
16:07:43.0265 0144 catchme - ok
16:07:43.0421 0144 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:07:43.0421 0144 cbidf2k - ok
16:07:43.0468 0144 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:07:43.0468 0144 CCDECODE - ok
16:07:43.0562 0144 cd20xrnt - ok
16:07:43.0625 0144 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:07:43.0625 0144 Cdaudio - ok
16:07:43.0687 0144 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:07:43.0703 0144 Cdfs - ok
16:07:43.0843 0144 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:07:43.0843 0144 Cdrom - ok
16:07:43.0875 0144 Changer - ok
16:07:43.0937 0144 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:07:43.0937 0144 CmBatt - ok
16:07:44.0015 0144 CmdIde - ok
16:07:44.0078 0144 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:07:44.0078 0144 Compbatt - ok
16:07:44.0187 0144 Cpqarray - ok
16:07:44.0203 0144 dac2w2k - ok
16:07:44.0234 0144 dac960nt - ok
16:07:44.0296 0144 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:07:44.0296 0144 Disk - ok
16:07:44.0375 0144 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
16:07:44.0390 0144 dmboot - ok
16:07:44.0531 0144 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
16:07:44.0531 0144 dmio - ok
16:07:44.0578 0144 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:07:44.0593 0144 dmload - ok
16:07:44.0734 0144 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:07:44.0750 0144 DMusic - ok
16:07:44.0765 0144 dpti2o - ok
16:07:44.0796 0144 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:07:44.0796 0144 drmkaud - ok
16:07:44.0890 0144 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:07:44.0906 0144 Fastfat - ok
16:07:45.0046 0144 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
16:07:45.0046 0144 Fdc - ok
16:07:45.0093 0144 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
16:07:45.0093 0144 Fips - ok
16:07:45.0140 0144 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
16:07:45.0140 0144 Flpydisk - ok
16:07:45.0265 0144 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:07:45.0281 0144 FltMgr - ok
16:07:45.0343 0144 fssfltr (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
16:07:45.0359 0144 fssfltr - ok
16:07:45.0484 0144 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:07:45.0484 0144 Fs_Rec - ok
16:07:45.0562 0144 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:07:45.0562 0144 Ftdisk - ok
16:07:45.0625 0144 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:07:45.0640 0144 GEARAspiWDM - ok
16:07:45.0781 0144 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:07:45.0781 0144 Gpc - ok
16:07:45.0859 0144 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:07:45.0859 0144 HDAudBus - ok
16:07:46.0015 0144 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:07:46.0015 0144 HidUsb - ok
16:07:46.0062 0144 hpn - ok
16:07:46.0156 0144 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
16:07:46.0156 0144 HPZid412 - ok
16:07:46.0281 0144 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
16:07:46.0296 0144 HPZipr12 - ok
16:07:46.0343 0144 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
16:07:46.0343 0144 HPZius12 - ok
16:07:46.0406 0144 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:07:46.0421 0144 HTTP - ok
16:07:46.0546 0144 i2omgmt - ok
16:07:46.0562 0144 i2omp - ok
16:07:46.0609 0144 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:07:46.0609 0144 i8042prt - ok
16:07:46.0859 0144 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
16:07:47.0031 0144 ialm - ok
16:07:47.0171 0144 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\WINDOWS\system32\drivers\iaStor.sys
16:07:47.0171 0144 iaStor - ok
16:07:47.0250 0144 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:07:47.0250 0144 Imapi - ok
16:07:47.0375 0144 ini910u - ok
16:07:47.0625 0144 IntcAzAudAddService (1ae3cff80017ef89da959350724c7194) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:07:47.0687 0144 IntcAzAudAddService - ok
16:07:47.0781 0144 IntelIde - ok
16:07:47.0843 0144 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:07:47.0843 0144 intelppm - ok
16:07:47.0890 0144 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:07:47.0890 0144 Ip6Fw - ok
16:07:47.0906 0144 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:07:47.0906 0144 IpFilterDriver - ok
16:07:48.0031 0144 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:07:48.0031 0144 IpInIp - ok
16:07:48.0078 0144 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:07:48.0093 0144 IpNat - ok
16:07:48.0156 0144 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:07:48.0156 0144 IPSec - ok
16:07:48.0281 0144 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:07:48.0281 0144 IRENUM - ok
16:07:48.0343 0144 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:07:48.0343 0144 isapnp - ok
16:07:48.0437 0144 ISWKL (08a811bfd207dfdec588881c18bacbaa) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
16:07:48.0437 0144 ISWKL - ok
16:07:48.0578 0144 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:07:48.0578 0144 Kbdclass - ok
16:07:48.0640 0144 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:07:48.0640 0144 kbdhid - ok
16:07:48.0750 0144 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:07:48.0765 0144 kmixer - ok
16:07:48.0875 0144 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:07:48.0890 0144 KSecDD - ok
16:07:48.0968 0144 L1c (6c8658587e91ea25b0fd2e71781ad228) C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
16:07:48.0984 0144 L1c - ok
16:07:49.0078 0144 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
16:07:49.0078 0144 Lavasoft Kernexplorer - ok
16:07:49.0187 0144 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
16:07:49.0187 0144 Lbd - ok
16:07:49.0250 0144 lbrtfdc - ok
16:07:49.0343 0144 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:07:49.0343 0144 mnmdd - ok
16:07:49.0406 0144 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
16:07:49.0406 0144 Modem - ok
16:07:49.0531 0144 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
16:07:49.0562 0144 Monfilt - ok
16:07:49.0703 0144 motmodem (8f408e9ed2feb8a8b8837c380faf7ad6) C:\WINDOWS\system32\DRIVERS\motmodem.sys
16:07:49.0703 0144 motmodem - ok
16:07:49.0765 0144 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:07:49.0765 0144 Mouclass - ok
16:07:49.0890 0144 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:07:49.0890 0144 mouhid - ok
16:07:49.0937 0144 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:07:49.0937 0144 MountMgr - ok
16:07:49.0953 0144 mraid35x - ok
16:07:49.0984 0144 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:07:49.0984 0144 MRxDAV - ok
16:07:50.0125 0144 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:07:50.0125 0144 MRxSmb - ok
16:07:50.0281 0144 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:07:50.0281 0144 Msfs - ok
16:07:50.0328 0144 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:07:50.0328 0144 MSKSSRV - ok
16:07:50.0343 0144 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:07:50.0343 0144 MSPCLOCK - ok
16:07:50.0375 0144 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:07:50.0375 0144 MSPQM - ok
16:07:50.0421 0144 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:07:50.0421 0144 mssmbios - ok
16:07:50.0531 0144 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:07:50.0531 0144 MSTEE - ok
16:07:50.0593 0144 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:07:50.0593 0144 Mup - ok
16:07:50.0640 0144 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:07:50.0640 0144 NABTSFEC - ok
16:07:50.0687 0144 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:07:50.0687 0144 NDIS - ok
16:07:50.0796 0144 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:07:50.0796 0144 NdisIP - ok
16:07:50.0843 0144 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:07:50.0843 0144 NdisTapi - ok
16:07:50.0890 0144 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:07:50.0890 0144 Ndisuio - ok
16:07:50.0906 0144 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:07:50.0906 0144 NdisWan - ok
16:07:50.0953 0144 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:07:50.0953 0144 NDProxy - ok
16:07:51.0062 0144 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:07:51.0062 0144 NetBIOS - ok
16:07:51.0109 0144 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:07:51.0109 0144 NetBT - ok
16:07:51.0187 0144 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:07:51.0187 0144 Npfs - ok
16:07:51.0312 0144 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:07:51.0312 0144 Ntfs - ok
16:07:51.0375 0144 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:07:51.0375 0144 Null - ok
16:07:51.0484 0144 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:07:51.0484 0144 NwlnkFlt - ok
16:07:51.0515 0144 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:07:51.0515 0144 NwlnkFwd - ok
16:07:51.0562 0144 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
16:07:51.0562 0144 Parport - ok
16:07:51.0640 0144 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:07:51.0640 0144 PartMgr - ok
16:07:51.0703 0144 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
16:07:51.0703 0144 ParVdm - ok
16:07:51.0765 0144 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
16:07:51.0765 0144 PCI - ok
16:07:51.0828 0144 PCIDump - ok
16:07:51.0859 0144 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:07:51.0859 0144 PCIIde - ok
16:07:51.0906 0144 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:07:51.0921 0144 Pcmcia - ok
16:07:51.0953 0144 PDCOMP - ok
16:07:51.0968 0144 PDFRAME - ok
16:07:51.0984 0144 PDRELI - ok
16:07:52.0000 0144 PDRFRAME - ok
16:07:52.0015 0144 perc2 - ok
16:07:52.0031 0144 perc2hib - ok
16:07:52.0125 0144 policyappblockservice (e36eda6bcc41378f3115a9ceee256c00) C:\Program Files\Parental Control\bin\policyappblock.sys
16:07:52.0125 0144 policyappblockservice - ok
16:07:52.0250 0144 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:07:52.0250 0144 PptpMiniport - ok
16:07:52.0281 0144 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:07:52.0296 0144 PSched - ok
16:07:52.0312 0144 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:07:52.0312 0144 Ptilink - ok
16:07:52.0328 0144 ql1080 - ok
16:07:52.0343 0144 Ql10wnt - ok
16:07:52.0359 0144 ql12160 - ok
16:07:52.0375 0144 ql1240 - ok
16:07:52.0390 0144 ql1280 - ok
16:07:52.0421 0144 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:07:52.0421 0144 RasAcd - ok
16:07:52.0468 0144 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:07:52.0468 0144 Rasl2tp - ok
16:07:52.0578 0144 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:07:52.0578 0144 RasPppoe - ok
16:07:52.0593 0144 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:07:52.0593 0144 Raspti - ok
16:07:52.0671 0144 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:07:52.0687 0144 Rdbss - ok
16:07:52.0734 0144 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:07:52.0734 0144 RDPCDD - ok
16:07:52.0843 0144 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:07:52.0843 0144 RDPWD - ok
16:07:52.0921 0144 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:07:52.0937 0144 redbook - ok
16:07:53.0062 0144 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:07:53.0062 0144 Secdrv - ok
16:07:53.0140 0144 Ser2pl (de0a165d9f8ea295e62ea702ef2f8125) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
16:07:53.0140 0144 Ser2pl - ok
16:07:53.0171 0144 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:07:53.0171 0144 Serenum - ok
16:07:53.0250 0144 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
16:07:53.0250 0144 Serial - ok
16:07:53.0328 0144 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:07:53.0328 0144 Sfloppy - ok
16:07:53.0359 0144 Simbad - ok
16:07:53.0406 0144 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:07:53.0406 0144 SLIP - ok
16:07:53.0468 0144 Sparrow - ok
16:07:53.0515 0144 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:07:53.0515 0144 splitter - ok
16:07:53.0578 0144 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
16:07:53.0578 0144 sr - ok
16:07:53.0703 0144 SRS_PremiumSound_Service (0bd44aa4743a9dbd2c638d699a7fd438) C:\WINDOWS\system32\drivers\srs_PremiumSound_i386.sys
16:07:53.0718 0144 SRS_PremiumSound_Service - ok
16:07:53.0796 0144 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:07:53.0812 0144 Srv - ok
16:07:53.0921 0144 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:07:53.0921 0144 streamip - ok
16:07:53.0968 0144 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:07:53.0968 0144 swenum - ok
16:07:54.0015 0144 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:07:54.0015 0144 swmidi - ok
16:07:54.0125 0144 symc810 - ok
16:07:54.0140 0144 symc8xx - ok
16:07:54.0156 0144 sym_hi - ok
16:07:54.0171 0144 sym_u3 - ok
16:07:54.0234 0144 SynTP (a10d781153bb23036b474ffedb448266) C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:07:54.0250 0144 SynTP - ok
16:07:54.0296 0144 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:07:54.0296 0144 sysaudio - ok
16:07:54.0359 0144 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:07:54.0375 0144 Tcpip - ok
16:07:54.0484 0144 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:07:54.0484 0144 TDPIPE - ok
16:07:54.0500 0144 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:07:54.0500 0144 TDTCP - ok
16:07:54.0546 0144 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:07:54.0546 0144 TermDD - ok
16:07:54.0578 0144 TosIde - ok
16:07:54.0625 0144 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:07:54.0625 0144 Udfs - ok
16:07:54.0687 0144 ultra - ok
16:07:54.0734 0144 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:07:54.0734 0144 Update - ok
16:07:54.0796 0144 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
16:07:54.0796 0144 USBAAPL - ok
16:07:54.0843 0144 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:07:54.0843 0144 usbccgp - ok
16:07:54.0953 0144 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:07:54.0953 0144 usbehci - ok
16:07:55.0000 0144 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:07:55.0000 0144 usbhub - ok
16:07:55.0046 0144 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:07:55.0046 0144 usbprint - ok
16:07:55.0140 0144 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:07:55.0140 0144 usbscan - ok
16:07:55.0187 0144 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:07:55.0187 0144 usbstor - ok
16:07:55.0250 0144 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:07:55.0250 0144 usbuhci - ok
16:07:55.0359 0144 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:07:55.0359 0144 usbvideo - ok
16:07:55.0390 0144 uvclf (c019889035cdc1a06f2febc93cbb6897) C:\WINDOWS\system32\DRIVERS\uvclf.sys
16:07:55.0406 0144 uvclf - ok
16:07:55.0437 0144 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:07:55.0437 0144 VgaSave - ok
16:07:55.0484 0144 ViaIde - ok
16:07:55.0546 0144 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
16:07:55.0546 0144 VolSnap - ok
16:07:55.0671 0144 Vsdatant (558cee3d9c470651f1843d51b42d761b) C:\WINDOWS\system32\vsdatant.sys
16:07:55.0687 0144 Vsdatant - ok
16:07:55.0781 0144 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:07:55.0781 0144 Wanarp - ok
16:07:55.0890 0144 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
16:07:55.0890 0144 Wdf01000 - ok
16:07:55.0906 0144 WDICA - ok
16:07:55.0953 0144 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:07:55.0953 0144 wdmaud - ok
16:07:56.0078 0144 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:07:56.0078 0144 WSTCODEC - ok
16:07:56.0187 0144 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:07:56.0203 0144 WudfPf - ok
16:07:56.0218 0144 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:07:56.0218 0144 WudfRd - ok
16:07:56.0281 0144 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:07:56.0500 0144 \Device\Harddisk0\DR0 - ok
16:07:56.0500 0144 Boot (0x1200) (e51350cad4830473d54b3f99296ea2bf) \Device\Harddisk0\DR0\Partition0
16:07:56.0515 0144 \Device\Harddisk0\DR0\Partition0 - ok
16:07:56.0531 0144 Boot (0x1200) (23d9801df2bad941df900c69868db793) \Device\Harddisk0\DR0\Partition1
16:07:56.0531 0144 \Device\Harddisk0\DR0\Partition1 - ok
16:07:56.0531 0144 ============================================================
16:07:56.0531 0144 Scan finished
16:07:56.0531 0144 ============================================================
16:07:56.0562 2060 Detected object count: 0
16:07:56.0562 2060 Actual detected object count: 0
16:08:41.0546 3436 Deinitialize success
MBR Log
aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-06 16:08:49
-----------------------------
16:08:49.812 OS Version: Windows 5.1.2600 Service Pack 3
16:08:49.812 Number of processors: 2 586 0x1C02
16:08:49.812 ComputerName: ASUS1005HA UserName: Bob
16:08:50.390 Initialize success
16:11:18.687 AVAST engine defs: 11120602
16:11:31.156 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
16:11:31.171 Disk 0 Vendor: Hitachi_ FB2O Size: 152627MB BusType: 3
16:11:31.203 Disk 0 MBR read successfully
16:11:31.203 Disk 0 MBR scan
16:11:31.218 Disk 0 Windows XP default MBR code
16:11:31.234 Disk 0 scanning sectors +312576705
16:11:31.328 Disk 0 scanning C:\WINDOWS\system32\drivers
16:11:41.984 Service scanning
16:11:43.031 Modules scanning
16:11:50.359 AVAST engine scan C:\WINDOWS
16:11:57.500 AVAST engine scan C:\WINDOWS\system32
16:14:17.984 AVAST engine scan C:\WINDOWS\system32\drivers
16:14:32.578 AVAST engine scan C:\Documents and Settings\Bob
16:15:28.203 AVAST engine scan C:\Documents and Settings\All Users
16:15:51.421 Scan finished successfully
16:16:32.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Bob\Desktop\MBR.dat"
16:16:32.671 The log file has been saved successfully to "C:\Documents and Settings\Bob\Desktop\aswMBR.txt"
OTL Log
OTL logfile created on: 06/12/2011 16:17:41 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bob\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 56.37% Memory free
3.33 Gb Paging File | 2.77 Gb Available in Paging File | 83.32% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72.06 Gb Total Space | 56.25 Gb Free Space | 78.06% Space Free | Partition Type: NTFS
Drive D: | 72.05 Gb Total Space | 71.98 Gb Free Space | 99.90% Space Free | Partition Type: NTFS
Computer Name: ASUS1005HA | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/12/02 20:48:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bob\Desktop\OTL.exe
PRC - [2011/11/09 20:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2011/11/09 20:01:38 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/11/03 12:06:56 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/11/03 08:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2011/11/03 08:44:24 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/04/16 17:46:30 | 000,630,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2009/04/16 16:58:54 | 000,118,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2009/03/25 08:43:40 | 000,376,832 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
PRC - [2009/03/20 16:23:32 | 001,104,384 | ---- | M] () -- C:\Program Files\Parental Control\bin\pcontrol.exe
PRC - [2009/03/13 14:15:02 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe
PRC - [2008/09/02 05:26:16 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/20 11:06:08 | 000,302,080 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files\Privoxy\privoxy.exe
========== Modules (No Company Name) ========== MOD - [2011/12/01 09:54:27 | 000,508,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2011/11/28 18:04:53 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/11/03 12:06:56 | 000,591,232 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2011/11/03 12:06:56 | 000,430,568 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Viprebridge.dll
MOD - [2011/11/03 12:06:56 | 000,308,560 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2011/10/15 06:55:47 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/15 06:54:33 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2011/10/15 06:54:32 | 003,182,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/10/15 06:54:30 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/10/15 06:54:29 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2011/10/15 06:54:22 | 000,626,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2011/10/15 06:54:20 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2011/10/15 06:54:19 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/10/15 06:54:15 | 000,659,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MOD - [2011/10/15 06:54:07 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011/10/11 13:50:10 | 000,193,904 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2011/10/11 13:50:08 | 000,210,288 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2011/03/21 10:30:20 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/05/07 08:30:32 | 000,839,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2009/05/07 08:30:32 | 000,029,968 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\SqliteShared\1.0.3390.31024__0d0f4b69e50e559b\SqliteShared.dll
MOD - [2009/04/13 10:08:40 | 000,136,464 | ---- | M] () -- C:\Program Files\ASUS\Eee Storage\EcaremeDLL.dll
MOD - [2009/03/20 16:23:32 | 001,104,384 | ---- | M] () -- C:\Program Files\Parental Control\bin\pcontrol.exe
MOD - [2009/03/05 13:04:50 | 000,479,744 | ---- | M] () -- C:\WINDOWS\system32\PolicyLSP.dll
MOD - [2008/10/23 10:16:22 | 009,148,928 | ---- | M] () -- C:\Program Files\Parental Control\bin\QtGui4.dll
MOD - [2008/10/23 10:16:22 | 003,393,024 | ---- | M] () -- C:\Program Files\Parental Control\bin\Qt3Support4.dll
MOD - [2008/10/23 10:16:22 | 002,079,744 | ---- | M] () -- C:\Program Files\Parental Control\bin\QtCore4.dll
MOD - [2008/10/23 10:16:22 | 000,844,800 | ---- | M] () -- C:\Program Files\Parental Control\bin\QtNetwork4.dll
MOD - [2008/10/23 10:16:22 | 000,497,664 | ---- | M] () -- C:\Program Files\Parental Control\bin\QtXml4.dll
MOD - [2008/10/23 10:16:22 | 000,291,328 | ---- | M] () -- C:\Program Files\Parental Control\bin\QtSql4.dll
MOD - [2008/10/23 10:16:22 | 000,159,232 | ---- | M] () -- C:\Program Files\Parental Control\bin\imageformats\qjpeg4.dll
MOD - [2008/10/23 10:16:22 | 000,041,472 | ---- | M] () -- C:\Program Files\Parental Control\bin\imageformats\qgif4.dll
MOD - [2008/10/23 10:16:22 | 000,015,964 | ---- | M] () -- C:\Program Files\Parental Control\bin\mingwm10.dll
MOD - [2008/09/02 05:25:26 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/09/02 05:23:22 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008/01/20 11:06:06 | 000,065,024 | ---- | M] () -- C:\Program Files\Privoxy\mgwz.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (SqlCSS)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (6to4)
SRV - [2011/11/09 20:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/11/03 08:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2011/02/02 05:00:32 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/12/02 17:48:00 | 000,218,432 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/02/19 14:10:54 | 000,238,968 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2009/02/19 14:09:53 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/01/20 11:06:08 | 000,302,080 | ---- | M] (The Privoxy team - www.privoxy.org) [Auto | Running] -- C:\Program Files\Privoxy\privoxy.exe -- (privoxy)
SRV - [1998/06/05 18:00:00 | 000,034,036 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE -- (Visual Studio Analyzer RPC bridge)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/11/09 20:01:38 | 000,525,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2011/11/03 12:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/11/03 12:06:56 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/11/03 08:44:20 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010/09/29 11:13:46 | 000,024,064 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2009/04/20 08:38:18 | 000,232,872 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009/03/30 03:13:30 | 005,063,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/03/13 21:05:26 | 001,528,928 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/03/01 23:03:47 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/06 16:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/02/02 14:22:44 | 000,005,120 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Parental Control\bin\policyappblock.sys -- (policyappblockservice)
DRV - [2008/11/18 19:21:28 | 000,039,040 | ---- | M] (GenesysLogic Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uvclf.sys -- (uvclf)
DRV - [2008/08/19 08:16:36 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/08/19 08:16:28 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/08/05 06:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/07/24 03:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/05/29 21:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/04/08 13:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2008/03/10 04:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/04 03:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/11/20 12:35:48 | 000,049,792 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2006/01/04 01:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://eeepc.asus.com/globalIE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.260.0
FF - prefs.js..extensions.enabledItems:
[email protected]:2.4.4
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.99
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/12/01 08:51:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/12 22:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/28 18:02:24 | 000,000,000 | ---D | M]
[2011/01/16 07:51:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Extensions
[2011/12/01 18:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\7enojjr4.default\extensions
[2011/03/12 06:35:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\7enojjr4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/27 19:31:52 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\7enojjr4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/12 06:39:12 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\7enojjr4.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/09/18 00:02:19 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\7enojjr4.default\extensions\
[email protected][2011/09/27 19:39:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\7enojjr4.default\extensions\nostmp
[2011/12/01 08:16:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/28 18:02:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/12/01 08:16:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\BOB\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7ENOJJR4.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\BOB\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7ENOJJR4.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2011/11/12 22:35:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/01 15:01:43 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/12 22:35:48 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/12/06 15:52:21 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [Parental Control] C:\Program Files\Parental Control\bin\pcontrol.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Bob\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - Reg Error: Key error. File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\PolicyLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\PolicyLSP.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E07333F6-926C-4D68-A7E9-19B76455223F}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Eee PC Seashell_1.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Eee PC Seashell_1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/29 05:07:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/12/06 14:38:21 | 000,052,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i8042prt.sys
[2011/12/06 14:35:31 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/06 14:28:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/06 14:28:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/06 14:28:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/06 14:28:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/06 14:27:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/12/06 14:23:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/06 14:14:37 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Bob\Desktop\aswMBR.exe
[2011/12/06 14:14:21 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Bob\Desktop\tdsskiller.exe
[2011/12/06 14:14:15 | 004,328,480 | R--- | C] (Swearware) -- C:\Documents and Settings\Bob\Desktop\ComboFix.exe
[2011/12/03 23:37:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bob\Recent
[2011/12/02 20:48:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bob\Desktop\OTL.exe
[2011/12/02 20:41:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/12/02 20:41:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bob\Start Menu\Programs\Administrative Tools
[2011/12/01 18:05:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/12/01 18:05:36 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/12/01 18:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/12/01 18:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/12/01 18:04:09 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/12/01 18:03:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Application Data\Malwarebytes
[2011/12/01 18:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/01 18:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/01 18:03:13 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/01 18:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/01 09:55:01 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/12/01 09:52:41 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/12/01 09:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/12/01 09:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/12/01 09:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/12/01 08:52:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/12/01 08:51:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Check Point
[2011/12/01 08:51:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2011/12/01 08:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/12/01 08:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/12/01 08:17:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/12/01 08:16:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/12/01 08:16:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/12/01 08:16:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/12/01 08:11:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011/11/28 18:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Application Data\OpenOffice.org
[2011/11/28 18:04:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3
[2011/11/28 18:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011/11/28 18:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/11/28 18:02:24 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/11/28 18:02:24 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/11/28 18:01:58 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/11/28 18:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Application Data\Sun
[2011/11/09 20:01:38 | 000,525,840 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/12/06 16:16:32 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\MBR.dat
[2011/12/06 15:56:49 | 000,433,722 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/06 15:56:49 | 000,068,528 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/06 15:53:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/12/06 15:52:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/06 15:52:21 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/06 15:51:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/06 14:35:38 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/12/06 14:14:42 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Bob\Desktop\aswMBR.exe
[2011/12/06 14:14:27 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Bob\Desktop\tdsskiller.exe
[2011/12/06 14:14:20 | 004,328,480 | R--- | M] (Swearware) -- C:\Documents and Settings\Bob\Desktop\ComboFix.exe
[2011/12/06 14:03:19 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/12/06 14:03:19 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/12/03 09:51:24 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/02 20:48:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bob\Desktop\OTL.exe
[2011/12/02 17:08:24 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/12/02 00:05:08 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2011/12/01 18:05:58 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/12/01 18:05:58 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\Spybot - Search & Destroy.lnk
[2011/12/01 18:04:19 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\SpywareBlaster.lnk
[2011/12/01 18:03:24 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/01 12:30:33 | 000,100,926 | ---- | M] () -- C:\WINDOWS\System32\itusbcore.dat
[2011/12/01 12:30:33 | 000,000,196 | ---- | M] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/12/01 09:55:01 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/12/01 09:55:00 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/12/01 09:52:43 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/12/01 08:52:42 | 000,415,915 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/12/01 08:04:20 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/28 18:06:06 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Bob\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011/11/28 18:04:34 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/11/14 10:01:21 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/11/09 20:01:38 | 000,525,840 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/12/06 16:16:32 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\MBR.dat
[2011/12/06 14:35:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/12/06 14:35:34 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/12/06 14:28:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/06 14:28:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/06 14:28:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/06 14:28:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/06 14:28:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/03 09:51:24 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/02 00:05:05 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/12/02 00:05:05 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/12/01 18:05:58 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/12/01 18:05:58 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\Spybot - Search & Destroy.lnk
[2011/12/01 18:04:19 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\SpywareBlaster.lnk
[2011/12/01 18:03:24 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/01 12:30:33 | 000,100,926 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2011/12/01 12:30:33 | 000,000,196 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/12/01 12:09:59 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/12/01 09:52:55 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/12/01 09:52:43 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/12/01 08:52:04 | 000,415,915 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/11/28 18:06:06 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Bob\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011/11/28 18:04:34 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/09/25 18:55:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\wklnhst.dat
[2011/05/16 17:14:57 | 000,103,511 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2011/05/16 17:14:57 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2011/05/16 17:03:44 | 000,103,511 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2011/05/16 17:03:44 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2011/03/14 16:24:02 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar_mpfc.dll
[2011/03/12 11:14:54 | 000,000,126 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2011/03/12 11:14:42 | 000,000,288 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/03/12 10:50:13 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2011/01/16 07:51:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/16 06:57:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2009/05/22 15:25:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\uvcrecordfix.exe
[2009/05/22 15:25:36 | 000,024,576 | ---- | C] () -- C:\WINDOWS\Sleep.exe
[2009/05/08 04:46:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/05/07 20:35:29 | 000,232,872 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys
[2009/05/07 19:24:26 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini
[2009/05/07 19:24:26 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2009/05/07 19:19:08 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/05/07 19:19:08 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/05/07 08:12:50 | 000,013,650 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2009/05/07 08:11:37 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2009/04/29 05:09:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/29 05:05:01 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/29 04:54:29 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/04/29 04:54:17 | 000,433,722 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/29 04:54:17 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/04/29 04:54:17 | 000,068,528 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/29 04:54:17 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/04/29 04:54:17 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/04/29 04:54:15 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/04/29 04:54:15 | 000,004,562 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/04/29 04:54:15 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/04/29 04:54:13 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/04/29 04:54:13 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/04/29 04:54:11 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/04/29 04:54:09 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/04/28 22:01:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/28 22:00:40 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/05 13:04:50 | 000,479,744 | ---- | C] () -- C:\WINDOWS\System32\PolicyLSP.dll
[2009/02/26 00:50:32 | 000,000,176 | ---- | C] () -- C:\WINDOWS\explorer.exe.config
[2008/09/02 05:25:26 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2001/11/14 11:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1998/12/06 10:56:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\verinst.exe
[1998/06/09 18:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
[1998/05/17 18:00:00 | 000,014,017 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.INI
[1998/04/23 18:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI
< End of report >
Extras Log
OTL Extras logfile created on: 06/12/2011 16:17:41 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bob\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 56.37% Memory free
3.33 Gb Paging File | 2.77 Gb Available in Paging File | 83.32% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72.06 Gb Total Space | 56.25 Gb Free Space | 78.06% Space Free | Partition Type: NTFS
Drive D: | 72.05 Gb Total Space | 71.98 Gb Free Space | 99.90% Space Free | Partition Type: NTFS
Computer Name: ASUS1005HA | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{219BB7DF-83BA-44C6-A362-D17981FBD285}" = GPS Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 29
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2B120B1D-1908-4FB3-8C9D-72128A74E80A}" = ZoneAlarm Security
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}" = USB2.0 UVC Camera Device
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47BACF74-5A07-48BD-BADB-A769550F0F5A}" = FontResizer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64C118AC-FA2A-4E9C-A76E-DC22CA4FC20D}" = Voice Command EN Trial Version
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN Card
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A386CC19-1E79-4D4C-A54B-C8747871E4AD}" = ZoneAlarm Firewall
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9BDA46B-2E17-4F43-9D7A-9B1E09A0A4D8}" = Data Sync
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C72CA49A-9237-4810-8449-45DA3BD26D64}" = EzMessenger
"{C7C7C686-8479-4173-9570-F4B350D91B37}" = Motorola Mobile Drivers Installation 4.9.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASUS VIBE" = ASUS VIBE
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"CCleaner" = CCleaner
"EasyGPS_is1" = EasyGPS 4.18
"Eee Docking_is1" = Eee Docking 1.3.1.0
"Eee Storage" = Eee Storage
"EeePC1005HA" = EeePC1005HA Screen Saver
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Photo & Imaging" = HP Image Zone 4.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{64C118AC-FA2A-4E9C-A76E-DC22CA4FC20D}" = Voice Command EN Trial Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MAPFACTOR_SETUP_UTILITY_FREE_10_is1" = Setup Utility 10 FREE 10.1.21-10
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Developer Network - Visual Studio 6.0a" = MSDN Library - Visual Studio 6.0a
"MotoHelper" = MotoHelper 2.0.40 Driver 4.9.0
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Parental Control" = Parental Control
"PCNavigatorOSM10_is1" = PC Navigator 10 FREE 10.1.51-10
"Privoxy" = Privoxy (remove only)
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SpywareBlaster_is1" = SpywareBlaster 4.5
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition
"VLC media player" = VLC media player 1.1.7
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 23/06/2011 14:06:28 | Computer Name = ASUS1005HA | Source = LiveUpdate | ID = 2752568
Description =
Error - 23/06/2011 14:18:18 | Computer Name = ASUS1005HA | Source = Application Hang | ID = 1002
Description = Hanging application notepad.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 19/07/2011 16:12:23 | Computer Name = ASUS1005HA | Source = Application Hang | ID = 1002
Description = Hanging application vlc.exe, version 1.1.7.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 19/07/2011 16:12:34 | Computer Name = ASUS1005HA | Source = Application Hang | ID = 1002
Description = Hanging application vlc.exe, version 1.1.7.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 29/07/2011 11:52:12 | Computer Name = ASUS1005HA | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.0.195:5353 272 Bob’s\032Library._home-sharing._tcp.local.
TXT txtvers=1¦hQ=100¦dmv=131079¦iTSh Version=196614¦MID=0x6FA98651366373B6¦PrVs=65538¦Database
ID=1D87
Error - 29/07/2011 11:52:12 | Computer Name = ASUS1005HA | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: ProbeCount 2; will rename 24 Bob’s\032Library._home-sharing._tcp.local.
SRV 0 0 3689 Asus1005HA.local.
Error - 31/08/2011 08:02:31 | Computer Name = ASUS1005HA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.4232, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 31/08/2011 08:02:40 | Computer Name = ASUS1005HA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.4232, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 31/08/2011 08:05:09 | Computer Name = ASUS1005HA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.4232, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 31/08/2011 08:05:20 | Computer Name = ASUS1005HA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.4232, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 06/12/2011 16:17:39 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
error: %%127
Error - 06/12/2011 16:19:36 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
error: %%127
Error - 06/12/2011 16:25:45 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
error: %%127
Error - 06/12/2011 16:26:52 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
error: %%127
Error - 06/12/2011 16:29:26 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
error: %%127
Error - 06/12/2011 16:32:08 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
error: %%127
Error - 06/12/2011 17:32:01 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The Network Security service terminated with the following error:
%%126
Error - 06/12/2011 17:32:01 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The SQL Server EXPRESS service terminated with the following error:
%%126
Error - 06/12/2011 17:52:33 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The Network Security service terminated with the following error:
%%126
Error - 06/12/2011 17:52:33 | Computer Name = ASUS1005HA | Source = Service Control Manager | ID = 7023
Description = The SQL Server EXPRESS service terminated with the following error:
%%126
< End of report >