I accidentally ran the OTL custom fix before the Norton Removal Tool. I hope that doesn't make much difference. Here are the logs in order:
ComboFix 11-12-06.01 - cds 12/07/2011 2:46.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2558.1878 [GMT -5:00]
Running from: c:\documents and settings\cds.DJB7QB1-CDS.000\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\jcw.exe
c:\documents and settings\cds.DJB7QB1-CDS.000\My Documents\~WRL0003.tmp
c:\documents and settings\cds.NPA\WINDOWS
c:\windows\CSC\d6
c:\windows\dasetup.log
c:\windows\EventSystem.log
c:\windows\jestertb.dll
c:\windows\system32\drivers\hwinterface.sys
c:\windows\system32\tmp.reg
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_hwinterface
-------\Service_hwinterface
.
.
((((((((((((((((((((((((( Files Created from 2011-11-07 to 2011-12-07 )))))))))))))))))))))))))))))))
.
.
2011-12-07 03:22 . 2011-12-07 03:22 -------- d-----w- c:\documents and settings\cds.DJB7QB1-CDS.000\Application Data\ElevatedDiagnostics
2011-12-06 23:01 . 2011-12-06 23:01 -------- d-----w- c:\windows\system32\wbem\Repository
2011-12-06 19:50 . 2011-12-06 19:51 -------- d-----w- c:\program files\trend micro
2011-12-06 19:50 . 2011-12-06 19:51 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-08-11 20:42 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2010-01-21 15:19 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-08-11 20:42 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2010-01-21 15:19 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2010-01-21 15:19 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2010-01-21 15:19 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2010-01-21 15:19 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2010-01-21 15:19 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2010-01-21 15:19 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2010-01-21 15:19 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-17 06:19 . 2011-06-02 00:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2008-11-20 01:35 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-04 10:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 15:41 . 2007-10-09 18:03 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-04 10:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-04 10:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-11-09 00:30 . 2011-06-26 23:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SolidWorks_CheckForUpdates"="c:\program files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe" [2009-07-29 7320872]
"EM_EXEC"="c:\progra~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2001-10-04 35328]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-30 46632]
"WD Drive Manager"="c:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2008-07-24 450560]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-20 198160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"boincmgr"="c:\program files\BOINC\boincmgr.exe" [2010-07-01 4862720]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2010-07-01 58112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-08 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
always-on-top.exe [2008-11-5 203965]
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2010-9-14 271736]
SubstG.lnk - c:\windows\system32\cmd.exe [2004-8-4 389120]
SUPERAntiSpyware Alternate Start.lnk - c:\program files\SUPERAntiSpyware\RUNSAS.EXE [2008-11-3 313728]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-04 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21 548352 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=DrvTrNTm.dll
"wave"=DrvTrNTm.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Ipswitch\\WS_FTP Professional\\wsftpgui.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [8/11/2011 3:42 PM 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/21/2010 10:19 AM 314456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10/12/2009 9:24 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/12/2009 9:24 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [7/4/2010 3:25 PM 116608]
R2 APC Data Service;APC Data Service;c:\program files\APC\APC PowerChute Personal Edition\dataserv.exe [9/14/2010 3:54 PM 21880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/21/2010 10:19 AM 20568]
R2 MSSQL$HPWJA;SQL Server (HPWJA);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [12/10/2010 5:29 PM 29293408]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [12/16/2009 10:11 AM 65856]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2/18/2009 8:51 PM 24652]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [7/24/2008 2:22 PM 102400]
R3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2/23/2010 12:19 PM 130640]
R3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys [2/23/2010 12:19 PM 89680]
S0 oiaodjt;oiaodjt;c:\windows\system32\drivers\vprjee.sys --> c:\windows\system32\drivers\vprjee.sys [?]
S2 psService;Prosoft Data Backup PC3 Backup/Copy Engine;"c:\program files\Prosoft\Prosoft Data Backup PC3\psService.exe" --> c:\program files\Prosoft\Prosoft Data Backup PC3\psService.exe [?]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe [7/29/2009 5:42 AM 83240]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2/22/2010 2:14 AM 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2/22/2010 2:14 AM 8320]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [10/12/2009 9:24 PM 12872]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/8/2009 3:32 AM 0]
S4 HPWJAService;HPWJA Service;c:\program files\Hewlett-Packard\Web Jetadmin 10\bin\HPWJAService.exe [5/20/2010 3:06 PM 45056]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [9/23/2005 7:01 AM 2799808]
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-08 03:23]
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-08 03:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://wiseacres.dynalias.com:8080/
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: fastenal.com\www
Trusted Zone: marriott.com\www
Trusted Zone: microsoft.com
Trusted Zone: solidworks.com\www
TCP: DhcpNameServer = 192.168.1.1
DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} - hxxp://pacificbearing.sp02.partcommunity.com/PARTcommunity/portal/all/cnsViewer3D/cnsweb3d.cab
DPF: {22CF0C35-80CE-11D3-9354-00105AA793BF} - hxxp://www.immdesign.com/webview/IPAWebView.cab
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://wiseacres.dynalias.com:8080/Ctl/WinWebPush.cab
FF - ProfilePath - c:\documents and settings\cds.DJB7QB1-CDS.000\Application Data\Mozilla\Firefox\Profiles\3y5tqzhs.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://news.yahoo.com/
FF - prefs.js: network.proxy.type - 0
.
.
------- File Associations -------
.
.scr=AutoCADLTScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
Notify-NavLogon - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-12-07 03:04
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(796)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\documents and settings\cds.DJB7QB1-CDS.000\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\cds.DJB7QB1-CDS.000\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
.
- - - - - - - > 'explorer.exe'(2504)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\progra~1\Logitech\MOUSEW~1\SYSTEM\LgMousHk.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\APC\APC PowerChute Personal Edition\mainserv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\windows\system32\RUNDLL32.EXE
c:\documents and settings\All Users\Start Menu\Programs\Startup\always-on-top.exe
c:\program files\BOINC\boinc.exe
c:\program files\APC\APC PowerChute Personal Edition\apcsystray.exe
.
**************************************************************************
.
Completion time: 2011-12-07 03:19:52 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-07 08:19
.
Pre-Run: 35,283,832,832 bytes free
Post-Run: 36,656,365,568 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /PAE
.
- - End Of File - - F0F7F51DD23A9D2B1A608BCC6B437B8E
03:23:36.0796 2320 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
03:23:36.0937 2320 ============================================================
03:23:36.0937 2320 Current date / time: 2011/12/07 03:23:36.0937
03:23:36.0937 2320 SystemInfo:
03:23:36.0937 2320
03:23:36.0937 2320 OS Version: 5.1.2600 ServicePack: 3.0
03:23:36.0937 2320 Product type: Workstation
03:23:36.0937 2320 ComputerName: DJB7QB1-CDS
03:23:36.0937 2320 UserName: cds
03:23:36.0937 2320 Windows directory: C:\WINDOWS
03:23:36.0937 2320 System windows directory: C:\WINDOWS
03:23:36.0937 2320 Processor architecture: Intel x86
03:23:36.0937 2320 Number of processors: 2
03:23:36.0937 2320 Page size: 0x1000
03:23:36.0937 2320 Boot type: Normal boot
03:23:36.0937 2320 ============================================================
03:23:37.0187 2320 Initialize success
03:23:43.0703 3848 ============================================================
03:23:43.0703 3848 Scan started
03:23:43.0703 3848 Mode: Manual;
03:23:43.0703 3848 ============================================================
03:23:44.0015 3848 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
03:23:44.0031 3848 Aavmker4 - ok
03:23:44.0046 3848 Abiosdsk - ok
03:23:44.0062 3848 abp480n5 - ok
03:23:44.0125 3848 ACPI (d8fb7d1c3f5bfa3f53fe9cc6367e9e99) C:\WINDOWS\system32\DRIVERS\ACPI.sys
03:23:44.0140 3848 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: d8fb7d1c3f5bfa3f53fe9cc6367e9e99, Fake md5: 25a0e4c6de3d09685fbb763fae90847b
03:23:44.0140 3848 ACPI ( Virus.Win32.Rloader.a ) - infected
03:23:44.0140 3848 ACPI - detected Virus.Win32.Rloader.a (0)
03:23:44.0187 3848 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
03:23:44.0203 3848 ACPIEC - ok
03:23:44.0203 3848 adpu160m - ok
03:23:44.0250 3848 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
03:23:44.0250 3848 aec - ok
03:23:44.0312 3848 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
03:23:44.0328 3848 AFD - ok
03:23:44.0328 3848 Aha154x - ok
03:23:44.0328 3848 aic78u2 - ok
03:23:44.0343 3848 aic78xx - ok
03:23:44.0359 3848 AliIde - ok
03:23:44.0359 3848 amsint - ok
03:23:44.0421 3848 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
03:23:44.0421 3848 Arp1394 - ok
03:23:44.0437 3848 asc - ok
03:23:44.0437 3848 asc3350p - ok
03:23:44.0453 3848 asc3550 - ok
03:23:44.0484 3848 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
03:23:44.0500 3848 aswFsBlk - ok
03:23:44.0500 3848 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
03:23:44.0500 3848 aswMon2 - ok
03:23:44.0578 3848 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
03:23:44.0578 3848 aswRdr - ok
03:23:44.0656 3848 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
03:23:44.0656 3848 aswSnx - ok
03:23:44.0671 3848 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
03:23:44.0687 3848 aswSP - ok
03:23:44.0734 3848 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
03:23:44.0734 3848 aswTdi - ok
03:23:44.0796 3848 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
03:23:44.0796 3848 AsyncMac - ok
03:23:44.0812 3848 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
03:23:44.0812 3848 atapi - ok
03:23:44.0812 3848 Atdisk - ok
03:23:44.0859 3848 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
03:23:44.0859 3848 Atmarpc - ok
03:23:44.0921 3848 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
03:23:44.0921 3848 audstub - ok
03:23:44.0984 3848 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
03:23:44.0984 3848 b57w2k - ok
03:23:45.0046 3848 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
03:23:45.0046 3848 Beep - ok
03:23:45.0109 3848 BrScnUsb (6cf3aed19c2185c60de2ae50ee37a342) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
03:23:45.0109 3848 BrScnUsb - ok
03:23:45.0250 3848 BrSerIf (26051d886f3333cb41857d6f52248de1) C:\WINDOWS\system32\Drivers\BrSerIf.sys
03:23:45.0250 3848 BrSerIf - ok
03:23:45.0343 3848 BrUsbSer (7ac85cdc03befd78908b3b6a73d201d0) C:\WINDOWS\system32\Drivers\BrUsbSer.sys
03:23:45.0343 3848 BrUsbSer - ok
03:23:45.0375 3848 catchme - ok
03:23:45.0468 3848 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
03:23:45.0468 3848 cbidf2k - ok
03:23:45.0484 3848 cd20xrnt - ok
03:23:45.0546 3848 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
03:23:45.0546 3848 Cdaudio - ok
03:23:45.0593 3848 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
03:23:45.0593 3848 Cdfs - ok
03:23:45.0625 3848 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
03:23:45.0625 3848 Cdrom - ok
03:23:45.0687 3848 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
03:23:45.0703 3848 cercsr6 - ok
03:23:45.0703 3848 Changer - ok
03:23:45.0718 3848 CmdIde - ok
03:23:45.0750 3848 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
03:23:45.0750 3848 Compbatt - ok
03:23:45.0750 3848 Cpqarray - ok
03:23:45.0765 3848 dac2w2k - ok
03:23:45.0781 3848 dac960nt - ok
03:23:45.0781 3848 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
03:23:45.0781 3848 Disk - ok
03:23:45.0843 3848 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
03:23:45.0890 3848 dmboot - ok
03:23:45.0906 3848 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
03:23:45.0921 3848 dmio - ok
03:23:45.0921 3848 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
03:23:45.0921 3848 dmload - ok
03:23:45.0937 3848 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
03:23:45.0937 3848 DMusic - ok
03:23:45.0953 3848 dpti2o - ok
03:23:45.0968 3848 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
03:23:45.0968 3848 drmkaud - ok
03:23:46.0000 3848 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
03:23:46.0000 3848 Fastfat - ok
03:23:46.0062 3848 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
03:23:46.0062 3848 Fdc - ok
03:23:46.0062 3848 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
03:23:46.0062 3848 Fips - ok
03:23:46.0078 3848 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
03:23:46.0078 3848 Flpydisk - ok
03:23:46.0140 3848 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
03:23:46.0140 3848 FltMgr - ok
03:23:46.0156 3848 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
03:23:46.0156 3848 Fs_Rec - ok
03:23:46.0171 3848 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
03:23:46.0171 3848 Ftdisk - ok
03:23:46.0203 3848 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
03:23:46.0203 3848 giveio - ok
03:23:46.0234 3848 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
03:23:46.0234 3848 Gpc - ok
03:23:46.0250 3848 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
03:23:46.0250 3848 HDAudBus - ok
03:23:46.0281 3848 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
03:23:46.0281 3848 HidBatt - ok
03:23:46.0359 3848 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
03:23:46.0359 3848 hidusb - ok
03:23:46.0375 3848 hpn - ok
03:23:46.0437 3848 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
03:23:46.0437 3848 HTTP - ok
03:23:46.0531 3848 i2omgmt - ok
03:23:46.0546 3848 i2omp - ok
03:23:46.0609 3848 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
03:23:46.0609 3848 i8042prt - ok
03:23:46.0640 3848 iastor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\WINDOWS\system32\DRIVERS\iaStor.sys
03:23:46.0656 3848 iastor - ok
03:23:46.0687 3848 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
03:23:46.0687 3848 Imapi - ok
03:23:46.0703 3848 ini910u - ok
03:23:46.0718 3848 IntelIde - ok
03:23:46.0781 3848 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
03:23:46.0781 3848 intelppm - ok
03:23:46.0796 3848 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
03:23:46.0796 3848 Ip6Fw - ok
03:23:46.0859 3848 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
03:23:46.0859 3848 IpFilterDriver - ok
03:23:46.0890 3848 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
03:23:46.0890 3848 IpInIp - ok
03:23:46.0906 3848 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
03:23:46.0906 3848 IpNat - ok
03:23:46.0921 3848 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
03:23:46.0921 3848 IPSec - ok
03:23:46.0953 3848 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
03:23:46.0953 3848 IRENUM - ok
03:23:46.0968 3848 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
03:23:46.0968 3848 isapnp - ok
03:23:46.0968 3848 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
03:23:46.0968 3848 Kbdclass - ok
03:23:46.0984 3848 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
03:23:46.0984 3848 kbdhid - ok
03:23:47.0015 3848 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
03:23:47.0015 3848 kmixer - ok
03:23:47.0078 3848 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
03:23:47.0093 3848 KSecDD - ok
03:23:47.0093 3848 l8042pr2 (2e5bf125406324d289de17ed9ab6e232) C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys
03:23:47.0093 3848 l8042pr2 - ok
03:23:47.0109 3848 lbrtfdc - ok
03:23:47.0125 3848 LKbdFlt2 (3f8d827943fc4489eb1e4cc03799b581) C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys
03:23:47.0125 3848 LKbdFlt2 - ok
03:23:47.0125 3848 LMouFlt2 (a24b919082a553f2d7da3a39aaaeb50b) C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys
03:23:47.0125 3848 LMouFlt2 - ok
03:23:47.0156 3848 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
03:23:47.0156 3848 mnmdd - ok
03:23:47.0187 3848 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
03:23:47.0187 3848 Modem - ok
03:23:47.0203 3848 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
03:23:47.0218 3848 Mouclass - ok
03:23:47.0250 3848 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
03:23:47.0250 3848 mouhid - ok
03:23:47.0250 3848 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
03:23:47.0265 3848 MountMgr - ok
03:23:47.0265 3848 mraid35x - ok
03:23:47.0281 3848 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
03:23:47.0281 3848 MRxDAV - ok
03:23:47.0328 3848 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
03:23:47.0343 3848 MRxSmb - ok
03:23:47.0421 3848 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
03:23:47.0421 3848 Msfs - ok
03:23:47.0515 3848 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
03:23:47.0515 3848 MSKSSRV - ok
03:23:47.0531 3848 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
03:23:47.0531 3848 MSPCLOCK - ok
03:23:47.0546 3848 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
03:23:47.0546 3848 MSPQM - ok
03:23:47.0609 3848 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
03:23:47.0609 3848 mssmbios - ok
03:23:47.0656 3848 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
03:23:47.0656 3848 Mup - ok
03:23:47.0671 3848 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
03:23:47.0671 3848 NDIS - ok
03:23:47.0703 3848 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
03:23:47.0718 3848 NdisTapi - ok
03:23:47.0718 3848 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
03:23:47.0718 3848 Ndisuio - ok
03:23:47.0734 3848 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
03:23:47.0734 3848 NdisWan - ok
03:23:47.0765 3848 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
03:23:47.0765 3848 NDProxy - ok
03:23:47.0781 3848 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
03:23:47.0781 3848 NetBIOS - ok
03:23:47.0812 3848 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
03:23:47.0812 3848 NetBT - ok
03:23:47.0843 3848 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
03:23:47.0843 3848 NIC1394 - ok
03:23:47.0906 3848 nmwcdnsu (be7fd9ca07e7d39f77c78ba5756930d9) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
03:23:47.0906 3848 nmwcdnsu - ok
03:23:47.0937 3848 nmwcdnsuc (94651f5808d3328d28ef967a9e853b8f) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
03:23:47.0953 3848 nmwcdnsuc - ok
03:23:47.0984 3848 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
03:23:47.0984 3848 Npfs - ok
03:23:48.0000 3848 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
03:23:48.0000 3848 Ntfs - ok
03:23:48.0062 3848 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
03:23:48.0062 3848 Null - ok
03:23:48.0421 3848 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
03:23:48.0703 3848 nv - ok
03:23:48.0750 3848 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
03:23:48.0750 3848 NwlnkFlt - ok
03:23:48.0765 3848 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
03:23:48.0765 3848 NwlnkFwd - ok
03:23:48.0765 3848 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
03:23:48.0781 3848 ohci1394 - ok
03:23:48.0781 3848 oiaodjt - ok
03:23:48.0812 3848 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
03:23:48.0812 3848 Parport - ok
03:23:48.0812 3848 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
03:23:48.0812 3848 PartMgr - ok
03:23:48.0875 3848 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
03:23:48.0875 3848 ParVdm - ok
03:23:48.0953 3848 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
03:23:48.0953 3848 PCI - ok
03:23:48.0968 3848 PCIDump - ok
03:23:49.0000 3848 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
03:23:49.0000 3848 PCIIde - ok
03:23:49.0046 3848 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
03:23:49.0046 3848 Pcmcia - ok
03:23:49.0078 3848 PDCOMP - ok
03:23:49.0078 3848 PDFRAME - ok
03:23:49.0093 3848 PDRELI - ok
03:23:49.0093 3848 PDRFRAME - ok
03:23:49.0109 3848 perc2 - ok
03:23:49.0109 3848 perc2hib - ok
03:23:49.0156 3848 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
03:23:49.0156 3848 PptpMiniport - ok
03:23:49.0265 3848 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
03:23:49.0265 3848 PSched - ok
03:23:49.0328 3848 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
03:23:49.0328 3848 Ptilink - ok
03:23:49.0328 3848 ql1080 - ok
03:23:49.0343 3848 Ql10wnt - ok
03:23:49.0343 3848 ql12160 - ok
03:23:49.0359 3848 ql1240 - ok
03:23:49.0359 3848 ql1280 - ok
03:23:49.0375 3848 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
03:23:49.0375 3848 RasAcd - ok
03:23:49.0421 3848 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
03:23:49.0421 3848 Rasl2tp - ok
03:23:49.0421 3848 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
03:23:49.0421 3848 RasPppoe - ok
03:23:49.0437 3848 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
03:23:49.0437 3848 Raspti - ok
03:23:49.0453 3848 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
03:23:49.0453 3848 Rdbss - ok
03:23:49.0468 3848 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
03:23:49.0468 3848 RDPCDD - ok
03:23:49.0484 3848 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
03:23:49.0484 3848 rdpdr - ok
03:23:49.0531 3848 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
03:23:49.0546 3848 RDPWD - ok
03:23:49.0578 3848 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
03:23:49.0578 3848 redbook - ok
03:23:49.0734 3848 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
03:23:49.0734 3848 SASDIFSV - ok
03:23:49.0796 3848 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
03:23:49.0796 3848 SASENUM - ok
03:23:49.0812 3848 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
03:23:49.0812 3848 SASKUTIL - ok
03:23:49.0843 3848 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
03:23:49.0843 3848 sbp2port - ok
03:23:49.0890 3848 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
03:23:49.0890 3848 Secdrv - ok
03:23:49.0906 3848 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
03:23:49.0906 3848 serenum - ok
03:23:49.0906 3848 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
03:23:49.0906 3848 Serial - ok
03:23:49.0937 3848 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
03:23:49.0953 3848 Sfloppy - ok
03:23:49.0953 3848 Simbad - ok
03:23:50.0015 3848 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
03:23:50.0015 3848 SONYPVU1 - ok
03:23:50.0031 3848 Sparrow - ok
03:23:50.0109 3848 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\WINDOWS\system32\speedfan.sys
03:23:50.0109 3848 speedfan - ok
03:23:50.0156 3848 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
03:23:50.0156 3848 splitter - ok
03:23:50.0171 3848 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
03:23:50.0171 3848 sr - ok
03:23:50.0234 3848 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
03:23:50.0250 3848 Srv - ok
03:23:50.0343 3848 STHDA (9db5dbed65f2d74acd1d20a53898af79) C:\WINDOWS\system32\drivers\sthda.sys
03:23:50.0343 3848 STHDA - ok
03:23:50.0406 3848 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
03:23:50.0406 3848 StillCam - ok
03:23:50.0484 3848 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
03:23:50.0484 3848 swenum - ok
03:23:50.0500 3848 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
03:23:50.0515 3848 swmidi - ok
03:23:50.0515 3848 symc810 - ok
03:23:50.0531 3848 symc8xx - ok
03:23:50.0531 3848 sym_hi - ok
03:23:50.0546 3848 sym_u3 - ok
03:23:50.0562 3848 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
03:23:50.0562 3848 sysaudio - ok
03:23:50.0656 3848 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
03:23:50.0656 3848 Tcpip - ok
03:23:50.0703 3848 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
03:23:50.0703 3848 TDPIPE - ok
03:23:50.0718 3848 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
03:23:50.0718 3848 TDTCP - ok
03:23:50.0796 3848 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
03:23:50.0796 3848 TermDD - ok
03:23:50.0812 3848 TosIde - ok
03:23:50.0875 3848 TotRec7 (cb847e385ad960d9070737e50aaa0d75) C:\WINDOWS\system32\drivers\TotRec7.sys
03:23:50.0890 3848 TotRec7 - ok
03:23:50.0906 3848 TotRec8 (f7937fc27cbaf6d5e8e05bd36b205012) C:\WINDOWS\system32\drivers\TotRec8.sys
03:23:50.0906 3848 TotRec8 - ok
03:23:50.0906 3848 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
03:23:50.0921 3848 Udfs - ok
03:23:50.0921 3848 ultra - ok
03:23:50.0984 3848 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
03:23:50.0984 3848 Update - ok
03:23:51.0062 3848 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
03:23:51.0062 3848 usbccgp - ok
03:23:51.0093 3848 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
03:23:51.0093 3848 usbehci - ok
03:23:51.0125 3848 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
03:23:51.0125 3848 usbhub - ok
03:23:51.0156 3848 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
03:23:51.0156 3848 usbprint - ok
03:23:51.0218 3848 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
03:23:51.0218 3848 USBSTOR - ok
03:23:51.0281 3848 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
03:23:51.0281 3848 usbuhci - ok
03:23:51.0296 3848 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
03:23:51.0296 3848 VgaSave - ok
03:23:51.0296 3848 ViaIde - ok
03:23:51.0359 3848 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
03:23:51.0359 3848 VolSnap - ok
03:23:51.0375 3848 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
03:23:51.0375 3848 Wanarp - ok
03:23:51.0390 3848 WDC_SAM - ok
03:23:51.0390 3848 WDICA - ok
03:23:51.0406 3848 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
03:23:51.0406 3848 wdmaud - ok
03:23:51.0484 3848 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
03:23:51.0500 3848 WudfPf - ok
03:23:51.0546 3848 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
03:23:51.0546 3848 WudfRd - ok
03:23:51.0593 3848 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
03:23:51.0671 3848 \Device\Harddisk0\DR0 - ok
03:23:51.0687 3848 Boot (0x1200) (3032963acac2bf7f4f552f8d9bffb68f) \Device\Harddisk0\DR0\Partition0
03:23:51.0687 3848 \Device\Harddisk0\DR0\Partition0 - ok
03:23:51.0687 3848 ============================================================
03:23:51.0687 3848 Scan finished
03:23:51.0687 3848 ============================================================
03:23:51.0687 1912 Detected object count: 1
03:23:51.0687 1912 Actual detected object count: 1
03:24:43.0671 1912 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
03:24:43.0671 1912 ACPI ( Virus.Win32.Rloader.a ) - User select action: Quarantine
03:24:51.0046 4088 Deinitialize success
aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-07 03:26:29
-----------------------------
03:26:29.890 OS Version: Windows 5.1.2600 Service Pack 3
03:26:29.890 Number of processors: 2 586 0xF06
03:26:29.890 ComputerName: DJB7QB1-CDS UserName: cds
03:26:30.453 Initialize success
03:26:30.500 AVAST engine defs: 11120602
03:27:07.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
03:27:07.328 Disk 0 Vendor: WDC_WD80 10.0 Size: 76293MB BusType: 3
03:27:07.343 Disk 0 MBR read successfully
03:27:07.343 Disk 0 MBR scan
03:27:07.343 Disk 0 Windows XP default MBR code
03:27:07.359 Disk 0 scanning sectors +156232125
03:27:07.437 Disk 0 scanning C:\WINDOWS\system32\drivers
03:27:22.265 Service scanning
03:27:22.546 Service ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys **LOCKED** 32
03:27:23.171 Modules scanning
03:27:27.984 AVAST engine scan C:\WINDOWS
03:27:41.781 AVAST engine scan C:\WINDOWS\system32
03:29:31.187 AVAST engine scan C:\WINDOWS\system32\drivers
03:29:47.328 AVAST engine scan C:\Documents and Settings\cds.DJB7QB1-CDS.000
03:40:09.015 AVAST engine scan C:\Documents and Settings\All Users
03:42:11.875 Scan finished successfully
03:42:46.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\MBR.dat"
03:42:46.203 The log file has been saved successfully to "C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\aswMBR.txt"
The Fix button was not enabled.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8326
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/7/2011 4:02:59 AM
mbam-log-2011-12-07 (04-02-59).txt
Scan type: Quick scan
Objects scanned: 210936
Time elapsed: 5 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
========== PROCESSES ==========
All processes killed
========== OTL ==========
File C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\jcw.exe not found.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >0 File(s) copied
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >0 File(s) copied
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >0 File(s) copied
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >0 File(s) copied
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.txt deleted successfully.
< sc config psService start= disabled /c >[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\cmd.txt deleted successfully.
File\Folder C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\*.exe not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 12072011_040809
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
OTL logfile created on: 12/7/2011 4:36:55 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.50 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 77.92% Memory free
2.83 Gb Paging File | 2.29 Gb Available in Paging File | 80.92% Paging File free
Paging file location(s): C:\pagefile.sys 500 800 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.45 Gb Total Space | 34.17 Gb Free Space | 45.89% Space Free | Partition Type: NTFS
Drive E: | 7.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 931.51 Gb Total Space | 866.68 Gb Free Space | 93.04% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 866.68 Gb Free Space | 93.04% Space Free | Partition Type: NTFS
Computer Name: DJB7QB1-CDS | User Name: cds | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/12/06 17:33:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\OTL.exe
PRC - [2011/11/28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/09/12 16:45:25 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/08/30 12:24:59 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2011/08/30 12:24:53 | 000,144,832 | ---- | M] (Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrodist.exe
PRC - [2010/09/14 15:54:12 | 000,021,880 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\dataserv.exe
PRC - [2010/09/14 15:53:40 | 000,705,912 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
PRC - [2010/09/14 15:53:20 | 000,660,856 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
PRC - [2010/07/01 12:27:06 | 004,862,720 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boincmgr.exe
PRC - [2010/07/01 12:27:04 | 000,058,112 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boinctray.exe
PRC - [2010/07/01 12:27:02 | 000,840,448 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boinc.exe
PRC - [2009/12/16 10:11:06 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2009/11/20 16:35:26 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/07/29 12:34:48 | 007,320,872 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe
PRC - [2009/01/08 12:16:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/11/05 11:51:28 | 000,203,965 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\always-on-top.exe
PRC - [2008/09/08 10:21:05 | 000,112,072 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2008/09/08 10:19:23 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2008/07/24 14:22:50 | 000,102,400 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
PRC - [2008/07/24 14:22:12 | 000,450,560 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/10/04 09:41:00 | 000,035,328 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
========== Modules (No Company Name) ========== MOD - [2011/12/06 11:06:11 | 001,643,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120602\algo.dll
MOD - [2011/12/05 17:19:20 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120602\aswRep.dll
MOD - [2011/10/17 12:17:26 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
MOD - [2011/10/17 12:17:26 | 000,280,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
MOD - [2011/10/17 12:17:25 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
MOD - [2011/10/17 12:17:23 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
MOD - [2011/10/17 12:14:48 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/17 12:14:36 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/17 12:14:31 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/17 12:13:57 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/17 12:13:39 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/17 12:12:30 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/10/17 12:12:13 | 000,113,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2011/10/17 12:12:09 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/08/10 02:52:28 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2009/12/26 22:36:55 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2009/08/18 11:02:42 | 000,061,952 | ---- | M] () -- C:\Program Files\BOINC\zlib1.dll
MOD - [2009/08/04 13:33:23 | 000,389,120 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeXMP.dll
MOD - [2008/11/05 11:51:28 | 000,203,965 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\always-on-top.exe
MOD - [2007/12/07 12:36:34 | 001,953,792 | ---- | M] () -- C:\Program Files\Ipswitch\WS_FTP Professional\res0409.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (psService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/12 16:45:25 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2010/09/14 15:54:12 | 000,021,880 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files\APC\APC PowerChute Personal Edition\dataserv.exe -- (APC Data Service)
SRV - [2010/09/14 15:53:40 | 000,705,912 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2010/05/20 15:06:30 | 000,045,056 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\Web Jetadmin 10\bin\HPWJAService.exe -- (HPWJAService)
SRV - [2009/12/16 10:11:06 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2009/07/29 05:42:14 | 000,083,240 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2009/01/08 12:16:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/01/07 19:41:46 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2008/09/08 10:19:23 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2008/07/24 14:22:50 | 000,102,400 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe)
SRV - [2005/09/23 07:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
========== Driver Services (SafeList) ========== DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/03 21:59:35 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/03 21:59:35 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/18 14:18:30 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/10/20 18:00:10 | 000,089,680 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TotRec8.sys -- (TotRec8)
DRV - [2009/10/20 18:00:04 | 000,130,640 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TotRec7.sys -- (TotRec7)
DRV - [2008/04/13 13:36:35 | 000,187,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2008/02/01 15:17:12 | 000,138,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008/02/01 15:17:06 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2007/06/06 12:51:04 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/05/25 14:40:00 | 001,156,808 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2001/10/02 09:41:00 | 000,067,441 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.sys -- (LMouFlt2)
DRV - [2001/10/02 09:41:00 | 000,050,433 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Pr2.sys -- (l8042pr2)
DRV - [2001/10/02 09:41:00 | 000,005,841 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LKbdFlt2.sys -- (LKbdFlt2)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://wiseacres.dynalias.com:8080/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://news.yahoo.com/"FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@alternatiff.com/AlternaTIFF: C:\Program Files\MIE\AlternaTIFF\npzzatif.dll (Medical Informatics Engineering, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll (Viewpoint Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/30 11:51:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/08 19:30:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/06/26 18:37:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Application Data\Mozilla\Extensions
[2011/11/27 23:48:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Application Data\Mozilla\Firefox\Profiles\3y5tqzhs.default\extensions
[2011/11/08 19:30:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/07 17:59:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CDS.DJB7QB1-CDS.000\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3Y5TQZHS.DEFAULT\EXTENSIONS\{902D2C4A-457A-4EF9-AD43-7014562929FF}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CDS.DJB7QB1-CDS.000\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3Y5TQZHS.DEFAULT\EXTENSIONS\
[email protected]() (No name found) -- C:\DOCUMENTS AND SETTINGS\CDS.DJB7QB1-CDS.000\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3Y5TQZHS.DEFAULT\EXTENSIONS\
[email protected][2011/11/30 11:51:16 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/11/08 19:30:44 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/08 19:30:45 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/12/07 04:08:12 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Viewpoint Toolbar BHO) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.9.0\ViewBarBHO.dll (Viewpoint Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Viewpoint Toolbar) - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll (Viewpoint Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\always-on-top.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SubstG.lnk = C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SUPERAntiSpyware Alternate Start.lnk = C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE (SUPERAdBlocker.com and SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: fastenal.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: marriott.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: solidworks.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range2 ([https] in Trusted sites)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623}
http://www.alternati...x-w32-2.0.0.cab (AlternaTIFF ActiveX)
O16 - DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5}
http://pacificbearin...3D/cnsweb3d.cab (PARTsolutions 3D Web Viewer)
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101}
http://www.3dpublish...ingsEnglish.cab (EModelNonVersionSpecificViewControl Class)
O16 - DPF: {22CF0C35-80CE-11D3-9354-00105AA793BF}
http://www.immdesign.../IPAWebView.cab (Ipa Control)
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B}
http://webiq005.webi...6-6D5536C585C9} (WebIQ Engine Application Object)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://www.update.mi...b?1231364466602 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.micros...b?1231364521836 (MUWebControl Class)
O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9}
http://wiseacres.dyn.../WinWebPush.cab (WebWatch Class)
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Program%20Files/AutoCAD%20LT%202002/AcDcToday.ocx (AcDcToday Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} file:///C:/Program%20Files/AutoCAD%20LT%202002/InstBanr.ocx (NOXLATE-BANR)
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file:///C:/Program%20Files/AutoCAD%20LT%202002/InstFred.ocx (InstaFred)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://zcorpevents....bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/AutoCAD%20LT%202002/AcPreview.ocx (AcPreview Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEFFEA56-3C42-423E-B553-D7A2DACC5DAA}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/19 20:37:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/16 14:03:24 | 000,000,000 | ---D | M] - F:\autorun -- [ NTFS ]
O32 - AutoRun File - [2008/02/15 15:11:36 | 000,000,052 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/12/07 04:33:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/07 04:08:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/07 03:54:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/07 03:54:48 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/07 03:53:38 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/07 03:24:43 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/12/07 02:43:45 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/07 02:40:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/07 02:40:00 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/07 02:40:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/07 02:40:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/07 02:39:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/12/07 02:39:48 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/12/07 02:39:40 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/07 02:37:24 | 004,328,480 | R--- | C] (Swearware) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\ComboFix.exe
[2011/12/06 22:35:54 | 006,776,168 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\WindowsUpdateAgent30-x86.exe
[2011/12/06 22:22:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Application Data\ElevatedDiagnostics
[2011/12/06 22:21:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/12/06 22:21:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/12/06 22:07:57 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\aswMBR.exe
[2011/12/06 17:34:02 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\tdsskiller.exe
[2011/12/06 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/12/06 14:50:33 | 000,000,000 | ---D | C] -- C:\rsit
[2011/12/06 12:31:08 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\OTL.exe
[2011/11/07 17:57:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\cds.DJB7QB1-CDS.000\*.tmp files -> C:\Documents and Settings\cds.DJB7QB1-CDS.000\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/12/07 04:34:12 | 000,149,638 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\Search engines blocked.pdf
[2011/12/07 04:24:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/07 04:24:07 | 2681,892,864 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/07 04:16:42 | 000,920,384 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\Norton_Removal_Tool.exe
[2011/12/07 04:08:12 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/12/07 04:05:41 | 000,065,331 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\Diskmgmt.jpg
[2011/12/07 03:54:52 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/07 03:53:20 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/07 03:44:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/07 03:42:46 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\MBR.dat
[2011/12/07 03:26:21 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\aswMBR.exe
[2011/12/07 03:22:40 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\tdsskiller.exe
[2011/12/07 02:43:50 | 000,000,332 | RHS- | M] () -- C:\boot.ini
[2011/12/07 02:38:09 | 004,328,480 | R--- | M] (Swearware) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\ComboFix.exe
[2011/12/07 00:29:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/06 22:35:57 | 006,776,168 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\WindowsUpdateAgent30-x86.exe
[2011/12/06 21:22:40 | 000,381,631 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\MiniToolBox.exe
[2011/12/06 17:33:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\OTL.exe
[2011/12/06 14:52:07 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\vgiybb01.exe
[2011/12/06 14:49:32 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\RSIT.exe
[2011/12/06 07:50:52 | 001,872,472 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\SmitfraudFix.exe
[2011/12/06 04:44:04 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/06 02:01:10 | 000,001,401 | -HS- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\fooey
[2011/12/02 19:33:09 | 000,297,397 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\8036EFCB32695EDCE04400144F0104BD.jpeg
[2011/12/02 19:32:47 | 000,304,693 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\a35_aerien_St-Alexandre_6.jpg
[2011/12/02 01:16:19 | 000,218,712 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\000eqkq1.jpg
[2011/12/02 01:08:02 | 000,080,208 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\2416491_125_full.jpg
[2011/12/01 17:29:29 | 022,399,585 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\msl20111128-640.mov
[2011/12/01 17:17:34 | 029,903,338 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\msl20111126_launchOnNTV-640.mov
[2011/11/30 11:51:20 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/28 13:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/28 13:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/28 12:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/11/27 23:57:41 | 030,797,223 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\My Documents\Alchemical-Sigils-Symbols.pdf
[2011/11/19 01:24:35 | 013,812,424 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\My Documents\iPod_nano_6thgen_User_Guide.pdf
[2011/11/17 01:19:04 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/11/15 20:01:48 | 000,024,529 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\boinca.png
[2011/11/14 20:30:39 | 000,002,377 | ---- | M] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Application Data\Microsoft\Internet Explorer\Quick Launch\SolidWorks 2009 SP4.1.lnk
[2011/11/14 13:05:08 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/07 17:57:25 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/11/07 17:56:32 | 000,491,354 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/07 17:56:32 | 000,090,246 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\cds.DJB7QB1-CDS.000\*.tmp files -> C:\Documents and Settings\cds.DJB7QB1-CDS.000\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/12/07 04:34:12 | 000,149,638 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\Search engines blocked.pdf
[2011/12/07 04:16:35 | 000,920,384 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\Norton_Removal_Tool.exe
[2011/12/07 04:05:41 | 000,065,331 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\Diskmgmt.jpg
[2011/12/07 03:54:52 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/07 03:42:46 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\MBR.dat
[2011/12/07 02:43:49 | 000,000,216 | ---- | C] () -- C:\Boot.bak
[2011/12/07 02:43:48 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/12/07 02:40:00 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/07 02:40:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/07 02:40:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/07 02:40:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/07 02:40:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/06 20:16:13 | 2681,892,864 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/06 17:34:05 | 000,381,631 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\MiniToolBox.exe
[2011/12/06 14:52:07 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\vgiybb01.exe
[2011/12/06 14:49:32 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\RSIT.exe
[2011/12/06 02:50:38 | 001,872,472 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\SmitfraudFix.exe
[2011/12/02 19:33:08 | 000,297,397 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\8036EFCB32695EDCE04400144F0104BD.jpeg
[2011/12/02 19:32:46 | 000,304,693 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\a35_aerien_St-Alexandre_6.jpg
[2011/12/02 01:16:16 | 000,218,712 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\000eqkq1.jpg
[2011/12/02 01:08:00 | 000,080,208 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\2416491_125_full.jpg
[2011/12/01 17:24:55 | 022,399,585 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\msl20111128-640.mov
[2011/12/01 17:08:21 | 029,903,338 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\msl20111126_launchOnNTV-640.mov
[2011/11/27 23:57:39 | 030,797,223 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\My Documents\Alchemical-Sigils-Symbols.pdf
[2011/11/19 01:24:35 | 013,812,424 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\My Documents\iPod_nano_6thgen_User_Guide.pdf
[2011/11/15 20:01:48 | 000,024,529 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop\boinca.png
[2011/11/07 17:57:25 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/10/10 15:53:26 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2011/06/26 18:37:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/23 20:04:27 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/01/23 20:04:25 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/01/23 20:04:25 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/01/23 20:04:01 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/12/15 15:55:15 | 000,393,768 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/22 12:30:39 | 000,000,135 | ---- | C] () -- C:\WINDOWS\huffyuv.ini
[2010/07/29 17:54:47 | 000,000,536 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/12/20 23:05:09 | 000,000,410 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Application Data\burnaware.ini
[2009/12/13 21:47:10 | 000,000,055 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/12/13 21:47:10 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2009/12/13 21:22:35 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2009/12/13 21:21:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2009/12/13 19:18:21 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2009/12/04 15:56:03 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/04 15:56:03 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\FASTApp.html
[2009/12/04 14:37:36 | 000,015,006 | ---- | C] () -- C:\Documents and Settings\cds.DJB7QB1-CDS.000\Local Settings\Application Data\FASTWiz.html
[2009/10/19 16:56:55 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/02 16:23:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2009/06/18 13:49:24 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\OctaneARM.dll
[2009/06/17 11:13:30 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2009/04/02 12:42:52 | 000,000,047 | ---- | C] () -- C:\WINDOWS\ccolwiz.ini
[2009/02/20 17:10:20 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/02/18 18:06:12 | 000,001,340 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009/02/18 18:06:12 | 000,000,152 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009/02/18 18:06:12 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd9440cn.dat
[2009/02/18 18:04:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2009/02/18 18:04:18 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2009/02/18 18:04:17 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BAOCH06A.DAT
[2009/02/18 18:04:16 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009/02/18 18:02:13 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/02/10 17:32:12 | 000,000,023 | ---- | C] () -- C:\WINDOWS\bo9440cn.ini
[2009/02/10 17:31:57 | 000,000,435 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/02/10 17:31:57 | 000,000,105 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/01/09 19:36:12 | 000,000,524 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/01/07 22:00:36 | 000,109,056 | ---- | C] () -- C:\WINDOWS\System32\LGUICOM.DLL
[2009/01/07 22:00:36 | 000,000,488 | ---- | C] () -- C:\WINDOWS\Cmousecc.ini
[2009/01/07 19:42:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2008/11/24 20:20:16 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/19 20:39:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/11/19 20:35:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/11/19 15:28:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/11/19 15:28:07 | 000,380,832 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/05 03:52:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/08/21 20:46:34 | 000,059,160 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2007/01/07 12:43:12 | 000,143,360 | ---- | C] () -- C:\WINDOWS\libexpat.dll
[2005/11/23 04:00:00 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005/08/12 21:57:10 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/04/04 12:52:42 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/04/04 12:35:24 | 000,745,472 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/03/21 18:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 18:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/02/04 03:59:48 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\metaflac.exe
[2005/02/04 03:59:44 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\flac.exe
[2004/08/04 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:00:00 | 000,491,354 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:00:00 | 000,187,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\acpi.sys
[2004/08/04 05:00:00 | 000,090,246 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/06/23 18:36:04 | 000,442,880 | ---- | C] () -- C:\WINDOWS\System32\VFAPIConv.exe
[2002/06/17 19:36:10 | 000,482,816 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[2001/04/23 03:15:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\mtstack.exe
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
< End of report >
OTL Extras logfile created on: 12/7/2011 4:36:55 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\cds.DJB7QB1-CDS.000\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.50 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 77.92% Memory free
2.83 Gb Paging File | 2.29 Gb Available in Paging File | 80.92% Paging File free
Paging file location(s): C:\pagefile.sys 500 800 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.45 Gb Total Space | 34.17 Gb Free Space | 45.89% Space Free | Partition Type: NTFS
Drive E: | 7.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 931.51 Gb Total Space | 866.68 Gb Free Space | 93.04% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 866.68 Gb Free Space | 93.04% Space Free | Partition Type: NTFS
Computer Name: DJB7QB1-CDS | User Name: cds | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = AutoCADLTScriptFile] -- C:\WINDOWS\NOTEPAD.EXE (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0
"UPDATESDISABLENOTIFY" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"2967:TCP" = 2967:TCP:LocalSubNet:Enabled:Symantec Management
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"2967:TCP" = 2967:TCP:LocalSubNet:Enabled:Symantec Management
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"54925:UDP" = 54925:UDP:LocalSubNet:Enabled:Scanning
"54926:UDP" = 54926:UDP:LocalSubNet:Enabled:PC-Fax
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Documents and Settings\cds.NPA\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Documents and Settings\cds.DJB7QB1-CDS.000\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
"C:\Program Files\Common Files\SolidWorks Installation Manager\17.0\sldimdownloader.exe" = C:\Program Files\Common Files\SolidWorks Installation Manager\17.0\sldimdownloader.exe:*:Enabled:sldimdownloader.exe -- (Dassault Systèmes SolidWorks Corp.)
"C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe" = C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe:*:Enabled:sldIMScheduler.exe -- (Dassault Systèmes SolidWorks Corp.)
"C:\Program Files\Google\Google Earth\googleearth.exe" = C:\Program Files\Google\Google Earth\googleearth.exe:*:Enabled:Google Earth
"C:\Program Files\Ipswitch\WS_FTP Professional\ftpfind.exe" = C:\Program Files\Ipswitch\WS_FTP Professional\ftpfind.exe:*:Enabled:WS_FTP Find Utility -- (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
"C:\Program Files\Ipswitch\WS_FTP Professional\wsftpgui.exe" = C:\Program Files\Ipswitch\WS_FTP Professional\wsftpgui.exe:*:Enabled:WS_FTP Pro Application -- (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
"C:\Program Files\SolidWorks\SolidWorks\swspmanager.exe" = C:\Program Files\SolidWorks\SolidWorks\swspmanager.exe:*:Enabled:swspmanager.exe -- (Dassault Systèmes SolidWorks Corp.)
"C:\Program Files\Symantec AntiVirus\VPC32.exe" = C:\Program Files\Symantec AntiVirus\VPC32.exe:*:Enabled:Symantec AntiVirus
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Ipswitch\WS_FTP Professional\wsftpgui.exe" = C:\Program Files\Ipswitch\WS_FTP Professional\wsftpgui.exe:*:Enabled:Ipswitch WS_FTP Professional 2007 -- (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
"C:\WINDOWS\system32\ftp.exe" = C:\WINDOWS\system32\ftp.exe:*:Enabled:File Transfer Program -- (Microsoft Corporation)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F2F77E4-4053-4108-B153-81F0B42EDCF4}" = WebIQ Technology Engine
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212D202D-487D-49C4-8A76-4D3BB91B8471}" = BOINC
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 26
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (HPWJA)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C400DF4-90E0-412C-843A-F5424402662F}" = DJBCP Codec Pack
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D7-0109-0409-0000-0060B0CE6BBA}" = AutoCAD LT 2002
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.41 .2
"{5D3E11CE-2C9A-44E3-A561-ED9BAC439E83}" = HP Web Jetadmin 10.2
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D49994F-2E35-4932-B9ED-D2F4EEBF91A2}" = QuickBooks Pro Timer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72A819E7-4146-B9EA-1292-C4A77F657B4E}" = eBay Desktop
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78F5131C-7C4F-49AA-AA32-B7B42E941BCF}" = SolidWorks 2009 SP04.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A4E0CA0F-1903-440A-9B98-FEA6CB049999}" = Nokia Flashing Cable Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-1033-0000-BA7E-000000000003}" = Adobe Acrobat 8 Standard
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AC76BA86-7AD7-2447-0000-A00000000003}" = Chinese Simplified Fonts Support For Adobe Reader X
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Professional 2007
"{AFFBB1A4-26E9-42D8-ACBB-B8B1ECF862DC}" = Actify SpinFire Reader
"{B10E8648-1EC1-4FE8-B7C9-18C70CD48172}" = SolidWorks eDrawings 2009
"{B197134C-2A98-4D8C-A55A-9A7809AF59EC}" = SolidWorks Explorer 2009 sp04.1
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD04643-5246-48AC-9D8C-F43A37BB8F36}" = WD Drive Manager (x86)
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D198D2E7-B557-4404-A286-77F249625172}" = Nokia Internet Tablet Software Update Wizard
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F1486DE6-CC2E-48C0-AD20-C2C142FA1636}" = APC PowerChute Personal Edition 3.0
"{F6C0D92C-7EBC-4CEE-A0DD-BCE6ADB50E22}" = CADENAS PARTwebViewer
"{FA508751-94C7-4D6C-8418-B6FC3C43D1A7}" = DWGeditor
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom Gigabit Integrated Controller
"7-Zip" = 7-Zip 9.15 beta
"ActiveTouchMeetingClient" = WebEx
"Adobe Acrobat 8 Standard" = Adobe Acrobat 8.3.1 Standard
"Adobe Acrobat 8 Standard_831" = Adobe Acrobat 8.3.1 - CPSID_83708
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnswerWorks" = AnswerWorks Runtime
"avast" = avast! Pro Antivirus
"BC2_is1" = Beyond Compare Version 2.5.3
"BurnAware Free_is1" = BurnAware Free 2.4.4
"CodeStuff Starter" = CodeStuff Starter
"com.ebay.sandimas.public-beta.AA1EEF5552BF52051F68E7EAF27E23FA6449A65C.1" = eBay Desktop
"eIMAGE Recovery" = eIMAGE Recovery
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MeshLab" = MeshLab 1.1.1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Ogg Codecs" = Ogg Codecs 0.81.15562
"Parts&Vendors 6.0" = Parts&Vendors 6.0
"PoiEdit" = PoiEdit
"RealPlayer 12.0" = RealPlayer
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"SolidWorks Installation Manager 20090-40401-1100-200" = SolidWorks 2009 SP04.1
"SpeedFan" = SpeedFan (remove only)
"TotalRecorder" = Total Recorder 8.0
"Tweak UI 2.10" = Tweak UI
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"Viewpoint Toolbar" = Viewpoint Toolbar
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"UnityWebPlayer" = Unity Web Player
"Universal Algebra Calculator 2 (New Version)" = Universal Algebra Calculator 2 (New Version)
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 11/17/2009 3:47:55 PM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
Error - 4/1/2010 5:47:36 PM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
Error - 4/1/2010 5:47:42 PM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
Error - 5/3/2010 10:22:53 AM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
Error - 5/3/2010 10:22:56 AM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
Error - 5/3/2010 10:23:07 AM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
Error - 5/3/2010 10:24:19 AM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
Error - 5/3/2010 10:24:57 AM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
Error - 5/3/2010 10:24:59 AM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
Error - 5/3/2010 11:03:24 AM | Computer Name = DJB7QB1-CDS | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 12/5/2011 2:45:21 AM | Computer Name = DJB7QB1-CDS | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 8.0.0.4325, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 12/5/2011 2:45:25 AM | Computer Name = DJB7QB1-CDS | Source = Application Hang | ID = 1001
Description = Fault bucket -1612583200.
Error - 12/6/2011 1:34:51 PM | Computer Name = DJB7QB1-CDS | Source = nlsX86cc | ID = 0
Description =
Error - 12/6/2011 7:01:42 PM | Computer Name = DJB7QB1-CDS | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\SYSTEM32\WBEM\WINDOWSSEARCHENGINE.MOF
while recovering repository file.
Error - 12/6/2011 7:01:42 PM | Computer Name = DJB7QB1-CDS | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET.MOF
while recovering repository file.
Error - 12/6/2011 7:01:43 PM | Computer Name = DJB7QB1-CDS | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS
COMMUNICATION FOUNDATION\SERVICEMODEL.MOF while recovering repository file.
Error - 12/6/2011 7:01:43 PM | Computer Name = DJB7QB1-CDS | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF
while recovering repository file.
Error - 12/6/2011 7:01:46 PM | Computer Name = DJB7QB1-CDS | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET.MOF
while recovering repository file.
Error - 12/6/2011 7:01:46 PM | Computer Name = DJB7QB1-CDS | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\PROGRAM FILES\MICROSOFT SQL SERVER\90\SHARED\SQLMGMPROVIDERXPSP2UP.MOF
while recovering repository file.
Error - 12/6/2011 11:43:54 PM | Computer Name = DJB7QB1-CDS | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: Microsoft.PowerShell.ConsoleHost,Version=1.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35,ProcessorArchitecture=msil
. Error code = 0x80070020
[ OSession Events ]
Error - 4/6/2009 4:53:26 PM | Computer Name = DJB7QB1-CDS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 481
seconds with 480 seconds of active time. This session ended with a crash.
Error - 10/19/2009 7:58:00 PM | Computer Name = DJB7QB1-CDS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12/10/2009 6:13:17 PM | Computer Name = DJB7QB1-CDS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19238
seconds with 1380 seconds of active time. This session ended with a crash.
Error - 12/10/2009 6:36:23 PM | Computer Name = DJB7QB1-CDS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1280
seconds with 300 seconds of active time. This session ended with a crash.
Error - 5/6/2010 3:46:05 PM | Computer Name = DJB7QB1-CDS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11570
seconds with 120 seconds of active time. This session ended with a crash.
Error - 9/29/2011 2:29:32 PM | Computer Name = DJB7QB1-CDS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 83233
seconds with 240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12/7/2011 4:02:10 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7000
Description = The Prosoft Data Backup PC3 Backup/Copy Engine service failed to start
due to the following error: %%2
Error - 12/7/2011 4:47:53 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7000
Description = The Prosoft Data Backup PC3 Backup/Copy Engine service failed to start
due to the following error: %%2
Error - 12/7/2011 5:08:09 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 12/7/2011 5:08:09 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7034
Description = The APC UPS Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 12/7/2011 5:08:09 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7031
Description = The SAS Core Service service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 1000 milliseconds:
Restart the service.
Error - 12/7/2011 5:08:09 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 12/7/2011 5:08:10 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7034
Description = The Viewpoint Manager Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 12/7/2011 5:08:10 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7034
Description = The NLS Service service terminated unexpectedly. It has done this
1 time(s).
Error - 12/7/2011 5:08:10 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7034
Description = The WD Drive Manager Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 12/7/2011 5:08:10 AM | Computer Name = DJB7QB1-CDS | Source = Service Control Manager | ID = 7034
Description = The APC Data Service service terminated unexpectedly. It has done
this 1 time(s).
< End of report >