OTL by OldTimer - Version 3.2.45.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 0.58 Gb Available Physical Memory | 29.24% Memory free
3.82 Gb Paging File | 2.17 Gb Available in Paging File | 56.68% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.03 Gb Total Space | 104.70 Gb Free Space | 75.31% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.75 Gb Free Space | 57.47% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 398.36 Gb Free Space | 85.53% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 11.42 Gb Free Space | 2.45% Space Free | Partition Type: NTFS
Computer Name: SERVER | User Name: User | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/10/26 10:11:32 | 001,282,920 | ---- | M] (LabTech Software) -- C:\WINDOWS\LTSvc\LTTray.exe
PRC - [2012/09/29 19:54:26 | 000,981,656 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/06/02 09:45:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2011/09/16 13:10:50 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2011/06/24 00:09:20 | 001,454,792 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrayMonitor\TrayMonitor.exe
PRC - [2011/06/23 22:22:36 | 000,961,488 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Timounter\TimounterMonitor.exe
PRC - [2011/06/23 20:16:26 | 000,394,944 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009/07/08 08:11:32 | 000,406,840 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/18 11:15:24 | 000,053,248 | ---- | M] (HP) -- C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
========== Modules (No Company Name) ==========
MOD - [2012/10/19 07:48:49 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/10/19 07:48:38 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/10/19 07:48:27 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/10/19 07:48:26 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2012/10/19 07:48:03 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\7a53d68ad544f8e9edfdbd5a90a48fd3\System.Deployment.ni.dll
MOD - [2012/10/19 07:47:09 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll
MOD - [2012/10/19 07:45:55 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/10/19 07:43:37 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/10/19 07:42:00 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/10/19 07:41:44 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/10/19 07:39:15 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/10/19 07:38:57 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/10/19 07:38:42 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
MOD - [2012/10/19 07:36:07 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/10/19 07:35:44 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/10/19 06:52:34 | 000,069,136 | ---- | M] () -- C:\WINDOWS\LTSvc\screenhooks.dll
MOD - [2008/01/18 11:15:04 | 000,102,400 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\HPFaxUtilities.dll
MOD - [2008/01/18 11:15:02 | 000,552,960 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\Alerts.dll
MOD - [2008/01/18 11:14:32 | 000,589,824 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\HPAppTools.dll
MOD - [2008/01/18 11:14:26 | 000,069,632 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\AppConstants.dll
MOD - [2008/01/18 11:14:22 | 000,040,960 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\Enumeration.dll
MOD - [2008/01/18 11:14:20 | 000,126,976 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\HPToolkit.dll
MOD - [2008/01/18 11:14:16 | 000,016,384 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\HPStreamsInterface.dll
MOD - [2008/01/18 11:14:14 | 000,069,632 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\HPTools.dll
MOD - [2008/01/18 11:13:36 | 000,086,016 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\NativeUtils.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/11/11 03:02:13 | 000,137,136 | ---- | M] (LogMeIn, Inc.) [Auto | Unknown] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2012/11/11 03:01:33 | 000,374,704 | ---- | M] (LogMeIn, Inc.) [Auto | Unknown] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/10/26 10:11:36 | 000,819,200 | ---- | M] (GlavSoft LLC.) [Auto | Unknown] -- C:\WINDOWS\LTSvc\tvnserver.exe -- (tvnserver)
SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/06/18 08:56:00 | 012,548,608 | ---- | M] (LabTech Software) [Auto | Unknown] -- C:\WINDOWS\LTSvc\LTSVC.exe -- (LTService)
SRV - [2012/04/23 13:34:48 | 001,906,072 | ---- | M] (LogMeIn, Inc.) [Auto | Unknown] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Unattended\LMIR0001.tmp\unattended_srv.exe -- (LMIRescueUA_75271) LogMeIn Rescue (75271)
SRV - [2012/04/17 10:35:34 | 000,096,768 | ---- | M] (LabTech Software) [Auto | Unknown] -- C:\WINDOWS\LTSvc\LTSvcMon.exe -- (LTSvcMon)
SRV - [2011/06/23 20:16:20 | 000,808,744 | ---- | M] (Acronis) [Auto | Unknown] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/06/23 20:15:46 | 001,918,864 | ---- | M] (Acronis) [Auto | Unknown] -- C:\Program Files\Common Files\Acronis\Agent\agent.exe -- (AcronisAgent)
SRV - [2011/06/23 20:11:40 | 004,355,208 | ---- | M] (Acronis) [Auto | Unknown] -- C:\Program Files\Acronis\ARSM\arsm.exe -- (ARSM)
SRV - [2011/06/23 19:33:58 | 008,686,392 | ---- | M] (Acronis) [Auto | Unknown] -- C:\Program Files\Acronis\BackupAndRecovery\mms.exe -- (MMS)
SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Unknown] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/10/20 15:27:34 | 000,057,344 | ---- | M] (Apache Software Foundation) [Auto | Unknown] -- C:\Program Files\VMware\VMware Server\tomcat\bin\Tomcat6.exe -- (VMwareServerWebAccess)
SRV - [2009/10/20 14:22:46 | 000,029,744 | ---- | M] (VMware, Inc.) [On_Demand | Unknown] -- C:\Program Files\VMware\VMware Server\vmVssWriter.exe -- (vmwriter)
SRV - [2009/10/20 14:22:06 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Unknown] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2009/10/20 14:21:56 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Unknown] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009/10/20 14:21:20 | 000,322,096 | ---- | M] () [Auto | Unknown] -- C:\Program Files\VMware\VMware Server\vmware-hostd.exe -- (VMwareHostd)
SRV - [2009/10/20 14:21:20 | 000,121,392 | ---- | M] (VMware, Inc.) [Auto | Unknown] -- C:\Program Files\VMware\VMware Server\vmware-authd.exe -- (VMAuthdService)
SRV - [2009/08/28 14:33:28 | 000,116,032 | ---- | M] (Dell Inc.) [Auto | Unknown] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe -- (DLPWD)
SRV - [2009/06/25 18:04:24 | 000,151,614 | ---- | M] (GFI Software Ltd) [Auto | Unknown] -- C:\Program Files\GFI\FAXmaker\fmservic.exe -- (FAXmaker Fax Server)
SRV - [2009/06/25 18:04:20 | 000,868,414 | ---- | M] (GFI Software Ltd.) [Auto | Unknown] -- C:\Program Files\GFI\FAXmaker\fmgwinet.exe -- (FAXmaker MTA Service)
SRV - [2008/06/19 14:22:08 | 000,868,352 | ---- | M] () [Auto | Unknown] -- C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe -- (ppped)
SRV - [2008/04/13 18:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 18:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 18:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 18:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/13 18:12:14 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/13 18:12:09 | 000,088,576 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)
SRV - [2008/04/13 18:11:59 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 18:11:57 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 18:11:49 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Unknown] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/07 15:52:14 | 000,140,184 | ---- | M] (Dell Inc.) [Auto | Unknown] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe -- (DLSDB)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump)
DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | System | Unknown] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012/11/15 13:54:32 | 000,035,144 | ---- | M] () [File_System | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2012/11/15 13:51:25 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/11/11 03:01:35 | 000,083,912 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Unknown] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012/10/28 00:43:33 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Unknown] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{691517DC-0F7A-48F3-8656-64F0F1AC71AF}\MpKsla47b54fd.sys -- (MpKsla47b54fd)
DRV - [2011/09/16 13:10:50 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Unknown] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2011/09/16 13:10:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Unknown] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2011/08/12 16:58:49 | 000,601,408 | ---- | M] (Acronis) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2011/08/12 16:52:54 | 000,169,216 | ---- | M] (Acronis) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2009/10/20 14:22:42 | 000,857,520 | ---- | M] (VMware, Inc.) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2009/10/20 14:22:42 | 000,054,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2009/10/20 14:22:40 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2009/10/20 14:22:40 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2009/10/20 14:21:50 | 000,014,896 | ---- | M] (VMware, Inc.) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\vmparport.sys -- (VMparport)
DRV - [2009/10/20 14:21:06 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2009/10/20 14:21:04 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2008/04/13 18:12:09 | 000,088,576 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)
DRV - [2008/04/13 13:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Unknown] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 13:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Unknown] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 13:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Unknown] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 12:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 12:40:31 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\viaide.sys -- (ViaIde)
DRV - [2008/04/13 12:40:29 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\intelide.sys -- (IntelIde)
DRV - [2008/04/13 12:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 12:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Unknown] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2007/05/11 13:00:14 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2007/01/23 14:13:26 | 000,036,608 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/02/27 20:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2006/02/27 20:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2006/02/27 20:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2005/08/08 13:52:58 | 001,035,008 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\USR_MDMV.sys -- (HSF_DPV)
DRV - [2005/08/08 13:52:16 | 000,231,168 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\USR_BSC2.sys -- (HSFHWBS2)
DRV - [2005/08/08 13:52:12 | 000,729,728 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\HSF_USR.sys -- (winachsf)
DRV - [2004/08/03 11:29:50 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 11:29:48 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 11:29:46 | 000,025,471 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 11:29:46 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 11:29:46 | 000,022,271 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 11:29:44 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 11:29:44 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 11:29:42 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 11:29:42 | 000,011,871 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 11:29:40 | 000,011,807 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 11:29:40 | 000,011,295 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 11:29:38 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 11:29:38 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 11:29:38 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 11:29:38 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2002/05/08 11:44:42 | 000,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2002/04/03 23:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (Symmpi)
DRV - [2001/08/17 10:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\dpti2o.sys -- (dpti2o)
DRV - [2001/08/17 10:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 10:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 10:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\aic78xx.sys -- (aic78xx)
DRV - [2001/08/17 10:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\aic78u2.sys -- (aic78u2)
DRV - [2001/08/17 10:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 10:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810)
DRV - [2001/08/17 10:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\adpu160m.sys -- (adpu160m)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{7C2E3B66-EB86-4824-B549-6E25EB6BCAA5}: "URL" = http://slirsredirect...hpcmdtie7-en-us
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.brightstarcare.com/
IE - HKCU\..\SearchScopes,DefaultScope = {66EA2516-25E8-418A-9255-8A5B45ADC4CE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{66EA2516-25E8-418A-9255-8A5B45ADC4CE}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\..\SearchScopes\{7C2E3B66-EB86-4824-B549-6E25EB6BCAA5}: "URL" = http://slirsredirect...hpcmdtie7-en-us
IE - HKCU\..\SearchScopes\{BB2740FB-E51E-42FE-8D0B-7AE8396CF40B}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2006/02/27 20:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Common Files\Acronis\Timounter\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [BackupAndRecoveryMonitor.exe] C:\Program Files\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe (Acronis)
O4 - HKLM..\Run: [DLPSP] C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE (Dell Inc.)
O4 - HKLM..\Run: [HPPQVideo] "C:\Program Files\HP\ScheduledLaunch\HP Color LaserJet CM2320 MFP Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM2320_MFP_Series -f PQOptimizerVideo.xml -o remindLater File not found
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [TrayMonitor.exe] C:\Program Files\Acronis\TrayMonitor\TrayMonitor.exe (Acronis)
O4 - HKLM..\Run: [tvncontrol] C:\WINDOWS\LTsvc\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Network Monitoring Tray.lnk = C:\WINDOWS\LTSvc\LTTray.exe (LabTech Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_30.dll (Sun Microsystems, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\VMware\VMware Server\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\VMware\VMware Server\vsocklib.dll (VMware, Inc.)
O15 - HKLM\..Trusted Domains: osgusa.com ([managed] * in Trusted sites)
O15 - HKLM\..Trusted Domains: rit911.com ([upport] * in Trusted sites)
O15 - HKLM\..Trusted Domains: rit911.com|support.ritcompany.com ([support] * in Trusted sites)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.micr...01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D46A3A1B-606B-4A43-B7B9-05DCB5768DB6}: NameServer = 4.2.2.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (VMGINA.DLL) - C:\WINDOWS\System32\vmgina.dll ()
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\hp1_1024x768.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 19:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/05/07 02:01:54 | 000,000,162 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/11/29 14:35:44 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2012/11/29 14:13:36 | 000,000,000 | ---D | C] -- C:\Malwarebytes
[2012/11/29 09:29:08 | 010,669,952 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\User\Desktop\mbam-setup-1.65.1.1000.exe
[2012/11/29 09:20:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Malwarebytes
[2012/11/15 13:51:25 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/11/15 13:51:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/15 13:51:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/11/15 13:51:04 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/11/15 13:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/11/29 14:05:16 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/11/29 09:29:30 | 010,669,952 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\User\Desktop\mbam-setup-1.65.1.1000.exe
[2012/11/25 01:41:04 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/11/15 13:54:32 | 000,035,144 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/11/15 13:51:25 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/11/15 13:51:09 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/15 13:38:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/11/11 03:01:35 | 000,083,912 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2012/11/11 03:01:34 | 000,092,072 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2012/11/11 03:01:34 | 000,031,144 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/11/15 13:54:32 | 000,035,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/11/15 13:51:09 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/14 19:06:02 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/01 13:44:58 | 000,049,664 | ---- | C] () -- C:\WINDOWS\RemComSvc.exe
[2011/06/23 11:10:22 | 000,000,543 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/03/21 15:47:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2011/01/05 15:17:56 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/08 15:58:10 | 000,000,104 | ---- | C] () -- C:\Program Files\My Computer.lnk
========== LOP Check ==========
[2011/08/13 16:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2012/11/29 14:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/11/23 10:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/11/23 08:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/12/24 12:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zvprt50
[2008/10/26 13:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2008/10/26 13:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SampleView
[2012/09/27 15:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TightVNC
[2012/11/29 14:05:16 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEC0D766
< End of report >