Hi,
Please find the latest log file.
All good when I remembered to change the SATA mode again
There soes not appear to be any further issues
Thanks again
Best Regards
Mark
OTL logfile created on: 1/2/2013 8:33:38 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 208.38 Gb Free Space | 69.90% Space Free | Partition Type: NTFS
Drive D: | 125.47 Mb Total Space | 114.19 Mb Free Space | 91.01% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand] -- -- (Smcinst)
SRV - File not found [On_Demand] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2012/12/14 00:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 00:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/13 15:46:29 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/12 22:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/29 22:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2011/10/19 04:18:12 | 000,077,944 | ---- | M] (Autodesk) [On_Demand] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2011/08/24 00:34:48 | 001,302,272 | ---- | M] (PC Tools) [Auto] -- C:\Program Files\Spyware Doctor\swdsvc.exe -- (sdCoreService)
SRV - [2011/08/24 00:34:44 | 000,708,176 | ---- | M] (PC Tools) [Auto] -- C:\Program Files\Spyware Doctor\svcntaux.exe -- (sdAuxService)
SRV - [2010/08/30 01:31:34 | 000,218,480 | ---- | M] (Sierra Wireless, Inc.) [Auto] -- C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe -- (SwiCardDetectSvc)
SRV - [2009/12/09 11:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto] -- C:\Program Files\AES Chemunex\eviSENSE\PostGreSQL\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2009/11/18 06:27:44 | 000,108,280 | ---- | M] (AuthenTec, Inc) [Auto] -- C:\Program Files\TrueSuite\TrueSuite.Service.exe -- (FPLService)
SRV - [2009/11/16 04:10:52 | 002,034,936 | R--- | M] (AuthenTec, Inc.) [Auto] -- C:\Program Files\Fingerprint Sensor\ATService.exe -- (ATService)
SRV - [2009/11/12 12:59:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009/11/05 11:15:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/10/21 12:39:14 | 000,148,848 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009/10/02 15:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/09/30 22:02:38 | 002,320,920 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/09/30 22:02:36 | 000,268,824 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/09/21 17:55:12 | 000,858,384 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2009/09/21 17:44:48 | 000,954,368 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2009/09/21 17:31:36 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2009/08/24 21:25:56 | 000,575,552 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\WINDOWS\system32\ThpSrv.exe -- (Thpsrv)
SRV - [2009/07/28 17:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/07 11:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe -- (RSELSVC)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/09 22:21:23 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/09 22:21:23 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/10/09 22:21:18 | 001,787,200 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2008/10/09 22:21:18 | 000,312,720 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2008/10/09 22:21:16 | 002,436,536 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2008/08/20 23:03:02 | 000,073,782 | ---- | M] (SafeNet) [Auto] -- C:\Program Files\Juniper\NetScreen-Remote\IPSecMon.exe -- (IPSECMON)
SRV - [2008/08/20 23:03:00 | 000,413,746 | ---- | M] (SafeNet) [Auto] -- C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe -- (IreIKE)
SRV - [2008/06/30 01:36:35 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/04/14 07:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 07:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/02/21 02:26:40 | 000,151,552 | ---- | M] () [On_Demand] -- C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe -- (bepldr)
SRV - [2006/10/05 14:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2005/12/14 14:00:32 | 000,126,976 | ---- | M] (TOSHIBA) [Auto] -- C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe -- (Tmesrv)
SRV - [2005/01/17 18:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (VBoxNetFlt)
DRV - File not found [Kernel | On_Demand] -- -- (USBAAPL)
DRV - File not found [Kernel | On_Demand] -- -- (SWUMX20) Sierra Wireless USB MUX Driver (UMTS20)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2012/12/14 00:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/11/06 00:43:20 | 000,174,056 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WpsHelper.sys -- (WpsHelper)
DRV - [2012/09/17 03:00:00 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20121214.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/09/17 03:00:00 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20121214.003\NAVENG.SYS -- (NAVENG)
DRV - [2012/08/15 03:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/09 03:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/10/31 23:17:22 | 000,010,584 | R--- | M] (Red Lion Controls Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\g3usb.sys -- (HMI)
DRV - [2010/10/07 23:57:54 | 000,100,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2010/07/28 01:33:34 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2010/06/21 00:07:20 | 000,078,720 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swiwdmbus.sys -- (swiwdmbus)
DRV - [2010/06/20 23:47:14 | 000,156,544 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swumxa3.sys -- (SWUMXA3) Sierra Wireless USB MUX Driver (UMTSA3)
DRV - [2010/06/20 23:46:50 | 000,201,088 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swnc8ua3.sys -- (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3)
DRV - [2010/04/05 20:49:59 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/11/28 00:34:44 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/11/15 07:42:12 | 000,671,488 | R--- | M] (AuthenTec, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009/11/13 03:59:06 | 000,215,040 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV - [2009/11/12 12:46:02 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2009/11/02 20:43:32 | 005,939,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/10/26 14:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/09/24 19:54:26 | 000,169,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2009/09/23 19:14:10 | 000,160,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress) Intel®
DRV - [2009/09/17 14:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/09/15 14:34:10 | 005,977,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2009/09/14 16:29:36 | 000,049,400 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2009/08/10 18:54:22 | 000,059,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2009/08/10 03:46:38 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2009/07/28 22:01:26 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2009/07/28 20:24:20 | 000,049,152 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2009/07/24 13:31:58 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2009/07/14 00:13:10 | 000,015,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2009/07/04 20:37:08 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rixdpe86.sys -- (rixdpcie)
DRV - [2009/07/02 10:50:16 | 000,047,104 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rimspe86.sys -- (rimspci)
DRV - [2009/06/29 12:25:30 | 000,029,760 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\thpdrv.sys -- (Thpdrv)
DRV - [2009/06/22 19:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/06/17 13:59:46 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2009/06/11 16:05:00 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2009/05/20 12:23:36 | 000,074,368 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2009/05/11 21:11:44 | 000,006,528 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\Thpevm.sys -- (Thpevm)
DRV - [2008/10/09 22:21:30 | 000,041,792 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2008/10/09 22:21:25 | 000,317,872 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/10/09 22:21:25 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/10/09 22:21:23 | 000,279,600 | ---- | M] (Symantec Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/10/09 22:21:20 | 000,091,968 | ---- | M] (Symantec Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant)
DRV - [2008/10/09 22:21:20 | 000,049,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2008/10/09 22:21:04 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008/10/09 22:21:03 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008/10/09 22:21:01 | 000,420,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/08/20 22:45:08 | 000,138,296 | ---- | M] (SafeNet) [Kernel | System] -- C:\WINDOWS\system32\drivers\IpSecDrv.sys -- (IPSECDRV)
DRV - [2008/08/05 22:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/07/30 02:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/06/19 02:27:56 | 000,125,584 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/04/14 07:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 08:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/03/20 23:42:52 | 000,004,211 | R--- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alertdrv.sys -- (AlertDrv)
DRV - [2008/01/16 21:35:44 | 000,536,634 | ---- | M] (SafeNet) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Crypto.sys -- (Crypto)
DRV - [2008/01/02 02:48:32 | 000,029,184 | ---- | M] (Deterministic Networks Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\vap.sys -- (DniVap) SafeNet WAN Miniport (VA)
DRV - [2007/12/18 13:46:34 | 000,044,800 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2007/08/23 00:58:06 | 000,467,968 | R--- | M] (DiBcom) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dvb7700all.sys -- (mod7700)
DRV - [2007/06/28 19:01:48 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/04/19 00:18:20 | 000,083,536 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | System] -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec)
DRV - [2007/04/19 00:18:16 | 000,059,984 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | System] -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IkSysFlt)
DRV - [2007/04/19 00:18:12 | 000,052,304 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | System] -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec)
DRV - [2007/04/19 00:18:08 | 000,039,248 | ---- | M] (PCTools Research Pty Ltd.) [File_System | System] -- C:\WINDOWS\system32\drivers\ikfileflt.sys -- (IKFileFlt)
DRV - [2007/03/26 14:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)
DRV - [2007/02/22 17:10:30 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/02/19 14:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)
DRV - [2007/02/15 18:44:06 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\TVALZ.SYS -- (TVALZ)
DRV - [2006/11/28 17:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/01/04 17:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/07/27 17:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004/06/16 13:08:48 | 000,005,888 | ---- | M] (Toshiba Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\TMEI3E.sys -- (TMEI3E)
DRV - [2003/07/15 23:27:40 | 000,043,264 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.30.71;www.dksh.com.au;www.edwardkeller.com.au;www.diethelmkeller.com.au;195.61.37.4;<local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=dvscfw37.telstra.proxy:80;https=dvscfw37.telstra.proxy:80;ftp=dvscfw37.telstra.proxy:80
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\hutcheor.DKSH_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://192.168.30.35IE - HKU\hutcheor.DKSH_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page =
http://192.168.30.35IE - HKU\hutcheor.DKSH_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\hutcheor.DKSH_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.30.71;www.dksh.com.au;www.edwardkeller.com.au;www.diethelmkeller.com.au;195.61.37.4;<local>
IE - HKU\hutcheor.DKSH_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=dvscfw37.telstra.proxy:80;https=dvscfw37.telstra.proxy:80;ftp=dvscfw37.telstra.proxy:80
IE - HKU\postgres_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\tennantm_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://192.168.30.35IE - HKU\tennantm_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page =
http://192.168.30.35IE - HKU\tennantm_ON_C\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKU\tennantm_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\tennantm_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.30.71;www.dksh.com.au;www.edwardkeller.com.au;www.diethelmkeller.com.au;195.61.37.4;<local>
IE - HKU\tennantm_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=dvscfw37.telstra.proxy:80;https=dvscfw37.telstra.proxy:80;ftp=dvscfw37.telstra.proxy:80
IE - HKU\User_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo!7 Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\tennantm_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [000StTHK] C:\WINDOWS\System32\000StTHK.exe ()
O4 - HKLM..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [ClientAppLogon] C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.)
O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe (PC Tools)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SystemTray] C:\Program Files\TrueSuite\TrueSuite.SysTray.exe (AuthenTec, Inc)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [TFNF5] C:\WINDOWS\System32\TFNF5.exe (TOSHIBA Corp.)
O4 - HKLM..\Run: [ThpSrv] C:\WINDOWS\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE (TOSHIBA)
O4 - HKLM..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE (TOSHIBA)
O4 - HKLM..\Run: [TNRotate] C:\Program Files\TOSHIBA\TNROTATE\TNROTATE.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TOSDCR] C:\WINDOWS\System32\TOSDCR.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPSODDCtl] C:\WINDOWS\System32\TPSODDCtl.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TRUUpdater] C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe (Sierra Wireless, Inc.)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [WatcherHelper] C:\Program files\Telstra\Telstra Connection Manager\WaHelper.exe (Sierra Wireless Inc.)
O4 - HKU\tennantm_ON_C..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\tennantm_ON_C..\Run: [Startw3i] File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [SysOff] File not found
O4 - HKU\hutcheor.DKSH_ON_C..\RunOnce: [FlashPlayerUpdate] File not found
O4 - HKU\postgres_ON_C..\RunOnce: [SysOff] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NetScreen-Remote.lnk = C:\Program Files\Juniper\NetScreen-Remote\SafeCfg.exe (SafeNet)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SimHID.lnk = C:\Program Files\Remote\SimHID.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O4 - Startup: C:\Documents and Settings\hutcheor.DKSH\Start Menu\Programs\Startup\SimHID.exe.lnk = C:\Program Files\Remote\SimHID.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\hutcheor.DKSH_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\hutcheor.DKSH_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\postgres_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\tennantm_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\tennantm_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505}
https://melm01.dksh.com/dwa8W.cab (Domino Web Access 8 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 61.9.133.193 61.9.195.193
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dksh.local
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\tennantm_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/01 06:18:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2013/01/02 08:15:06 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2013/01/01 00:38:53 | 000,697,911 | ---- | C] (Farbar) -- C:\Documents and Settings\tennantm\Desktop\FSS.exe
[2012/12/30 17:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/12/30 17:15:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/30 17:15:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/12/30 17:15:27 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/12/30 17:15:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/12/30 17:13:18 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\tennantm\Desktop\mbam-setup-1.70.0.1100.exe
[2012/12/29 15:04:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/03/24 18:40:01 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[4 C:\Documents and Settings\tennantm\My Documents\*.tmp files -> C:\Documents and Settings\tennantm\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\tennantm\*.tmp files -> C:\Documents and Settings\tennantm\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/01/01 15:45:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/01 15:45:37 | 002,609,432 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/01/01 15:38:48 | 000,502,088 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/01 15:38:48 | 000,090,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/01 15:37:47 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SimHID.lnk
[2013/01/01 15:37:47 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2013/01/01 15:36:10 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/01 15:34:12 | 008,405,015 | ---- | M] () -- C:\WINDOWS\TempFile
[2013/01/01 00:46:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/01/01 00:26:05 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/01 00:25:33 | 000,354,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/01 00:23:36 | 000,697,911 | ---- | M] (Farbar) -- C:\Documents and Settings\tennantm\Desktop\FSS.exe
[2012/12/30 19:10:01 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/30 19:01:05 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/12/30 17:15:29 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/30 17:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/30 17:00:28 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\tennantm\Desktop\mbam-setup-1.70.0.1100.exe
[2012/12/26 00:53:41 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\tennantm\Application Data\skype.ini
[2012/12/20 21:08:48 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012/12/15 01:35:33 | 000,000,044 | ---- | M] () -- C:\WINDOWS\DSELite.INI
[2012/12/15 01:18:14 | 000,000,036 | ---- | M] () -- C:\WINDOWS\iltwain.ini
[2012/12/14 00:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/12/13 15:46:28 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/12/13 15:46:27 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/12/12 14:32:24 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/12/08 00:55:18 | 001,249,167 | ---- | M] () -- C:\Documents and Settings\tennantm\Desktop\ABB-Vikt manual E1T_845-0077B.pdf
[4 C:\Documents and Settings\tennantm\My Documents\*.tmp files -> C:\Documents and Settings\tennantm\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\tennantm\*.tmp files -> C:\Documents and Settings\tennantm\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/12/30 17:15:29 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/15 04:29:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/15 04:19:01 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\tennantm\Application Data\skype.ini
[2012/12/08 00:55:18 | 001,249,167 | ---- | C] () -- C:\Documents and Settings\tennantm\Desktop\ABB-Vikt manual E1T_845-0077B.pdf
[2012/05/27 07:45:50 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2012/05/27 07:20:34 | 000,124,687 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2012/05/27 07:19:39 | 000,181,563 | R--- | C] () -- C:\WINDOWS\System32\hpoff314.dat
[2012/05/27 07:19:39 | 000,181,151 | R--- | C] () -- C:\WINDOWS\System32\hpoF300.dat
[2012/05/14 03:56:24 | 002,609,432 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/04/01 17:30:04 | 000,000,036 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2012/04/01 17:29:28 | 000,007,803 | ---- | C] () -- C:\WINDOWS\System32\dymourl.ini
[2012/04/01 17:28:52 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DYMOCFG.DLL
[2012/04/01 17:28:52 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\lmmonres.dll
[2012/02/15 04:02:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/08 17:48:23 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\tennantm\distributoraccess.parker.com.HOD_CCR2.ccr1
[2011/08/04 22:30:30 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\tennantm\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/04 21:01:48 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011/06/10 09:04:55 | 000,000,044 | ---- | C] () -- C:\WINDOWS\DSE890.INI
[2011/05/17 02:32:09 | 000,000,078 | ---- | C] () -- C:\WINDOWS\_RENAMER.INI
[2011/05/17 02:17:17 | 000,000,044 | ---- | C] () -- C:\WINDOWS\DSELite.INI
[2011/05/15 23:37:56 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\tennantm\distributoraccess.parker.com.HOD.LOC
[2011/05/15 23:36:53 | 000,000,456 | RHS- | C] () -- C:\Documents and Settings\tennantm\ntuser.pol
[2011/05/15 23:22:18 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2011/02/22 01:36:25 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010/11/17 17:00:27 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/11/17 17:00:27 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010/09/16 20:39:40 | 000,000,065 | ---- | C] () -- C:\WINDOWS\logger.INI
[2010/07/28 01:33:34 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2010/07/18 17:22:49 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\hutcheor.DKSH\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/15 17:40:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ToDisc.INI
[2010/06/29 17:05:00 | 000,000,456 | RHS- | C] () -- C:\Documents and Settings\hutcheor.DKSH\ntuser.pol
[2010/04/06 19:14:43 | 000,000,736 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2010/04/06 00:02:15 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2010/03/24 19:22:22 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/03/24 19:08:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/03/24 18:55:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2010/03/24 18:52:15 | 000,000,916 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.dat
[2010/03/24 18:48:09 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\000StTHK.exe
[2010/03/24 18:44:21 | 000,007,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat
[2010/03/24 18:44:21 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/03/24 18:40:01 | 000,874,032 | ---- | C] () -- C:\WINDOWS\System32\igkrng575.bin
[2010/03/24 18:40:01 | 000,127,896 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng575.bin
[2009/12/01 22:02:01 | 000,002,368 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/12/01 22:01:25 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/12/01 22:00:17 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/12/01 21:59:47 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/12/01 21:58:23 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/12/01 21:58:15 | 000,502,088 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/01 21:58:15 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/12/01 21:58:15 | 000,090,670 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/01 21:58:15 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/12/01 21:58:13 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/12/01 21:58:13 | 000,004,598 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/12/01 21:58:10 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/12/01 21:57:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/12/01 21:57:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/12/01 21:57:38 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/12/01 21:57:33 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/12/01 06:20:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/12/01 06:16:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/12/01 06:16:34 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/11/30 22:14:34 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/11/30 22:14:01 | 000,354,568 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/06/28 19:01:48 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006/05/05 05:10:17 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2006/04/12 05:40:14 | 000,147,584 | ---- | C] () -- C:\WINDOWS\System32\hpz9xd14.drv
[2005/10/19 05:57:22 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\TWXAPI32.DLL
[2003/02/27 00:27:52 | 000,237,632 | ---- | C] () -- C:\WINDOWS\System32\INT2F.DLL
[2001/07/06 12:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ========== [2011/01/31 21:57:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Sierra Wireless
[2010/03/24 19:02:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba
[2009/12/01 06:24:04 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\WinBatch
[2010/03/24 19:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\toshiba
[2009/12/01 06:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinBatch
[2011/01/31 22:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hutcheor.DKSH\Application Data\Sierra Wireless
[2010/11/05 01:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hutcheor.DKSH\Application Data\toshiba
[2010/11/05 01:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hutcheor.DKSH\Application Data\WinBatch
[2010/03/24 19:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\postgres\Application Data\toshiba
[2009/12/01 06:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\postgres\Application Data\WinBatch
[2011/02/27 21:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\Autodesk
[2011/01/25 00:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/08/31 02:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\go
[2012/05/03 05:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\Image Zone Express
[2011/07/12 18:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\officeatwork
[2011/07/19 21:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\PC Speed Maximizer
[2011/07/19 21:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\RegistryKeys
[2012/08/14 18:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\SAP
[2011/10/03 01:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\SIEMENS AG
[2011/05/17 01:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\Sierra Wireless
[2010/12/15 13:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\toshiba
[2009/12/01 06:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tennantm\Application Data\WinBatch
[2011/05/12 23:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Sierra Wireless
[2010/03/24 19:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\toshiba
[2009/12/01 06:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\WinBatch
[2011/10/19 04:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/03/24 19:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012/11/26 17:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra Wireless
[2012/12/30 19:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/14 23:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA
[2010/03/24 19:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrueSuite
[2010/09/20 22:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/04/17 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{F0B1F1D2-24C3-4CE4-92A5-B8871B1BA610}
[2011/09/13 23:39:06 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\ErrorEND.job
[2010/03/24 19:12:41 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2010/03/24 19:12:41 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job
[2012/12/30 19:01:05 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Edited by Essexboy, 01 January 2013 - 04:17 PM.