as requested
DDS (Ver_10-12-05.01) - NTFSx86
Run by Oscar at 15:08:57.14 on Sat 12/11/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.364 [GMT -5:00]
AV: avast! Antivirus *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe
C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Oscar\Local Settings\Application Data\Autobahn\mlb-nexdef-autobahn.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\IBM ThinkVantage\Client Security Solution\pwmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AT&T\Communication Manager\ATTCM.exe
C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
C:\Program Files\AT&T\Communication Manager\bmctl.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Oscar\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearch Page =
uSearch Bar =
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant =
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: PriceGongBHO Class: {1631550f-191d-4826-b069-d9439253d926} - c:\program files\pricegong\2.1.0\PriceGongIE.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
TB: {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No File
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper
mRun: [TP4EX] tp4ex.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [TPHOTKEY] c:\progra~1\lenovo\pkgmgr\hotkey\TPHKMGR.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [AMSG] c:\program files\thinkvantage\amsg\Amsg.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE
mRun: [cssauth] "c:\program files\ibm thinkvantage\client security solution\cssauth.exe" silent
mRun: [PDService.exe] "c:\program files\ibm thinkvantage\safeguard privatedisk\pdservice.exe"
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [BLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [AT&T Communication Manager] "c:\program files\at&t\communication manager\ATTCM.exe" -a
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0417.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
StartupFolder: c:\docume~1\oscar\startm~1\programs\startup\mlbtvn~1.lnk - c:\documents and settings\oscar\local settings\application data\autobahn\mlb-nexdef-autobahn.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: E&xportar a Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB}
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA}
IE: {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - c:\program files\lenovo\pkgmgr\\PkgMgr.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
LSP: bmnet.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: AwayNotify - c:\program files\lenovo\awaytask\AwayNotify.dll
Notify: igfxcui - igfxdev.dll
Notify: tpfnf2 - notifyf2.dll
Notify: tphotkey - tphklock.dll
AppInit_DLLs: c:\windows\system32\wpdmtpa.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
LSA: Authentication Packages = msv1_0 nwprovau
LSA: Notification Packages = scecli csspwntfy
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\oscar\applic~1\mozilla\firefox\profiles\0jyy3stz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-flv&p=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 50370
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\docume~1\oscar\applic~1\mozilla\firefox\profiles\0jyy3stz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Extension: Java Quick Starter:
jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
============= SERVICES / DRIVERS ===============
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-12-11 162768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-12-11 19024]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-12-11 40384]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-12-11 632792]
R2 PrivateDisk;PrivateDisk;c:\program files\ibm thinkvantage\safeguard privatedisk\privatediskm.sys [2005-11-15 46142]
R2 smi2;smi2;c:\program files\smi2\smi2.sys [2005-12-21 3968]
R3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\communication manager\RcAppSvc.exe [2010-3-10 121416]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-12-11 40384]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-12-11 40384]
S3 cpuz132;cpuz132;\??\c:\docume~1\oscar\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\oscar\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2010-9-24 268528]
=============== Created Last 30 ================
2010-12-11 17:09:12 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-12-11 15:47:21 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-11 15:45:03 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-11 15:45:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-11 15:08:03 -------- d-----w- c:\docume~1\oscar\applic~1\Registry Mechanic
2010-12-11 15:02:56 880640 ----a-w- c:\windows\system32\UniBox10.ocx
2010-12-11 15:02:56 37336 ----a-w- c:\windows\system32\CleanMFT32.exe
2010-12-11 15:02:56 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx
2010-12-11 15:02:56 1101824 ----a-w- c:\windows\system32\UniBox210.ocx
2010-12-11 15:02:55 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2010-12-11 15:02:52 -------- d-----w- c:\program files\common files\PC Tools
2010-12-11 13:06:11 20 ----a-w- c:\windows\system32\WPDMTPA.DLL
2010-11-28 16:10:59 0 ---ha-w- c:\docume~1\oscar\locals~1\applic~1\BIT18C.tmp
==================== Find3M ====================
2010-12-05 14:42:41 5427 ----a-w- c:\windows\system32\EGATHDRV.SYS
2010-09-24 18:19:16 444656 ----a-w- c:\windows\system32\ZuneWlanCfgSvc.exe
2010-09-24 18:19:08 57072 ----a-w- c:\windows\system32\ZuneBusEnum.exe
2010-09-24 16:31:24 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ------w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ------w- c:\windows\system32\mfc40u.dll
2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 06:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
============= FINISH: 15:11:33.56 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-05.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/13/2008 10:27:03 PM
System Uptime: 12/11/2010 2:50:38 PM (1 hours ago)
Motherboard: LENOVO | | 9457GG1
Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz | None | 1662/167mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 51 GiB total, 23.221 GiB free.
D: is CDROM ()
R: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP291: 9/19/2010 5:19:40 PM - System Checkpoint
RP292: 9/24/2010 10:40:26 PM - Installed Java(TM) 6 Update 21
RP293: 9/24/2010 10:42:39 PM - Avg Update
RP294: 9/24/2010 10:43:14 PM - Avg Update
RP295: 9/26/2010 4:07:37 PM - System Checkpoint
RP296: 10/9/2010 3:26:10 PM - Avg Update
RP297: 10/10/2010 5:41:55 PM - Software Distribution Service 3.0
RP298: 10/15/2010 1:56:39 PM - System Checkpoint
RP299: 10/17/2010 9:16:32 AM - System Checkpoint
RP300: 10/17/2010 12:47:59 PM - Removed Driver Detective.
RP301: 10/17/2010 3:45:14 PM - Software Distribution Service 3.0
RP302: 10/23/2010 3:56:38 PM - System Checkpoint
RP303: 10/24/2010 4:26:58 PM - System Checkpoint
RP304: 10/26/2010 10:10:03 PM - Avg Update
RP305: 10/26/2010 10:12:29 PM - Installed Java(TM) 6 Update 22
RP306: 10/30/2010 11:47:21 AM - System Checkpoint
RP307: 10/31/2010 8:26:21 AM - Removed Opera 10.62.
RP308: 10/31/2010 8:26:31 AM - Installed Opera 10.63.
RP309: 10/31/2010 6:09:41 PM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP310: 10/31/2010 6:10:00 PM - Installed AVG 2011
RP311: 10/31/2010 6:10:54 PM - Removed AVG Free 9.0
RP312: 10/31/2010 6:20:01 PM - Installed AVG 2011
RP313: 11/2/2010 11:24:40 PM - System Checkpoint
RP314: 11/5/2010 11:35:11 PM - System Checkpoint
RP315: 11/7/2010 8:45:44 AM - System Checkpoint
RP316: 11/7/2010 11:26:23 AM - Removed Microsoft Office Language Pack 2007 - English
RP317: 11/7/2010 11:30:53 AM - Removed Microsoft Office Excel Viewer 2003
RP318: 11/7/2010 11:38:21 AM - Before uninstalling Microsoft Office Enterprise 2007
RP319: 11/7/2010 12:46:52 PM - Installed Microsoft Office Professional Plus 2010
RP320: 11/7/2010 12:38:18 PM - Printer Driver Send To Microsoft OneNote 2010 Driver Installed
RP321: 11/9/2010 7:12:06 PM - Software Distribution Service 3.0
RP322: 11/9/2010 11:41:45 PM - Software Distribution Service 3.0
RP323: 11/10/2010 3:44:09 PM - Software Distribution Service 3.0
RP324: 11/10/2010 7:04:02 PM - Before uninstalling HP Smart Web Printing 4.60
RP325: 11/13/2010 4:30:45 PM - System Checkpoint
RP326: 11/14/2010 11:28:17 AM - Software Distribution Service 3.0
RP327: 11/20/2010 3:35:05 PM - System Checkpoint
RP328: 11/21/2010 6:14:49 PM - System Checkpoint
RP329: 11/27/2010 9:59:23 AM - System Checkpoint
RP330: 11/28/2010 12:36:55 PM - System Checkpoint
RP331: 12/4/2010 10:49:00 AM - System Checkpoint
RP332: 12/5/2010 11:52:51 AM - System Checkpoint
RP333: 12/11/2010 10:36:33 AM - Removed Opera 10.63.
RP334: 12/11/2010 12:09:12 PM - avast! Free Antivirus Setup
RP335: 12/11/2010 12:24:11 PM - Removed AVG 2011
RP336: 12/11/2010 12:28:20 PM - Removed AVG 2011
==== Installed Programs ======================
32 Bit HP CIO Components Installer
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 7.0.9
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Apple Software Update
AT&T Communication Manager
avast! Free Antivirus
Brother Analysis Tool
BufferChm
CAM UnZip 4.42
Casino Collection
CCleaner
Critical Update for Windows Media Player 11 (KB959772)
D1600
Definition update for Microsoft Office 2010 (KB982726)
DeviceDiscovery
DJ_SF_06_D1600_SW_Min
GIMP 2.6.10
GPBaseService2
Help Center
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format 11 SDK (KB973442)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 13.0
HP Deskjet D1600 Printer Driver Software 13.0 Rel .6
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Solution Center 13.0
HP Update
hpPrintProjects
HPProductAssistant
hpWLPGInstaller
IBM 32-bit Runtime Environment for Java 2, v1.4.2
IBM ThinkPad UltraNav Driver
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Malwarebytes' Anti-Malware
MarketResearch
Message Center
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access MUI (Spanish) 2007
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Excel MUI (Spanish) 2007
Microsoft Office Groove MUI (English) 2010
Microsoft Office Groove MUI (Spanish) 2007
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office OneNote MUI (Spanish) 2007
Microsoft Office Outlook MUI (English) 2010
Microsoft Office Outlook MUI (Spanish) 2007
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint MUI (Spanish) 2007
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Basque) 2007
Microsoft Office Proof (Catalan) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Galician) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing (Spanish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Publisher MUI (Spanish) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared MUI (Spanish) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office Word MUI (Spanish) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft Software Update for Web Folders (Spanish) 12
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WinUsb 1.0
MLB.TV NexDef Plug-in
Mozilla Firefox (3.6.12)
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Octoshape add-in for Adobe Flash Player
OGA Notifier 2.0.0048.0
PDF Settings
PriceGong 2.1.0
Productivity Center Supplement for ThinkPad
QuickTime
RealPlayer
RealUpgrade 1.0
Registry Mechanic 10.0
Remove Multimedia Center
Rescue and Recovery - Client Security Solution
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Word 2010 (KB2345000)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Snapshot Viewer
Software Installer
SolutionCenter
Sonic Express Labeler
Sonic Update Manager
SoundMAX
Status
System Migration Assistant
TBS WMP Plug-in
ThinkPad EasyEject Utility
ThinkPad FullScreen Magnifier
ThinkPad Hotkey Features Setup
ThinkPad Keyboard Customizer Utility
ThinkPad Modem
ThinkPad PC Card Power Policy
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad UltraNav Wizard
ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g)
ThinkVantage Away Manager
ThinkVantage Technologies Welcome Message
Toolbox
TrackPoint Accessibility Features
TrayApp
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft OneNote 2010 (KB2288640)
Update for Microsoft Outlook Social Connector (KB2289116)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoLAN VLC media player 0.8.6f
Viewpoint Media Player
Wallpapers
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows Mobile Device Updater Component
Windows XP Service Pack 3
XP Codec Pack
XP Themes
Zune
Zune Language Pack (DEU)
Zune Language Pack (ESP)
Zune Language Pack (FRA)
Zune Language Pack (ITA)
Zune Language Pack (NLD)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
==== Event Viewer Messages From Past Week ========
12/5/2010 7:52:54 PM, error: Service Control Manager [7034] - The Zune Bus Enumerator service terminated unexpectedly. It has done this 3 time(s).
12/5/2010 5:02:43 PM, error: Dhcp [1002] - The IP address lease 10.72.222.149 for the Network Card with network address 0016CF0D0D35 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
12/5/2010 4:28:15 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
12/5/2010 4:28:08 PM, error: Service Control Manager [7031] - The Zune Bus Enumerator service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
12/5/2010 4:28:02 PM, error: Dhcp [1002] - The IP address lease 10.72.223.141 for the Network Card with network address 0016CF0D0D35 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
12/5/2010 10:15:55 AM, error: Service Control Manager [7000] - The Zune Bus Enumerator service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/11/2010 8:29:33 AM, error: Dhcp [1002] - The IP address lease 10.72.223.238 for the Network Card with network address 0016CF0D0D35 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
12/11/2010 3:09:02 PM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
12/11/2010 3:07:20 PM, error: Dhcp [1002] - The IP address lease 10.72.223.236 for the Network Card with network address 0016CF0D0D35 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
12/11/2010 12:58:29 PM, error: Dhcp [1002] - The IP address lease 10.72.223.245 for the Network Card with network address 0016CF0D0D35 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
12/11/2010 12:49:22 PM, error: Service Control Manager [7034] - The AT&T RcAppSvc service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:16 PM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/11/2010 12:49:14 PM, error: Service Control Manager [7034] - The TVT Scheduler service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:14 PM, error: Service Control Manager [7034] - The TVT Backup Service service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:13 PM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:13 PM, error: Service Control Manager [7034] - The IBM KCU Service service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:12 PM, error: Service Control Manager [7034] - The PC Tools Startup and Shutdown Monitor service service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:12 PM, error: Service Control Manager [7034] - The McciCMService service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:12 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:12 PM, error: Service Control Manager [7034] - The ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:11 PM, error: Service Control Manager [7034] - The IPS Core Service service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:09 PM, error: Service Control Manager [7034] - The ThinkPad PM Service service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 12:49:09 PM, error: Service Control Manager [7034] - The BrSplService service terminated unexpectedly. It has done this 1 time(s).
12/11/2010 11:58:25 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Zune Bus Enumerator service to connect.
12/11/2010 11:58:24 AM, error: Service Control Manager [7031] - The Zune Bus Enumerator service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
12/11/2010 10:20:50 AM, error: Service Control Manager [7002] - The BrPar service depends on the Parallel arbitrator group and no member of this group started.
12/11/2010 10:20:50 AM, error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
==== End Of File ===========================
GMER 1.0.15.15530 -
http://www.gmer.net
Rootkit quick scan 2010-12-11 15:06:58
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.AS31
Running: foqqeff8.exe; Driver: C:\DOCUME~1\Oscar\LOCALS~1\Temp\pwwcqfog.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xA49A750A]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xA49A732E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xA49A7468]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp tcpipBM.sys (Bytemobile Kernel Network Provider/Bytemobile, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 mouclass.sys (Mouse Class Driver/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
---- EOF - GMER 1.0.15 ----
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Database version: 5295
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/11/2010 11:57:35 AM
mbam-log-2010-12-11 (11-57-35).txt
Scan type: Full scan (C:\|R:\|)
Objects scanned: 238813
Time elapsed: 1 hour(s), 7 minute(s), 47 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEAC7DC8-E106-4C6A-931E-5A42E7362883} (Adware.GameVance) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\Oscar\application data\microsoft\stor.cfg (Malware.Trace) -> Quarantined and deleted successfully.