Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
Help!Virus keeps blocking webpages??
-
31-03-2010 6:19pm#1
Comments
-
-
-
I'm going away tomorrow so you may want to try do these steps ASAP
1. Please download The Avenger by Swandog46 to your Desktop.- Right click on the Avenger.zip folder and select "Extract All..."
- Follow the prompts and extract the Avenger folder to your desktop
- Make sure that the box next to Scan for rootkits has a tick in it and that the box next to Automatically disable any rootkits found does not have a tick in it.
Begin copying here: Drivers to delete: dsgyueqoa Files to delete: C:\WINDOWS\system32\uogzqfu.dll
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
3. Now, open the avenger folder and start The Avenger program by clicking on its icon.- Right click on the window under Input script here:, and select Paste.
- You can also click on this window and press (Ctrl+V) to paste the contents of the clipboard.
- Click on Execute
- Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:- It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete", The Avenger will actually restart your system twice.)
- On reboot, it will briefly open a black command window on your desktop, this is normal.
- After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
- The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
Download ComboFix here :
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you don't know how to disable them then just continue on.
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.0 -
-
-
Advertisement
-
-
-
-
Yes,worked when I turned AV off on my PC,brilliant thanks.
Heres the OTL.txt notepad-
OTL logfile created on: 02/05/2010 17:12:19 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = F:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 72.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.04 Gb Total Space | 101.60 Gb Free Space | 71.03% Space Free | Partition Type: NTFS
Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 3.74 Gb Total Space | 1.42 Gb Free Space | 38.11% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-FA694358
Current User Name: Elaine
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - File not found -- F:\OTL.exe
PRC - [2010/04/01 17:10:08 | 000,555,520 | ---- | M] (OldTimer Tools) -- F:\OTL(2).exe
PRC - [2010/03/25 22:45:54 | 000,067,072 | -H-- | M] (TRKMFhOU) -- C:\WINDOWS\bill106.exe
PRC - [2010/03/23 22:34:51 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2009/01/26 17:21:52 | 001,258,776 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\Watcher.exe
PRC - [2009/01/15 18:08:08 | 000,058,648 | ---- | M] (Sierra Wireless Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe
PRC - [2009/01/05 17:57:24 | 000,558,360 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
PRC - [2008/12/23 12:23:44 | 000,197,912 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiApiMux.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/17 17:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/03/04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/11/29 19:04:00 | 000,059,168 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2007/08/04 00:35:38 | 002,630,968 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
PRC - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) -- C:\WINDOWS\system32\FpLogonServ.exe
PRC - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe
PRC - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007/02/08 21:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/30 12:02:00 | 000,303,104 | ---- | M] (FUJIFILM Corporation) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
PRC - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/13 20:23:40 | 000,561,213 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2006/11/12 06:03:16 | 001,405,012 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
PRC - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/09/06 08:38:44 | 000,054,824 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
PRC - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/05/19 00:24:06 | 000,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2004/07/28 00:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\Installshield\UpdateService\issch.exe
========== Modules (SafeList) ==========
MOD - [2010/04/01 17:10:08 | 000,555,520 | ---- | M] (OldTimer Tools) -- F:\OTL(2).exe
MOD - [2006/11/12 06:09:38 | 000,077,824 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/04/30 20:37:30 | 000,018,944 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\captcha.dll -- (captcha)
SRV - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/04/14 00:11:56 | 000,121,344 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\WINDOWS\system32\clbcoko.dll -- (swoko)
SRV - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) [Auto | Running] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
SRV - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/11/14 09:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2009/04/02 02:25:35 | 000,033,536 | ---- | M] (Lenovo) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tvtfilter.sys -- (tvtfilter)
DRV - [2009/04/02 02:24:46 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pmemnt.sys -- (pmem)
DRV - [2009/01/22 21:34:55 | 000,028,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/12/02 11:10:04 | 000,173,312 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8u90.sys -- (SWNC8U90) Sierra Wireless MUX NDIS Driver (UMTS90)
DRV - [2008/11/17 15:33:44 | 000,145,280 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumx90.sys -- (SWUMX90) Sierra Wireless USB MUX Driver (UMTS90)
DRV - [2008/04/14 00:11:56 | 000,032,768 | ---- | M] (Aladdin Knowledge Systems) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mrxoko.sys -- (ql600oko)
DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/29 19:04:00 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007/08/10 06:52:44 | 004,603,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/17 05:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/05/22 23:59:38 | 000,030,336 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2007/05/22 08:59:34 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/02/26 04:59:10 | 005,700,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/02/24 22:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 23:46:42 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/02/16 23:09:06 | 009,598,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/02/12 18:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/02/08 20:30:28 | 000,017,664 | ---- | M] (Lenovo Group Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys -- (TVTPktFilter)
DRV - [2007/01/24 01:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/01/24 00:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/15 13:48:48 | 001,711,488 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32) Intel(R)
DRV - [2006/11/13 02:41:20 | 000,862,922 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/11/08 21:49:42 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/10/30 02:51:40 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/08/30 06:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/06/12 16:36:30 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2006/05/24 19:48:14 | 000,010,240 | ---- | M] (Lenovo ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PMHler.sys -- (PMHler)
DRV - [2006/05/19 06:24:20 | 000,193,088 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/09/11 07:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.ie"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/23 22:34:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/23 22:34:56 | 000,000,000 | ---D | M]
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions
[2009/04/07 10:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Firefox\Profiles\xlcf5bp6.default\extensions
[2010/02/21 17:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/16 01:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/16 01:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/16 01:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/16 01:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2010/05/01 21:10:03 | 000,000,935 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.0.4 ospreysvr1
O1 - Hosts: 192.168.0.16 srv-tms-app
O1 - Hosts: 192.168.0.1 fileserver
O1 - Hosts: 192.168.0.13 srv-mail-01.ospreyhotel.local
O1 - Hosts: 192.168.0.49 HR03
O1 - Hosts: 95.143.192.205 u07012010u#com
O1 - Hosts: 85.13.206.115 u07012010u.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AirCardEnabler] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [sysfbtray] C:\WINDOWS\bill106.exe (TRKMFhOU)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - HKLM..\Run: [TRUUpdater] C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe (Sierra Wireless, Inc.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [WatcherHelper] C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe (Sierra Wireless Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
O4 - Startup: C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238610864921 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 08:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/04/14 01:11:56 | 000,059,288 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{182cbe56-26c8-11de-8d37-001eec0b3e97}\Shell - "" = AutoRun
O33 - MountPoints2\{182cbe56-26c8-11de-8d37-001eec0b3e97}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{182cbe56-26c8-11de-8d37-001eec0b3e97}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{182cbe59-26c8-11de-8d37-001eec0b3e97}\Shell - "" = AutoRun
O33 - MountPoints2\{182cbe59-26c8-11de-8d37-001eec0b3e97}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{182cbe59-26c8-11de-8d37-001eec0b3e97}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{6ab1872d-63e4-11de-8db6-001eec0b3e97}\Shell - "" = AutoRun
O33 - MountPoints2\{6ab1872d-63e4-11de-8db6-001eec0b3e97}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006/04/30 01:12:49 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: dsgyueqoa - File not found
NetSvcs: gepprhfg - C:\WINDOWS\system32\uogzqfu.dll ()
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {967B098A-042D-4367-BAC9-8BC11684174F} - Security Update for Microsoft .NET Framework 2.0 (KB917283)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891891626803200)
========== Files/Folders - Created Within 30 Days ==========
[2010/05/02 13:03:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/02 12:52:47 | 000,231,424 | ---- | C] (VIA) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272801147.exe
[2010/05/02 12:49:00 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/05/02 12:39:21 | 000,231,424 | ---- | C] (VIA) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272800342.exe
[2010/05/02 10:54:19 | 000,231,424 | ---- | C] (NVIDIA Corporation) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272794043.exe
[2010/05/02 09:27:18 | 000,231,424 | ---- | C] (NVIDIA Corporation) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272788820.exe
[2010/05/01 21:06:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/01 21:05:53 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/01 21:04:46 | 000,226,304 | ---- | C] (SRS Labs, Inc.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272744276.exe
[2010/05/01 19:10:15 | 000,226,304 | ---- | C] (SRS Labs, Inc.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272737391.exe
[2010/04/30 20:32:21 | 000,227,840 | ---- | C] (WinZip Computing, S.L.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272655919.exe
[2010/04/30 20:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/04/30 18:52:52 | 000,227,840 | ---- | C] (WinZip Computing, S.L.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272649947.exe
[2010/03/30 08:53:44 | 000,227,328 | ---- | C] (Agere Systems) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1269935611.exe
[2010/03/29 19:37:22 | 000,228,864 | ---- | C] (Syntek America Inc.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1269887812.exe
[2010/03/29 19:21:50 | 000,228,864 | ---- | C] (Syntek America Inc.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1269886861.exe
[2010/03/28 21:27:10 | 000,228,864 | ---- | C] (Microsoft Corp.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1269808000.exe
[2010/03/25 22:46:10 | 000,229,888 | ---- | C] (Pivotal Corporation.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1269553558.exe
[2010/03/24 21:11:15 | 000,231,936 | ---- | C] (Simtec Limited) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1269461451.exe
[2010/03/23 22:37:35 | 000,223,744 | ---- | C] (Sun Microsystems) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1269380246.exe
[2010/03/23 20:15:44 | 000,223,744 | ---- | C] (Sun Microsystems) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1269371730.exe
[2010/02/10 09:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/08/21 09:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/08/21 09:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/04/02 02:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2009/04/02 02:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2009/04/02 02:10:21 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/04/02 02:10:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/05/02 17:11:40 | 000,000,267 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 17:05:05 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/02 16:49:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/05/02 13:29:29 | 000,000,001 | ---- | M] () -- C:\WINDOWS\lgo
[2010/05/02 13:25:09 | 000,475,154 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/02 13:25:09 | 000,404,536 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/02 13:25:09 | 000,063,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/02 13:24:29 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272803034.exe
[2010/05/02 13:21:07 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/02 13:20:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/02 13:20:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/02 13:20:34 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/02 12:52:47 | 000,231,424 | ---- | M] (VIA) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272801147.exe
[2010/05/02 12:47:52 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Elaine\NTUSER.DAT
[2010/05/02 12:47:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Elaine\ntuser.ini
[2010/05/02 12:45:06 | 000,000,270 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/02 12:39:21 | 000,231,424 | ---- | M] (VIA) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272800342.exe
[2010/05/02 10:54:19 | 000,231,424 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272794043.exe
[2010/05/02 09:27:18 | 000,231,424 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272788820.exe
[2010/05/01 21:10:03 | 000,000,935 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/05/01 21:10:02 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\0101120101465198.xxe
[2010/05/01 21:09:51 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272744589.exe
[2010/05/01 21:05:58 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2010/05/01 21:04:46 | 000,226,304 | ---- | M] (SRS Labs, Inc.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272744276.exe
[2010/05/01 19:13:36 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Microsoft Office Word 2007.lnk
[2010/05/01 19:10:15 | 000,226,304 | ---- | M] (SRS Labs, Inc.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272737391.exe
[2010/04/30 20:37:30 | 000,018,944 | ---- | M] () -- C:\WINDOWS\System32\captcha.dll
[2010/04/30 20:32:21 | 000,227,840 | ---- | M] (WinZip Computing, S.L.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272655919.exe
[2010/04/30 20:25:13 | 000,227,413 | ---- | M] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272655128.exe
[2010/04/30 18:57:56 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146101115.xxe
[2010/04/30 18:52:52 | 000,227,840 | ---- | M] (WinZip Computing, S.L.) -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272649947.exe
[2010/04/30 18:50:25 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/05/02 17:11:40 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 13:24:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272803034.exe
[2010/05/02 12:45:06 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/01 21:10:02 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\0101120101465198.xxe
[2010/05/01 21:09:51 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272744589.exe
[2010/05/01 21:05:58 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2010/04/30 20:37:30 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\captcha.dll
[2010/04/30 20:25:13 | 000,227,413 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\rdr_1272655128.exe
[2010/04/30 18:57:56 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146101115.xxe
[2010/03/25 22:46:11 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\01011201014610499.xxe
[2010/03/24 21:11:23 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146114101.xxe
[2010/03/24 21:11:22 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146111103.xxe
[2010/03/24 21:11:17 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\01011201014650115.xxe
[2009/12/11 20:55:36 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Elaine\Application Data\Smiley.ico
[2009/12/10 20:47:02 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/08/27 09:44:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/28 10:27:26 | 000,000,636 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/04/02 02:30:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/02 02:19:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/04/02 02:19:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/04/02 02:19:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/04/02 02:19:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/04/02 02:13:44 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2009/04/02 02:13:44 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2009/04/02 02:12:06 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2009/04/02 02:11:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2009/04/02 02:10:22 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2009/04/02 02:10:21 | 009,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/02/28 00:18:28 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\wceprv.dll
[2007/02/09 20:54:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/12 05:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/08/21 15:45:40 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.dll
[2006/04/30 08:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 08:22:10 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/04/30 07:55:42 | 000,164,746 | RHS- | C] () -- C:\WINDOWS\System32\uogzqfu.dll
[2005/02/17 19:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 19:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 20:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2006/04/30 08:13:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/05/02 12:49:00 | 000,001,094 | ---- | M] () -- C:\avenger.txt
[2009/04/02 02:34:51 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2006/04/30 08:13:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/04/02 02:20:22 | 000,001,266 | ---- | M] () -- C:\drivez.log
[2010/03/22 23:11:03 | 000,030,169 | ---- | M] () -- C:\fb20100322.log
[2010/03/23 22:37:35 | 000,032,434 | ---- | M] () -- C:\fb20100323.log
[2010/03/24 23:37:04 | 000,041,319 | ---- | M] () -- C:\fb20100324.log
[2010/03/25 23:27:01 | 000,020,933 | ---- | M] () -- C:\fb20100325.log
[2010/03/28 22:19:30 | 000,017,174 | ---- | M] () -- C:\fb20100328.log
[2010/03/29 23:14:58 | 000,057,677 | ---- | M] () -- C:\fb20100329.log
[2010/03/30 13:52:54 | 000,039,249 | ---- | M] () -- C:\fb20100330.log
[2010/04/30 21:15:23 | 000,048,438 | ---- | M] () -- C:\fb20100430.log
[2010/05/01 21:29:19 | 000,017,825 | ---- | M] () -- C:\fb20100501.log
[2010/05/02 17:12:27 | 000,058,457 | ---- | M] () -- C:\fb20100502.log
[2010/05/02 13:20:34 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2006/04/30 08:13:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/04/30 08:13:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/04/01 19:58:05 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2010/05/02 13:20:28 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009/04/02 02:12:34 | 000,000,542 | ---- | M] () -- C:\RHDSetup.log
[2009/04/02 02:11:11 | 000,000,086 | ---- | M] () -- C:\setup.log
[2009/04/02 02:00:41 | 000,000,093 | ---- | M] () -- C:\syslevel.lgl
[2010/05/02 13:20:38 | 000,006,732 | ---- | M] () -- C:\TPHKLOCK.TXT
< MD5 for: AGP440.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/04/01 19:57:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/04/01 19:57:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 07:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/04/01 19:57:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/04/01 19:57:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2007/04/03 11:39:42 | 000,096,384 | ---- | M] (Microsoft Corporation) MD5=2218E3FD674DC284CE98C807086CAB14 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2007/04/03 11:39:42 | 000,096,384 | ---- | M] (Microsoft Corporation) MD5=2218E3FD674DC284CE98C807086CAB14 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: IASTOR.SYS >
[2007/02/12 05:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\drivers\other\iastor.sys
[2007/02/12 05:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\SWTOOLS\DRIVERS\IMSM\iastor.sys
[2007/02/12 18:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\system32\drivers\iaStor.sys
< MD5 for: NETLOGON.DLL >
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004/08/04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/14 01:11:56 | 000,164,746 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\uogzqfu.dll
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.exe /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006/04/30 01:03:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/04/30 01:03:02 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/04/30 01:03:02 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\*. >
[2009/04/02 02:21:17 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/04/21 20:47:57 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/02/10 08:56:52 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2009/04/02 02:12:49 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2009/10/19 20:28:10 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2009/10/19 20:10:06 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2009/10/19 20:14:36 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2006/04/30 01:09:57 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/04/02 02:24:26 | 000,000,000 | ---D | M] -- C:\Program Files\Diskeeper Corporation
[2010/05/01 21:05:58 | 000,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2010/02/06 12:42:33 | 000,000,000 | ---D | M] -- C:\Program Files\FinePixViewer
[2010/03/28 21:40:18 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/02/10 09:21:53 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2009/04/21 20:46:05 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/04/02 02:13:11 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/02/06 15:57:28 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/04/02 02:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/04/07 10:08:50 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/04/01 19:30:53 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo
[2009/04/02 02:23:54 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo Fingerprint Software
[2009/04/02 02:21:40 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo Registration
[2010/03/28 21:41:06 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2009/04/01 20:00:41 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2006/04/30 01:17:09 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/04/02 03:15:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/04/02 03:15:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/04/02 03:13:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2009/04/02 03:16:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/04/02 03:15:15 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2009/04/01 20:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/03/23 22:35:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/04/02 03:16:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2006/04/30 01:09:17 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2006/04/30 01:09:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/04/02 02:08:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/04/01 19:59:09 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/04/11 19:40:25 | 000,000,000 | ---D | M] -- C:\Program Files\O2
[2006/04/30 01:11:29 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/04/01 19:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/08/25 12:44:56 | 000,000,000 | ---D | M] -- C:\Program Files\Photo Story 3 for Windows
[2009/04/21 20:48:22 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/04/02 02:12:16 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/04/02 02:20:53 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/12/10 20:47:47 | 000,000,000 | ---D | M] -- C:\Program Files\Sierra Wireless Inc
[2009/09/02 20:52:14 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2009/04/02 02:20:58 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic Icons for Lenovo
[2009/04/02 02:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2006/04/30 01:21:19 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/04/02 02:35:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2009/08/17 15:20:22 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2009/08/17 15:20:21 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/04/01 19:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/04/30 01:11:34 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2006/04/30 01:17:09 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >0 -
And heres the Extras.txt-
OTL Extras logfile created on: 02/05/2010 17:12:19 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = F:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 72.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.04 Gb Total Space | 101.60 Gb Free Space | 71.03% Space Free | Partition Type: NTFS Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 3.74 Gb Total Space | 1.42 Gb Free Space | 38.11% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-FA694358
Current User Name: Elaine
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJIFILM Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"8085:TCP" = 8085:TCP:*:Enabled:MyOKOPort
"5954:TCP" = 5954:TCP:*:Enabled:djiuad
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe" = C:\Program Files\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)
"C:\Program Files\Sierra Wireless Inc\3G Watcher\TRUUpdater.exe" = C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe:*:Enabled:TRUUpdater -- (Sierra Wireless, Inc.)
"" =
"C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiApiMux.exe" = C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.5
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Integrated Camera
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.32
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Lite
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{89A432D7-FC6F-4D17-AE76-D6063FB2BD99}" = Sierra Wireless 3G Watcher
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A52A504E-18BE-4821-9A2A-BFB4542DA0BD}" = Lenovo PM Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6876FE6-A314-4628-B0D7-F3EE5E35C4B4}" = Windows Live Toolbar
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}" = FinePix Studio
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EC422FB2-9F4D-4FB1-A5CE-5F741132EBC5}" = Lenovo Fingerprint Software
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{F055E1B2-8A05-4D87-8039-1BE979BA4193}" = Client Security Solution
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Canon MP540 series User Registration" = Canon MP540 series User Registration
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Digital Media LE" = Roxio Digital Media LE
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver
"Lenovo Registration" = Lenovo Registration
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OnScreenDisplay" = On Screen Display
"PCMCIAPW" = ThinkPad PC Card Power Policy
"ProInst" = Intel(R) PROSet/Wireless Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30/04/2010 14:01:21 | Computer Name = LENOVO-FA694358 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module acgenral.dll, version 5.1.2600.5512, fault address 0x000116e2.
Error - 30/04/2010 15:22:41 | Computer Name = LENOVO-FA694358 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module acgenral.dll, version 5.1.2600.5512, fault address 0x000116e2.
Error - 30/04/2010 15:22:45 | Computer Name = LENOVO-FA694358 | Source = Application Error | ID = 1001
Description = Fault bucket 990512863.
Error - 01/05/2010 08:05:05 | Computer Name = LENOVO-FA694358 | Source = Google Update | ID = 20
Description =
Error - 02/05/2010 05:05:08 | Computer Name = LENOVO-FA694358 | Source = Google Update | ID = 20
Description =
Error - 02/05/2010 07:56:03 | Computer Name = LENOVO-FA694358 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x001f1cb0.
Error - 02/05/2010 08:50:06 | Computer Name = LENOVO-FA694358 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3727, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 02/05/2010 08:50:07 | Computer Name = LENOVO-FA694358 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3727, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 02/05/2010 11:48:36 | Computer Name = LENOVO-FA694358 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module clbcoko.dll, version 8.90.44.43, fault address 0x000021b0.
Error - 02/05/2010 12:05:05 | Computer Name = LENOVO-FA694358 | Source = Google Update | ID = 20
Description =
[ OSession Events ]
Error - 28/05/2009 12:08:36 | Computer Name = LENOVO-FA694358 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2521
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 02/05/2010 07:51:58 | Computer Name = LENOVO-FA694358 | Source = Dhcp | ID = 1002
Description = The IP address lease 89.204.199.80 for the Network Card with network
address 00A0D5FFFFAB has been denied by the DHCP server 89.204.195.253 (The DHCP
Server sent a DHCPNACK message).
Error - 02/05/2010 08:20:40 | Computer Name = LENOVO-FA694358 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service BITS with arguments
"" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 02/05/2010 08:20:40 | Computer Name = LENOVO-FA694358 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service BITS with arguments
"" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 02/05/2010 08:21:07 | Computer Name = LENOVO-FA694358 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service BITS with arguments
"" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 02/05/2010 08:21:07 | Computer Name = LENOVO-FA694358 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service BITS with arguments
"" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 02/05/2010 08:21:07 | Computer Name = LENOVO-FA694358 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service BITS with arguments
"" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 02/05/2010 08:29:13 | Computer Name = LENOVO-FA694358 | Source = Dhcp | ID = 1002
Description = The IP address lease 89.204.207.188 for the Network Card with network
address 00A0D5FFFFAB has been denied by the DHCP server 62.40.52.253 (The DHCP Server
sent a DHCPNACK message).
Error - 02/05/2010 08:49:00 | Computer Name = LENOVO-FA694358 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 02/05/2010 11:48:36 | Computer Name = LENOVO-FA694358 | Source = Service Control Manager | ID = 7031
Description = The DHCP extensions Kernel Driver VMware service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
60000 milliseconds: Restart the service.
Error - 02/05/2010 11:49:00 | Computer Name = LENOVO-FA694358 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
< End of report >0 -
Advertisement
-
-
-
-
-
-
try this
Please download Dr.Web CureIt . Save it to your desktop:- Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in the pop-up window to allow the scan.
- This will scan the files currently running in memory and if something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.
- Once the short scan has finished, select Complete scan.
- Click the green arrow
at the right, and the scan will start. - Click Yes to all if it asks if you want to cure/move the file.
- When the scan has finished, in the menu, click File and choose Save report list
- Save the report to your desktop. The report will be called DrWeb.csv
- Note:this report may need to be renamed to Dr.Web.txt in order to post it on the forum.
- Please post the Dr.Web.txt report in your next reply
- Close Dr.Web Cureit.
- Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on the X in the upper right corner.
* Go here to run an online scannner from ESET.- Note: You will need to use Internet explorer for this scan
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the activex control to install
- Click Start
- Check next options: Remove found threats and Scan unwanted applications.
- Click Scan
- Wait for the scan to finish
- Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt
- Copy and paste that log as a reply to this topic
0 -
-
-
-
-
Advertisement
-
-
will recommend some at the end, lets try this again
Download ComboFix here :
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them
Click me - Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.0 - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them
-
-
-
Yep,using link 1.Link 2 brings me to some Spanish site!Heres the OTL.Txt notepad-The Extras.Txt window didn't open,only 1 window did
OTL logfile created on: 08/05/2010 19:25:46 - Run 2
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Elaine\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 75.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.04 Gb Total Space | 101.33 Gb Free Space | 70.84% Space Free | Partition Type: NTFS Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-FA694358
Current User Name: Elaine
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/05/08 19:22:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\My Documents\Downloads\OTL.exe
PRC - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2009/01/26 17:21:52 | 001,258,776 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\Watcher.exe
PRC - [2009/01/15 18:08:08 | 000,058,648 | ---- | M] (Sierra Wireless Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe
PRC - [2009/01/15 17:55:02 | 000,197,912 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe
PRC - [2009/01/05 17:57:24 | 000,558,360 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/17 17:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/03/04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/11/29 19:04:00 | 000,059,168 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2007/08/04 00:42:08 | 000,927,032 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe
PRC - [2007/08/04 00:35:38 | 002,630,968 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
PRC - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) -- C:\WINDOWS\system32\FpLogonServ.exe
PRC - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe
PRC - [2007/03/16 13:26:18 | 000,031,840 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMHandler.exe
PRC - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007/02/08 21:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/30 12:02:00 | 000,303,104 | ---- | M] (FUJIFILM Corporation) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
PRC - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/12/29 03:48:10 | 000,569,344 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2uvc.exe
PRC - [2006/11/13 20:23:40 | 000,561,213 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2006/11/12 06:03:16 | 001,405,012 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
PRC - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/10/23 09:48:20 | 000,040,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2006/09/06 08:38:44 | 000,054,824 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
PRC - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/05/19 00:24:06 | 000,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2004/07/28 00:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\Installshield\UpdateService\issch.exe
========== Modules (SafeList) ==========
MOD - [2010/05/08 19:22:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\My Documents\Downloads\OTL.exe
MOD - [2008/04/14 01:12:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/14 01:12:09 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 18:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2007/08/04 00:42:18 | 000,660,792 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll
MOD - [2007/08/04 00:42:10 | 002,094,392 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvt_passwordmanager.dll
MOD - [2007/08/04 00:28:10 | 001,324,344 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_dlgcustompolicy.dll
MOD - [2007/08/04 00:28:06 | 000,714,040 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_banner.dll
MOD - [2007/08/04 00:28:02 | 005,174,584 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_lenovo_res.dll
MOD - [2007/08/04 00:27:46 | 001,910,072 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\csswait.dll
MOD - [2007/08/04 00:27:42 | 000,800,056 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\cssuserdatadispatcher.dll
MOD - [2007/08/04 00:19:10 | 000,664,888 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\tcsrpc.dll
MOD - [2007/08/04 00:19:06 | 000,386,360 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\tvttsp.dll
MOD - [2007/08/04 00:09:58 | 000,066,872 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_lenovo_res2.dll
MOD - [2006/11/12 06:09:38 | 000,077,824 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) [Auto | Running] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
SRV - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/11/14 09:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2009/04/02 02:25:35 | 000,033,536 | ---- | M] (Lenovo) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tvtfilter.sys -- (tvtfilter)
DRV - [2009/04/02 02:24:46 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pmemnt.sys -- (pmem)
DRV - [2009/01/22 21:34:55 | 000,028,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/12/02 11:10:04 | 000,173,312 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swnc8u90.sys -- (SWNC8U90) Sierra Wireless MUX NDIS Driver (UMTS90)
DRV - [2008/11/17 15:33:44 | 000,145,280 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swumx90.sys -- (SWUMX90) Sierra Wireless USB MUX Driver (UMTS90)
DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/29 19:04:00 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007/08/10 06:52:44 | 004,603,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/17 05:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/05/22 23:59:38 | 000,030,336 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2007/05/22 08:59:34 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/02/26 04:59:10 | 005,700,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/02/24 22:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 23:46:42 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/02/16 23:09:06 | 009,598,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/02/12 18:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/02/08 20:30:28 | 000,017,664 | ---- | M] (Lenovo Group Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys -- (TVTPktFilter)
DRV - [2007/01/24 01:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/01/24 00:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/15 13:48:48 | 001,711,488 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32) Intel(R)
DRV - [2006/11/13 02:41:20 | 000,862,922 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/11/08 21:49:42 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/10/30 02:51:40 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/08/30 06:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/06/12 16:36:30 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2006/05/24 19:48:14 | 000,010,240 | ---- | M] (Lenovo ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PMHler.sys -- (PMHler)
DRV - [2006/05/19 06:24:20 | 000,193,088 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/09/11 07:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.ie"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/08 15:29:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/08 15:29:12 | 000,000,000 | ---D | M]
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions
[2009/04/07 10:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Firefox\Profiles\xlcf5bp6.default\extensions
[2010/02/21 17:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/16 01:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/16 01:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/16 01:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/16 01:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2010/05/08 13:22:02 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AirCardEnabler] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - HKLM..\Run: [TRUUpdater] C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe (Sierra Wireless, Inc.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [WatcherHelper] C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe (Sierra Wireless Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
O4 - Startup: C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238610864921 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.40.32.33 8.8.8.8
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 08:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: ias - C:\WINDOWS\system32\ias [2006/04/30 01:12:49 | 000,000,000 | ---D | M]
NetSvcs: iprip - File not found
NetSvcs: irmon - File not found
NetSvcs: nwcworkstation - File not found
NetSvcs: nwsapagent - File not found
NetSvcs: wmdmpmsp - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {967B098A-042D-4367-BAC9-8BC11684174F} - Security Update for Microsoft .NET Framework 2.0 (KB917283)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)
========== Files/Folders - Created Within 30 Days ==========
[2010/05/08 13:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/05/08 13:21:44 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/05/08 13:20:16 | 000,510,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Elaine\Desktop\OTM.exe
[2010/05/08 09:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elaine\DoctorWeb
[2010/05/02 13:03:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/02 12:49:00 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/05/01 21:06:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/01 21:05:53 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/04/30 20:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/10 09:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/08/21 09:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/08/21 09:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/04/02 02:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2009/04/02 02:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2009/04/02 02:10:21 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/04/02 02:10:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
========== Files - Modified Within 30 Days ==========
[2010/05/08 19:23:14 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL.lnk
[2010/05/08 19:21:14 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/08 18:49:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/05/08 18:25:39 | 000,475,154 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/08 18:25:39 | 000,404,536 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/08 18:25:39 | 000,063,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/08 18:21:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/08 18:21:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/08 18:21:28 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/08 18:20:51 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Elaine\NTUSER.DAT
[2010/05/08 18:20:29 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Elaine\ntuser.ini
[2010/05/08 18:05:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/08 15:40:43 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to ComboFix.lnk
[2010/05/08 13:22:02 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/05/08 13:20:16 | 000,510,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\Desktop\OTM.exe
[2010/05/08 09:34:20 | 000,000,450 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\DrWeb.csv
[2010/05/08 09:06:38 | 000,000,287 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to drweb-cureit.lnk
[2010/05/08 08:37:01 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/02 17:11:40 | 000,000,267 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 13:29:29 | 000,000,001 | ---- | M] () -- C:\WINDOWS\lgo
[2010/05/02 12:45:06 | 000,000,270 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/01 21:10:02 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\0101120101465198.xxe
[2010/05/01 21:05:58 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2010/05/01 19:13:36 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Microsoft Office Word 2007.lnk
[2010/04/30 18:57:56 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146101115.xxe
========== Files Created - No Company Name ==========
[2010/05/08 19:23:14 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL.lnk
[2010/05/08 15:40:43 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to ComboFix.lnk
[2010/05/08 09:34:20 | 000,000,450 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\DrWeb.csv
[2010/05/08 09:06:38 | 000,000,287 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to drweb-cureit.lnk
[2010/05/02 17:11:40 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 12:45:06 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/01 21:10:02 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\0101120101465198.xxe
[2010/05/01 21:05:58 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2010/04/30 18:57:56 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146101115.xxe
[2010/03/25 22:46:11 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\01011201014610499.xxe
[2010/03/24 21:11:23 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146114101.xxe
[2010/03/24 21:11:22 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146111103.xxe
[2010/03/24 21:11:17 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\01011201014650115.xxe
[2009/12/11 20:55:36 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Elaine\Application Data\Smiley.ico
[2009/12/10 20:47:02 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/08/27 09:44:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/28 10:27:26 | 000,000,636 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/04/02 02:35:05 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\Elaine\NTUSER.DAT
[2009/04/02 02:35:05 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\Elaine\ntuser.dat.LOG
[2009/04/02 02:35:05 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Elaine\ntuser.ini
[2009/04/02 02:34:54 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009/04/02 02:34:54 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2009/04/02 02:30:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/02 02:19:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/04/02 02:19:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/04/02 02:19:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/04/02 02:19:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/04/02 02:13:44 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2009/04/02 02:13:44 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2009/04/02 02:12:06 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2009/04/02 02:11:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2009/04/02 02:10:22 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2009/04/02 02:10:21 | 009,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/02/28 00:18:28 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\wceprv.dll
[2007/02/09 20:54:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/12 05:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/08/21 15:45:40 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.dll
[2006/04/30 08:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 08:22:10 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/02/17 19:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 19:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 20:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2006/04/30 08:13:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/05/02 12:49:00 | 000,001,094 | ---- | M] () -- C:\avenger.txt
[2009/04/02 02:34:51 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2006/04/30 08:13:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/04/02 02:20:22 | 000,001,266 | ---- | M] () -- C:\drivez.log
[2010/03/22 23:11:03 | 000,030,169 | ---- | M] () -- C:\fb20100322.log
[2010/03/23 22:37:35 | 000,032,434 | ---- | M] () -- C:\fb20100323.log
[2010/03/24 23:37:04 | 000,041,319 | ---- | M] () -- C:\fb20100324.log
[2010/03/25 23:27:01 | 000,020,933 | ---- | M] () -- C:\fb20100325.log
[2010/03/28 22:19:30 | 000,017,174 | ---- | M] () -- C:\fb20100328.log
[2010/03/29 23:14:58 | 000,057,677 | ---- | M] () -- C:\fb20100329.log
[2010/03/30 13:52:54 | 000,039,249 | ---- | M] () -- C:\fb20100330.log
[2010/04/30 21:15:23 | 000,048,438 | ---- | M] () -- C:\fb20100430.log
[2010/05/01 21:29:19 | 000,017,825 | ---- | M] () -- C:\fb20100501.log
[2010/05/02 17:55:39 | 000,061,606 | ---- | M] () -- C:\fb20100502.log
[2010/05/03 19:38:12 | 000,003,370 | ---- | M] () -- C:\fb20100503.log
[2010/05/08 18:21:28 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2006/04/30 08:13:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/04/30 08:13:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/04/01 19:58:05 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2010/05/08 18:21:26 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009/04/02 02:12:34 | 000,000,542 | ---- | M] () -- C:\RHDSetup.log
[2009/04/02 02:11:11 | 000,000,086 | ---- | M] () -- C:\setup.log
[2009/04/02 02:00:41 | 000,000,093 | ---- | M] () -- C:\syslevel.lgl
[2010/05/08 18:21:31 | 000,006,852 | ---- | M] () -- C:\TPHKLOCK.TXT
< MD5 for: AGP440.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/04/01 19:57:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/04/01 19:57:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 07:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/04/01 19:57:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/04/01 19:57:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2007/04/03 11:39:42 | 000,096,384 | ---- | M] (Microsoft Corporation) MD5=2218E3FD674DC284CE98C807086CAB14 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2007/04/03 11:39:42 | 000,096,384 | ---- | M] (Microsoft Corporation) MD5=2218E3FD674DC284CE98C807086CAB14 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: IASTOR.SYS >
[2007/02/12 05:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\drivers\other\iastor.sys
[2007/02/12 05:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\SWTOOLS\DRIVERS\IMSM\iastor.sys
[2007/02/12 18:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\system32\drivers\iaStor.sys
< MD5 for: NETLOGON.DLL >
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004/08/04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006/04/30 01:03:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/04/30 01:03:02 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/04/30 01:03:02 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\*. >
[2009/04/02 02:21:17 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/04/21 20:47:57 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/02/10 08:56:52 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2009/04/02 02:12:49 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2009/10/19 20:28:10 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2009/10/19 20:10:06 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2009/10/19 20:14:36 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2006/04/30 01:09:57 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/04/02 02:24:26 | 000,000,000 | ---D | M] -- C:\Program Files\Diskeeper Corporation
[2010/05/01 21:05:58 | 000,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2010/05/08 13:29:27 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2010/02/06 12:42:33 | 000,000,000 | ---D | M] -- C:\Program Files\FinePixViewer
[2010/03/28 21:40:18 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/02/10 09:21:53 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2009/04/21 20:46:05 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/04/02 02:13:11 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/02/06 15:57:28 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/04/02 02:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/04/07 10:08:50 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/04/01 19:30:53 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo
[2009/04/02 02:23:54 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo Fingerprint Software
[2009/04/02 02:21:40 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo Registration
[2010/03/28 21:41:06 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2009/04/01 20:00:41 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2006/04/30 01:17:09 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/04/02 03:15:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/04/02 03:15:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/04/02 03:13:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2009/04/02 03:16:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/04/02 03:15:15 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2009/04/01 20:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/05/08 15:29:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/04/02 03:16:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2006/04/30 01:09:17 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2006/04/30 01:09:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/04/02 02:08:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/04/01 19:59:09 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/04/11 19:40:25 | 000,000,000 | ---D | M] -- C:\Program Files\O2
[2006/04/30 01:11:29 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/04/01 19:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/08/25 12:44:56 | 000,000,000 | ---D | M] -- C:\Program Files\Photo Story 3 for Windows
[2009/04/21 20:48:22 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/04/02 02:12:16 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/04/02 02:20:53 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/12/10 20:47:47 | 000,000,000 | ---D | M] -- C:\Program Files\Sierra Wireless Inc
[2009/09/02 20:52:14 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2009/04/02 02:20:58 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic Icons for Lenovo
[2009/04/02 02:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2006/04/30 01:21:19 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/04/02 02:35:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2009/08/17 15:20:22 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2009/08/17 15:20:21 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/04/01 19:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/04/30 01:11:34 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2006/04/30 01:17:09 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< >
< End of report >0 -
-
Heres the log after I ran OTL quick scan.Excuse my ignorance but how do i update mbam??
OTL logfile created on: 08/05/2010 22:40:10 - Run 3
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Elaine\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.04 Gb Total Space | 101.34 Gb Free Space | 70.84% Space Free | Partition Type: NTFS Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-FA694358
Current User Name: Elaine
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/05/08 19:22:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\My Documents\Downloads\OTL.exe
PRC - [2010/05/08 15:29:06 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2009/01/26 17:21:52 | 001,258,776 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\Watcher.exe
PRC - [2009/01/15 18:08:08 | 000,058,648 | ---- | M] (Sierra Wireless Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe
PRC - [2009/01/05 17:57:24 | 000,558,360 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
PRC - [2008/12/23 12:23:44 | 000,197,912 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiApiMux.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/17 17:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/03/04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/11/29 19:04:00 | 000,059,168 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2007/08/04 00:42:08 | 000,927,032 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe
PRC - [2007/08/04 00:35:38 | 002,630,968 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
PRC - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) -- C:\WINDOWS\system32\FpLogonServ.exe
PRC - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe
PRC - [2007/03/16 13:26:18 | 000,031,840 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMHandler.exe
PRC - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007/02/08 21:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/30 12:02:00 | 000,303,104 | ---- | M] (FUJIFILM Corporation) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
PRC - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/12/29 03:48:10 | 000,569,344 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2uvc.exe
PRC - [2006/11/13 20:23:40 | 000,561,213 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2006/11/12 06:03:16 | 001,405,012 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
PRC - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/10/23 09:48:20 | 000,040,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2006/09/06 08:38:44 | 000,054,824 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
PRC - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/05/19 00:24:06 | 000,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2004/07/28 00:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\Installshield\UpdateService\issch.exe
========== Modules (SafeList) ==========
MOD - [2010/05/08 19:22:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\My Documents\Downloads\OTL.exe
MOD - [2008/04/14 01:12:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/14 01:12:09 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 18:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2007/08/04 00:42:18 | 000,660,792 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll
MOD - [2007/08/04 00:42:10 | 002,094,392 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvt_passwordmanager.dll
MOD - [2007/08/04 00:28:10 | 001,324,344 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_dlgcustompolicy.dll
MOD - [2007/08/04 00:28:06 | 000,714,040 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_banner.dll
MOD - [2007/08/04 00:28:02 | 005,174,584 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_lenovo_res.dll
MOD - [2007/08/04 00:27:46 | 001,910,072 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\csswait.dll
MOD - [2007/08/04 00:27:42 | 000,800,056 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\cssuserdatadispatcher.dll
MOD - [2007/08/04 00:19:10 | 000,664,888 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\tcsrpc.dll
MOD - [2007/08/04 00:19:06 | 000,386,360 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\tvttsp.dll
MOD - [2007/08/04 00:09:58 | 000,066,872 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_lenovo_res2.dll
MOD - [2006/11/12 06:09:38 | 000,077,824 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) [Auto | Running] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
SRV - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/11/14 09:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.ie"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/08 15:29:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/08 15:29:12 | 000,000,000 | ---D | M]
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions
[2009/04/07 10:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Firefox\Profiles\xlcf5bp6.default\extensions
[2010/02/21 17:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/16 01:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/16 01:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/16 01:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/16 01:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2010/05/08 22:36:40 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AirCardEnabler] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - HKLM..\Run: [TRUUpdater] C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe (Sierra Wireless, Inc.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [WatcherHelper] C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe (Sierra Wireless Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
O4 - Startup: C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238610864921 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.40.32.33 8.8.8.8
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 08:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 14 Days ==========
[2010/05/08 22:36:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/08 13:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/05/08 13:21:44 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/05/08 13:20:16 | 000,510,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Elaine\Desktop\OTM.exe
[2010/05/08 09:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elaine\DoctorWeb
[2010/05/02 13:03:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/02 12:49:00 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/05/01 21:06:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/01 21:05:53 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/04/30 20:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/10 09:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/08/21 09:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/08/21 09:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/04/02 02:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2009/04/02 02:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2009/04/02 02:10:21 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/04/02 02:10:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
========== Files - Modified Within 14 Days ==========
[2010/05/08 22:37:55 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/08 22:37:42 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/08 22:37:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/08 22:37:37 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/08 22:36:50 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Elaine\NTUSER.DAT
[2010/05/08 22:36:50 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Elaine\ntuser.ini
[2010/05/08 22:36:40 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/05/08 20:05:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/08 19:49:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/05/08 19:23:14 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL.lnk
[2010/05/08 18:25:39 | 000,475,154 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/08 18:25:39 | 000,404,536 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/08 18:25:39 | 000,063,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/08 15:40:43 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to ComboFix.lnk
[2010/05/08 13:20:16 | 000,510,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\Desktop\OTM.exe
[2010/05/08 09:34:20 | 000,000,450 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\DrWeb.csv
[2010/05/08 09:06:38 | 000,000,287 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to drweb-cureit.lnk
[2010/05/08 08:37:01 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/02 17:11:40 | 000,000,267 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 12:45:06 | 000,000,270 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/01 21:10:02 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\0101120101465198.xxe
[2010/05/01 21:05:58 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2010/05/01 19:13:36 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Microsoft Office Word 2007.lnk
========== Files Created - No Company Name ==========
[2010/05/08 19:23:14 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL.lnk
[2010/05/08 15:40:43 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to ComboFix.lnk
[2010/05/08 09:34:20 | 000,000,450 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\DrWeb.csv
[2010/05/08 09:06:38 | 000,000,287 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to drweb-cureit.lnk
[2010/05/02 17:11:40 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 12:45:06 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/01 21:10:02 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\0101120101465198.xxe
[2010/05/01 21:05:58 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2010/03/25 22:46:11 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\01011201014610499.xxe
[2010/03/24 21:11:23 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146114101.xxe
[2010/03/24 21:11:22 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\010112010146111103.xxe
[2010/03/24 21:11:17 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\01011201014650115.xxe
[2009/12/11 20:55:36 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Elaine\Application Data\Smiley.ico
[2009/12/10 20:47:02 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/08/27 09:44:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/28 10:27:26 | 000,000,636 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/04/02 02:35:05 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\Elaine\NTUSER.DAT
[2009/04/02 02:35:05 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Elaine\ntuser.dat.LOG
[2009/04/02 02:35:05 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Elaine\ntuser.ini
[2009/04/02 02:34:54 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009/04/02 02:34:54 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2009/04/02 02:30:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/02 02:19:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/04/02 02:19:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/04/02 02:19:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/04/02 02:19:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/04/02 02:13:44 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2009/04/02 02:13:44 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2009/04/02 02:12:06 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2009/04/02 02:11:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2009/04/02 02:10:22 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2009/04/02 02:10:21 | 009,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/02/28 00:18:28 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\wceprv.dll
[2007/02/09 20:54:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/12 05:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/08/21 15:45:40 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.dll
[2006/04/30 08:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 08:22:10 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/02/17 19:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 19:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 20:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2009/12/11 20:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\39203
[2010/04/30 20:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/10/19 20:10:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/10/19 21:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2009/10/19 21:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2009/10/19 20:28:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010/04/30 18:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2009/10/19 21:15:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2009/04/12 17:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2010/02/10 08:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2009/10/19 21:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Canon
[2009/04/21 20:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\FUJIFILM
[2010/02/27 11:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\InterVideo
[2009/04/12 17:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Lenovo
[2010/03/28 21:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\LimeWire
[2009/12/10 20:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Sierra Wireless
[2009/07/24 20:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\uTorrent
[2010/05/08 19:49:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
========== Purity Check ==========
< End of report >0 -
-
-
Advertisement
-
Heres OTL logfile-
OTL logfile created on: 09/05/2010 00:20:04 - Run 4
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Elaine\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.04 Gb Total Space | 101.35 Gb Free Space | 70.85% Space Free | Partition Type: NTFS Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-FA694358
Current User Name: Elaine
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/05/08 19:22:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\My Documents\Downloads\OTL.exe
PRC - [2010/05/08 15:29:06 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2009/01/26 17:21:52 | 001,258,776 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\Watcher.exe
PRC - [2009/01/15 18:08:08 | 000,058,648 | ---- | M] (Sierra Wireless Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe
PRC - [2009/01/15 17:55:02 | 000,197,912 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe
PRC - [2009/01/05 17:57:24 | 000,558,360 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/17 17:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/03/04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/11/29 19:04:00 | 000,059,168 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2007/08/04 00:42:08 | 000,927,032 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe
PRC - [2007/08/04 00:35:38 | 002,630,968 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
PRC - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) -- C:\WINDOWS\system32\FpLogonServ.exe
PRC - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe
PRC - [2007/03/16 13:26:18 | 000,031,840 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMHandler.exe
PRC - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007/02/08 21:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/30 12:02:00 | 000,303,104 | ---- | M] (FUJIFILM Corporation) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
PRC - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/12/29 03:48:10 | 000,569,344 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2uvc.exe
PRC - [2006/11/13 20:23:40 | 000,561,213 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2006/11/12 06:03:16 | 001,405,012 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
PRC - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/10/23 09:48:20 | 000,040,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2006/09/06 08:38:44 | 000,054,824 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
PRC - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/05/19 00:24:06 | 000,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2004/07/28 00:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\Installshield\UpdateService\issch.exe
========== Modules (SafeList) ==========
MOD - [2010/05/08 19:22:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\My Documents\Downloads\OTL.exe
MOD - [2008/04/14 01:12:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/14 01:12:09 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 18:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2007/08/04 00:42:18 | 000,660,792 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll
MOD - [2007/08/04 00:42:10 | 002,094,392 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvt_passwordmanager.dll
MOD - [2007/08/04 00:28:10 | 001,324,344 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_dlgcustompolicy.dll
MOD - [2007/08/04 00:28:06 | 000,714,040 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_banner.dll
MOD - [2007/08/04 00:28:02 | 005,174,584 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_lenovo_res.dll
MOD - [2007/08/04 00:27:46 | 001,910,072 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\csswait.dll
MOD - [2007/08/04 00:27:42 | 000,800,056 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\cssuserdatadispatcher.dll
MOD - [2007/08/04 00:19:10 | 000,664,888 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\tcsrpc.dll
MOD - [2007/08/04 00:19:06 | 000,386,360 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\tvttsp.dll
MOD - [2007/08/04 00:09:58 | 000,066,872 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_lenovo_res2.dll
MOD - [2006/11/12 06:09:38 | 000,077,824 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) [Auto | Running] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
SRV - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/11/14 09:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.ie"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/08 15:29:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/08 15:29:12 | 000,000,000 | ---D | M]
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions
[2009/04/07 10:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Firefox\Profiles\xlcf5bp6.default\extensions
[2010/02/21 17:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/16 01:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/16 01:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/16 01:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/16 01:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2010/05/09 00:16:39 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AirCardEnabler] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - HKLM..\Run: [TRUUpdater] C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe (Sierra Wireless, Inc.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [WatcherHelper] C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe (Sierra Wireless Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
O4 - Startup: C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238610864921 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.40.32.33 8.8.8.8
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 08:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 14 Days ==========
[2010/05/08 22:36:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/08 13:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/05/08 13:21:44 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/05/08 13:20:16 | 000,510,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Elaine\Desktop\OTM.exe
[2010/05/08 09:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elaine\DoctorWeb
[2010/05/02 13:03:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/02 12:49:00 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/05/01 21:06:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/01 21:05:53 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/04/30 20:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/10 09:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/08/21 09:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/08/21 09:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/04/02 02:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2009/04/02 02:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2009/04/02 02:10:21 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/04/02 02:10:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
========== Files - Modified Within 14 Days ==========
[2010/05/09 00:17:51 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/09 00:17:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/09 00:17:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/09 00:17:34 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/09 00:16:50 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Elaine\NTUSER.DAT
[2010/05/09 00:16:50 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Elaine\ntuser.ini
[2010/05/09 00:16:39 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/05/09 00:09:16 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTM.lnk
[2010/05/09 00:05:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/08 23:49:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/05/08 22:42:12 | 000,475,154 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/08 22:42:12 | 000,404,536 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/08 22:42:12 | 000,063,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/08 19:23:14 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL.lnk
[2010/05/08 15:40:43 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to ComboFix.lnk
[2010/05/08 13:20:16 | 000,510,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\Desktop\OTM.exe
[2010/05/08 09:34:20 | 000,000,450 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\DrWeb.csv
[2010/05/08 09:06:38 | 000,000,287 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to drweb-cureit.lnk
[2010/05/08 08:37:01 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/02 17:11:40 | 000,000,267 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 12:45:06 | 000,000,270 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/01 21:05:58 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2010/05/01 19:13:36 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Microsoft Office Word 2007.lnk
========== Files Created - No Company Name ==========
[2010/05/09 00:09:16 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTM.lnk
[2010/05/08 19:23:14 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL.lnk
[2010/05/08 15:40:43 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to ComboFix.lnk
[2010/05/08 09:34:20 | 000,000,450 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\DrWeb.csv
[2010/05/08 09:06:38 | 000,000,287 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to drweb-cureit.lnk
[2010/05/02 17:11:40 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 12:45:06 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/01 21:05:58 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2009/12/11 20:55:36 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Elaine\Application Data\Smiley.ico
[2009/12/10 20:47:02 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/08/27 09:44:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/28 10:27:26 | 000,000,636 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/04/02 02:35:05 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\Elaine\NTUSER.DAT
[2009/04/02 02:35:05 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\Elaine\ntuser.dat.LOG
[2009/04/02 02:35:05 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Elaine\ntuser.ini
[2009/04/02 02:34:54 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009/04/02 02:34:54 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2009/04/02 02:30:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/02 02:19:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/04/02 02:19:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/04/02 02:19:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/04/02 02:19:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/04/02 02:13:44 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2009/04/02 02:13:44 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2009/04/02 02:12:06 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2009/04/02 02:11:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2009/04/02 02:10:22 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2009/04/02 02:10:21 | 009,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/02/28 00:18:28 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\wceprv.dll
[2007/02/09 20:54:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/12 05:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/08/21 15:45:40 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.dll
[2006/04/30 08:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 08:22:10 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/04/30 07:55:42 | 000,157,074 | RHS- | C] () -- C:\WINDOWS\System32\uogzqfu.dll
[2005/02/17 19:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 19:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 20:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2009/12/11 20:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\39203
[2010/04/30 20:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/10/19 20:10:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/10/19 21:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2009/10/19 21:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2009/10/19 20:28:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010/04/30 18:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2009/10/19 21:15:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2009/04/12 17:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2010/02/10 08:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2009/10/19 21:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Canon
[2009/04/21 20:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\FUJIFILM
[2010/02/27 11:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\InterVideo
[2009/04/12 17:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Lenovo
[2010/03/28 21:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\LimeWire
[2009/12/10 20:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Sierra Wireless
[2009/07/24 20:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\uTorrent
[2010/05/08 23:49:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
========== Purity Check ==========
< End of report >0 -
-
-
-
-
-
Advertisement
-
-
-
-
-
-
Advertisement
-
-
OTL log-
OTL logfile created on: 09/05/2010 21:06:51 - Run 5
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Elaine\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.04 Gb Total Space | 101.04 Gb Free Space | 70.63% Space Free | Partition Type: NTFS Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-FA694358
Current User Name: Elaine
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/05/08 19:22:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\My Documents\Downloads\OTL.exe
PRC - [2010/05/08 15:29:06 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/16 15:36:32 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 10:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2009/01/26 17:21:52 | 001,258,776 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\Watcher.exe
PRC - [2009/01/15 18:08:08 | 000,058,648 | ---- | M] (Sierra Wireless Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe
PRC - [2009/01/05 17:57:24 | 000,558,360 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
PRC - [2008/12/23 12:23:44 | 000,197,912 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiApiMux.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/17 17:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/03/04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/11/29 19:04:00 | 000,059,168 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2007/08/04 00:42:08 | 000,927,032 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe
PRC - [2007/08/04 00:35:38 | 002,630,968 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
PRC - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) -- C:\WINDOWS\system32\FpLogonServ.exe
PRC - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe
PRC - [2007/03/16 13:26:18 | 000,031,840 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMHandler.exe
PRC - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007/02/08 21:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/30 12:02:00 | 000,303,104 | ---- | M] (FUJIFILM Corporation) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
PRC - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/12/29 03:48:10 | 000,569,344 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2uvc.exe
PRC - [2006/11/13 20:23:40 | 000,561,213 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2006/11/12 06:03:16 | 001,405,012 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
PRC - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/09/06 08:38:44 | 000,054,824 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
PRC - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/05/19 00:24:06 | 000,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2004/07/28 00:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\Installshield\UpdateService\issch.exe
========== Modules (SafeList) ==========
MOD - [2010/05/08 19:22:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\My Documents\Downloads\OTL.exe
MOD - [2008/04/14 01:12:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/14 01:12:09 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 18:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2007/08/04 00:42:18 | 000,660,792 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll
MOD - [2007/08/04 00:42:10 | 002,094,392 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\tvt_passwordmanager.dll
MOD - [2007/08/04 00:28:10 | 001,324,344 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_dlgcustompolicy.dll
MOD - [2007/08/04 00:28:06 | 000,714,040 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_banner.dll
MOD - [2007/08/04 00:28:02 | 005,174,584 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\css_lenovo_res.dll
MOD - [2007/08/04 00:27:46 | 001,910,072 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\csswait.dll
MOD - [2007/08/04 00:27:42 | 000,800,056 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\cssuserdatadispatcher.dll
MOD - [2007/08/04 00:19:10 | 000,664,888 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\tcsrpc.dll
MOD - [2007/08/04 00:19:06 | 000,386,360 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\tvttsp.dll
MOD - [2007/08/04 00:09:58 | 000,066,872 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_lenovo_res2.dll
MOD - [2006/11/12 06:09:38 | 000,077,824 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/03/16 15:36:32 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/03/24 17:04:32 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/08/04 00:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/06/22 19:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) [Auto | Running] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2007/04/09 02:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007/03/16 13:26:22 | 000,057,344 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
SRV - [2007/02/08 21:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/02/08 21:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/12 05:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/11/08 18:28:52 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2006/11/08 18:20:58 | 000,950,272 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2006/11/08 18:14:00 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2006/05/24 05:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/11/14 09:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2010/03/01 09:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 13:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/02 02:25:35 | 000,033,536 | ---- | M] (Lenovo) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tvtfilter.sys -- (tvtfilter)
DRV - [2009/04/02 02:24:46 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pmemnt.sys -- (pmem)
DRV - [2009/01/22 21:34:55 | 000,028,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/12/02 11:10:04 | 000,173,312 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swnc8u90.sys -- (SWNC8U90) Sierra Wireless MUX NDIS Driver (UMTS90)
DRV - [2008/11/17 15:33:44 | 000,145,280 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swumx90.sys -- (SWUMX90) Sierra Wireless USB MUX Driver (UMTS90)
DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/29 19:04:00 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007/08/10 06:52:44 | 004,603,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/17 05:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/05/22 23:59:38 | 000,030,336 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2007/05/22 08:59:34 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/02/26 04:59:10 | 005,700,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/02/24 22:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 23:46:42 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/02/16 23:09:06 | 009,598,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/02/12 18:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/02/08 20:30:28 | 000,017,664 | ---- | M] (Lenovo Group Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys -- (TVTPktFilter)
DRV - [2007/01/24 01:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/01/24 00:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/15 13:48:48 | 001,711,488 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32) Intel(R)
DRV - [2006/11/13 02:41:20 | 000,862,922 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/11/08 21:49:42 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/10/30 02:51:40 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/08/30 06:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/06/12 16:36:30 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2006/05/24 19:48:14 | 000,010,240 | ---- | M] (Lenovo ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PMHler.sys -- (PMHler)
DRV - [2006/05/19 06:24:20 | 000,193,088 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/09/11 07:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.ie"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/08 15:29:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/08 15:29:12 | 000,000,000 | ---D | M]
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions
[2009/04/07 10:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/02/21 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elaine\Application Data\Mozilla\Firefox\Profiles\xlcf5bp6.default\extensions
[2010/02/21 17:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/16 01:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/16 01:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/16 01:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/16 01:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2010/05/09 00:16:39 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AirCardEnabler] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - HKLM..\Run: [TRUUpdater] C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe (Sierra Wireless, Inc.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [WatcherHelper] C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe (Sierra Wireless Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
O4 - Startup: C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238610864921 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.40.32.33 8.8.8.8
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Elaine\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 08:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: ias - C:\WINDOWS\system32\ias [2006/04/30 01:12:49 | 000,000,000 | ---D | M]
NetSvcs: iprip - File not found
NetSvcs: irmon - File not found
NetSvcs: nwcworkstation - File not found
NetSvcs: nwsapagent - File not found
NetSvcs: wmdmpmsp - File not found
NetSvcs: awtldaj - File not found
========== Files/Folders - Created Within 30 Days ==========
[2010/05/09 20:06:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/05/09 20:06:25 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/05/09 20:06:25 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/05/09 20:06:25 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/05/09 20:06:25 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/05/09 20:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/05/09 20:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/05/09 09:55:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elaine\Application Data\Malwarebytes
[2010/05/09 09:54:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/09 09:54:47 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/09 09:54:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/09 09:54:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/08 22:36:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/08 13:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/05/08 13:21:44 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/05/08 13:20:16 | 000,510,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Elaine\Desktop\OTM.exe
[2010/05/08 09:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elaine\DoctorWeb
[2010/05/02 13:03:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/01 21:06:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/01 21:05:53 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/04/30 20:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/30 20:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/10 09:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/08/21 09:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/08/21 09:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/04/02 02:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2009/04/02 02:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2009/04/02 02:10:21 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/04/02 02:10:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
========== Files - Modified Within 30 Days ==========
[2010/05/09 21:05:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/09 20:58:45 | 000,475,154 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/09 20:58:45 | 000,404,536 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/09 20:58:45 | 000,063,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/09 20:53:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/09 20:49:12 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/09 20:49:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/05/09 20:48:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/09 20:48:47 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/09 20:48:04 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Elaine\NTUSER.DAT
[2010/05/09 20:47:42 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Elaine\ntuser.ini
[2010/05/09 20:06:56 | 000,001,714 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/05/09 09:54:52 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/09 00:16:39 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/05/09 00:09:16 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTM.lnk
[2010/05/08 19:23:14 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL.lnk
[2010/05/08 15:40:43 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to ComboFix.lnk
[2010/05/08 13:20:16 | 000,510,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elaine\Desktop\OTM.exe
[2010/05/08 09:34:20 | 000,000,450 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\DrWeb.csv
[2010/05/08 09:06:38 | 000,000,287 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to drweb-cureit.lnk
[2010/05/08 08:37:01 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/02 17:11:40 | 000,000,267 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 12:45:06 | 000,000,270 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/01 21:05:58 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2010/05/01 19:13:36 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Elaine\Desktop\Microsoft Office Word 2007.lnk
========== Files Created - No Company Name ==========
[2010/05/09 20:06:55 | 000,001,714 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/05/09 09:54:52 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/09 00:09:16 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTM.lnk
[2010/05/08 19:23:14 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL.lnk
[2010/05/08 15:40:43 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to ComboFix.lnk
[2010/05/08 09:34:20 | 000,000,450 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\DrWeb.csv
[2010/05/08 09:06:38 | 000,000,287 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to drweb-cureit.lnk
[2010/05/02 17:11:40 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to OTL(2).exe.lnk
[2010/05/02 12:45:06 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\Shortcut to avenger.lnk
[2010/05/01 21:05:58 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\Elaine\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/01 21:05:54 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\NTREGOPT.lnk
[2010/05/01 21:05:54 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\Elaine\Desktop\ERUNT.lnk
[2009/12/11 20:55:36 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Elaine\Application Data\Smiley.ico
[2009/12/10 20:47:02 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/08/27 09:44:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Elaine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/28 10:27:26 | 000,000,636 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/04/02 02:35:05 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\Elaine\NTUSER.DAT
[2009/04/02 02:35:05 | 000,061,440 | -H-- | C] () -- C:\Documents and Settings\Elaine\ntuser.dat.LOG
[2009/04/02 02:35:05 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Elaine\ntuser.ini
[2009/04/02 02:34:54 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009/04/02 02:34:54 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2009/04/02 02:30:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/02 02:19:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/04/02 02:19:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/04/02 02:19:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/04/02 02:19:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/04/02 02:19:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/04/02 02:13:44 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2009/04/02 02:13:44 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2009/04/02 02:12:06 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2009/04/02 02:11:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2009/04/02 02:10:22 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2009/04/02 02:10:21 | 009,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/02/28 00:18:28 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\wceprv.dll
[2007/02/09 20:54:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/12 05:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/08/21 15:45:40 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.dll
[2006/04/30 08:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 08:22:10 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/02/17 19:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 19:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 20:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
< End of report >0 -
-
-
-
-
Your logs are clean
Follow these steps to uninstall Combofix and tools used in the removal of malware
Uninstall ComboFix
Remove Combofix now that we're done with it.- Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
- Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
- Please follow the prompts to uninstall Combofix.
- You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.
- Open OTL
- Under the Custom Scans/Fixes box at the bottom, paste the following:
:Commands [clearallrestorepoints] [createrestorepoint]
- Click the Run Fix button at the top
- It might ask you to reboot, if so click YES
- Open OTL to run it. (Vista users, right click on OTL and "Run as administrator")
- Click on the CleanUp button.
- Click Yes to begin the cleanup process and remove tools, including this application
- You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes
- Please read my guide on how to prevent malware and about safe computing here
Thank you for your patience, and performing all of the procedures requested.0 -
-
Advertisement