Thank you, thank you so much for taking the time to help me kahdah!
I was starting to panic a bit because AVG and Sophos keep telling me every now and then more they've discovered more problems!
Here are the results of the scans:
OTListIt.TxtOTListIt logfile created on: 4/10/2009 1:37:18 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.12.2 Folder = C:\Documents and Settings\Hong Zhu\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 53.15% Memory free
2.60 Gb Paging File | 1.71 Gb Available in Paging File | 65.77% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.79 Gb Total Space | 16.70 Gb Free Space | 11.61% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NOTEBOOKT60
Current User Name: Hong Zhu
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\WINDOWS\system32\ibmpmsvc.exe ()
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe ()
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
PRC - C:\WINDOWS\system32\lxctcoms.exe ( )
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
PRC - c:\program files\lenovo\system update\suservice.exe ( )
PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe ()
PRC - C:\WINDOWS\System32\TPHDEXLG.EXE (Lenovo.)
PRC - C:\WINDOWS\system32\TpKmpSVC.exe ()
PRC - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (IBM)
PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\Lenovo\Logger\logmon.exe ()
PRC - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ()
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Limited)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe ()
PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo, Ltd. and IBM Corporation.)
PRC - C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe ()
PRC - C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe ()
PRC - C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe (Lenovo Group Limited)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
PRC - C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe ()
PRC - C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
PRC - C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe (Utimaco Safeware AG)
PRC - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lexmark 5400 Series\lxctmon.exe ()
PRC - C:\Program Files\Lexmark 5400 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\WINDOWS\system32\SafeSignCertReg.exe (A.E.T. Europe B.V.)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\kdx\KHost.exe (Kontiki Inc.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
PRC - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Documents and Settings\Hong Zhu\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (AcPrfMgrSvc [Auto | Running]) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe ()
SRV - (AcSvc [Auto | Running]) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
SRV - (afisicx [Auto | Stopped]) -- C:\WINDOWS\system32\afisicx.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (avg8emc [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Diskeeper [Auto | Running]) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Running]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IBMPMSVC [Auto | Running]) -- C:\WINDOWS\system32\ibmpmsvc.exe ()
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (IPSSVC [Auto | Running]) -- C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
SRV - (Irmon [Auto | Running]) -- C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (KService [Auto | Running]) -- C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
SRV - (lxct_device [Auto | Running]) -- C:\WINDOWS\system32\lxctcoms.exe ( )
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PsaSrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\PsaSrv.exe ()
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (SAVAdminService [Auto | Running]) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
SRV - (SAVService [Auto | Running]) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
SRV - (SeaPort [Auto | Running]) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (Sophos AutoUpdate Service [Auto | Running]) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
SRV - (SUService [Auto | Running]) -- c:\program files\lenovo\system update\suservice.exe ( )
SRV - (ThinkVantage Registry Monitor Service [Auto | Running]) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe ()
SRV - (TPHDEXLGSVC [Auto | Running]) -- C:\WINDOWS\System32\TPHDEXLG.EXE (Lenovo.)
SRV - (TpKmpSVC [Auto | Running]) -- C:\WINDOWS\system32\TpKmpSVC.exe ()
SRV - (TSSCoreService [Auto | Running]) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (IBM)
SRV - (TVT Backup Service [Auto | Running]) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
SRV - (TVT Scheduler [Auto | Running]) -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (tvtnetwk [Auto | Running]) -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ()
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (a016bus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\a016bus.sys (MCCI Corporation)
DRV - (a016mdfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\a016mdfl.sys (MCCI Corporation)
DRV - (a016mdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\a016mdm.sys (MCCI Corporation)
DRV - (a016mgmt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\a016mgmt.sys (MCCI Corporation)
DRV - (a016obex [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\a016obex.sys (MCCI Corporation)
DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (AEAudioService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\AEAudio.sys (Andrea Electronics Corporation)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (ANC [System | Running]) -- C:\WINDOWS\System32\drivers\ANC.SYS (IBM Corp.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (atmeltpm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\atmeltpm.sys (Atmel, Inc.)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (btaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\btport.sys (Broadcom Corporation.)
DRV - (BTKRNL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys (Broadcom Corporation.)
DRV - (BTWDNDIS [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\btwdndis.sys (Broadcom Corporation.)
DRV - (BTWUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\btwusb.sys (Broadcom Corporation.)
DRV - (CMB8100 [Auto | Running]) -- C:\WINDOWS\system32\Drivers\CertClient.dat ()
DRV - (CMBProtector [Auto | Running]) -- C:\WINDOWS\system32\Drivers\CMBProtector.dat ()
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DLABOIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLADResN [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLAIFS_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLAOPIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLARTL_N [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DLAUDFAM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (e1express [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (EGATHDRV [Auto | Running]) -- C:\WINDOWS\SYSTEM32\EGATHDRV.SYS (IBM Corporation)
DRV - (ft2kEnum [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ic2kenum.sys (OEM Corporation)
DRV - (G400 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\G400m.sys (Matrox Graphics Inc.)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hamachi [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hsx_dpv.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys (Conexant Systems, Inc.)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (IBMPMDRV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys (Lenovo.)
DRV - (IBMTPCHK [System | Running]) -- C:\WINDOWS\system32\Drivers\IBMBLDID.sys ()
DRV - (Iviaspi [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (NETw3x32 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NETw3x32.sys (Intel® Corporation)
DRV - (NSCIRDA [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nscirda.sys (National Semiconductor Corporation)
DRV - (pmem [Auto | Running]) -- C:\WINDOWS\System32\drivers\pmemnt.sys (Microsoft Corporation)
DRV - (PrivateDisk [Auto | Running]) -- C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys (Utimaco Safeware AG)
DRV - (PROCDD [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\PROCDD.SYS (Lenovo Group Limited)
DRV - (psadd [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\psadd.sys (Lenovo)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Reader_Device [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\usbic2k.sys (OEM)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (SAVOnAccessControl [System | Running]) -- C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys (Sophos Plc)
DRV - (SAVOnAccessFilter [System | Running]) -- C:\WINDOWS\system32\DRIVERS\savonaccessfilter.sys (Sophos Plc)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (ShockMgr [System | Running]) -- C:\WINDOWS\System32\drivers\ShockMgr.sys (Lenovo.)
DRV - (Shockprf [Boot | Running]) -- C:\WINDOWS\System32\drivers\shockprf.sys (Lenovo)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Smapint [System | Running]) -- C:\WINDOWS\System32\drivers\Smapint.sys (Microsoft Corporation)
DRV - (smi2 [Auto | Running]) -- C:\Program Files\SMI2\smi2.sys (IBM Corp.)
DRV - (smihlp [Auto | Running]) -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys (UPEK Inc.)
DRV - (SophosBootDriver [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys (Sophos Plc)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (TcUsb [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\tcusb.sys (UPEK Inc.)
DRV - (TDSMAPI [System | Running]) -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS ()
DRV - (token [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\eps2kt1.sys ()
DRV - (TPHKDRV [System | Running]) -- C:\WINDOWS\System32\drivers\TPHKDRV.sys (IBM Corporation)
DRV - (TPPWRIF [System | Running]) -- C:\WINDOWS\System32\drivers\Tppwrif.sys ()
DRV - (TSMAPIP [System | Running]) -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS ()
DRV - (tvtfilter [Auto | Running]) -- C:\WINDOWS\system32\drivers\tvtfilter.sys (Lenovo)
DRV - (TVTPktFilter [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys (Lenovo Group Limited)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (V0250Dev [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\V0250Dev.sys (Creative Technology Ltd.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hsx_cnxt.sys (Conexant Systems, Inc.)
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://g.msn.com/0SE...S01?FORM=TOOLBRIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...m...tf8&oe=utf8IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/02/12 19:01:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\
[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/11/30 23:12:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/29 11:18:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/29 11:18:19 | 00,000,000 | ---D | M]
[2009/03/28 17:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\mozilla\Extensions
[2009/03/28 17:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2007/08/07 14:02:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\mozilla\Firefox\Profiles\8r6dv5bl.default\extensions
[2007/08/07 14:02:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\mozilla\Firefox\Profiles\8r6dv5bl.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2008/06/10 23:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\mozilla\Firefox\Profiles\m0spy3uc.default\extensions
[2009/04/10 01:09:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/29 11:18:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/08/02 14:58:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/11/30 23:13:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/01/01 22:54:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/03/29 11:18:13 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/29 11:18:13 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/07/12 09:53:16 | 00,053,248 | ---- | M] (Thunder Networking Technologies,LTD) -- C:\Program Files\mozilla firefox\components\ThunderComponent.dll
[2008/10/24 16:12:52 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/10/24 16:12:52 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/10/24 16:12:52 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/14 00:32:34 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/10/24 16:12:52 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/10/24 16:12:52 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/10/24 16:12:52 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (750 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 jL.chura.pl
O1 - Hosts: 127.0.0.1 www.virustotal.com
O1 - Hosts: 127.0.0.1 virustotal
O1 - Hosts: 127.0.0.1 virscan.com
O1 - Hosts: 127.0.0.1 www.virscan.com
O1 - Hosts: 127.0.0.1 virscan
O1 - Hosts: 127.0.0.1
http://virscan.comO1 - Hosts: 127.0.0.1 virustotal
O1 - Hosts: 127.0.0.1 virscan
O1 - Hosts: 127.0.0.1
http://virusscan.jotti.org/O1 - Hosts: 127.0.0.1 virusscan.jotti.org/
O1 - Hosts: 127.0.0.1 www.virusscan.jotti.org/
O1 - Hosts: 127.0.0.1 scanner.novirusthanks.org/
O1 - Hosts: 127.0.0.1
http://scanner.novirusthanks.org/O1 - Hosts: 127.0.0.1 www.scanner.novirusthanks.org/
O2 - BHO: (C:\WINDOWS\system32\ds43g4nfjkn93.dll) - {D5BF49A0-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\ds43g4nfjkn93.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)
O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe ()
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog ()
O4 - HKLM..\Run: [CertificateRegistration] SafeSignCertReg.exe (A.E.T. Europe B.V.)
O4 - HKLM..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" (Diskeeper Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe (Lenovo Group Limited)
O4 - HKLM..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe" (Lexmark International Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s ()
O4 - HKLM..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 (Lexmark International Inc.)
O4 - HKLM..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe" ()
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
O4 - HKLM..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" (Utimaco Safeware AG)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor (Lenovo Group Limited)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [TP4EX] tp4ex.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe ()
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper (Lenovo)
O4 - HKLM..\Run: [TpShocks] TpShocks.exe (Lenovo, Ltd. and IBM Corporation.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe -all (Kontiki Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0 File not found
O4 - HKCU..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm File not found
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: ʹÓĂѸÀ×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm File not found
O8 - Extra context menu item: ʹÓĂѸÀ×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm File not found
O8 - Extra context menu item: ̀í¼Óµ½QQ±íÇé - C:\Program Files\Tencent\QQ\AddEmotion.htm File not found
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exe ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: com.cn ([www.icbc] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0EB487C8-E9AC-43A6-8C4C-083999B0622F}
https://mybank.icbc....certInStall.dll (InfosecCertInstall Class)
O16 - DPF: {3AA9CF07-DF20-48FF-98BE-DED276E40146}
https://mybank.icbc....c/GDReadPub.cab (GDGetTokenInfo Class)
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E}
https://moneymanager...unttracking.cab (Egg Money Manager Digital Safe)
O16 - DPF: {5CB840B5-A94E-4AD9-B785-4866E3B04476}
https://mybank.icbc....CBCNetSignG.dll (InfoSecNetSign Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2}
https://mybank.icbc....afeControls.cab (AxSubmitControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}
http://messenger.zon...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C35D7AE1-0865-4A30-BF07-29FA29324155}
https://mybank.icbc....nk/GDSetLET.cab (CSetLET Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\AwayNotify: DllName - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll (Lenovo Group Limited)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\psfus: DllName - psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - notifyf2.dll - C:\WINDOWS\system32\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - tphklock.dll - C:\WINDOWS\system32\tphklock.dll ()
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {D5BF49A0-94F3-42BD-F434-3604812C8955} - lkjf9873jhifjnsfi8w3fe - C:\WINDOWS\system32\ds43g4nfjkn93.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - C:\autorun.inf.tmp () - [ NTFS ]
O33 - MountPoints2\{6c9ef72d-4404-11dc-b1d1-001a6b68e736}\Shell - "" = AutoRun
O33 - MountPoints2\{6c9ef72d-4404-11dc-b1d1-001a6b68e736}\Shell\1\Command - "" = .\recycled\info.exe
O33 - MountPoints2\{6c9ef72d-4404-11dc-b1d1-001a6b68e736}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6c9ef72d-4404-11dc-b1d1-001a6b68e736}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\Shell32.DLL -- [2008/06/17 20:02:19 | 08,461,312 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ========== [12 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/10 13:35:44 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hong Zhu\Desktop\OTListIt2.exe
[2009/04/10 11:05:05 | 00,030,208 | ---- | C] () -- C:\jacgl.exe
[2009/04/10 11:04:58 | 00,104,688 | ---- | C] () -- C:\frlnrr.exe
[2009/04/10 00:39:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hong Zhu\Local Settings\Application Data\Sophos
[2009/04/09 21:24:22 | 00,083,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\ovfsthurepocbcxvsiwtxvkswtpebrppavramu.sys
[2009/04/09 21:23:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Client Security
[2009/04/09 21:23:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Client Security Solution
[2009/04/09 21:22:22 | 00,232,448 | ---- | C] () -- C:\WINDOWS\System32\w.exe
[2009/04/09 21:22:22 | 00,000,008 | ---- | C] () -- C:\WINDOWS\System32\comsa32.sys
[2009/04/09 21:22:17 | 00,015,000 | ---- | C] () -- C:\WINDOWS\System32\ds43g4nfjkn93.dll
[2009/04/09 21:21:51 | 00,102,400 | ---- | C] ( ) -- C:\WINDOWS\instsSD.exe
[2009/04/09 21:21:45 | 00,110,592 | -HS- | C] ( ) -- C:\WINDOWS\61175.exe
[2009/04/09 20:42:10 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/04/09 20:42:10 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/04/09 20:42:08 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/04/09 20:42:01 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/04/09 20:41:59 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/04/09 20:41:59 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/04/09 20:41:58 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/04/09 20:41:55 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/04/09 20:41:53 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/04/09 20:41:51 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/04/09 20:41:49 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/04/09 20:41:49 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/04/09 20:41:46 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/04/09 20:41:45 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/04/09 20:41:43 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/04/09 20:41:43 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/04/09 20:41:41 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/04/09 20:41:40 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/04/09 20:41:39 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/04/09 20:41:39 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/04/09 20:41:38 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/04/09 20:41:36 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/04/09 20:41:36 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/04/09 20:41:35 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/04/09 20:41:35 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/04/09 20:41:34 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/04/09 20:41:32 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/04/09 20:41:24 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/04/09 20:41:20 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/04/09 20:41:20 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/04/09 20:41:07 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/04/09 20:41:05 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/04/09 20:41:04 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/04/09 20:41:02 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/04/09 20:41:00 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/04/09 20:41:00 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/04/09 20:40:59 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/04/09 20:40:58 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/04/09 20:40:57 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/04/09 20:40:56 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/04/09 20:40:55 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/04/09 20:40:53 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/04/09 20:40:29 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/04/09 20:40:27 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/04/09 20:40:27 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/04/09 20:40:26 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/04/09 20:40:24 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/04/09 20:40:23 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/04/09 20:40:22 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/04/09 20:40:21 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/04/09 20:40:19 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/04/09 20:40:12 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/04/09 20:39:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/04/09 20:19:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2009/04/06 21:20:13 | 00,000,000 | ---D | C] -- C:\Program Files\Spotify
[2009/03/28 18:10:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hong Zhu\Desktop\Visa Statements
[2009/03/13 22:34:33 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2009/03/13 22:32:54 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/03/13 22:32:41 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/03/13 20:03:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2008/11/09 20:57:04 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/08/16 18:09:18 | 00,000,115 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/09/26 22:53:35 | 00,000,071 | ---- | C] () -- C:\WINDOWS\SCRCFG.ini
[2007/09/12 23:02:38 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\GDReadPub.dll
[2007/08/31 13:26:21 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/08/09 00:05:33 | 00,019,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\eps2kt1.sys
[2007/08/09 00:05:33 | 00,004,608 | ---- | C] () -- C:\WINDOWS\System32\ft2kco.dll
[2007/08/08 17:01:24 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxctvs.dll
[2007/08/08 17:01:21 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxctcoin.dll
[2007/08/08 17:00:54 | 00,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxctdrs.dll
[2007/08/08 17:00:54 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxctcaps.dll
[2007/08/08 17:00:54 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxctcnv4.dll
[2007/08/08 17:00:32 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lxctpmon.dll
[2007/08/08 17:00:32 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXCTFXPU.DLL
[2007/08/08 16:57:25 | 00,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCTinst.dll
[2007/08/08 16:57:24 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctinpa.dll
[2007/08/08 16:57:24 | 00,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXCThcp.dll
[2007/08/08 16:57:23 | 00,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctusb1.dll
[2007/08/08 16:57:23 | 00,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctiesc.dll
[2007/08/08 16:57:22 | 01,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctserv.dll
[2007/08/08 16:57:21 | 00,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctpmui.dll
[2007/08/08 16:57:21 | 00,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctlmpm.dll
[2007/08/08 16:57:21 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctprox.dll
[2007/08/08 16:57:21 | 00,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctpplc.dll
[2007/08/08 16:57:19 | 00,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcthbn3.dll
[2007/08/08 16:57:19 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\lxctgrd.dll
[2007/08/08 16:57:17 | 00,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcomc.dll
[2007/08/08 16:57:17 | 00,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcomm.dll
[2007/08/06 14:49:00 | 00,364,544 | ---- | C] () -- C:\WINDOWS\System32\CMBEdit.dll
[2007/08/06 14:48:57 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\PBHttpComm.dll
[2007/08/06 14:48:57 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\CmbSafeBase.dll
[2007/07/31 21:57:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2007/06/26 10:59:11 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/06/26 10:34:08 | 00,006,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2007/06/26 10:25:27 | 00,000,156 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/06/26 10:23:42 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/06/26 10:23:42 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/06/26 10:23:42 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/06/26 10:23:42 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/06/26 10:23:42 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/06/26 10:23:42 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/06/26 10:15:01 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2007/06/26 10:13:55 | 00,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2007/06/26 10:12:22 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2007/06/26 10:12:09 | 00,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2007/06/26 10:11:56 | 00,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2007/03/05 13:34:28 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/08/17 09:00:13 | 00,009,930 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2006/08/17 09:00:09 | 00,000,487 | ---- | C] () -- C:\WINDOWS\System32\IPSCTRL.INI
[2006/08/03 02:27:54 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2006/08/03 02:27:52 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2006/06/14 17:26:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/06/12 20:27:00 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2006/05/31 22:37:38 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/04/30 07:05:41 | 00,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 06:48:13 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/04/30 06:11:22 | 00,000,624 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/04/30 06:11:18 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/02/17 20:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 20:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/11/14 21:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1997/06/14 03:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
========== Files - Modified Within 30 Days ========== [1 C:\*.tmp files]
[12 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/10 13:35:50 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hong Zhu\Desktop\OTListIt2.exe
[2009/04/10 13:26:13 | 00,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-765243075-2163651610-3221528316-1017.job
[2009/04/10 11:14:37 | 00,009,930 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2009/04/10 11:14:27 | 00,000,300 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2009/04/10 11:12:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/10 11:12:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/10 11:12:21 | 21,458,32960 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/10 11:05:06 | 00,030,208 | ---- | M] () -- C:\jacgl.exe
[2009/04/10 11:05:00 | 00,104,688 | ---- | M] () -- C:\frlnrr.exe
[2009/04/10 11:04:52 | 00,102,400 | ---- | M] ( ) -- C:\WINDOWS\instsSD.exe
[2009/04/10 11:04:35 | 00,110,592 | -HS- | M] ( ) -- C:\WINDOWS\61175.exe
[2009/04/09 23:01:01 | 35,007,839 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/04/09 23:01:01 | 00,092,925 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/04/09 21:24:22 | 00,083,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\ovfsthurepocbcxvsiwtxvkswtpebrppavramu.sys
[2009/04/09 21:22:17 | 00,015,000 | ---- | M] () -- C:\WINDOWS\System32\ds43g4nfjkn93.dll
[2009/04/09 21:17:14 | 00,409,800 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/09 21:17:14 | 00,064,774 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/09 21:17:13 | 00,481,674 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/09 18:57:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/09 05:41:50 | 00,232,448 | ---- | M] () -- C:\WINDOWS\System32\w.exe
[2009/04/06 21:47:05 | 00,000,008 | ---- | M] () -- C:\WINDOWS\System32\comsa32.sys
[2009/03/11 18:32:46 | 00,330,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 15:47:09 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== LOP Check ========== [2009/04/09 20:19:12 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/11/27 20:32:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2007/08/08 17:00:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\5400 Series
[2008/12/19 15:19:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008/05/19 10:22:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/05/19 10:23:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/02/05 23:25:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2008/10/28 13:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/08/10 23:33:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/03/28 17:57:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2007/06/26 10:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2007/06/26 10:13:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2009/04/10 13:38:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki
[2008/06/20 18:35:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2007/06/26 10:23:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2009/03/13 22:34:25 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2007/10/15 23:16:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2007/08/31 14:36:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2008/01/10 20:12:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Quark
[2007/06/26 09:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2008/09/05 22:32:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2008/10/28 13:25:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2007/08/07 13:42:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2009/04/09 20:20:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2007/10/15 23:30:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2008/07/16 09:02:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Thunder Network
[2007/06/26 10:07:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/05/02 22:38:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2008/08/07 17:44:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\yahoo!
[2009/02/09 15:34:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Hong Zhu\Application Data
[2007/08/08 17:09:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\5400 Series
[2008/03/02 21:51:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Adobe
[2007/08/07 14:02:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\AdobeAUM
[2007/08/08 18:01:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\AdobeUM
[2008/07/06 09:45:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Apple Computer
[2007/06/26 10:19:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\ATI
[2009/02/09 15:34:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\DAEMON Tools
[2007/08/06 15:27:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Design Science
[2007/10/24 17:57:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Google
[2007/08/06 15:27:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Help
[2007/06/26 09:51:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Identities
[2007/10/23 23:52:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Kontiki
[2008/01/13 20:51:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Leadertech
[2007/08/06 15:50:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Lenovo
[2007/08/06 14:44:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Macromedia
[2009/03/28 17:57:41 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Microsoft
[2009/03/28 17:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Mozilla
[2007/08/31 14:48:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\OfficeUpdate12
[2007/09/26 23:26:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\QQ
[2008/01/10 20:37:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Quark
[2008/03/02 21:53:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Real
[2007/08/07 14:02:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Sun
[2007/06/26 10:28:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Symantec
[2007/09/26 22:53:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\Tencent
[2007/06/26 10:44:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\ThinkVantage
[2007/08/07 14:02:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\WinEdt
[2007/08/03 20:17:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hong Zhu\Application Data\WinRAR
[2009/04/09 18:57:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 13:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/04/10 13:26:13 | 00,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-765243075-2163651610-3221528316-1017.job
[2009/04/10 11:14:27 | 00,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2009/04/10 11:12:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ========== < End of report >
This topic is locked
Sign In
Create Account
