RkU collapsed at the end of a long scan and had to close.
MBRCheck, version 1.2.3
© 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000c
Kernel Drivers (total 175):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F95000 klmdb.sys
0xB9F67000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F56000 pci.sys
0xBA0A8000 isapnp.sys
0xBA4BC000 compbatt.sys
0xBA4C0000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB9F38000 pcmcia.sys
0xBA0B8000 MountMgr.sys
0xB9F19000 ftdisk.sys
0xBA5AC000 dmload.sys
0xB9EF3000 dmio.sys
0xBA330000 PartMgr.sys
0xBA4C4000 ACPIEC.sys
0xBA671000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xBA0C8000 VolSnap.sys
0xB9EDB000 atapi.sys
0xB9E1D000 iaStor.sys
0xBA0D8000 tsk381.tmp
0xBA0E8000 \WINDOWS\system32\drivers\CLASSPNP.SYS
0xB9DFD000 fltmgr.sys
0xB9DE7000 DRVMCDB.SYS
0xBA0F8000 PxHelp20.sys
0xB9DD0000 KSecDD.sys
0xB9D43000 Ntfs.sys
0xB9D16000 NDIS.sys
0xB9CFA000 Apsx86.sys
0xBA338000 ApsHM86.sys
0xBA108000 ohci1394.sys
0xBA118000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xB9CE0000 Mup.sys
0xBA1E8000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB77AB000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB7797000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB7756000 \SystemRoot\system32\DRIVERS\e1e5132.sys
0xBA488000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB7732000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA490000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB770A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB74EF000 \SystemRoot\system32\DRIVERS\NETw4x32.sys
0xBA1F8000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xB74DB000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xB74CA000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xB74B6000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0xB7464000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0xBA208000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xBA498000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB7429000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xBA5FE000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xBA218000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xB73B8000 \SystemRoot\System32\Drivers\wdf01000.sys
0xBA4A0000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA4A8000 \SystemRoot\system32\DRIVERS\atmeltpm.sys
0xBA598000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xBA59C000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys
0xBA228000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA4B0000 \SystemRoot\system32\drivers\iviaspi.sys
0xBA600000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0xBA238000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA248000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB7395000 \SystemRoot\system32\DRIVERS\ks.sys
0xB9CBC000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xBA348000 \SystemRoot\system32\DRIVERS\tvtpktfilter.sys
0xBA7AB000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA258000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB9CB4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB737E000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB8F16000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB7FD3000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xBA358000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB736D000 \SystemRoot\system32\DRIVERS\psched.sys
0xB7FC3000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA360000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA368000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB733D000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB7FB3000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA370000 \SystemRoot\system32\DRIVERS\psadd.sys
0xBA378000 \SystemRoot\system32\DRIVERS\Tvti2c.sys
0xBA602000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB72DF000 \SystemRoot\system32\DRIVERS\update.sys
0xB9CA0000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB7F53000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB8EC6000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB43BE000 \SystemRoot\system32\drivers\ADIHdAud.sys
0xB439A000 \SystemRoot\system32\drivers\portcls.sys
0xBA148000 \SystemRoot\system32\drivers\drmk.sys
0xB4382000 \SystemRoot\system32\drivers\AEAudio.sys
0xB434E000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xB425C000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xB41A9000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xBA418000 \SystemRoot\System32\Drivers\Modem.SYS
0xAF6EB000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xB410B000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB20A6000 \SystemRoot\System32\Drivers\Null.SYS
0xB4109000 \SystemRoot\System32\Drivers\Beep.SYS
0xAFC54000 \SystemRoot\System32\Drivers\DLARTL_N.SYS
0xAEB9A000 \SystemRoot\system32\DRIVERS\ehdrv.sys
0xAFC44000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xAFC3C000 \SystemRoot\System32\drivers\vga.sys
0xB4107000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB4105000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xAFC34000 \SystemRoot\System32\Drivers\Msfs.SYS
0xAFC2C000 \SystemRoot\System32\Drivers\Npfs.SYS
0xAF501000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAEAB1000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAEA58000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAEA30000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAEA18000 \SystemRoot\system32\DRIVERS\epfwtdir.sys
0xAE9F6000 \SystemRoot\System32\drivers\afd.sys
0xAF795000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAFC24000 \SystemRoot\System32\drivers\TSMAPIP.SYS
0xAFC1C000 \SystemRoot\System32\drivers\Tppwrif.sys
0xAFC14000 \SystemRoot\system32\DRIVERS\TPHKDRV.sys
0xAE801000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xAE7D6000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAE766000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xAF755000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB385D000 \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys
0xAF5ED000 \SystemRoot\System32\Drivers\Fips.SYS
0xAF5DD000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xAEDE9000 \SystemRoot\System32\drivers\ANC.SYS
0xAF70D000 \SystemRoot\System32\Drivers\BTHUSB.sys
0xADDF4000 \SystemRoot\System32\Drivers\bthport.sys
0xAEF7C000 \SystemRoot\System32\Drivers\tcusb.sys
0xAEF2C000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0xAEB1C000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0xAD49D000 \SystemRoot\system32\DRIVERS\bthpan.sys
0xB7E34000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB7E2C000 \SystemRoot\system32\DRIVERS\hidbth.sys
0xBA138000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB9BF6000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB9563000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB954F000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xAB3C9000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA9A99000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0xBF800000 \SystemRoot\System32\win32k.sys
0xAACD0000 \SystemRoot\System32\drivers\Dxapi.sys
0xAA3DA000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xA9F22000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA7BE3000 \SystemRoot\system32\DRIVERS\eamon.sys
0xAA7B3000 \SystemRoot\system32\DRIVERS\tvtfilter.sys
0xAA7A3000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
0xA9F99000 \SystemRoot\System32\DLA\DLADResN.SYS
0xA7BCD000 \SystemRoot\System32\DLA\DLAIFS_M.SYS
0xAF6D3000 \SystemRoot\System32\DLA\DLAOPIOM.SYS
0xB1FCB000 \SystemRoot\System32\DLA\DLAPoolM.SYS
0xB1FC9000 \??\C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys
0xBA448000 \SystemRoot\System32\DLA\DLABOIOM.SYS
0xA7BB5000 \SystemRoot\System32\DLA\DLAUDFAM.SYS
0xA7B9F000 \SystemRoot\System32\DLA\DLAUDF_M.SYS
0xABBF0000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xAB883000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xAA49A000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xA7B4A000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xABBE0000 \SystemRoot\system32\DRIVERS\PROCDD.SYS
0xA7B7B000 \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS
0xA7A41000 \SystemRoot\System32\Drivers\HTTP.sys
0xA7972000 \SystemRoot\system32\DRIVERS\srv.sys
0xA7A25000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xBA614000 \??\C:\WINDOWS\System32\drivers\pmemnt.sys
0xA7845000 \SystemRoot\system32\drivers\wdmaud.sys
0xB5676000 \SystemRoot\system32\drivers\sysaudio.sys
0xAA39A000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xA5173000 \SystemRoot\system32\drivers\kmixer.sys
0xA4FC3000 \SystemRoot\System32\Drivers\Normandy.SYS
0x7C900000 \WINDOWS\system32\ntdll.dll
Processes (total 68):
0 System Idle Process
4 System
1384 C:\WINDOWS\system32\smss.exe
1436 csrss.exe
1468 C:\WINDOWS\system32\winlogon.exe
1516 C:\WINDOWS\system32\services.exe
1528 C:\WINDOWS\system32\lsass.exe
1712 C:\WINDOWS\system32\ibmpmsvc.exe
1740 C:\WINDOWS\system32\svchost.exe
1788 svchost.exe
1828 C:\WINDOWS\system32\svchost.exe
1916 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
2040 svchost.exe
252 svchost.exe
676 C:\WINDOWS\system32\spoolsv.exe
840 svchost.exe
916 C:\WINDOWS\system32\IPSSVC.EXE
932 C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
980 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
1032 svchost.exe
1068 C:\WINDOWS\system32\drivers\CDAC11BA.EXE
1088 C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
1152 C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
1228 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
1296 C:\WINDOWS\system32\svchost.exe
1364 C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
1408 C:\Program Files\Java\jre6\bin\jqs.exe
1576 C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
1772 C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
1924 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
1944 C:\WINDOWS\system32\nvsvc32.exe
1992 matlab.exe
2004 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
940 C:\WINDOWS\explorer.exe
2084 sqlbrowser.exe
2116 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
2184 C:\WINDOWS\system32\svchost.exe
2220 C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
2264 C:\WINDOWS\system32\TPHDEXLG.exe
2468 tvttcsd.exe
2488 C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
2604 C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
3060 C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
3256 C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
3300 C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
3504 C:\WINDOWS\system32\rundll32.exe
3536 C:\WINDOWS\system32\rundll32.exe
3572 wmpnetwk.exe
3692 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3700 C:\WINDOWS\system32\rundll32.exe
3744 C:\Program Files\Windows Media Player\wmpnscfg.exe
3776 C:\WINDOWS\system32\ctfmon.exe
3912 C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
3948 C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
4068 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
3564 C:\Program Files\Lenovo\System Update\SUService.exe
1016 C:\WINDOWS\system32\wbem\wmiapsrv.exe
2904 alg.exe
3148 C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
2748 C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
1328 C:\Program Files\Internet Explorer\iexplore.exe
2628 C:\Program Files\Internet Explorer\iexplore.exe
1236 C:\Program Files\Internet Explorer\iexplore.exe
3428 C:\Program Files\Winamp\winamp.exe
3164 C:\Program Files\Internet Explorer\iexplore.exe
2768 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
208 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
5056 C:\Documents and Settings\User\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
PhysicalDrive0 Model Number: HITACHIHTS722016K9SA00, Rev: DCDZC75A
Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 08312236BFF0DC51C59D57073BF32973CF384047
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Done!
OTL log:
OTL logfile created on: 05/10/2010 9:28:38 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.34 Gb Total Space | 30.65 Gb Free Space | 21.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-24351342
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\User\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)
PRC - C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision)
PRC - C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
PRC - c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)
PRC - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (IBM)
PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo )
PRC - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo )
PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo )
PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()
PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\Lenovo\Logger\logmon.exe ()
PRC - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ()
PRC - C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
PRC - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe ()
PRC - c:\MATLAB6p5\bin\win32\matlab.exe (The MathWorks Inc.)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\User\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll (Microsoft Corporation)
MOD - C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll (Microsoft Corporation)
MOD - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
MOD - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\nview.dll ()
MOD - C:\WINDOWS\system32\nvwddi.dll (NVIDIA Corporation)
MOD - C:\Program Files\Microsoft Office\Office12\GrooveNew.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\AcSignIcon.dll (Autodesk)
MOD - C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk)
========== Win32 Services (SafeList) ========== SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (C-DillaCdaC11BA) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision)
SRV - (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (SUService) -- c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (SQLWriter) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TVT Scheduler) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (TPHDEXLGSVC) -- C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)
SRV - (TSSCoreService) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (IBM)
SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (AcPrfMgrSvc) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo )
SRV - (AcSvc) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo )
SRV - (IBMPMSVC) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
SRV - (EvtEng) Intel® -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (S24EventMonitor) Intel® -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel® -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (TVT Backup Protection Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()
SRV - (TVT Backup Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
SRV - (tvtnetwk) -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ()
SRV - (IPSSVC) -- C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (matlabserver) -- C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe ()
========== Driver Services (SafeList) ========== DRV - (UIUSys) -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS File not found
DRV - (mferkdk) -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys File not found
DRV - (BTWUSB) -- C:\WINDOWS\System32\Drivers\btwusb.sys File not found
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (CdaC15BA) -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (tvtfilter) -- C:\WINDOWS\system32\drivers\tvtfilter.sys (Lenovo)
DRV - (pmem) -- C:\WINDOWS\system32\drivers\pmemnt.sys (Microsoft Corporation)
DRV - (e1express) Intel® -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)
DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS ()
DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()
DRV - (Shockprf) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.)
DRV - (TPDIGIMN) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (IBMPMDRV) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.)
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (NETw4x32) Intel® -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (IBMTPCHK) -- C:\WINDOWS\system32\drivers\IBMBLDID.sys ()
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.)
DRV - (TcUsb) -- C:\WINDOWS\system32\drivers\tcusb.sys (UPEK Inc.)
DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (TVTPktFilter) -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys (Lenovo Group Limited)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (PROCDD) -- C:\WINDOWS\system32\drivers\PROCDD.SYS (Lenovo Group Limited)
DRV - (TPHKDRV) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys (IBM Corporation)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (ANC) -- C:\WINDOWS\system32\drivers\ANC.sys (IBM Corp.)
DRV - (atmeltpm) -- C:\WINDOWS\system32\drivers\atmeltpm.sys (Atmel, Inc.)
DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (ac97intc) Intel® 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.lakeheadu.ca/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{886AF8B1-201C-4CC2-BEFF-4644B61B418B}: C:\Documents and Settings\User\Local Settings\Application Data\{886AF8B1-201C-4CC2-BEFF-4644B61B418B} [2009/12/07 16:48:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\
[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/09/27 15:29:56 | 000,000,000 | ---D | M]
[2009/11/19 12:09:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2010/09/03 07:21:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944}
http://www-307.ibm.c...pport/acpir.cab (IASRunner Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 64.59.176.15 64.59.177.226
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - C:\WINDOWS\system32\psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 03:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe - (Avanquest Software )
MsConfig - StartUpReg:
Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig - StartUpReg:
Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg:
AMSG - hkey= - key= - C:\Program Files\ThinkVantage\AMSG\Amsg.exe (LENOVO)
MsConfig - StartUpReg:
AwaySch - hkey= - key= - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
MsConfig - StartUpReg:
BLOG - hkey= - key= - C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()
MsConfig - StartUpReg:
BluetoothAuthenticationAgent - hkey= - key= - File not found
MsConfig - StartUpReg:
cssauth - hkey= - key= - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
MsConfig - StartUpReg:
ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg:
DiskeeperSystray - hkey= - key= - C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
MsConfig - StartUpReg:
DivX Free Codec - hkey= - key= - C:\Program Files\DivX Free Codec\Divx Free Update.exe ()
MsConfig - StartUpReg:
DLA - hkey= - key= - File not found
MsConfig - StartUpReg:
EZEJMNAP - hkey= - key= - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
MsConfig - StartUpReg:
GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg:
ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
MsConfig - StartUpReg:
ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg:
Logitech Vid - hkey= - key= - C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
MsConfig - StartUpReg:
LogitechQuickCamRibbon - hkey= - key= - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
MsConfig - StartUpReg:
LPManager - hkey= - key= - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
MsConfig - StartUpReg:
McAfeeUpdaterUI - hkey= - key= - C:\Program Files\McAfee\Common Framework\UdaterUI.exe File not found
MsConfig - StartUpReg:
NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg:
NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg:
nwiz - hkey= - key= - File not found
MsConfig - StartUpReg:
PWRMGRTR - hkey= - key= - C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
MsConfig - StartUpReg:
ShStatEXE - hkey= - key= - C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE File not found
MsConfig - StartUpReg:
SoundMAXPnP - hkey= - key= - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
MsConfig - StartUpReg:
SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg:
SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
MsConfig - StartUpReg:
SynTPLpr - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)
MsConfig - StartUpReg:
TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg:
TPFNF7 - hkey= - key= - C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
MsConfig - StartUpReg:
TPHOTKEY - hkey= - key= - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
MsConfig - StartUpReg:
TpShocks - hkey= - key= - File not found
MsConfig - StartUpReg:
TVT Scheduler Proxy - hkey= - key= - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
MsConfig - StartUpReg:
UserFaultCheck - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 1
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: klmdb.sys - Driver
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: klmdb.sys - Driver
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4D3B2EA7-487D-DAD7-E829-4BC4B558B247} - Java (Sun)
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
========== Files/Folders - Created Within 90 Days ========== [2010/10/05 19:38:27 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/10/05 18:28:38 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2010/10/05 18:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2010/10/04 10:21:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/10/04 09:39:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/10/04 09:36:52 | 000,000,000 | ---D | C] -- C:\68ff4841f2a0539437
[2010/09/27 16:03:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/09/27 16:02:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Identities
[2010/09/27 16:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2010/09/27 16:02:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/09/27 15:43:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\User\IECompatCache
[2010/09/27 15:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/09/27 15:26:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/09/17 16:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\HijackThis
[2010/09/03 07:50:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/03 07:50:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/03 07:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/03 07:40:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/03 07:15:27 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/08/20 16:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/08/19 07:41:30 | 000,000,000 | ---D | C] -- C:\023dcac0dc55e7d0f40280
[2010/08/04 11:50:36 | 000,140,752 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010/08/03 13:28:36 | 000,095,896 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010/07/29 13:31:26 | 000,115,008 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2008/03/04 22:11:34 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2008/03/04 22:11:34 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
========== Files - Modified Within 90 Days ========== [2010/10/05 19:38:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/10/05 19:38:17 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\User\Desktop\MBRCheck.exe
[2010/10/05 19:38:06 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\User\Desktop\RKUnhookerLE.EXE
[2010/10/05 19:37:30 | 000,026,984 | ---- | M] () -- C:\Documents and Settings\User\Desktop\accept_recei2.pdf
[2010/10/05 18:59:26 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/05 18:54:26 | 000,025,269 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2010/10/05 18:54:22 | 000,027,744 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010/10/05 18:54:10 | 000,112,177 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2010/10/05 18:54:02 | 000,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2010/10/05 18:54:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/10/05 18:54:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/05 18:53:55 | 2112,139,264 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/05 18:50:52 | 005,698,746 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db
[2010/10/05 18:48:01 | 001,211,285 | ---- | M] () -- C:\Documents and Settings\User\Desktop\tdsskiller.zip
[2010/10/05 18:38:31 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\User\ntuser.dat
[2010/10/05 18:38:31 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2010/10/05 18:38:17 | 000,651,220 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/05 18:38:17 | 000,155,496 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/05 18:38:17 | 000,005,036 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/10/05 18:30:08 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6D117CBD-C137-4337-84D7-75A8EB12B8B6}.job
[2010/10/04 17:09:00 | 000,027,744 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/09/29 09:19:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/27 16:09:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010/09/27 16:09:13 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/09/27 15:18:30 | 000,000,661 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/27 15:18:30 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/09/27 15:18:30 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/27 14:24:55 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2010/09/16 18:52:24 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Microsoft Office Word 2007.lnk
[2010/09/16 18:47:39 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\User\My Documents\SOCGEN_letter2010.doc
[2010/09/15 11:26:50 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Traveldetails2010.doc
[2010/09/13 15:43:14 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/07 13:15:16 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/09/05 11:09:37 | 000,101,451 | ---- | M] () -- C:\Documents and Settings\User\Desktop\CallForPapers-ICSIT-2011.pdf
[2010/09/03 13:54:35 | 000,360,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/03 07:21:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/09/02 07:19:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Njuwewoh.bin
[2010/08/04 11:50:36 | 000,140,752 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010/08/03 13:28:36 | 000,095,896 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010/07/29 13:31:26 | 000,115,008 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
========== Files Created - No Company Name ========== [2010/10/05 19:38:16 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\User\Desktop\MBRCheck.exe
[2010/10/05 19:38:03 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\User\Desktop\RKUnhookerLE.EXE
[2010/10/05 19:37:30 | 000,026,984 | ---- | C] () -- C:\Documents and Settings\User\Desktop\accept_recei2.pdf
[2010/10/05 18:47:50 | 001,211,285 | ---- | C] () -- C:\Documents and Settings\User\Desktop\tdsskiller.zip
[2010/09/29 09:16:19 | 000,027,744 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010/09/29 09:16:19 | 000,027,744 | ---- | C] () -- C:\WINDOWS\System32\nvModes.001
[2010/09/27 16:09:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010/09/27 16:09:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/09/27 16:04:19 | 000,036,836 | ---- | C] () -- C:\WINDOWS\System32\nvwsapps.nvb
[2010/09/27 15:43:40 | 000,000,420 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6D117CBD-C137-4337-84D7-75A8EB12B8B6}.job
[2010/09/27 15:22:50 | 2112,139,264 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/16 18:10:51 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\User\My Documents\SOCGEN_letter2010.doc
[2010/09/15 09:26:48 | 000,070,656 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Traveldetails2010.doc
[2010/09/05 11:09:37 | 000,101,451 | ---- | C] () -- C:\Documents and Settings\User\Desktop\CallForPapers-ICSIT-2011.pdf
[2010/08/20 16:12:51 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/05/08 10:13:04 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/04/30 22:39:36 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/04/30 16:00:12 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/11/28 07:01:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2008/09/29 18:29:54 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/26 11:36:48 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/09/26 11:36:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/06/12 02:19:33 | 000,000,157 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2008/06/12 01:51:00 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mllink5.dll
[2008/06/12 01:51:00 | 000,000,019 | ---- | C] () -- C:\WINDOWS\exlink.ini
[2008/03/04 22:49:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/03/04 22:30:06 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2008/03/04 22:24:45 | 000,000,435 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/03/04 22:23:19 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/03/04 22:23:19 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/03/04 22:23:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/03/04 22:23:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/03/04 22:23:19 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/03/04 22:23:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/03/04 22:16:36 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/03/04 22:16:36 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/03/04 22:16:35 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/03/04 22:16:34 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/03/04 22:13:15 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2008/03/04 22:11:34 | 009,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2008/03/04 22:11:34 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2008/03/04 22:10:33 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2008/03/04 22:09:20 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2007/07/27 02:37:40 | 000,025,269 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007/07/27 02:37:29 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007/01/16 11:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/05 18:20:36 | 000,079,400 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2006/04/30 03:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 03:22:10 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/01/03 11:10:44 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\DLXAPI32.DLL
========== LOP Check ========== [2008/11/02 11:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision
[2009/07/07 23:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/10/05 18:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2010/09/27 15:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2008/06/06 02:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2008/03/04 22:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
[2009/11/28 14:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/03/04 22:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2008/11/02 11:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Activision
[2009/07/07 23:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Autodesk
[2009/03/31 19:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Design Science
[2008/06/29 01:44:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Insightful
[2009/01/08 11:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2008/06/06 02:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Lenovo
[2009/09/18 08:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PCTeX
[2009/02/04 23:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SpaceMonger
[2008/06/20 14:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Stata10
[2009/06/05 16:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TIBCO
[2010/09/27 14:24:55 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2010/10/05 18:30:08 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{6D117CBD-C137-4337-84D7-75A8EB12B8B6}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2006/04/30 03:13:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/09/14 19:23:36 | 000,000,281 | ---- | M] () -- C:\Boot.bak
[2010/09/27 15:18:30 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2006/04/30 03:13:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/10/05 18:50:32 | 003,898,246 | ---- | M] () -- C:\debug.txt
[2009/11/22 13:28:52 | 000,000,122 | ---- | M] () -- C:\DeQuarantine.txt
[2008/03/04 22:24:16 | 000,002,291 | ---- | M] () -- C:\drivez.log
[2006/04/14 01:55:44 | 000,000,529 | ---- | M] () -- C:\dsbHSM.inf
[2010/10/05 18:53:55 | 2112,139,264 | -HS- | M] () -- C:\hiberfil.sys
[2006/04/30 03:13:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/04/30 03:13:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/06/05 08:32:32 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2010/10/05 18:53:54 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2008/03/04 21:53:26 | 000,000,083 | ---- | M] () -- C:\syslevel.lgl
[2010/10/05 18:50:32 | 000,060,412 | ---- | M] () -- C:\TDSSKiller.2.4.4.0_05.10.2010_18.49.35_log.txt
[2010/10/05 18:55:27 | 000,058,772 | ---- | M] () -- C:\TDSSKiller.2.4.4.0_05.10.2010_18.55.03_log.txt
[2010/10/05 18:54:02 | 000,006,744 | ---- | M] () -- C:\TPHKLOCK.TXT
< %systemroot%\Fonts\*.com >[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini >[2006/04/30 03:12:53 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* >[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 22:58:12 | 000,030,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 22:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2006/09/11 20:00:00 | 000,028,672 | ---- | M] (PortableAppZ.blogspot.com) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\xMY3c7sK.dll
< %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* > < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav >[2006/04/29 20:03:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/04/29 20:03:02 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/04/29 20:03:02 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[2008/06/05 08:39:28 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[2008/06/05 07:25:43 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2006/04/30 03:21:31 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >[2008/06/05 12:55:07 | 000,334,720 | ---- | M] (Lenovo Group Limited ) -- C:\Documents and Settings\User\Desktop\77bm03ww.exe
[2010/10/05 19:38:17 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\User\Desktop\MBRCheck.exe
[2010/10/05 19:38:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/10/05 19:38:06 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\User\Desktop\RKUnhookerLE.EXE
< %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src >[2006/05/19 15:53:02 | 000,013,022 | ---- | M] () -- C:\WINDOWS\snp2uvc.src
< %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* > < %systemroot%\system32\test\*.* > < %systemroot%\system32\Rundll32\*.* > < %systemroot%\AppPatch\Custom\*.* > < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x > < %PROGRAMFILES%\PC-Doctor\Downloads\*.* > < %PROGRAMFILES%\Internet Explorer\*.tmp > < %PROGRAMFILES%\Internet Explorer\*.dat > < %USERPROFILE%\My Documents\*.exe > < %USERPROFILE%\*.exe > < %systemroot%\ADDINS\*.* > < %systemroot%\assembly\*.bak2 > < %systemroot%\Config\*.* > < %systemroot%\REPAIR\*.bak2 > < %systemroot%\SECURITY\Database\*.sdb /x > < %systemroot%\SYSTEM\*.bak2 > < %systemroot%\Web\*.bak2 > < %systemroot%\Driver Cache\*.* > < %PROGRAMFILES%\Mozilla Firefox\0*.exe > < %ProgramFiles%\Microsoft Common\*.* > < %ProgramFiles%\TinyProxy. > < %USERPROFILE%\Favorites\*.url /x >[2008/06/05 07:25:43 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\User\Favorites\Desktop.ini
< %systemroot%\system32\*.bk > < %systemroot%\*.te > < %systemroot%\system32\system32\*.* > < %ALLUSERSPROFILE%\*.dat /x > < %systemroot%\system32\drivers\*.rmv > < dir /b "%systemroot%\system32\*.exe" | find /i " " /c > < dir /b "%systemroot%\*.exe" | find /i " " /c > < %PROGRAMFILES%\Microsoft\*.* > < %systemroot%\System32\Wbem\proquota.exe > < %PROGRAMFILES%\Mozilla Firefox\*.dat > < %USERPROFILE%\Cookies\*.txt /x >[2010/10/05 21:25:04 | 000,540,672 | -HS- | M] () -- C:\Documents and Settings\User\Cookies\index.dat
< %SystemRoot%\system32\fonts\*.* > < %systemroot%\system32\winlog\*.* > < %systemroot%\system32\Language\*.* > < %systemroot%\system32\Settings\*.* > < %systemroot%\system32\*.quo > < %SYSTEMROOT%\AppPatch\*.exe > < %SYSTEMROOT%\inf\*.exe >[2007/06/26 16:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe
< %SYSTEMROOT%\Installer\*.exe >[2007/05/01 03:15:06 | 000,600,592 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
< %systemroot%\system32\config\*.bak2 > < %systemroot%\system32\Computers\*.* > < %SystemRoot%\system32\Sound\*.* > < %SystemRoot%\system32\SpecialImg\*.* > < %SystemRoot%\system32\code\*.* > < %SystemRoot%\system32\draft\*.* > < %SystemRoot%\system32\MSSSys\*.* > < %ProgramFiles%\Javascript\*.* > < %systemroot%\pchealth\helpctr\System\*.exe /s > < %systemroot%\Web\*.exe > < %systemroot%\system32\msn\*.* > < %systemroot%\system32\*.tro > < %AppData%\Microsoft\Installer\msupdates\*.* > < %ProgramFiles%\Messenger\*.exe >[2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
< %systemroot%\system32\systhem32\*.* > < %systemroot%\system\*.exe > < %USERPROFILE%\Templates\*.tmp > < %SYSTEMDRIVE%\explorexxx.exe\*.* > < %Windir%\Installer\*.tmp >[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
< %systemroot%\System32\*.xco > < %ProgramFiles%\system32\*.* > < %systemroot%\System32\windos\*.* > < %SystemRoot%\system32\sandbox\*.* > < %SystemRoot%\system32\*.amo > < %SystemRoot%\system32\Windows Live\*.* > < %ProgramFiles%\logs\*.* > < %ProgramFiles%\Bifrost\*.* > < %SystemRoot%\system32\*.goo > < %systemroot%\system32\IME\*.* > < %systemroot%\BackUp\*.* > < %systemroot%\system32\*.ico > < %systemroot%\system\*.dat > < %systemroot%\system\*.exe > < %AppData%\Macromedia\Common\*.* > < %SYSTEMDRIVE%\dir\*.* /s > < %systemroot%\system32\ras\*.exe > < %SYSTEMDRIVE%\MFILES\*.* > < %SYSTEMDRIVE%\mDNSRespon.exe\*.* > < %systemroot%\system32\services\*.* > < %systemroot%\Spooler\*.* > < %ProgramFiles%\system32\*.* > < %systemroot%\system32\Setup\*.dll /x > < %systemroot%\system32\*.mine > < %SYSTEMDRIVE%\cleansweep.exe\*.* > < %systemroot%\system32\ras\*.dll > < %systemroot%\system32\ras\*.drv > < %systemroot%\*.iq > < %systemroot%\system32\XP\*.* > < %SYSTEMDRIVE%\Extracted\*.* > < %systemroot%\system32\windows\*.* > < %systemroot%\logs\*.* >[2008/12/25 13:35:34 | 000,160,327 | ---- | M] () -- C:\WINDOWS\Logs\DirectX.log
< %SYSTEMDRIVE%\Win.Msi\*.* > < %systemroot%\regedit\*.* > < %systemroot%\system32\skype\*.* > < %AppData%\Adobe\dlluplwin25\*.* > < %UserProfile%\*.dat >[2010/10/05 18:38:31 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\User\ntuser.dat
< %UserProfile%\*.dll > < %systemroot%\system32\*.sxo > < %SYSTEMDRIVE%\Gazma\*.* /s > < %systemroot%\system32\spynet\*.* > < %systemroot%\system32\System\*.* > < %appdata%\Microsoft\Windows\*.* > < %systemroot%\system32\WinDir\*.* > < %systemroot%\_\*.* > < %systemroot%\system32\windows32\*.* > < %ProgramFiles%\win\*.* > < %AppData%\Microsoft\CD Burning\*.* > < %systemroot%\*.cab > < %systemroot%\K.Backup\*.* > < %ProgramFiles%\Massenger\*.* > < %systemroot%\System32\*.doc > < %systemroot%\Office12\*.* > < %systemroot%\System32\Rundl32.exe\*.* > < %ProgramFiles%\yahoo.net\*.* > < %systemroot%\system32\*.igo > < %systemroot%\*.rew > < %systemroot%\System32\spool\DRIVERS\W32X86\3\*.exe > < %USERPROFILE%\.COMMgr\*.* > < %USERPROFILE%\Desktop\*.bat > < %PROGRAMFILES%\Common Files\Real\visualizations\*.* >[2009/11/12 15:07:39 | 000,043,008 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Visualizations\Annabelle.rpv
[2009/11/12 15:07:39 | 000,080,384 | ---- | M] () -- C:\Program Files\Common Files\Real\Visualizations\CosmicBelt.rpv
[2009/11/12 15:07:39 | 000,007,168 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Visualizations\Fire.rpv
[2009/11/12 15:07:39 | 000,007,680 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Visualizations\FreqBands.rpv
[2009/11/12 15:07:39 | 000,069,632 | ---- | M] () -- C:\Program Files\Common Files\Real\Visualizations\Nebula.rpv
< %PROGRAMFILES%\Internet Explorer\*.Jmp > < %PROGRAMFILES%\Windows NT\system\*.dll > < %systemroot%\system32\*.ext > < %systemroot%\system32\Com\*.cfg > < %systemroot%\system32\btz\*.* > < %systemroot%\system32\EMP\*.* > < %systemroot%\system32\expo\*.* > < %systemroot%\system32\inet2\*.* > < %systemroot%\system32\xrem\*.* > < %ProgramFiles%\Microsoft\*.* > < %systemroot%\usgwmt\*.* > < %ProgramFiles%\B\*.* > < %SYSTEMDRIVE%\lspp\*.* > < %systemroot%\Kral\*.* > < %SYSTEMDRIVE%\windowsdvd.exe\*.* > < %systemroot%\system32\*.ipo > < %SYSTEMDRIVE%\usxxxxxxxx.exe\*.* > < %systemroot%\system32\*.mof > < %systemroot%\*.atm > < %systemroot%\system32\svhost\*.* > < %ProgramFiles%\system32\*.* > < %ProgramFiles%\Docmentt\*.* > < %systemroot%\Help\*.vbs > < %ProgramFiles%\Windows WinSxs\*.* /s > < %ProgramFiles%\Outlook Express\IDT\*.* /s > < %ProgramFiles%\Microsoft Office\365\*.* /s > < %ProgramFiles%\Windows Live\*.* > < %systemroot%\system32\win32\*.* > < %SYSTEMDRIVE%\RECYCLER\*.* > < %systemroot%\Fresh1\*.* > < %ProgramFiles%\Kekj\*.* /s > < %systemroot%\GDU\*.* > < %systemroot%\KA\*.* > < %systemroot%\R\*.* > < %systemroot%\system32\*.fyo > < %USERPROFILE%\System\*.* > < %systemroot%\Source\*.* > < %systemroot%\system32\ac\*.* > < %ProgramFiles%\MSDN\*.* > < %AppData%\AdobeUM\winvcldll54\*.* /s > < %ProgramFiles%\Internet Explorer\*.ico > < %systemroot%\system32\*.ojo > < %systemroot%\system32\d323s\*.* > < %systemroot%\system32\re\*.* > < %UserProfile%\Microsoft\*.dll > < %UserProfile%\Microsoft\*.log > < %systemroot%\Bios\*.* > < %ProgramFiles%\Spool\*.* > < %ProgramFiles%\promp3\*.* > < %SYSTEMDRIVE%\Driver\*.* /s > < %SYSTEMDRIVE%\inetserver.exe\*.* > < %systemroot%\java\trustlib\*.* > < %ProgramFiles%\Common Files\designer\*.exe > < %ProgramFiles%\*. >[2008/12/25 13:17:10 | 000,000,000 | ---D | M] -- C:\Program Files\Activision
[2008/10/09 14:33:57 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/03/04 22:16:11 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2009/07/07 23:17:24 | 000,000,000 | ---D | M] -- C:\Program Files\AnswerWorks 4.0
[2009/07/07 23:20:14 | 000,000,000 | ---D | M] -- C:\Program Files\AutoCAD 2004
[2009/07/07 23:18:01 | 000,000,000 | ---D | M] -- C:\Program Files\Autodesk
[2010/09/27 15:29:03 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/03/04 21:45:00 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2008/03/04 22:14:05 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2008/03/04 22:14:17 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2008/03/04 22:29:54 | 000,000,000 | ---D | M] -- C:\Program Files\Diskeeper Corporation
[2010/09/16 07:26:01 | 000,000,000 | ---D | M] -- C:\Program Files\DivX Free Codec
[2010/09/27 15:26:22 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2008/03/04 22:30:15 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/09/17 16:17:34 | 000,000,000 | ---D | M] -- C:\Program Files\HijackThis
[2008/06/29 01:43:44 | 000,000,000 | ---D | M] -- C:\Program Files\Insightful
[2009/06/26 10:34:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2008/03/04 22:09:38 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/08/21 00:38:33 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/03/04 22:23:31 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/09/05 09:37:04 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/05/01 11:02:44 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo
[2008/03/04 22:26:18 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo Registration
[2009/07/11 09:50:08 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2010/09/18 19:35:32 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/28 14:53:56 | 000,000,000 | ---D | M] -- C:\Program Files\MathType
[2008/09/04 03:03:16 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2008/06/05 12:33:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008/03/04 21:45:01 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/07/07 23:17:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/11/28 13:52:57 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/03/04 22:48:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Small Business
[2009/10/15 02:12:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2008/03/04 22:42:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2008/06/05 08:15:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2009/10/27 11:51:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/03/04 22:46:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2008/06/06 06:12:18 | 000,000,000 | ---D | M] -- C:\Program Files\MiKTeX 2.7
[2010/08/19 07:40:43 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/11/19 12:10:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/09/05 07:31:01 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/03/04 21:45:01 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2008/03/04 21:45:02 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2008/03/04 22:09:12 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2008/06/05 12:31:08 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2008/03/04 22:24:45 | 000,000,000 | ---D | M] -- C:\Program Files\Multimedia Center for Think Offerings
[2008/06/05 08:35:16 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2008/03/04 22:14:14 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2008/06/05 07:28:19 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/08/20 16:14:49 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2008/03/04 22:29:41 | 000,000,000 | ---D | M] -- C:\Program Files\PCDR5
[2008/06/10 03:32:37 | 000,000,000 | ---D | M] -- C:\Program Files\PCTeX
[2008/03/04 22:30:16 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2
[2009/11/12 15:07:01 | 000,000,000 | ---D | M] -- C:\Program Files\real
[2009/09/05 07:30:50 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/08/20 16:13:12 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2008/03/04 22:24:47 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2008/03/04 22:24:53 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic Icons for Lenovo
[2009/02/04 23:50:25 | 000,000,000 | ---D | M] -- C:\Program Files\SpaceMonger
[2010/09/27 15:41:59 | 000,000,000 | ---D | M] -- C:\Program Files\SpywareGuard
[2008/06/20 14:35:05 | 000,000,000 | ---D | M] -- C:\Program Files\Stata10
[2008/03/04 22:10:33 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2008/06/06 02:35:38 | 000,000,000 | ---D | M] -- C:\Program Files\TeXnicCenter
[2008/06/05 07:56:54 | 000,000,000 | ---D | M] -- C:\Program Files\ThinkPad
[2008/03/04 22:26:05 | 000,000,000 | ---D | M] -- C:\Program Files\ThinkVantage
[2008/06/05 07:25:16 | 000,000,000 | ---D | M] -- C:\Program Files\ThinkVantage Fingerprint Software
[2009/06/05 16:31:28 | 000,000,000 | ---D | M] -- C:\Program Files\TIBCO
[2008/12/10 22:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2008/03/04 21:45:03 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/05/17 20:42:25 | 000,000,000 | ---D | M] -- C:\Program Files\Warner Bros. Interactive Entertainment
[2009/04/24 00:22:15 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2010/09/29 09:21:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2008/06/05 07:29:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2008/06/05 12:45:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2008/06/05 12:45:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/06/05 08:35:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2008/03/04 21:45:05 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2008/11/28 16:56:38 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2008/03/04 21:45:05 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2008/09/26 11:36:48 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2009/06/07 22:43:24 | 000,000,000 | ---D | M] -- C:\Program Files\ZipX
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-16 04:54:20
========== Alternate Data Streams ========== @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
OTL Extras logfile created on: 05/10/2010 9:28:38 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.34 Gb Total Space | 30.65 Gb Free Space | 21.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-24351342
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [SpaceMonger] -- "C:\Program Files\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Logitech\Logitech Vid\Vid.exe" = C:\Program Files\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid -- (Logitech Inc.)
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 15
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{398AB469-77FC-4935-820B-D419388C0A6A}" = LEGO® Batman™
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Integrated Camera
"{41894269-0DD1-4C85-B3DD-1EB41B07621D}" = ThinkVantage Fingerprint Software 5.6
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{48ADB3C0-18FB-4922-B172-7C8C4B99409C}" = Kung Fu Panda™
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5783F2D7-0201-0409-0002-0060B0CE6BBA}" = AutoCAD 2004
"{586577F5-CAC4-44E6-B6E8-456CD6365018}" = TIBCO Spotfire S+FinMetrics
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{6395D480-9F3B-4930-8204-B91C8882F967}" = Stata 10
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{756051AE-D24C-4911-9695-BC97F98CB7FA}" = TIBCO Spotfire S+ 8.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Lite
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Power Manager
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D02EDDE7-B5C5-40A2-AF57-73A3278F4EEB}" = ESET NOD32 Antivirus
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D728E945-256D-4477-B377-6BBA693714AC}" = Productivity Center Supplement for ThinkPad
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{E7D93CDB-10C9-4AEA-B468-2F9D4BA4D92A}" = GAUSS 9.0
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F055E1B2-8A05-4D87-8039-1BE979BA4193}" = Client Security Solution
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant
"{F8C02517-4AC3-4026-8292-ACF23E98A7D7}" = Activision®
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Acrobat 8 Professional" = Adobe Acrobat 8.1.2 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Autodesk Express Viewer" = Autodesk Express Viewer
"AwayTask" = Maintenance Manager
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CdaC13Ba" = SafeCast Shared Components
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"DivX Free Codec" = DivX Free Codec
"DSMT6" = MathType 6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{398AB469-77FC-4935-820B-D419388C0A6A}" = LEGO® Batman™
"InstallShield_{48ADB3C0-18FB-4922-B172-7C8C4B99409C}" = Kung Fu Panda™
"InstallShield_{F8C02517-4AC3-4026-8292-ACF23E98A7D7}" = Madagascar - Escape 2 Africa™
"Lenovo Registration" = Lenovo Registration
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Matlab 6.5" = MATLAB 6.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MiKTeX 2.7" = MiKTeX 2.7
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OnScreenDisplay" = On Screen Display
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"PCMCIAPW" = ThinkPad PC Card Power Policy
"PCTeXv6_is1" = PCTeX version 6
"Picasa2" = Picasa 2
"Power Management Driver" = ThinkPad Power Management Driver
"PROHYBRIDR" = 2007 Microsoft Office system
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 12.0" = RealPlayer
"Remove Multimedia Center" = Remove Multimedia Center
"SpaceMonger" = SpaceMonger 2.1.1
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"TeXnicCenter_is1" = TeXnicCenter Version 1 Beta 6.21 (Fawkes)
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 05/10/2010 8:17:03 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
Error - 05/10/2010 8:17:03 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
Error - 05/10/2010 8:17:03 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
Error - 05/10/2010 8:17:03 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
Error - 05/10/2010 8:17:03 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
Error - 05/10/2010 8:17:03 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
Error - 05/10/2010 8:17:08 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
Error - 05/10/2010 8:17:08 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
Error - 05/10/2010 8:17:08 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
Error - 05/10/2010 8:17:08 PM | Computer Name = LENOVO-24351342 | Source = nview_info | ID = 11141121
Description =
[ System Events ]
Error - 04/10/2010 5:03:04 PM | Computer Name = LENOVO-24351342 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.106.68 for the Network Card with network
address 001E378C4786 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 04/10/2010 5:03:33 PM | Computer Name = LENOVO-24351342 | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 05/10/2010 6:07:12 PM | Computer Name = LENOVO-24351342 | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 05/10/2010 6:11:38 PM | Computer Name = LENOVO-24351342 | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 05/10/2010 6:30:24 PM | Computer Name = LENOVO-24351342 | Source = Service Control Manager | ID = 7034
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s).
Error - 05/10/2010 6:39:52 PM | Computer Name = LENOVO-24351342 | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 05/10/2010 6:43:38 PM | Computer Name = LENOVO-24351342 | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 05/10/2010 6:54:19 PM | Computer Name = LENOVO-24351342 | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 05/10/2010 9:28:53 PM | Computer Name = LENOVO-24351342 | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 05/10/2010 9:28:54 PM | Computer Name = LENOVO-24351342 | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%2
< End of report >
This topic is locked
Sign In
Create Account
