Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unbootable computer

Started by Bismillah , Aug 12 2011 12:48 PM

  • Please log in to reply

#196
Bismillah
Posted 11 September 2011 - 06:11 PM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Im back


Vino's Event Viewer v01c run on Windows Vista in English
Report run at 12/09/2011 01:09:55

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/09/2011 00:03:04
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 12/09/2011 00:03:04
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi lenovo.smi spldr TPPWRIF tvtumon Wanarpv6

Log: 'System' Date/Time: 12/09/2011 00:03:04
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 12/09/2011 00:02:49
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

Log: 'System' Date/Time: 12/09/2011 00:02:35
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Log: 'System' Date/Time: 12/09/2011 00:02:33
Type: Error Category: 0
Event: 10000 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21

Log: 'System' Date/Time: 12/09/2011 00:02:23
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

Log: 'System' Date/Time: 12/09/2011 00:02:13
Type: Error Category: 0
Event: 10000 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21

Log: 'System' Date/Time: 12/09/2011 00:01:47
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 00:59:47 on 12/09/2011 was unexpected.

Log: 'System' Date/Time: 11/09/2011 21:17:16
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 11/09/2011 11:19:19
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: tvtumon

Log: 'System' Date/Time: 11/09/2011 11:19:19
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Lenovo Microphone Mute service terminated with the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 11/09/2011 11:19:19
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 11/09/2011 11:19:09
Type: Error Category: 403
Event: 412 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147942402. User Action: restart task scheduler service.

Log: 'System' Date/Time: 10/09/2011 22:46:58
Type: Error Category: 0
Event: 9 Source: iaStor
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 10/09/2011 17:18:45
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.

Log: 'System' Date/Time: 10/09/2011 17:18:02
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

Log: 'System' Date/Time: 10/09/2011 17:17:32
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.

Log: 'System' Date/Time: 10/09/2011 17:17:02
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.

Log: 'System' Date/Time: 10/09/2011 17:11:04
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: tvtumon

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/09/2011 00:01:49
Type: Warning Category: 0
Event: 263 Source: PlugPlayManager
The service 'TabletInputService' may not have unregistered for device event notifications before it was stopped.

Log: 'System' Date/Time: 11/09/2011 22:38:04
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 69 seconds since the last report.

Log: 'System' Date/Time: 11/09/2011 22:38:04
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 69 seconds since the last report.

Log: 'System' Date/Time: 11/09/2011 16:19:08
Type: Warning Category: 0
Event: 4101 Source: Display
Display driver amdkmdap stopped responding and has successfully recovered.

Log: 'System' Date/Time: 11/09/2011 01:30:05
Type: Warning Category: 0
Event: 4227 Source: Tcpip
TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint.

Log: 'System' Date/Time: 10/09/2011 22:39:31
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 68 seconds since the last report.

Log: 'System' Date/Time: 10/09/2011 22:39:31
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 68 seconds since the last report.

Log: 'System' Date/Time: 10/09/2011 00:46:42
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 09/09/2011 23:06:07
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 09/09/2011 23:06:07
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 09/09/2011 00:40:08
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 08/09/2011 22:46:32
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 08/09/2011 22:46:32
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 08/09/2011 21:23:07
Type: Warning Category: 0
Event: 4227 Source: Tcpip
TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint.

Log: 'System' Date/Time: 08/09/2011 16:46:09
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 08/09/2011 16:46:07
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 08/09/2011 11:52:13
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2607712(Update) is not applicable for this system

Log: 'System' Date/Time: 08/09/2011 11:52:13
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2607712(Update) is not applicable for this system

Log: 'System' Date/Time: 08/09/2011 01:11:50
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 08/09/2011 01:11:50
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll







Vino's Event Viewer v01c run on Windows Vista in English
Report run at 12/09/2011 01:11:05

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 12/09/2011 00:03:03
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 12/09/2011 00:02:35
Type: Error Category: 16
Event: 4609 Source: Microsoft-Windows-EventSystem
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043c from line 45 of d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Log: 'Application' Date/Time: 11/09/2011 23:48:05
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 23:44:51
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 23:40:25
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 22:47:43
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 22:46:05
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 22:43:52
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 16:20:46
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program javaw.exe version 7.0.0.147 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 4a8 Start Time: 01cc70777481c26e Termination Time: 1101

Log: 'Application' Date/Time: 11/09/2011 11:19:18
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 11/09/2011 01:18:33
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\DESKTOP\MINECRAFT SERVER\CRAFTBUKKIT - COPY\WORLD_NETHER\LEVEL.DAT_OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 01:18:32
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\DESKTOP\MINECRAFT SERVER\CRAFTBUKKIT - COPY\WORLD\LEVEL.DAT_OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 01:18:32
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\DESKTOP\MINECRAFT SERVER\CRAFTBUKKIT - COPY\WORLD\LEVEL.DAT_OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 01:12:39
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 01:12:30
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 01:10:18
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\DESKTOP\MINECRAFT SERVER\CRAFTBUKKIT\WORLD\LEVEL.DAT_NEW> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 01:09:33
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 01:09:28
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\DESKTOP\MINECRAFT SERVER\CRAFTBUKKIT\WORLD\LEVEL.DAT_NEW> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 01:07:12
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_NORTAN360_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 11/09/2011 01:05:43
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LENOVO\DESKTOP\MINECRAFT SERVER\CRAFTBUKKIT\WORLD\LEVEL.DAT_NEW> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 12/09/2011 00:02:20
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 11/09/2011 11:37:35
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000_Classes:
Process 5960 (\Device\HarddiskVolume2\Windows\System32\wuauclt.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000_CLASSES


Log: 'Application' Date/Time: 11/09/2011 11:37:33
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 160 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 160 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000


Log: 'Application' Date/Time: 11/09/2011 01:51:12
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 10 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5596 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000


Log: 'Application' Date/Time: 11/09/2011 01:47:05
Type: Warning Category: 1
Event: 1015 Source: Microsoft-Windows-Search
Event ID 3013 for the Windows Search Service has been suppressed 1 time(s) since 02:18:33. This event is used to suppress Windows Search Service events that have occurred frequently within a short period of time. See Event ID 3013 for further details on this event.

Log: 'Application' Date/Time: 10/09/2011 00:45:52
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 9 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 5812 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5812 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5812 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5812 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5812 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5812 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5812 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5812 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5812 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000


Log: 'Application' Date/Time: 09/09/2011 00:39:17
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 3784 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3784 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000


Log: 'Application' Date/Time: 08/09/2011 16:45:23
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 17 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 4956 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 4956 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 4956 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 4956 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Policies\Microsoft\SystemCertificates
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Policies\Microsoft\SystemCertificates
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Policies\Microsoft\SystemCertificates
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\My
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\CA
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\Root
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 720 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\trust


Log: 'Application' Date/Time: 08/09/2011 01:11:33
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 10 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 3696 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000


Log: 'Application' Date/Time: 07/09/2011 11:01:51
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
The content source <csc://{s-1-5-21-1853308285-865056411-922338472-1000}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
Unspecified error (0x80004005)


Log: 'Application' Date/Time: 07/09/2011 01:02:04
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 4 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 5752 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5752 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5752 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5752 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000


Log: 'Application' Date/Time: 06/09/2011 10:50:04
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 5000 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5000 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5000 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5000 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5000 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Lenovo\RegMonitor


Log: 'Application' Date/Time: 06/09/2011 10:31:11
Type: Warning Category: 1
Event: 1015 Source: Microsoft-Windows-Search
Event ID 3013 for the Windows Search Service has been suppressed 187 time(s) since 11:07:59. This event is used to suppress Windows Search Service events that have occurred frequently within a short period of time. See Event ID 3013 for further details on this event.

Log: 'Application' Date/Time: 06/09/2011 01:32:18
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 4 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 4488 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 4488 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 4488 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 4488 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000


Log: 'Application' Date/Time: 06/09/2011 00:56:43
Type: Warning Category: 1
Event: 1015 Source: Microsoft-Windows-Search
Event ID 3013 for the Windows Search Service has been suppressed 185 time(s) since 01:49:58. This event is used to suppress Windows Search Service events that have occurred frequently within a short period of time. See Event ID 3013 for further details on this event.

Log: 'Application' Date/Time: 05/09/2011 14:43:24
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 33 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 1384 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1384 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 1856 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Policies\Microsoft\SystemCertificates
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Policies\Microsoft\SystemCertificates
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Policies\Microsoft\SystemCertificates
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Policies\Microsoft\SystemCertificates
Process 1384 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Policies\Microsoft\SystemCertificates
Process 1384 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Policies\Microsoft\SystemCertificates
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\My
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\CA
Process 1384 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\CA
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\Root
Process 1384 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\Root
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1384 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 772 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\trust
Process 1384 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000\Software\Microsoft\SystemCertificates\trust


Log: 'Application' Date/Time: 04/09/2011 00:07:32
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 8 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 5056 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5056 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5056 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5056 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5056 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5056 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5056 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 5056 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000


Log: 'Application' Date/Time: 03/09/2011 01:02:45
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 4 user registry handles leaked from \Registry\User\S-1-5-21-1853308285-865056411-922338472-1000:
Process 4464 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 4464 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 4464 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000
Process 4464 (\Device\HarddiskVolume2\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe) has opened key \REGISTRY\USER\S-1-5-21-1853308285-865056411-922338472-1000


Log: 'Application' Date/Time: 02/09/2011 22:02:18
Type: Warning Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Log: 'Application' Date/Time: 02/09/2011 22:02:18
Type: Warning Category: 0
Event: 1515 Source: Microsoft-Windows-User Profiles Service
Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
  • 0

Advertisements

#197
Bismillah
Posted 11 September 2011 - 06:22 PM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Liftoff




OTS logfile created on: 12/09/2011 01:13:38 - Run 4
OTS by OldTimer - Version 3.1.44.3     Folder = C:\Users\LENOVO\Desktop\Tools
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 126.10 Gb Total Space | 42.17 Gb Free Space | 33.44% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Q: | 21.49 Gb Total Space | 15.98 Gb Free Space | 74.38% Space Free | Partition Type: NTFS
Drive S: | 1.46 Gb Total Space | 0.69 Gb Free Space | 47.06% Space Free | Partition Type: NTFS
 
Computer Name: LENOVO-PC
Current User Name: LENOVO
Logged in as Administrator.
 
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Users\LENOVO\Desktop\Tools\OTS.exe -> [2011/08/27 15:59:01 | 000,645,632 | ---- | M] (OldTimer Tools)
tsvncache.exe -> C:\Program Files\TortoiseSVN\bin\TSVNCache.exe -> [2011/03/23 19:32:24 | 000,619,288 | ---- | M] (http://tortoisesvn.net)
sfc.exe -> C:\Windows\System32\sfc.exe -> [2008/01/21 03:25:21 | 000,015,872 | ---- | M] (Microsoft Corporation)
cmd.exe -> C:\Windows\System32\cmd.exe -> [2008/01/21 03:24:14 | 000,318,976 | ---- | M] (Microsoft Corporation)
 
[Modules - No Company Name]
dlaapi_w.dll -> C:\Windows\System32\DLAAPI_W.DLL -> [2007/06/19 00:28:44 | 000,056,056 | ---- | M] ()
 
[Win32 Services - Safe List]
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [On_Demand | Stopped] ->  -> File not found
(496336CA) 496336CA [On_Demand | Stopped] ->  -> File not found
(Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Steam\SteamService.exe -> [2011/09/09 18:18:24 | 000,411,432 | ---- | M] (Valve Corporation)
(avast! Antivirus) avast! Antivirus [Auto | Stopped] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2011/07/04 12:43:51 | 000,042,184 | ---- | M] (AVAST Software)
(Akamai) Akamai NetSession Interface [Disabled | Stopped] -> c:\Program Files\Common Files\Akamai\netsession_win_e877e12.dll -> [2011/06/15 11:38:33 | 003,435,096 | ---- | M] ()
(TeamViewer6) TeamViewer 6 [Disabled | Stopped] -> C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -> [2011/01/27 16:51:04 | 002,253,688 | ---- | M] (TeamViewer GmbH)
(npggsvc) nProtect GameGuard Service [On_Demand | Stopped] -> C:\Windows\System32\GameMon.des -> [2010/10/21 21:06:45 | 004,208,208 | ---- | M] (INCA Internet Co., Ltd.)
(FirebirdGuardianDefaultInstance) Firebird Guardian - DefaultInstance [Auto | Stopped] -> C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe -> [2010/09/17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project)
(FirebirdServerDefaultInstance) Firebird Server - DefaultInstance [On_Demand | Stopped] -> C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe -> [2010/09/17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project)
(AcSvc) Access Connections Main Service [Auto | Stopped] -> C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -> [2009/12/10 22:59:40 | 000,251,240 | ---- | M] (Lenovo)
(AcPrfMgrSvc) Ac Profile Manager Service [Auto | Stopped] -> C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -> [2009/12/10 22:59:38 | 000,124,264 | ---- | M] (Lenovo)
(WinHttpAutoProxySvc) WinHTTP Web Proxy Auto-Discovery Service [On_Demand | Stopped] -> winhttp.dll -> [2009/08/24 12:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation)
(Power Manager DBC Service) Power Manager DBC Service [Auto | Stopped] -> C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE -> [2009/04/15 18:50:00 | 000,066,848 | ---- | M] (Lenovo)
(TPHKSVC) On Screen Display [Auto | Stopped] -> C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -> [2009/04/02 14:35:20 | 000,062,320 | ---- | M] (Lenovo Group Limited)
(LENOVO.MICMUTE) Lenovo Microphone Mute [Auto | Stopped] -> C:\Program Files\Lenovo\HOTKEY\micmute.exe -> [2009/03/30 12:08:14 | 000,045,424 | ---- | M] (Lenovo Group Limited)
(ThinkVantage Registry Monitor Service) ThinkVantage Registry Monitor Service [Auto | Stopped] -> C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -> [2009/03/05 05:54:34 | 000,750,904 | ---- | M] (Lenovo Group Limited)
(EvtEng) Intel® PROSet/Wireless Event Log [Auto | Stopped] -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2009/02/11 21:20:36 | 000,864,256 | ---- | M] (Intel(R) Corporation)
(MyWiFiDHCPDNS) Wireless PAN DHCP Server [On_Demand | Stopped] -> C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -> [2009/02/11 21:19:28 | 000,204,800 | ---- | M] ()
(RegSrvc) Intel® PROSet/Wireless Registry Service [Auto | Stopped] -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2009/02/11 20:16:28 | 000,466,944 | ---- | M] (Intel(R) Corporation)
(dtsvc) Data Transfer Service [Auto | Stopped] -> C:\Windows\System32\DTS.exe -> [2008/10/27 02:38:40 | 000,098,304 | ---- | M] ()
(ADMonitor) AD Monitor [On_Demand | Stopped] -> C:\Windows\System32\ADMonitor.exe -> [2008/10/27 02:38:34 | 000,106,496 | ---- | M] ()
(ATService) AuthenTec Fingerprint Service [Auto | Stopped] -> C:\Windows\System32\AtService.exe -> [2008/10/27 02:33:22 | 001,676,536 | ---- | M] (AuthenTec, Inc.)
(TVT_UpdateMonitor) TVT Windows Update Monitor [Disabled | Stopped] -> C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe -> [2008/10/09 10:05:16 | 000,360,448 | ---- | M] (Lenovo Group Limited)
(TVT Backup Protection Service) TVT Backup Protection Service [Auto | Stopped] -> C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -> [2008/05/25 00:17:54 | 000,520,192 | ---- | M] ()
(RoxMediaDB10) RoxMediaDB10 [Disabled | Stopped] -> C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2008/04/25 16:15:24 | 001,120,752 | ---- | M] (Sonic Solutions)
(WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation)
(DDNIOEMService) DDNIOEMService [Auto | Stopped] -> C:\Program Files\DDNI\SBITS\DDNIOEMService.exe -> [2007/09/28 21:21:42 | 000,162,280 | ---- | M] (Digital Delivery Networks, Inc.)
(IviRegMgr) IviRegMgr [Auto | Stopped] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo)
 
[Driver Services - Safe List]
(utiynza4) AVZ Kernel Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\utiynza4.sys -> [2011/08/28 14:28:05 | 000,007,168 | ---- | M] ()
(aswSnx) aswSnx [File_System | System | Stopped] -> C:\Windows\System32\drivers\aswSnx.sys -> [2011/07/04 12:36:43 | 000,441,176 | ---- | M] (AVAST Software)
(aswSP) aswSP [Kernel | System | Stopped] -> C:\Windows\System32\drivers\aswSP.sys -> [2011/07/04 12:36:32 | 000,309,848 | ---- | M] (AVAST Software)
(aswTdi) avast! Network Shield Support [Kernel | System | Stopped] -> C:\Windows\System32\drivers\aswTdi.sys -> [2011/07/04 12:35:23 | 000,043,608 | ---- | M] (AVAST Software)
(aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\System32\drivers\aswRdr.sys -> [2011/07/04 12:32:32 | 000,025,432 | ---- | M] (AVAST Software)
(aswMonFlt) aswMonFlt [File_System | Auto | Stopped] -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2011/07/04 12:32:20 | 000,054,104 | ---- | M] (AVAST Software)
(aswFsBlk) aswFsBlk [File_System | Auto | Stopped] -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2011/07/04 12:32:12 | 000,019,544 | ---- | M] (AVAST Software)
(CnxtHdAudService) Conexant UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\CHDRT32.sys -> [2010/06/17 04:37:30 | 000,467,072 | ---- | M] (Conexant Systems Inc.)
(e1yexpress) Intel(R) Gigabit Network Connections Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\e1y6032.sys -> [2009/08/14 21:18:24 | 000,220,152 | ---- | M] (Intel Corporation)
(TPPWRIF) TPPWRIF [Kernel | System | Stopped] -> C:\Windows\System32\drivers\TPPWR32V.SYS -> [2009/04/15 18:50:00 | 000,011,552 | ---- | M] (Lenovo Group Limited)
(MUXP) My WiFi PAN Mux-IM Protocol Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mux.sys -> [2009/02/09 19:26:38 | 000,029,232 | ---- | M] (Intel© Corporation)
(MUXMP) My WiFi PAN MUX-IM Virtual Miniport Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\mux.sys -> [2009/02/09 19:26:38 | 000,029,232 | ---- | M] (Intel© Corporation)
(NETw5v32) Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit  [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NETw5v32.sys -> [2009/02/09 17:40:32 | 003,715,072 | ---- | M] (Intel Corporation)
(Shockprf) Shockprf [Kernel | Boot | Running] -> C:\Windows\System32\DRIVERS\Apsx86.sys -> [2009/01/29 01:58:46 | 000,117,800 | ---- | M] (Lenovo.)
(TPDIGIMN) TPDIGIMN [Kernel | Boot | Running] -> C:\Windows\System32\DRIVERS\ApsHM86.sys -> [2009/01/29 01:57:12 | 000,020,520 | ---- | M] (Lenovo.)
(ATSwpWDF) AuthenTec TruePrint USB WDF Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ATSwpWDF.sys -> [2008/10/27 03:37:18 | 000,482,176 | ---- | M] (AuthenTec, Inc.)
(psadd) Lenovo Parties Service Access Device Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\psadd.sys -> [2008/09/25 08:49:52 | 000,031,680 | ---- | M] (Lenovo (United States) Inc.)
(atikmdag) atikmdag [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\atikmdag.sys -> [2008/09/19 07:49:34 | 003,881,472 | ---- | M] (ATI Technologies Inc.)
(amdkmdag) amdkmdag [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\atikmdag.sys -> [2008/09/19 07:49:34 | 003,881,472 | ---- | M] (ATI Technologies Inc.)
(amdkmdap) amdkmdap [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\atikmpag.sys -> [2008/09/19 06:41:00 | 000,054,784 | ---- | M] (Advanced Micro Devices, Inc.)
(tvtumon) tvtumon [Kernel | System | Stopped] -> C:\Windows\System32\drivers\tvtumon.sys -> [2008/07/11 03:47:00 | 000,048,192 | ---- | M] (Lenovo)
(lenovo.smi) Lenovo System Interface Driver [Kernel | System | Stopped] -> C:\Windows\System32\drivers\smiif32.sys -> [2008/05/12 10:04:04 | 000,013,480 | ---- | M] (Lenovo Group Limited)
(WimFltr) WimFltr [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\WimFltr.sys -> [2008/04/19 00:40:24 | 000,128,104 | ---- | M] (Microsoft Corporation)
(HECI) Intel(R) Management Engine Interface [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HECI.sys -> [2008/03/26 05:12:56 | 000,040,832 | ---- | M] (Intel Corporation)
(TVTI2C) Lenovo SM bus driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\tvti2c.sys -> [2008/02/22 23:54:40 | 000,037,312 | ---- | M] (Lenovo (United States) Inc.)
(TPM) TPM [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\tpm.sys -> [2008/01/21 03:23:51 | 000,045,624 | ---- | M] (Microsoft Corporation)
(e1express) Intel(R) PRO/1000 PCI Express Network Connection Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\e1e6032.sys -> [2008/01/21 03:23:50 | 000,220,672 | ---- | M] (Intel Corporation)
(ManyCam) ManyCam Virtual Webcam, WDM Video Capture Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ManyCam.sys -> [2008/01/14 11:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.)
(XAudio) XAudio [Kernel | Auto | Stopped] -> C:\Windows\System32\drivers\XAudio.sys -> [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.)
(DLADResM) DLADResM [File_System | Auto | Stopped] -> C:\Windows\System32\DLA\DLADResM.SYS -> [2007/06/19 00:29:56 | 000,009,400 | ---- | M] (Roxio)
(DLABMFSM) DLABMFSM [File_System | Auto | Stopped] -> C:\Windows\System32\DLA\DLABMFSM.SYS -> [2007/06/19 00:29:10 | 000,035,064 | ---- | M] (Roxio)
(DLAUDFAM) DLAUDFAM [File_System | Auto | Stopped] -> C:\Windows\System32\DLA\DLAUDFAM.SYS -> [2007/06/19 00:29:08 | 000,093,752 | ---- | M] (Roxio)
(DLAUDF_M) DLAUDF_M [File_System | Auto | Stopped] -> C:\Windows\System32\DLA\DLAUDF_M.SYS -> [2007/06/19 00:29:06 | 000,098,136 | ---- | M] (Roxio)
(DLAOPIOM) DLAOPIOM [File_System | Auto | Stopped] -> C:\Windows\System32\DLA\DLAOPIOM.SYS -> [2007/06/19 00:29:04 | 000,026,744 | ---- | M] (Roxio)
(DLABOIOM) DLABOIOM [File_System | Auto | Stopped] -> C:\Windows\System32\DLA\DLABOIOM.SYS -> [2007/06/19 00:28:58 | 000,032,472 | ---- | M] (Roxio)
(DLAPoolM) DLAPoolM [File_System | Auto | Stopped] -> C:\Windows\System32\DLA\DLAPoolM.SYS -> [2007/06/19 00:28:54 | 000,014,520 | ---- | M] (Roxio)
(DLAIFS_M) DLAIFS_M [File_System | Auto | Stopped] -> C:\Windows\System32\DLA\DLAIFS_M.SYS -> [2007/06/19 00:28:52 | 000,105,048 | ---- | M] (Roxio)
(s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s115mgmt.sys -> [2007/04/23 14:54:50 | 000,100,488 | ---- | M] (MCCI Corporation)
(s115obex) Sony Ericsson Device 115 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s115obex.sys -> [2007/04/23 14:54:50 | 000,098,568 | ---- | M] (MCCI Corporation)
(s115mdm) Sony Ericsson Device 115 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s115mdm.sys -> [2007/04/23 14:54:48 | 000,108,680 | ---- | M] (MCCI Corporation)
(s115mdfl) Sony Ericsson Device 115 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s115mdfl.sys -> [2007/04/23 14:54:48 | 000,015,112 | ---- | M] (MCCI Corporation)
(s115bus) Sony Ericsson Device 115 driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s115bus.sys -> [2007/04/23 14:54:46 | 000,083,208 | ---- | M] (MCCI Corporation)
(DLARTL_M) DLARTL_M [File_System | System | Running] -> C:\Windows\System32\drivers\DLARTL_M.SYS -> [2007/02/09 04:05:30 | 000,028,120 | ---- | M] (Roxio)
(DLACDBHM) DLACDBHM [File_System | System | Running] -> C:\Windows\System32\drivers\DLACDBHM.SYS -> [2007/02/09 04:05:30 | 000,012,856 | ---- | M] (Roxio)
(USBIO) USBIO Driver (usbio.sys) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\usbio.sys -> [2001/05/07 11:56:02 | 000,019,805 | ---- | M] (Thesycon GmbH, Germany)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Default_Secondary_Page_URL" -> http://www.lenovo.com/welcome/thinkpad [binary data] -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://uk.search.yahoo.com/?fr=w3i&type=W3i_SP,204,0_0,StartPage,20110836,16939,0,8,0 -> 
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache" -> http://uk.msn.com/?ocid=iehp -> 
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-gb -> 
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 31 CF 7A 26 E1 64 CC 01  [binary data] -> 
HKEY_CURRENT_USER\: Main\\"StartPageCache" -> 1 -> 
HKEY_CURRENT_USER\: SearchURL\\"" -> http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR -> 
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
< FireFox Settings [Prefs.js] > -> C:\Users\LENOVO\AppData\Roaming\Mozilla\FireFox\Profiles\xqbyuseu.default\prefs.js -> 
extensions.enabledItems -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 ->
extensions.enabledItems -> [email protected]:6.0.1203 ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 ->
extensions.enabledItems -> {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}:7.0 ->
extensions.enabledItems -> {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\[email protected] -> C:\Program Files\Alwil Software\Avast5\WebRep\FF [C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF] -> [2011/08/25 22:12:27 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085} -> C:\PROGRAM FILES\OBJECT\FACETHEME -> 
HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT] -> [2011/08/30 23:56:32 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011/08/30 23:56:16 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2011/08/30 23:57:14 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
  -> C:\Users\LENOVO\AppData\Roaming\Mozilla\Extensions -> [2010/10/31 18:14:04 | 000,000,000 | ---D | M]
  -> C:\Users\LENOVO\AppData\Roaming\Mozilla\Firefox\Profiles\xqbyuseu.default\extensions -> [2011/09/10 22:53:42 | 000,000,000 | ---D | M]
Microsoft .NET Framework Assistant   -> C:\Users\LENOVO\AppData\Roaming\Mozilla\Firefox\Profiles\xqbyuseu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2010/10/31 23:55:42 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > -> 
  -> C:\Program Files\Mozilla Firefox\extensions -> [2011/09/05 21:21:10 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} -> [2011/02/26 22:48:58 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} -> [2011/06/17 15:20:27 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} -> [2011/09/05 21:21:10 | 000,000,000 | ---D | M]
avast! WebRep -> C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF -> [2011/08/25 22:12:27 | 000,000,000 | ---D | M]
"Savevid.com Easy Video Downloader" -> C:\PROGRAM FILES\SAVEVID\[email protected] -> [2011/05/25 18:47:41 | 000,000,000 | ---D | M]
RealPlayer Browser Record Plugin -> C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT -> [2011/08/30 23:56:32 | 000,000,000 | ---D | M]
< FireFox Components [Program Folders] > -> 
 nprpffbrowserrecordext.dll -> C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\components\nprpffbrowserrecordext.dll -> [2011/08/30 23:56:31 | 000,047,616 | ---- | M] (RealNetworks, Inc.)
 nprpffbrowserrecordlegacyext.dll -> C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\components\nprpffbrowserrecordlegacyext.dll -> [2011/08/30 23:56:31 | 000,047,104 | ---- | M] (RealNetworks, Inc.)
< HOSTS File > ([2011/08/27 18:34:50 | 000,000,027 | ---- | M] - 1 lines) -> C:\Windows\System32\drivers\etc\hosts -> 
Reset Hosts
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2011/08/30 23:56:29 | 000,414,416 | ---- | M] (RealPlayer)
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [avast! WebRep] -> [2011/07/04 12:43:50 | 000,820,864 | ---- | M] (AVAST Software)
{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} [HKLM] -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [IePasswordManagerHelper Class] -> [2009/03/05 06:27:22 | 000,816,440 | ---- | M] (Lenovo Group Limited)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2011/09/05 21:20:05 | 000,056,712 | ---- | M] (Oracle Corporation)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" [HKLM] -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [avast! WebRep] -> [2011/07/04 12:43:50 | 000,820,864 | ---- | M] (AVAST Software)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"ACTray" -> C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe] -> [2009/12/10 22:59:42 | 000,435,560 | ---- | M] (Lenovo)
"ACWlIcon" -> C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe] -> [2009/12/10 22:59:48 | 000,181,608 | ---- | M] (Lenovo)
"avast" -> C:\Program Files\Alwil Software\Avast5\avastUI.exe ["C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui] -> [2011/07/04 12:43:54 | 003,493,720 | ---- | M] (AVAST Software)
"CreateLMBCShortCut" -> C:\Program Files\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe ["C:\Program Files\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe"] -> [2009/04/13 16:58:54 | 000,040,960 | ---- | M] ()
"FingerPrintSoftware" -> C:\Program Files\Lenovo Fingerprint Software\fpapp.exe ["C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s] -> [2008/10/27 02:36:06 | 001,527,808 | ---- | M] (AuthenTec)
"iTunesHelper" -> C:\Program Files\iTunes2\iTunesHelper.exe ["C:\Program Files\iTunes2\iTunesHelper.exe"] -> [2011/06/07 17:51:12 | 000,421,160 | ---- | M] (Apple Inc.)
"LENOVO.TPFNF6R" -> C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe [C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe] -> [2009/04/14 11:51:38 | 000,015,136 | ---- | M] (Lenovo Group Limited)
"LPMailChecker" -> C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE [C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe] -> [2009/01/28 19:10:00 | 000,124,248 | ---- | M] (Lenovo Group Limited)
"Message Center Plus" -> C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start] -> [2009/04/22 01:45:44 | 000,049,976 | ---- | M] ()
"PWMTRV" -> C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL [rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor] -> [2009/04/15 18:50:00 | 000,660,768 | ---- | M] (Lenovo Group Limited)
"RIMBBLaunchAgent.exe" -> C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe] -> [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited)
"StartCCC" -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2008/01/21 20:17:18 | 000,061,440 | ---- | M] (Advanced Micro Devices, Inc.)
"TkBellExe" -> C:\Program Files\Real\RealPlayer\update\realsched.exe ["C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot] -> [2011/08/30 23:55:53 | 000,273,528 | ---- | M] (RealNetworks, Inc.)
"TPFNF7" -> C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r] -> [2009/04/26 20:30:00 | 000,061,728 | ---- | M] (Lenovo Group Limited)
"TpShocks" -> TpShocks.exe [TpShocks.exe] -> [2009/02/03 04:16:48 | 000,181,536 | ---- | M] (Lenovo.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"InstallIQUpdater" -> C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe ["C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun] -> [2011/08/09 17:02:04 | 001,176,064 | ---- | M] (W3i, LLC)
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"DisableCAD" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Save video on Savevid.com -> C:\Program Files\Savevid\redirect.htm [C:\Program Files\Savevid\redirect.htm] -> [2011/03/24 13:49:11 | 000,000,158 | ---- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3}:{F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} [HKLM] -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [Menu: Lenovo Password Manager...] -> [2009/03/05 06:27:22 | 000,816,440 | ---- | M] (Lenovo Group Limited)
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> 
{20A60F0D-9AFA-4515-A0FD-83BD84642501} [HKLM] -> http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab [Checkers Class] -> 
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> 
{5AE58FCF-6F6A-49B2-B064-02492C66E3F4} [HKLM] -> http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1303935397869 [MUCatalogWebControl Class] -> 
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [OnlineScanner Control] -> 
{816BE035-1450-40D0-8A3B-BA7825A83A77} [HKLM] -> http://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab [IASRunner Class] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab [Java Plug-in 10.0.0] -> 
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab [MessengerStatsClient Class] -> 
{C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} [HKLM] -> http://shop.lenovo.com/SEUILibrary/lenovo-portal/cab/autodetect/MachineInfo.cab [MachineInfoActiveX.MachineInfoActiveX] -> 
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> 
{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab [Java Plug-in 1.7.0] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab [Java Plug-in 1.7.0] -> 
{DAF7E6E6-D53A-439A-B28D-12271406B8A9} [HKLM] -> http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab [RIM AxLoader] -> 
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 194.168.4.100 194.168.8.100 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{3E585CBA-6D6C-4AF4-9BF8-C22BE2AE4807}\\DhcpNameServer -> 194.168.4.100 194.168.8.100   () -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
igfxcui -> igfxdev.dll -> [2008/06/12 23:06:00 | 000,208,896 | ---- | M] (Intel Corporation)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> Reg Error: Key error. [] -> File not found
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
*SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
credssp.dll -> credssp.dll -> [2008/01/21 03:25:01 | 000,015,872 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006/09/18 22:43:36 | 000,000,024 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
 
[Files/Folders - Created Within 30 Days]
 .netbeans -> C:\Users\LENOVO\.netbeans -> [2011/09/09 17:35:40 | 000,000,000 | ---D | C]
 NetBeans -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans -> [2011/09/09 17:25:07 | 000,000,000 | ---D | C]
 Notepad++ -> C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ -> [2011/09/09 16:35:19 | 000,000,000 | ---D | C]
 Notepad++ -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ -> [2011/09/09 16:35:19 | 000,000,000 | ---D | C]
 Notepad++ -> C:\Users\LENOVO\AppData\Roaming\Notepad++ -> [2011/09/09 16:35:17 | 000,000,000 | ---D | C]
 Scratch -> C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scratch -> [2011/09/09 16:32:43 | 000,000,000 | ---D | C]
 Scratch -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch -> [2011/09/09 16:32:43 | 000,000,000 | ---D | C]
 BYOB -> C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BYOB -> [2011/09/09 16:28:27 | 000,000,000 | ---D | C]
 BYOB -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYOB -> [2011/09/09 16:28:27 | 000,000,000 | ---D | C]
 ECSoftware -> C:\Users\LENOVO\AppData\Roaming\ECSoftware -> [2011/09/09 16:12:25 | 000,000,000 | ---D | C]
 ECSoftware -> C:\ProgramData\ECSoftware -> [2011/09/09 16:12:24 | 000,000,000 | ---D | C]
 My Games -> C:\Users\LENOVO\AppData\Local\My Games -> [2011/09/06 23:57:18 | 000,000,000 | ---D | C]
 D3DX9_41.dll -> C:\Windows\System32\D3DX9_41.dll -> [2011/09/06 23:54:44 | 004,178,264 | ---- | C] (Microsoft Corporation)
 D3DCompiler_41.dll -> C:\Windows\System32\D3DCompiler_41.dll -> [2011/09/06 23:54:44 | 001,846,632 | ---- | C] (Microsoft Corporation)
 d3dx10_41.dll -> C:\Windows\System32\d3dx10_41.dll -> [2011/09/06 23:54:44 | 000,453,456 | ---- | C] (Microsoft Corporation)
 D3DX9_40.dll -> C:\Windows\System32\D3DX9_40.dll -> [2011/09/06 23:54:43 | 004,379,984 | ---- | C] (Microsoft Corporation)
 D3DCompiler_40.dll -> C:\Windows\System32\D3DCompiler_40.dll -> [2011/09/06 23:54:43 | 002,036,576 | ---- | C] (Microsoft Corporation)
 XAudio2_4.dll -> C:\Windows\System32\XAudio2_4.dll -> [2011/09/06 23:54:43 | 000,517,448 | ---- | C] (Microsoft Corporation)
 XAudio2_3.dll -> C:\Windows\System32\XAudio2_3.dll -> [2011/09/06 23:54:43 | 000,514,384 | ---- | C] (Microsoft Corporation)
 d3dx10_40.dll -> C:\Windows\System32\d3dx10_40.dll -> [2011/09/06 23:54:43 | 000,452,440 | ---- | C] (Microsoft Corporation)
 xactengine3_4.dll -> C:\Windows\System32\xactengine3_4.dll -> [2011/09/06 23:54:43 | 000,235,352 | ---- | C] (Microsoft Corporation)
 XAPOFX1_2.dll -> C:\Windows\System32\XAPOFX1_2.dll -> [2011/09/06 23:54:43 | 000,070,992 | ---- | C] (Microsoft Corporation)
 X3DAudio1_6.dll -> C:\Windows\System32\X3DAudio1_6.dll -> [2011/09/06 23:54:43 | 000,022,360 | ---- | C] (Microsoft Corporation)
 XAudio2_2.dll -> C:\Windows\System32\XAudio2_2.dll -> [2011/09/06 23:54:42 | 000,509,448 | ---- | C] (Microsoft Corporation)
 xactengine3_3.dll -> C:\Windows\System32\xactengine3_3.dll -> [2011/09/06 23:54:42 | 000,235,856 | ---- | C] (Microsoft Corporation)
 XAPOFX1_1.dll -> C:\Windows\System32\XAPOFX1_1.dll -> [2011/09/06 23:54:42 | 000,068,616 | ---- | C] (Microsoft Corporation)
 X3DAudio1_5.dll -> C:\Windows\System32\X3DAudio1_5.dll -> [2011/09/06 23:54:42 | 000,023,376 | ---- | C] (Microsoft Corporation)
 D3DX9_39.dll -> C:\Windows\System32\D3DX9_39.dll -> [2011/09/06 23:54:41 | 003,851,784 | ---- | C] (Microsoft Corporation)
 D3DCompiler_39.dll -> C:\Windows\System32\D3DCompiler_39.dll -> [2011/09/06 23:54:41 | 001,493,528 | ---- | C] (Microsoft Corporation)
 d3dx10_39.dll -> C:\Windows\System32\d3dx10_39.dll -> [2011/09/06 23:54:41 | 000,467,984 | ---- | C] (Microsoft Corporation)
 xactengine3_2.dll -> C:\Windows\System32\xactengine3_2.dll -> [2011/09/06 23:54:41 | 000,238,088 | ---- | C] (Microsoft Corporation)
 D3DX9_38.dll -> C:\Windows\System32\D3DX9_38.dll -> [2011/09/06 23:54:40 | 003,850,760 | ---- | C] (Microsoft Corporation)
 D3DCompiler_38.dll -> C:\Windows\System32\D3DCompiler_38.dll -> [2011/09/06 23:54:40 | 001,491,992 | ---- | C] (Microsoft Corporation)
 XAudio2_1.dll -> C:\Windows\System32\XAudio2_1.dll -> [2011/09/06 23:54:40 | 000,507,400 | ---- | C] (Microsoft Corporation)
 d3dx10_38.dll -> C:\Windows\System32\d3dx10_38.dll -> [2011/09/06 23:54:40 | 000,467,984 | ---- | C] (Microsoft Corporation)
 xactengine3_1.dll -> C:\Windows\System32\xactengine3_1.dll -> [2011/09/06 23:54:40 | 000,238,088 | ---- | C] (Microsoft Corporation)
 XAPOFX1_0.dll -> C:\Windows\System32\XAPOFX1_0.dll -> [2011/09/06 23:54:40 | 000,065,032 | ---- | C] (Microsoft Corporation)
 X3DAudio1_4.dll -> C:\Windows\System32\X3DAudio1_4.dll -> [2011/09/06 23:54:40 | 000,025,608 | ---- | C] (Microsoft Corporation)
 D3DCompiler_37.dll -> C:\Windows\System32\D3DCompiler_37.dll -> [2011/09/06 23:54:39 | 001,420,824 | ---- | C] (Microsoft Corporation)
 XAudio2_0.dll -> C:\Windows\System32\XAudio2_0.dll -> [2011/09/06 23:54:39 | 000,479,752 | ---- | C] (Microsoft Corporation)
 d3dx10_37.dll -> C:\Windows\System32\d3dx10_37.dll -> [2011/09/06 23:54:39 | 000,462,864 | ---- | C] (Microsoft Corporation)
 xactengine3_0.dll -> C:\Windows\System32\xactengine3_0.dll -> [2011/09/06 23:54:39 | 000,238,088 | ---- | C] (Microsoft Corporation)
 X3DAudio1_3.dll -> C:\Windows\System32\X3DAudio1_3.dll -> [2011/09/06 23:54:39 | 000,025,608 | ---- | C] (Microsoft Corporation)
 D3DX9_37.dll -> C:\Windows\System32\D3DX9_37.dll -> [2011/09/06 23:54:38 | 003,786,760 | ---- | C] (Microsoft Corporation)
 javaws.exe -> C:\Windows\System32\javaws.exe -> [2011/09/05 21:20:36 | 000,214,408 | ---- | C] (Oracle Corporation)
 javaw.exe -> C:\Windows\System32\javaw.exe -> [2011/09/05 21:20:36 | 000,173,960 | ---- | C] (Oracle Corporation)
 java.exe -> C:\Windows\System32\java.exe -> [2011/09/05 21:20:35 | 000,173,960 | ---- | C] (Oracle Corporation)
 AI_RecycleBin -> C:\Windows\System32\AI_RecycleBin -> [2011/09/04 14:00:18 | 000,000,000 | -HSD | C]
 W3i -> C:\Program Files\W3i -> [2011/09/04 14:00:11 | 000,000,000 | ---D | C]
 W3i -> C:\ProgramData\W3i -> [2011/09/04 14:00:10 | 000,000,000 | ---D | C]
 InstallIQ Updater -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater -> [2011/09/04 14:00:10 | 000,000,000 | ---D | C]
 found.001 -> C:\found.001 -> [2011/09/04 12:51:17 | 000,000,000 | -HSD | C]
 FinalTorrent -> C:\Users\LENOVO\AppData\Roaming\FinalTorrent -> [2011/09/01 00:51:04 | 000,000,000 | ---D | C]
 File Type Assistant -> C:\Program Files\File Type Assistant -> [2011/09/01 00:50:55 | 000,000,000 | ---D | C]
 FinalTorrent -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalTorrent -> [2011/09/01 00:50:02 | 000,000,000 | ---D | C]
 FinalTorrent -> C:\Program Files\FinalTorrent -> [2011/09/01 00:50:00 | 000,000,000 | ---D | C]
 SWF Studio -> C:\Program Files\Common Files\SWF Studio -> [2011/08/31 22:52:15 | 000,000,000 | ---D | C]
 Microsoft Games -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games -> [2011/08/31 22:41:58 | 000,000,000 | ---D | C]
 Microsoft Games -> C:\Program Files\Microsoft Games -> [2011/08/31 22:14:09 | 000,000,000 | ---D | C]
 MSVCP50.DLL -> C:\Windows\System32\MSVCP50.DLL -> [2011/08/31 22:13:41 | 000,565,760 | ---- | C] (Microsoft Corporation)
 Profiles -> C:\Windows\Profiles -> [2011/08/31 22:13:41 | 000,000,000 | ---D | C]
 IsUninst.exe -> C:\Windows\IsUninst.exe -> [2011/08/31 22:13:07 | 000,327,168 | ---- | C] (InstallShield Software Corporation)
 WinZip -> C:\Users\LENOVO\AppData\Local\WinZip -> [2011/08/31 01:49:03 | 000,000,000 | ---D | C]
 WinZip -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip -> [2011/08/31 01:48:29 | 000,000,000 | ---D | C]
 WinZip -> C:\ProgramData\WinZip -> [2011/08/31 01:48:00 | 000,000,000 | ---D | C]
 WinZip -> C:\Program Files\WinZip -> [2011/08/31 01:47:45 | 000,000,000 | ---D | C]
 xing shared -> C:\Program Files\Common Files\xing shared -> [2011/08/30 23:56:42 | 000,000,000 | ---D | C]
 The will never find us here -> C:\The will never find us here -> [2011/08/30 21:14:33 | 000,000,000 | ---D | C]
 found.000 -> C:\found.000 -> [2011/08/30 20:35:02 | 000,000,000 | -HSD | C]
 mIRC -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC -> [2011/08/28 16:32:26 | 000,000,000 | ---D | C]
 mIRC -> C:\Users\LENOVO\AppData\Roaming\mIRC -> [2011/08/28 16:32:25 | 000,000,000 | ---D | C]
 mIRC -> C:\Program Files\mIRC -> [2011/08/28 16:32:24 | 000,000,000 | ---D | C]
 ESET -> C:\Program Files\ESET -> [2011/08/28 16:17:00 | 000,000,000 | ---D | C]
 Kaspersky Lab -> C:\ProgramData\Kaspersky Lab -> [2011/08/27 19:38:43 | 000,000,000 | ---D | C]
 $RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2011/08/27 18:35:03 | 000,000,000 | ---D | C]
 temp -> C:\Windows\temp -> [2011/08/27 18:30:54 | 000,000,000 | ---D | C]
 temp -> C:\Users\LENOVO\AppData\Local\temp -> [2011/08/27 18:30:54 | 000,000,000 | ---D | C]
 IconChanger -> C:\Users\LENOVO\AppData\Roaming\IconChanger -> [2011/08/26 02:11:45 | 000,000,000 | ---D | C]
 IconChanger -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IconChanger -> [2011/08/26 02:10:08 | 000,000,000 | ---D | C]
 IconChanger -> C:\Program Files\IconChanger -> [2011/08/26 02:10:03 | 000,000,000 | ---D | C]
 tzres.dll -> C:\Windows\System32\tzres.dll -> [2011/08/25 23:39:57 | 000,002,048 | ---- | C] (Microsoft Corporation)
 Puran Defrag -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag -> [2011/08/20 14:04:09 | 000,000,000 | ---D | C]
 Puran Defrag -> C:\Program Files\Puran Defrag -> [2011/08/20 14:04:08 | 000,000,000 | ---D | C]
 {3D289CAC-AD9F-45d9-9D36-524EB7B6C958} -> C:\ProgramData\{3D289CAC-AD9F-45d9-9D36-524EB7B6C958} -> [2011/08/20 13:52:45 | 000,000,000 | ---D | C]
 Lenovo Hard Drive Quick Test -> C:\Program Files\Lenovo Hard Drive Quick Test -> [2011/08/20 13:52:37 | 000,000,000 | ---D | C]
 Update -> C:\Users\LENOVO\AppData\Roaming\Update -> [2011/08/20 13:50:48 | 000,000,000 | ---D | C]
 PCDr -> C:\Users\LENOVO\AppData\Roaming\PCDr -> [2011/08/20 13:50:29 | 000,000,000 | ---D | C]
 Lenovo.com -> C:\Program Files\Common Files\Lenovo.com -> [2011/08/20 13:41:11 | 000,000,000 | ---D | C]
 Leadertech -> C:\Users\LENOVO\AppData\Roaming\Leadertech -> [2011/08/20 13:37:16 | 000,000,000 | ---D | C]
 HiJackThis -> C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis -> [2011/08/19 11:30:08 | 000,000,000 | ---D | C]
 Trend Micro -> C:\Program Files\Trend Micro -> [2011/08/19 11:30:07 | 000,000,000 | ---D | C]
 Speccy -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy -> [2011/08/18 14:42:13 | 000,000,000 | ---D | C]
 Speccy -> C:\Program Files\Speccy -> [2011/08/18 14:42:12 | 000,000,000 | ---D | C]
 _OTL -> C:\_OTL -> [2011/08/18 13:22:54 | 000,000,000 | ---D | C]
 RegClean Pro -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro -> [2011/08/16 21:50:57 | 000,000,000 | ---D | C]
 JGsoft -> C:\Users\LENOVO\AppData\Roaming\JGsoft -> [2011/08/15 22:48:13 | 000,000,000 | ---D | C]
 UnDeployV.exe -> C:\Windows\UnDeployV.exe -> [2011/08/15 22:47:56 | 000,067,312 | ---- | C] (Just Great Software)
 JGsoft -> C:\Program Files\JGsoft -> [2011/08/15 22:47:56 | 000,000,000 | ---D | C]
 EditPad Lite -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EditPad Lite -> [2011/08/15 22:47:56 | 000,000,000 | ---D | C]
 
[Files/Folders - Modified Within 30 Days]
 bootstat.dat -> C:\Windows\bootstat.dat -> [2011/09/12 01:01:44 | 000,067,584 | --S- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/09/12 00:19:22 | 000,003,616 | -H-- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/09/12 00:19:21 | 000,003,616 | -H-- | M] ()
 jagex_runescape_preferences2.dat -> C:\Users\LENOVO\jagex_runescape_preferences2.dat -> [2011/09/11 14:54:18 | 000,000,129 | ---- | M] ()
 jagex_runescape_preferences.dat -> C:\Users\LENOVO\jagex_runescape_preferences.dat -> [2011/09/11 13:39:04 | 000,000,046 | ---- | M] ()
 .rnd -> C:\Users\LENOVO\.rnd -> [2011/09/11 12:38:59 | 000,001,024 | ---- | M] ()
 d3d9caps.dat -> C:\Users\LENOVO\AppData\Local\d3d9caps.dat -> [2011/09/10 18:11:17 | 000,008,404 | ---- | M] ()
 MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2011/09/10 18:09:53 | 251,624,076 | ---- | M] ()
 NetBeans IDE 7.0.1.lnk -> C:\NetBeans IDE 7.0.1.lnk -> [2011/09/09 17:25:07 | 000,001,901 | ---- | M] ()
 perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011/09/09 17:15:08 | 000,663,234 | ---- | M] ()
 perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011/09/09 17:15:08 | 000,131,150 | ---- | M] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\LENOVO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/09/09 17:13:15 | 000,031,744 | ---- | M] ()
 RSBuddy Login.ini -> C:\Users\LENOVO\AppData\Roaming\RSBuddy Login.ini -> [2011/09/08 12:56:01 | 000,000,009 | ---- | M] ()
 FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2011/09/07 00:24:04 | 000,314,752 | ---- | M] ()
 RSBuddy_nortan360.ini -> C:\Users\LENOVO\AppData\Roaming\RSBuddy_nortan360.ini -> [2011/09/05 21:24:11 | 000,000,088 | ---- | M] ()
 javaws.exe -> C:\Windows\System32\javaws.exe -> [2011/09/05 21:20:04 | 000,214,408 | ---- | M] (Oracle Corporation)
 javaw.exe -> C:\Windows\System32\javaw.exe -> [2011/09/05 21:20:04 | 000,173,960 | ---- | M] (Oracle Corporation)
 java.exe -> C:\Windows\System32\java.exe -> [2011/09/05 21:20:04 | 000,173,960 | ---- | M] (Oracle Corporation)
 deployJava1.dll -> C:\Windows\System32\deployJava1.dll -> [2011/09/05 21:20:01 | 000,544,656 | ---- | M] (Oracle Corporation)
 Windows Media Player.lnk -> C:\Users\LENOVO\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -> [2011/09/03 01:08:03 | 000,000,948 | ---- | M] ()
 FileOut.cns -> C:\Users\LENOVO\AppData\Roaming\FileOut.cns -> [2011/09/03 00:17:59 | 000,000,000 | ---- | M] ()
 FileIn.cns -> C:\Users\LENOVO\AppData\Roaming\FileIn.cns -> [2011/09/03 00:17:59 | 000,000,000 | ---- | M] ()
 FinalTorrent Update Checker.job -> C:\Windows\tasks\FinalTorrent Update Checker.job -> [2011/09/01 11:43:11 | 000,000,370 | ---- | M] ()
 FinalTorrent.lnk -> C:\Users\LENOVO\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalTorrent.lnk -> [2011/09/01 00:50:02 | 000,000,886 | ---- | M] ()
 rmoc3260.dll -> C:\Windows\System32\rmoc3260.dll -> [2011/08/30 23:56:15 | 000,198,832 | ---- | M] (RealNetworks, Inc.)
 pndx5016.dll -> C:\Windows\System32\pndx5016.dll -> [2011/08/30 23:56:04 | 000,006,656 | ---- | M] (RealNetworks, Inc.)
 pndx5032.dll -> C:\Windows\System32\pndx5032.dll -> [2011/08/30 23:56:04 | 000,005,632 | ---- | M] (RealNetworks, Inc.)
 pncrt.dll -> C:\Windows\System32\pncrt.dll -> [2011/08/30 23:55:56 | 000,272,896 | ---- | M] (Progressive Networks)
 utiynza4.sys -> C:\Windows\System32\drivers\utiynza4.sys -> [2011/08/28 14:28:05 | 000,007,168 | ---- | M] ()
 hosts -> C:\Windows\System32\drivers\etc\hosts -> [2011/08/27 18:34:50 | 000,000,027 | ---- | M] ()
 mfofyyb.sys -> C:\Windows\System32\drivers\mfofyyb.sys -> [2011/08/25 22:45:58 | 000,054,016 | ---- | M] ()
 config.nt -> C:\Windows\System32\config.nt -> [2011/08/23 01:09:45 | 000,002,577 | ---- | M] ()
 Launch Internet Explorer Browser.lnk -> C:\Users\LENOVO\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011/08/20 01:06:14 | 000,000,953 | ---- | M] ()
 73 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> 
 118 C:\Users\LENOVO\AppData\Local\temp\*.tmp files -> C:\Users\LENOVO\AppData\Local\temp\*.tmp -> 
 118 C:\Users\LENOVO\AppData\Local\temp\*.tmp files -> C:\Users\LENOVO\AppData\Local\temp\*.tmp -> 
 
[Files - No Company Name]
 NetBeans IDE 7.0.1.lnk -> C:\NetBeans IDE 7.0.1.lnk -> [2011/09/09 17:25:07 | 000,001,901 | ---- | C] ()
 RSBuddy_nortan360.ini -> C:\Users\LENOVO\AppData\Roaming\RSBuddy_nortan360.ini -> [2011/09/05 21:24:11 | 000,000,088 | ---- | C] ()
 RSBuddy Login.ini -> C:\Users\LENOVO\AppData\Roaming\RSBuddy Login.ini -> [2011/09/05 21:24:11 | 000,000,009 | ---- | C] ()
 FinalTorrent Update Checker.job -> C:\Windows\tasks\FinalTorrent Update Checker.job -> [2011/09/01 00:50:41 | 000,000,370 | ---- | C] ()
 FinalTorrent.lnk -> C:\Users\LENOVO\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalTorrent.lnk -> [2011/09/01 00:50:02 | 000,000,886 | ---- | C] ()
 FileOut.cns -> C:\Users\LENOVO\AppData\Roaming\FileOut.cns -> [2011/08/31 22:48:09 | 000,000,000 | ---- | C] ()
 FileIn.cns -> C:\Users\LENOVO\AppData\Roaming\FileIn.cns -> [2011/08/31 22:48:09 | 000,000,000 | ---- | C] ()
 utiynza4.sys -> C:\Windows\System32\drivers\utiynza4.sys -> [2011/08/28 14:27:05 | 000,007,168 | ---- | C] ()
 mfofyyb.sys -> C:\Windows\System32\drivers\mfofyyb.sys -> [2011/08/25 22:45:58 | 000,054,016 | ---- | C] ()
 ODBCINST.INI -> C:\Windows\ODBCINST.INI -> [2011/05/08 20:50:47 | 000,000,232 | ---- | C] ()
 PEV.exe -> C:\Windows\PEV.exe -> [2011/05/08 15:48:57 | 000,256,000 | ---- | C] ()
 MBR.exe -> C:\Windows\MBR.exe -> [2011/05/08 15:48:57 | 000,208,896 | ---- | C] ()
 sed.exe -> C:\Windows\sed.exe -> [2011/05/08 15:48:57 | 000,098,816 | ---- | C] ()
 grep.exe -> C:\Windows\grep.exe -> [2011/05/08 15:48:57 | 000,080,412 | ---- | C] ()
 zip.exe -> C:\Windows\zip.exe -> [2011/05/08 15:48:57 | 000,068,096 | ---- | C] ()
 PrintBrmUi.exe -> C:\Windows\System32\PrintBrmUi.exe -> [2011/03/03 22:50:29 | 000,062,976 | ---- | C] ()
 EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2011/03/03 22:50:11 | 000,117,248 | ---- | C] ()
 StructuredQuerySchema.bin -> C:\Windows\System32\StructuredQuerySchema.bin -> [2011/03/03 22:47:49 | 000,107,612 | ---- | C] ()
 GPlrLanc.dat -> C:\Windows\GPlrLanc.dat -> [2011/02/15 19:45:16 | 000,000,064 | ---- | C] ()
 RSBot_Accounts.ini -> C:\Users\LENOVO\AppData\Roaming\RSBot_Accounts.ini -> [2010/11/27 14:40:48 | 000,000,042 | ---- | C] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\LENOVO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/09/17 15:09:01 | 000,031,744 | ---- | C] ()
 d3dx9.dll -> C:\Windows\System32\d3dx9.dll -> [2010/09/02 15:18:08 | 001,970,176 | ---- | C] ()
 d3d9caps.dat -> C:\Users\LENOVO\AppData\Local\d3d9caps.dat -> [2010/08/26 14:27:44 | 000,008,404 | ---- | C] ()
 _MSRSTRT.EXE -> C:\Windows\_MSRSTRT.EXE -> [2010/08/25 19:31:34 | 000,002,560 | ---- | C] ()
 wanancsp.dat -> C:\Users\LENOVO\AppData\Local\wanancsp.dat -> [2010/08/05 22:59:02 | 000,605,056 | ---- | C] ()
 ativpsrm.bin -> C:\Windows\ativpsrm.bin -> [2010/08/05 15:20:01 | 000,000,000 | ---- | C] ()
 DLAAPI_W.DLL -> C:\Windows\System32\DLAAPI_W.DLL -> [2010/08/05 15:01:10 | 000,056,056 | ---- | C] ()
 wininit.ini -> C:\Windows\wininit.ini -> [2010/08/05 15:01:09 | 000,000,120 | ---- | C] ()
 IVIresizeW7.dll -> C:\Windows\System32\IVIresizeW7.dll -> [2010/08/05 14:59:00 | 000,204,800 | ---- | C] ()
 IVIresizeA6.dll -> C:\Windows\System32\IVIresizeA6.dll -> [2010/08/05 14:59:00 | 000,200,704 | ---- | C] ()
 IVIresizeP6.dll -> C:\Windows\System32\IVIresizeP6.dll -> [2010/08/05 14:59:00 | 000,192,512 | ---- | C] ()
 IVIresizeM6.dll -> C:\Windows\System32\IVIresizeM6.dll -> [2010/08/05 14:59:00 | 000,192,512 | ---- | C] ()
 IVIresizePX.dll -> C:\Windows\System32\IVIresizePX.dll -> [2010/08/05 14:59:00 | 000,188,416 | ---- | C] ()
 IVIresize.dll -> C:\Windows\System32\IVIresize.dll -> [2010/08/05 14:59:00 | 000,020,480 | ---- | C] ()
 igkrng500.bin -> C:\Windows\System32\igkrng500.bin -> [2010/08/05 14:49:40 | 002,192,024 | ---- | C] ()
 igcompkrng500.bin -> C:\Windows\System32\igcompkrng500.bin -> [2010/08/05 14:49:38 | 000,492,496 | ---- | C] ()
 igfcg550.bin -> C:\Windows\System32\igfcg550.bin -> [2010/08/05 14:49:38 | 000,147,172 | ---- | C] ()
 atiumdva.dat -> C:\Windows\System32\atiumdva.dat -> [2010/08/05 14:49:37 | 003,107,788 | ---- | C] ()
 atiicdxx.dat -> C:\Windows\System32\atiicdxx.dat -> [2010/08/05 14:49:37 | 000,174,820 | ---- | C] ()
 atitmmxx.dll -> C:\Windows\System32\atitmmxx.dll -> [2010/08/05 14:49:37 | 000,159,744 | ---- | C] ()
 atibrtmon.exe -> C:\Windows\System32\atibrtmon.exe -> [2010/08/05 14:49:37 | 000,090,112 | ---- | C] ()
 atipblag.dat -> C:\Windows\System32\atipblag.dat -> [2010/08/05 14:49:37 | 000,000,466 | ---- | C] ()
 StructuredQuerySchemaTrivial.bin -> C:\Windows\System32\StructuredQuerySchemaTrivial.bin -> [2010/08/05 14:22:37 | 000,018,904 | ---- | C] ()
 Eventclr.exe -> C:\Windows\Eventclr.exe -> [2010/08/05 14:19:13 | 000,016,896 | ---- | C] ()
 x264vfw.dll -> C:\Windows\System32\x264vfw.dll -> [2010/02/28 16:17:48 | 003,284,480 | ---- | C] ()
 DTS.exe -> C:\Windows\System32\DTS.exe -> [2008/10/27 02:38:40 | 000,098,304 | ---- | C] ()
 ADMonitor.exe -> C:\Windows\System32\ADMonitor.exe -> [2008/10/27 02:38:34 | 000,106,496 | ---- | C] ()
 atipblup.dat -> C:\Windows\System32\atipblup.dat -> [2008/04/08 22:34:26 | 000,000,427 | ---- | C] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2006/11/02 13:56:48 | 000,067,584 | --S- | C] ()
 FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2006/11/02 13:47:43 | 000,314,752 | ---- | C] ()
 perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2006/11/02 11:33:01 | 000,663,234 | ---- | C] ()
 perfi009.dat -> C:\Windows\System32\perfi009.dat -> [2006/11/02 11:33:01 | 000,287,440 | ---- | C] ()
 perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2006/11/02 11:33:01 | 000,131,150 | ---- | C] ()
 perfd009.dat -> C:\Windows\System32\perfd009.dat -> [2006/11/02 11:33:01 | 000,030,674 | ---- | C] ()
 dssec.dat -> C:\Windows\System32\dssec.dat -> [2006/11/02 11:23:21 | 000,215,943 | ---- | C] ()
 mib.bin -> C:\Windows\mib.bin -> [2006/11/02 09:58:30 | 000,043,131 | ---- | C] ()
 NOISE.DAT -> C:\Windows\System32\NOISE.DAT -> [2006/11/02 09:19:00 | 000,000,741 | ---- | C] ()
 pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 08:40:29 | 000,013,750 | ---- | C] ()
 mlang.dat -> C:\Windows\System32\mlang.dat -> [2006/11/02 08:25:31 | 000,673,088 | ---- | C] ()
 iyvu9_32.dll -> C:\Windows\System32\iyvu9_32.dll -> [1997/06/14 03:56:08 | 000,056,832 | ---- | C] ()
 giveio.sys -> C:\Windows\System32\giveio.sys -> [1996/04/03 20:33:26 | 000,005,248 | ---- | C] ()
< End of report >

  • 0

#198
michaelg9
Posted 13 September 2011 - 01:13 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.

[Kill All Processes]
[Unregister Dlls]
[Win32 Services - Safe List]
YN -> (496336CA) 496336CA [On_Demand | Stopped] ->
[Registry - Safe List]
< Internet Explorer Settings [HKEY_CURRENT_USER\] > ->
YN -> HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 31 CF 7A 26 E1 64 CC 01 [binary data]
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
YY -> HKLM\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085} -> C:\PROGRAM FILES\OBJECT\FACETHEME
[Files/Folders - Created Within 30 Days]
NY -> The will never find us here -> C:\The will never find us here
[Files/Folders - Modified Within 30 Days]
NY -> 73 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp
NY -> 118 C:\Users\LENOVO\AppData\Local\temp\*.tmp files -> C:\Users\LENOVO\AppData\Local\temp\*.tmp
NY -> 118 C:\Users\LENOVO\AppData\Local\temp\*.tmp files -> C:\Users\LENOVO\AppData\Local\temp\*.tmp
[Files - No Company Name]
NY -> Eventclr.exe -> C:\Windows\Eventclr.exe
[Purity]
[Empty Temp Folders]
[EmptyFlash]
[Reboot]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here

I will review the information when it comes back in.



Next:

Delete OTL as its outdated. Download its new copy:

Posted Image OTL Custom Scan
  • Download OTL to your Desktop
  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
  • Select Scan all users
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scans/Fixes box copy and paste this in:

    C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scratch\*.* /s
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch\*.* /s
    C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BYOB\*.* /s
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYOB\*.* /s
    C:\Users\LENOVO\AppData\Roaming\ECSoftware\*.* /s
    C:\ProgramData\ECSoftware\*.* /s
    C:\Users\LENOVO\AppData\Local\My Games\*.* /s
    C:\Windows\Profiles\*.* /s

  • Click the Posted Image button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt in Notepad window.
  • Please copy (Edit->Select All, Edit->Copy) the content of this file and post it with your next reply.

Next:

Can you tell me what problems your computer has?
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP