Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Possible malware - Corruption, Avast not working

Started by Bismillah , Nov 18 2011 12:24 PM

  • Please log in to reply

#16
Bismillah
Posted 27 November 2011 - 02:49 PM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
after combofix the laptop wouldnt connect to the internet so i ddi last known good


ComboFix 11-11-27.02 - LENOVO 27/11/2011 19:26:13.10.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.44.1033.18.1943.1038 [GMT 0:00]
Running from: c:\users\LENOVO\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TPAPSLOG.LOG
c:\windows\system32\TPHDLOG0.LOG
.
.
((((((((((((((((((((((((( Files Created from 2011-10-27 to 2011-11-27 )))))))))))))))))))))))))))))))
.
.
2011-11-27 19:44 . 2011-11-27 19:44 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2011-11-27 19:44 . 2011-11-27 19:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-11-27 19:44 . 2011-11-27 19:44 -------- d-----w- c:\users\LENOVO\AppData\Local\temp
2011-11-27 19:44 . 2011-11-27 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-25 18:47 . 2011-11-25 18:48 -------- d-----w- C:\Desktop
2011-11-25 16:28 . 2011-11-27 15:59 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{371B769A-BFA5-45B4-8E9A-FB6DD315980D}\offreg.dll
2011-11-25 16:28 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{371B769A-BFA5-45B4-8E9A-FB6DD315980D}\mpengine.dll
2011-11-23 20:56 . 2011-11-23 20:56 -------- d-----w- c:\users\LENOVO\AppData\Roaming\SUPERAntiSpyware.com
2011-11-23 20:55 . 2011-11-23 20:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-23 20:55 . 2011-11-23 20:55 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-21 17:09 . 2011-11-21 17:09 -------- d-----w- c:\program files\CCleaner
2011-11-16 23:21 . 2011-11-16 23:25 -------- d-----w- c:\program files\PakkISO
2011-11-13 14:52 . 2011-11-13 14:53 -------- d-----w- C:\.mpr_file_store_32
2011-11-09 15:10 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-09 15:10 . 2011-09-20 21:02 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 15:09 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-06 00:42 . 2011-11-06 00:42 -------- d-----w- C:\games
2011-11-04 23:20 . 2011-11-04 23:29 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-10-30 19:37 . 2011-10-30 19:37 -------- d-----w- c:\program files\iPod
2011-10-30 19:37 . 2011-10-30 19:38 -------- d-----w- c:\program files\iTunes2
2011-10-30 19:29 . 2011-10-30 19:29 -------- d-----w- c:\program files\Bonjour
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-24 14:29 . 2011-10-24 14:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 14:29 . 2011-10-24 14:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-16 22:12 . 2011-06-18 17:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-30 23:06 . 2011-10-13 16:59 916480 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 23:02 . 2011-10-13 16:59 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:01 . 2011-10-13 16:59 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 23:01 . 2011-10-13 16:59 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 23:01 . 2011-10-13 16:59 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 22:07 . 2011-10-13 16:59 385024 ----a-w- c:\windows\system32\html.iec
2011-09-30 21:29 . 2011-10-13 16:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:28 . 2011-10-13 16:59 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-06 21:45 . 2010-08-25 16:06 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 21:45 . 2010-08-25 16:06 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 21:38 . 2011-03-01 21:39 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 21:37 . 2010-08-25 16:07 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 21:36 . 2010-08-25 16:07 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 21:36 . 2010-08-25 16:07 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 21:36 . 2010-08-25 16:07 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 21:36 . 2010-08-25 16:07 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 13:30 . 2011-10-13 16:59 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-09-05 20:20 . 2010-09-22 19:23 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-31 16:00 . 2010-09-02 00:15 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-30 23:05 . 2011-08-30 23:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 23:05 . 2011-08-30 23:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 23:05 . 2011-08-30 23:05 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-30 23:05 . 2011-08-30 23:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 21:45 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\LENOVO\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\LENOVO\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\LENOVO\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\LENOVO\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2008-10-07 256576]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2009-04-26 61728]
"TpShocks"="TpShocks.exe" [2009-02-03 181536]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-23 1725736]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2009-01-28 185688]
"LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2009-01-28 124248]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-04-22 49976]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2009-04-15 660768]
"CreateLMBCShortCut"="c:\program files\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe" [2009-04-13 40960]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-24 487424]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2009-12-10 435560]
"ACWlIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe" [2009-12-10 181608]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2009-03-05 3093816]
"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-04-14 15136]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-09-06 3722416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-12 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-12 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-12 145944]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-08-30 273528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes2\iTunesHelper.exe" [2011-10-09 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
.
c:\users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\LENOVO\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-2 24183152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ShortKeys 2.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ShortKeys 2.lnk
backup=c:\windows\pss\ShortKeys 2.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ShortKeys 3.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ShortKeys 3.lnk
backup=c:\windows\pss\ShortKeys 3.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-09 18:06 421736 ----a-w- c:\program files\iTunes2\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 14:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2011-02-18 10:47 79192 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-09-06 18:02 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-08-30 22:55 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-07-11 48192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-09-12 136176]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-03-30 45424]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2008-10-27 106496]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-09-12 136176]
R3 MUXP;My WiFi PAN Mux-IM Protocol Driver;c:\windows\system32\DRIVERS\mux.sys [2009-02-09 29232]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2009-02-11 204800]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-10-21 4208208]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
R4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2011-04-08 229376]
R4 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-25 1120752]
R4 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-01-29 20520]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2008-10-27 1676536]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2008-10-27 98304]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-04-15 66848]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-04-02 62320]
S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-24 520192]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2008-09-19 3881472]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2008-09-19 54784]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2008-10-27 482176]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2009-08-14 220152]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 MUXMP;My WiFi PAN MUX-IM Virtual Miniport Driver;c:\windows\system32\DRIVERS\mux.sys [2009-02-09 29232]
S3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [2009-02-09 3715072]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
Akamai REG_MULTI_SZ Akamai
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-01 c:\windows\Tasks\FinalTorrent Update Checker.job
- c:\program files\FinalTorrent\FTCheckForUpdates.exe [2011-08-31 14:24]
.
2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-12 18:00]
.
2011-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-12 18:00]
.
2011-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1853308285-865056411-922338472-1000Core.job
- c:\users\LENOVO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-26 17:30]
.
2011-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1853308285-865056411-922338472-1000UA.job
- c:\users\LENOVO\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-26 17:30]
.
2010-08-05 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PCDR5\pcdr5cuiw32.exe [2009-02-20 20:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://uk.search.yahoo.com/?fr=w3i&type=W3i_SP,204,0_0,StartPage,20110836,16939,0,8,0
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Save video on Savevid.com - c:\program files\Savevid\redirect.htm
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
DPF: {C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} - hxxp://shop.lenovo.com/SEUILibrary/lenovo-portal/cab/autodetect/MachineInfo.cab
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
FF - ProfilePath - c:\users\LENOVO\AppData\Roaming\Mozilla\Firefox\Profiles\xqbyuseu.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: [email protected] - c:\program files\Alwil Software\Avast5\WebRep\FF
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-CraftBukkit v8.2 - c:\users\LENOVO\Desktop\Minecraft Server\Uninstall.exe
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-11-27 19:49:15
ComboFix-quarantined-files.txt 2011-11-27 19:49
ComboFix2.txt 2011-08-27 17:45
ComboFix3.txt 2011-08-26 18:52
ComboFix4.txt 2011-08-24 16:42
ComboFix5.txt 2011-11-27 19:19
.
Pre-Run: 22,961,172,480 bytes free
Post-Run: 22,971,330,560 bytes free
.
- - End Of File - - D47DE2D7BF4027073D3E0A754C42C075
  • 0

Advertisements

#17
SweetTech
Posted 27 November 2011 - 10:58 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

Thanks for that information.

Lets see what these scans find, and see where we stand then.

Malwarebytes' Anti-Malware

I see that you have Malwarebytes' Anti-Malware installed on your computer could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform quick scan, then click on Scan
  • Leave the default options as it is and click on Start Scan
  • When done, you will be prompted. Click OK, then click on Show Results
  • Checked (ticked) all items and click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT:



ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.


  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked):
    • Enable Anti-Stealth technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NEXT:



Security Check
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

  • 0

#18
Bismillah
Posted 13 December 2011 - 03:14 PM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Hi!

Sorry ive been away i was surprised with a surprise holiday >.>

Do you still want me to do these things?

Ive returned and my c drive is now err full?

Hiberfil.sys and pagefile.sys are taking up together about 5GB
  • 0

#19
SweetTech
Posted 14 December 2011 - 07:14 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts

Ive returned and my c drive is now err full?

Can you please elaborate on that a little bit more?
  • 0

#20
Bismillah
Posted 14 December 2011 - 09:55 AM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Well it just seems that loads of things for some reason is being saved as Paged memory in my pagefile.sys file and hiberfil.sys is quite full altogether they are about 6gb i have set Pagefile to reset on shutdown but it just fills up so quickly.

MSDOS.sys and IO.sys are still in my c drive with 0 kb


I admit i have a few heavy games installed from steam but when adding up all the things i have installed it only works out as about 25 gb.

Where has the other 100 gb gone? D:

Would buying a external hard drive be worth it?
  • 0

#21
SweetTech
Posted 14 December 2011 - 11:34 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
hmm... That's interesting.

For right now I'd like to have you try and run those scans in my previous post.

It may be worth it to purchase an external hard drive to place some of the bigger files on.
  • 0

#22
Bismillah
Posted 23 December 2011 - 01:46 PM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Hi im back!

I now have an external hard drive with 750gb

How would i go about moving files over? is there a way to get windows to store paged memory on the drive?

I also ran chkdsk /r and it deleted some corrupted attributes
  • 0

#23
SweetTech
Posted 28 December 2011 - 12:08 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Good Evening!

Apologies for not responding to your thread sooner.

How would i go about moving files over? is there a way to get windows to store paged memory on the drive?

You should be able to just copy the files over from the main hard drive to the external drive. You may find it beneficial to look into a utility called TeraCopy. It's a utility I use on my own computer, especially when I'm moving a large amount of files from one drive to another.


I also ran chkdsk /r and it deleted some corrupted attributes

Okay.

When you get a chance I'd still like to see the log files from the MalwareBytes' Anti-Malware scan, the ESET Online Virus Scanner log, as well as the SecurityCheck log file.

Kindest Regards,
SweetTech.
  • 0

#24
Bismillah
Posted 28 December 2011 - 02:07 PM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Is there a way to get paged memory to save to the external hard drive rather then C drive?
Also is it possible to move whole files like Steam? So that when i click the steam.exe on my desktop it runs steam from the external hard drive rather then c drive?

Completely forgot about the scans! sorry D:

ESET is running and MBAM keeps crashing when i try to run it :/




Heres the security check log
Although not listed here i do have superantispyware installed but it isnt running, ive disabled it to run on boot.

Results of screen317's Security Check version 0.99.30
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java DB 10.5.3.0
Java™ 6 Update 26
Java™ 7
Java™ SE Development Kit 6 Update 23
Java™ SE Development Kit 7
Adobe Flash Player 10.0.12.36 Flash Player out of Date!
Adobe Reader X (10.1.1)
Mozilla Firefox (3.6.13) Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
``````````End of Log````````````
  • 0

#25
Bismillah
Posted 28 December 2011 - 02:32 PM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Well it appears the crashing problem has got worse when i load up windows everythings fine but after a while explorer starts crashing, ie starts crashing, msn starts crashing then after a while the screen just freezes and my mouse just stops moving so i have to do a hard reboot meaning eset is unable to complete.


Also windows keeps telling me i have no antivirus installed, even when Avast is running in the taskbar? Hm :S

Edited by nortan360, 28 December 2011 - 02:40 PM.

  • 0

Advertisements

#26
SweetTech
Posted 30 December 2011 - 12:45 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi nortan360!

I just noticed the following in your signature:

Intraining Student at 247Fixes


Before we continue, I must stop and make sure that you have made Dakeyras over at 247Fixes aware that I'm currently helping you here at G2G.

--------------------

Is there a way to get paged memory to save to the external hard drive rather then C drive?

It appears that this is something that is possible with Windows Vista; however, I'm not sure if it's something that is recommended. I was able to find information on doing this on eHow.com.

Link: http://www.ehow.com/...hard-drive.html

I'm going to ask a colleague about what his thoughts on doing this are, and see if I can get some more information from him.

Also is it possible to move whole files like Steam? So that when i click the steam.exe on my desktop it runs steam from the external hard drive rather then c drive?

It does appear to be possible. Please see this information here: https://support.stea...=7418-YUBN-8129

ESET is running and MBAM keeps crashing when i try to run it :/

When you say MBAM keeps crashing is it giving you BSOD or is it just freezing up on you?

Although not listed here i do have superantispyware installed but it isnt running, ive disabled it to run on boot.

Okay, thanks for that information.

Please run this OTL scan for me:

Re-Running OTL

We need to create a New FULL OTL Report
  • Please download OTL from here if you have not done so already:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized

  • 0

#27
Bismillah
Posted 30 December 2011 - 12:02 PM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Ive alerted Dakeyras, my signature has always said intraining at 247fixed ive only updated it because ive moved from novice pl's to student pl's

Mbam freezes meaning i just have to end the process and OTL still freezes on scanning modules like it did before (meaning i have to end the process).

Thanks for your help, i hope youve had a lovely christmas :)
  • 0

#28
SweetTech
Posted 01 January 2012 - 04:19 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

I did have a lovely Christmas, I hope you had the same.

Re-Scanning with DDS
Please re-run DDS by sUBs.
Make sure to pay attention to the directions below:
  • Disable any script blocking protection (How to Disable your Security Programs)
  • Double click DDS icon to run the tool (may take up to 3 minutes to run)
  • When done, DDS.txt will open.
  • After a few moments, attach.txt will open in a second window.
  • Save both reports to your desktop.
---------------------------------------------------
  • Post the contents of the DDS.txt & Attach.txt reports in your next reply.

  • 0

#29
Bismillah
Posted 01 January 2012 - 09:10 AM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19170 BrowserJavaVersion: 10.0.0
Run by LENOVO at 15:02:45 on 2012-01-01
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.44.1033.18.1943.743 [GMT 0:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\DTS.exe
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\AtService.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft\BingBar\BBSvc.EXE
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes2\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe
C:\Users\LENOVO\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Lenovo\Client Security Solution\password_manager.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Windows\System32\TPHDEXLG.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://uk.search.yahoo.com/?fr=w3i&type=W3i_SP,204,0_0,StartPage,20110836,16939,0,8,0
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [TPFNF7] c:\program files\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [TpShocks] TpShocks.exe
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [FingerPrintSoftware] "c:\program files\lenovo fingerprint software\fpapp.exe" \s
mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe
mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe
mRun: [Message Center Plus] c:\program files\lenovo\message center plus\MCPLaunch.exe /start
mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
mRun: [CreateLMBCShortCut] "c:\program files\lenovo\mobile broadband connect\UserShortcutCreator.exe"
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe
mRun: [ACWlIcon] c:\program files\thinkpad\connectutilities\ACWlIcon.exe
mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent
mRun: [LENOVO.TPFNF6R] c:\program files\lenovo\hotkey\TPFNF6R.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes2\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\lenovo\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\lenovo\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\samsun~1.lnk - c:\program files\clarus\samsung drive manager\ABRTMon.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Save video on Savevid.com - c:\program files\savevid\redirect.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1303935397869
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} - hxxp://shop.lenovo.com/SEUILibrary/lenovo-portal/cab/autodetect/MachineInfo.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{0619E38C-9AF6-4A56-9879-67D1540B1097} : DhcpNameServer = 8.8.8.8 4.2.2.1
TCP: Interfaces\{3E585CBA-6D6C-4AF4-9BF8-C22BE2AE4807} : DhcpNameServer = 194.168.4.100 194.168.8.100
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\lenovo\appdata\roaming\mozilla\firefox\profiles\xqbyuseu.default\
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\itunes2\mozilla plugins\npitunes.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\users\lenovo\appdata\local\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\users\lenovo\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: [email protected] - c:\program files\alwil software\avast5\webrep\FF
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\real\realplayer\browserrecordplugin\firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-1-29 20520]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-1 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-8-25 320856]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2008-10-23 13480]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-8-25 20568]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-8-25 54616]
R2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2008-10-27 1676536]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-8-25 44768]
R2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
R2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2008-10-27 98304]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\firebird\firebird_2_5\bin\fbguard.exe [2011-6-24 98304]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-8-5 66848]
R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2009-5-15 62320]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2008-5-24 520192]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-8-5 3881472]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-8-5 54784]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2008-10-27 482176]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6032.sys [2009-8-14 220152]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\firebird\firebird_2_5\bin\fbserver.exe [2011-6-24 3735552]
R3 intelkmd;intelkmd;c:\windows\system32\drivers\igdkmd32.sys [2010-8-5 2381312]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
R3 MUXMP;My WiFi PAN MUX-IM Virtual Miniport Driver;c:\windows\system32\drivers\mux.sys [2009-2-9 29232]
R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2009-2-9 3715072]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2008-2-22 37312]
S1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2010-8-5 48192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-12 136176]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2009-5-15 45424]
S3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2008-10-27 106496]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-8-25 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-12 136176]
S3 MUXP;My WiFi PAN Mux-IM Protocol Driver;c:\windows\system32\drivers\mux.sys [2009-2-9 29232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\intel\wifi\bin\PanDhcpDns.exe [2009-2-11 204800]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2007-4-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2007-4-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2007-4-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2007-4-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2007-4-23 98568]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-21 21504]
S4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2011-8-20 229376]
S4 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-4-25 1120752]
S4 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\lenovo\rescue and recovery\UpdateMonitor.exe [2008-5-24 360448]
.
=============== Created Last 30 ================
.
2012-01-01 13:34:53 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{250226a2-9374-4c39-992e-0fb16c1c2a2a}\offreg.dll
2011-12-28 20:12:03 -------- d-----w- c:\users\lenovo\appdata\local\Roblox
2011-12-28 19:59:54 -------- d-----w- c:\users\lenovo\appdata\roaming\TeraCopy
2011-12-28 19:59:36 -------- d-----w- c:\program files\TeraCopy
2011-12-28 01:52:41 -------- d-----w- c:\program files\proXPN
2011-12-28 01:17:53 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-12-23 19:31:43 -------- d-sh--w- C:\found.002
2011-12-23 19:13:22 -------- d-----w- c:\program files\Clarus
2011-12-20 16:54:32 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{250226a2-9374-4c39-992e-0fb16c1c2a2a}\mpengine.dll
2011-12-17 14:51:41 1503232 ------w- c:\program files\microsoft games\age of empires\EMPIRESX.EXE
2011-12-17 14:51:34 282682 ------w- c:\program files\microsoft games\age of empires\Uninstx.Exe
2011-12-17 14:51:34 2396160 ------w- c:\program files\microsoft games\age of empires\SETUPEXP.DLL
2011-12-17 14:51:32 160256 ------w- c:\program files\microsoft games\age of empires\languagex.dll
2011-12-17 14:51:12 29184 ------w- c:\program files\microsoft games\age of empires\data2\closedpw.exe
2011-12-17 14:45:29 271360 ------w- c:\program files\microsoft games\age of empires\UNINSTAL.EXE
2011-12-17 14:45:29 2662400 ------w- c:\program files\microsoft games\age of empires\SETUPENU.DLL
2011-12-17 14:44:58 29184 ------w- c:\program files\microsoft games\age of empires\data\closedpw.exe
2011-12-17 14:44:56 174080 ------w- c:\program files\microsoft games\age of empires\language.dll
2011-12-17 14:44:55 32768 ------w- c:\program files\microsoft games\age of empires\AoEHlp.dll
2011-12-17 14:44:55 32768 ------w- c:\program files\microsoft games\age of empires\aelaunch.dll
2011-12-17 14:44:55 1470464 ------w- c:\program files\microsoft games\age of empires\Empires.exe
2011-12-13 20:40:23 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-13 20:39:29 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-13 20:39:25 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-12-13 20:39:25 247808 ----a-w- c:\program files\internet explorer\ieproxy.dll
2011-12-13 20:39:23 129536 ----a-w- c:\program files\internet explorer\sqmapi.dll
2011-12-13 20:34:46 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-13 20:34:40 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 20:34:33 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-13 20:34:20 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-12-13 20:34:00 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-12-13 20:33:33 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-12 23:33:32 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-12-12 23:33:32 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-12-12 23:33:28 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2011-12-12 23:33:28 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-12-12 23:33:27 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2011-12-12 23:33:26 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-12-12 23:33:25 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2011-12-12 23:33:24 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2011-12-12 23:33:19 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-12-12 23:33:18 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-12-12 23:33:12 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-12-12 23:33:10 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-12-12 23:07:50 -------- d--h--w- c:\windows\msdownld.tmp
2011-12-12 23:07:28 -------- d-----w- c:\windows\system32\directx
2011-12-12 19:22:15 115920 ----a-w- c:\windows\system32\MSINET.OCX
2011-12-02 21:09:39 -------- d-----w- c:\users\lenovo\appdata\roaming\redsn0w
.
==================== Find3M ====================
.
2011-12-12 19:20:39 140488 ----a-w- c:\windows\system32\comdlg32.ocx
2011-11-03 06:17:38 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-03 06:17:23 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 06:17:08 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-11-03 06:17:08 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-11-03 05:22:43 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 04:45:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-11-03 04:43:59 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-24 14:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 14:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-16 22:12:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 15:07:08.94 ===============
  • 0

#30
Bismillah
Posted 01 January 2012 - 09:11 AM

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume1
Install Date: 05/08/2010 14:41:18
System Uptime: 01/01/2012 14:58:18 (1 hours ago)
.
Motherboard: LENOVO | | 6475WRB
Processor: Intel® Core™2 Duo CPU P8700 @ 2.53GHz | None | 2533/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 126 GiB total, 8.178 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 699 GiB total, 696.299 GiB free.
F: is Removable
Q: is FIXED (NTFS) - 21 GiB total, 15.981 GiB free.
S: is FIXED (NTFS) - 1 GiB total, 0.689 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
Access Help
Acrobat.com
Action Replay Code Manager
Adobe Acrobat 4.0
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Adobe Shockwave Player 11.6
aerosoft's - Brighton-Portsmouth
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
ATI Uninstaller
avast! Free Antivirus
Bing Bar
BlackBerry Desktop Software 6.1
Blockyard
Bonjour
BYOB
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Dutch
CCC Help English
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Portuguese
CCC Help Spanish
CCC Help Swedish
CCleaner
Cheat Engine 5.6.1
Class_50_Content_Update
Client Security - Password Manager
Conexant 20561 SmartAudio HD
Drag-to-Disc
DriverMax 5
Dropbox
EB Brighton Belle (Sound Set) 1.00
Effective File Search 6.8
EpicBot
EPSON Printer Software
EPSON Scan
ESET Online Scanner v3
Europa Universalis III
Eurostar for MSTS v2.1
File Type Assistant
FileHippo.com Update Checker
FinalTorrent 2011
Firebird 2.5.0.26074 (Win32)
GlassFish Server Open Source Edition 3.0.1
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Help Center
HexEdit
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947789)
iCloud
IconChanger
InstallIQ Updater
Intel PROSet Wireless
Intel® Management Engine Interface
Intel® PROSet/Wireless WiFi Software
InterVideo Register Manager
InterVideo WinDVD
iTunes
Java Auto Updater
Java DB 10.5.3.0
Java™ 6 Update 26
Java™ 7
Java™ SE Development Kit 6 Update 23
Java™ SE Development Kit 7
Junk Mail filter update
Just Great Software EditPad Lite 6.7.1
JV1 Jet Test Vehicle for MSTS v1.0
Lenovo Fingerprint Software
Lenovo Hard Drive Quick Test
Lenovo Registration
Lenovo System Interface Driver
Lenovo System Toolbox
Lenovo Welcome
Lint Remix for MSTS v1.0
Malwarebytes' Anti-Malware version 1.51.2.1300
ManyCam 2.4 (remove only)
Message Center
Message Center Plus
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Age of Empires
Microsoft Age of Empires Expansion
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Help Viewer 1.0
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP1 Design Tools English
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server System CLR Types
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Train Simulator
Microsoft Visual C# 2008 Express Edition with SP1 - ENU
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
Mobile Broadband Connect
MobileMe Control Panel
Mozilla Firefox (3.6.13)
MSI to redistribute MS VS2005 CRT libraries
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MySQL Connector Net 5.2.5
MySQL Connector/Net 5.0.8
MySQL Connector/ODBC 5.1
NDS Xploder Gamesaves
NetBeans IDE 6.9.1
NetBeans IDE 7.0.1
No-IP DUC
Notepad++
NS DD-AR for MSTS v1.2
NS Mat'54 for MSTS v1.6
On Screen Display
OpenAL
PakkISO 0.4
Panda USB Vaccine 1.0.1.4
Pando Media Booster
Presentation Director
Product Recovery Disc Burning Utility
Productivity Center Supplement for ThinkPad
proXPN 2.4.11
Puran Defrag Free Edition 7.3
PX Profile Update
QuickTime
REACTOR
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Registry patch for Windows Vista USB S3 PM Enablement
Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista
Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista
Registry patch to improve USB device detection on resume from sleep for Windows Vista
Rescue and Recovery
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
RICOH R5U230 Media Driver ver.2.02.02.01
Roblox
Roblox for LENOVO
Roxio Activation Module
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Creator Business Edition
Roxio Express Labeler 3
RS2Bot
SAM Broadcaster v4
Samsung Drive Manager
SaveVid Plug-in
SBITS
Scratch
SD40-2_Content_Update
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB2251487)
Security Update for Microsoft Visual C# 2010 Express - ENU (KB2251489)
Service Pack.090811.001 for Queens Town (Battersea) 1.00
Service Pack.090811.002 for (North Croydon Area) 1.00
Shockwave
ShortKeys Lite
Sid Meier's Civilization III: Complete
Sid Meier's Civilization V
Skins
SmartFTP Client
SmartFTP Client 4.0 Setup Files (remove only)
Sonic CinePlayer Decoder Pack
Sonic Icons for Lenovo
Speccy
Star Wars - Battlefront II
Star Wars: Empire at War Gold
Steam
SUPERAntiSpyware
swMSM
TeamSpeak 3 Client
TeraCopy 2.27
The Hat 2.3
ThinkPad EasyEject Utility
ThinkPad FullScreen Magnifier
ThinkPad Hotkey Features Setup
ThinkPad Mobility Center Customization
ThinkPad Modem Adapter
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad UltraNav Driver
ThinkPad UltraNav Utility
ThinkVantage Access Connections
ThinkVantage Active Protection System
ThinkVantage Productivity Center
ThinkVantage Status Gadget
TortoiseSVN 1.6.15.21042 (32 bit)
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Wireless BroadbandAccess Self Activation
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Wallpapers
Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (10/02/2008 8.1.2.37)
Windows Driver Package - Intel (e1yexpress) Net (08/22/2008 9.52.10.1001)
Windows Driver Package - Intel (iaStor) hdc (02/11/2009 8.8.0.1009)
Windows Driver Package - Intel hdc (02/20/2008 6.9.1.1001)
Windows Driver Package - Intel System (01/30/2008 8.6.1.1001)
Windows Driver Package - Intel System (02/20/2008 8.6.1.1002)
Windows Driver Package - Intel System (02/20/2008 8.7.0.1007)
Windows Driver Package - Intel System (09/15/2006 7.0.0.1011)
Windows Driver Package - Intel USB (02/05/2007 8.3.0.1011)
Windows Driver Package - Lenovo 1.53 (03/19/2009 1.53)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
WinRAR archiver
Wurm Online 2.7.5g
YouTube Downloader 2.7.2
ZD Soft Screen Recorder 4.1.3.0
Zylom Games Player Plugin
.
==== Event Viewer Messages From Past Week ========
.
31/12/2011 23:06:21, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 6 time(s).
31/12/2011 23:06:08, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 5 time(s).
31/12/2011 21:59:47, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
31/12/2011 21:59:17, Error: Service Control Manager [7010] - A timeout (30000 milliseconds) was reached while waiting for ReadFile.
31/12/2011 21:57:51, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
31/12/2011 21:47:48, Error: EventLog [6008] - The previous system shutdown at 21:45:07 on 31/12/2011 was unexpected.
31/12/2011 18:13:09, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
31/12/2011 18:13:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
31/12/2011 14:58:35, Error: EventLog [6008] - The previous system shutdown at 14:48:20 on 31/12/2011 was unexpected.
31/12/2011 14:17:35, Error: EventLog [6008] - The previous system shutdown at 14:15:51 on 31/12/2011 was unexpected.
31/12/2011 14:16:22, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
31/12/2011 14:10:23, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\RegBack\SYSTEM' was corrupted and it has been recovered. Some data might have been lost.
31/12/2011 14:02:17, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
31/12/2011 14:02:17, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
31/12/2011 00:32:21, Error: EventLog [6008] - The previous system shutdown at 00:31:12 on 31/12/2011 was unexpected.
30/12/2011 19:11:41, Error: EventLog [6008] - The previous system shutdown at 19:02:05 on 30/12/2011 was unexpected.
30/12/2011 14:01:09, Error: EventLog [6008] - The previous system shutdown at 13:59:03 on 30/12/2011 was unexpected.
30/12/2011 13:28:05, Error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database.
30/12/2011 02:57:58, Error: Service Control Manager [7016] - The Data Transfer Service service has reported an invalid current state 0.
30/12/2011 02:54:13, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 12 time(s).
30/12/2011 01:54:47, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 11 time(s).
30/12/2011 01:54:28, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 10 time(s).
30/12/2011 01:44:26, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 9 time(s).
30/12/2011 01:12:12, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 8 time(s).
29/12/2011 22:54:57, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
29/12/2011 22:54:56, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
29/12/2011 22:54:56, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
29/12/2011 22:53:22, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): 'SYSTEM' was corrupted and it has been recovered. Some data might have been lost.
29/12/2011 22:51:09, Error: EventLog [6008] - The previous system shutdown at 22:47:54 on 29/12/2011 was unexpected.
29/12/2011 22:46:10, Error: EventLog [6008] - The previous system shutdown at 22:44:17 on 29/12/2011 was unexpected.
29/12/2011 19:37:58, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 173.0.3.194 for the Network Card with network address 00FF0619E38C has been denied by the DHCP server 173.0.2.254 (The DHCP Server sent a DHCPNACK message).
29/12/2011 19:04:35, Error: EventLog [6008] - The previous system shutdown at 19:00:54 on 29/12/2011 was unexpected.
29/12/2011 18:46:16, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
29/12/2011 18:46:16, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
29/12/2011 18:42:54, Error: EventLog [6008] - The previous system shutdown at 17:19:12 on 29/12/2011 was unexpected.
29/12/2011 17:01:25, Error: EventLog [6008] - The previous system shutdown at 01:39:27 on 29/12/2011 was unexpected.
29/12/2011 00:59:03, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 173.0.10.177 for the Network Card with network address 00FF0619E38C has been denied by the DHCP server 173.0.3.254 (The DHCP Server sent a DHCPNACK message).
29/12/2011 00:44:38, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user LENOVO-PC\LENOVO SID (S-1-5-21-1853308285-865056411-922338472-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
29/12/2011 00:11:39, Error: EventLog [6008] - The previous system shutdown at 00:10:08 on 29/12/2011 was unexpected.
28/12/2011 22:31:55, Error: bowser [8003] - The master browser has received a server announcement from the computer DAN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3E585CBA-6D6C-4AF4-9BF8-C22BE2AE480. The master browser is stopping or an election is being forced.
28/12/2011 22:13:04, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 173.0.3.178 for the Network Card with network address 00FF0619E38C has been denied by the DHCP server 173.0.10.254 (The DHCP Server sent a DHCPNACK message).
28/12/2011 20:22:16, Error: EventLog [6008] - The previous system shutdown at 20:19:59 on 28/12/2011 was unexpected.
28/12/2011 19:41:10, Error: EventLog [6008] - The previous system shutdown at 19:37:42 on 28/12/2011 was unexpected.
28/12/2011 19:40:00, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Q:.
28/12/2011 17:47:40, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 173.0.5.190 for the Network Card with network address 00FF0619E38C has been denied by the DHCP server 173.0.3.254 (The DHCP Server sent a DHCPNACK message).
28/12/2011 16:44:13, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 173.0.3.164 for the Network Card with network address 00FF0619E38C has been denied by the DHCP server 173.0.5.254 (The DHCP Server sent a DHCPNACK message).
28/12/2011 16:32:20, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 173.0.5.180 for the Network Card with network address 00FF0619E38C has been denied by the DHCP server 173.0.3.254 (The DHCP Server sent a DHCPNACK message).
28/12/2011 16:21:11, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 173.0.8.189 for the Network Card with network address 00FF0619E38C has been denied by the DHCP server 173.0.5.254 (The DHCP Server sent a DHCPNACK message).
28/12/2011 13:51:00, Error: EventLog [6008] - The previous system shutdown at 13:49:30 on 28/12/2011 was unexpected.
28/12/2011 13:15:47, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 173.0.1.183 for the Network Card with network address 00FF0619E38C has been denied by the DHCP server 173.0.8.254 (The DHCP Server sent a DHCPNACK message).
28/12/2011 02:21:57, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 173.0.5.167 for the Network Card with network address 00FF0619E38C has been denied by the DHCP server 173.0.1.254 (The DHCP Server sent a DHCPNACK message).
28/12/2011 01:30:08, Error: EventLog [6008] - The previous system shutdown at 01:27:26 on 28/12/2011 was unexpected.
28/12/2011 00:12:06, Error: Service Control Manager [7031] - The Firebird Guardian - DefaultInstance service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
27/12/2011 23:16:40, Error: EventLog [6008] - The previous system shutdown at 23:14:45 on 27/12/2011 was unexpected.
27/12/2011 19:29:57, Error: EventLog [6008] - The previous system shutdown at 19:28:16 on 27/12/2011 was unexpected.
27/12/2011 18:52:29, Error: EventLog [6008] - The previous system shutdown at 18:50:21 on 27/12/2011 was unexpected.
27/12/2011 17:57:33, Error: EventLog [6008] - The previous system shutdown at 17:55:53 on 27/12/2011 was unexpected.
27/12/2011 12:50:08, Error: EventLog [6008] - The previous system shutdown at 12:48:30 on 27/12/2011 was unexpected.
27/12/2011 00:03:33, Error: EventLog [6008] - The previous system shutdown at 00:01:06 on 27/12/2011 was unexpected.
26/12/2011 19:02:04, Error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error.
26/12/2011 18:58:17, Error: EventLog [6008] - The previous system shutdown at 18:57:11 on 26/12/2011 was unexpected.
26/12/2011 14:10:29, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
26/12/2011 13:41:24, Error: EventLog [6008] - The previous system shutdown at 13:39:52 on 26/12/2011 was unexpected.
26/12/2011 13:17:04, Error: EventLog [6008] - The previous system shutdown at 02:06:15 on 26/12/2011 was unexpected.
26/12/2011 00:36:12, Error: EventLog [6008] - The previous system shutdown at 00:34:17 on 26/12/2011 was unexpected.
25/12/2011 22:28:57, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Eventlog service.
25/12/2011 22:18:29, Error: EventLog [6008] - The previous system shutdown at 22:17:20 on 25/12/2011 was unexpected.
25/12/2011 19:51:34, Error: EventLog [6008] - The previous system shutdown at 19:49:24 on 25/12/2011 was unexpected.
25/12/2011 18:09:28, Error: EventLog [6008] - The previous system shutdown at 18:05:46 on 25/12/2011 was unexpected.
25/12/2011 13:42:15, Error: EventLog [6008] - The previous system shutdown at 13:39:48 on 25/12/2011 was unexpected.
01/01/2012 15:05:29, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
01/01/2012 15:04:07, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s).
01/01/2012 15:04:07, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
01/01/2012 15:02:32, Error: Service Control Manager [7024] - The KtmRm for Distributed Transaction Coordinator service terminated with service-specific error 2147942438 (0x80070026).
01/01/2012 15:02:24, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
01/01/2012 15:01:13, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
01/01/2012 15:01:13, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
01/01/2012 15:00:15, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
01/01/2012 15:00:15, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: tvtumon
01/01/2012 15:00:15, Error: Service Control Manager [7023] - The Lenovo Microphone Mute service terminated with the following error: The system cannot find the file specified.
01/01/2012 15:00:15, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
01/01/2012 14:59:12, Error: Microsoft-Windows-TaskScheduler [412] - Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147942402. User Action: restart task scheduler service.
01/01/2012 14:58:49, Error: EventLog [6008] - The previous system shutdown at 14:57:41 on 01/01/2012 was unexpected.
01/01/2012 14:18:11, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
01/01/2012 14:16:57, Error: EventLog [6008] - The previous system shutdown at 14:15:34 on 01/01/2012 was unexpected.
01/01/2012 13:51:45, Error: EventLog [6008] - The previous system shutdown at 13:50:34 on 01/01/2012 was unexpected.
01/01/2012 02:59:02, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 4 time(s).
01/01/2012 00:59:33, Error: EventLog [6008] - The previous system shutdown at 00:57:31 on 01/01/2012 was unexpected.
01/01/2012 00:19:31, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 7 time(s).
.
==== End Of File ===========================
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP