Thanks Syler for the reply.
Here are the logs requested. I wasn't sure if you needed them attached or pasted so I did both.
OTL logfile created on: 5/28/2010 9:50:44 AM - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\jbailey.DYNEAMARK\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 54.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.24 Gb Total Space | 33.23 Gb Free Space | 23.20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3.81 Mb Total Space | 1.95 Mb Free Space | 51.02% Space Free | Partition Type: FAT
Drive F: | 232.88 Gb Total Space | 87.23 Gb Free Space | 37.46% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-3572C3E5
Current User Name: jbailey
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2010/05/28 09:47:07 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\OTL(2).exe
PRC - [2010/04/01 13:58:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/22 11:50:57 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/03/22 11:50:56 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe
PRC - [2009/08/17 22:54:54 | 012,957,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/10/24 10:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/14 19:05:30 | 000,086,016 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2008/03/14 19:04:48 | 000,118,784 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2008/03/14 19:04:28 | 000,188,416 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2008/03/14 18:58:40 | 001,646,592 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\ACMainGUI.exe
PRC - [2008/03/14 18:57:34 | 000,425,984 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
PRC - [2008/03/14 18:53:46 | 000,126,976 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
PRC - [2008/03/04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2008/01/25 14:06:08 | 000,111,904 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2008/01/24 10:21:58 | 000,066,928 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2007/11/21 18:38:38 | 000,075,040 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2007/11/02 15:51:02 | 000,036,136 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\ibmpmsvc.exe
PRC - [2007/09/26 17:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/03/21 13:42:38 | 000,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2007/03/02 20:49:00 | 000,037,680 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe
PRC - [2007/02/27 20:35:04 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2007/02/08 16:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 16:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007/02/08 16:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/02/08 14:40:16 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
PRC - [2007/01/30 21:45:42 | 000,722,496 | ---- | M] (IBM) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
PRC - [2007/01/29 23:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2006/11/03 18:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe
========== Modules (SafeList) ========== MOD - [2010/05/28 09:47:07 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\OTL(2).exe
MOD - [2010/05/14 01:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\asoehook.dll
MOD - [2009/07/12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 01:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/05/17 11:53:00 | 001,474,560 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2007/05/17 11:53:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
========== Win32 Services (SafeList) ========== SRV - [2010/03/22 11:50:56 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS)
SRV - [2009/12/04 17:41:50 | 000,121,416 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe -- (ATTRcAppSvc)
SRV - [2008/03/14 19:05:30 | 000,086,016 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2008/03/14 19:04:28 | 000,188,416 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2008/03/04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007/11/02 15:51:02 | 000,036,136 | ---- | M] (Lenovo) [Auto | Running] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2007/09/26 17:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/03/21 13:42:38 | 000,364,629 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (acs)
SRV - [2007/03/02 20:49:00 | 000,037,680 | ---- | M] (Lenovo.) [Auto | Running] -- C:\WINDOWS\system32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2007/02/27 20:35:04 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2007/02/08 16:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/02/08 16:09:58 | 000,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007/02/08 14:40:16 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- (tvtnetwk)
SRV - [2007/01/30 21:45:42 | 000,722,496 | ---- | M] (IBM) [Auto | Running] -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe -- (TSSCoreService)
SRV - [2007/01/29 23:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
========== Driver Services (SafeList) ========== DRV - [2010/05/27 09:25:35 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/27 09:25:35 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/11 06:39:39 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100527.039\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/05/11 06:39:39 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100527.039\NAVENG.SYS -- (NAVENG)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 13:44:04 | 000,537,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100429.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2009/12/04 17:32:56 | 000,024,064 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009/12/04 17:31:18 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2009/11/25 18:09:11 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/11/05 18:06:13 | 000,328,752 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009/10/28 18:37:24 | 000,329,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100520.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2009/06/04 15:37:21 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2009/05/11 13:49:11 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008/08/22 10:05:42 | 000,026,760 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/05/30 17:32:36 | 000,033,536 | ---- | M] (Lenovo) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tvtfilter.sys -- (tvtfilter)
DRV - [2008/05/30 17:31:49 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pmemnt.sys -- (pmem)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/20 04:13:00 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/02/15 19:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/21 20:34:30 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2008/01/21 20:34:28 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)
DRV - [2008/01/11 01:30:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2007/11/15 10:18:06 | 000,017,845 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPHKDRV.sys -- (TPHKDRV)
DRV - [2007/11/02 15:50:30 | 000,021,808 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2007/11/01 16:26:36 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 16:25:32 | 000,211,456 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/11/01 16:25:22 | 000,731,520 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/10/26 01:20:36 | 000,549,184 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007/10/12 16:30:46 | 000,252,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2007/07/03 18:46:24 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2007/05/17 11:53:00 | 006,346,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/03/28 14:02:00 | 000,012,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/07 02:51:08 | 000,311,808 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2007/03/02 20:49:00 | 000,100,656 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2007/03/02 20:47:00 | 000,019,760 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2007/02/27 05:02:00 | 000,868,042 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007/02/12 13:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/02/08 15:30:28 | 000,017,664 | ---- | M] (Lenovo Group Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys -- (TVTPktFilter)
DRV - [2007/01/31 09:33:46 | 000,005,632 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\avgarkt.sys -- (AVG Anti-Rootkit)
DRV - [2007/01/24 05:33:00 | 000,530,861 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007/01/24 05:27:00 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007/01/18 08:00:28 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgArCln.sys -- (AvgArCln)
DRV - [2006/11/06 04:24:56 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006/10/15 02:01:00 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/10/09 10:00:00 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/09/13 15:42:44 | 000,035,264 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2006/03/01 06:30:00 | 000,089,472 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006/02/14 01:04:58 | 000,177,664 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/02/02 08:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/02/02 08:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/02/02 08:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/02/02 08:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/02/02 08:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/02/02 08:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/02/02 08:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/11/25 17:43:48 | 000,031,896 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2005/11/18 15:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/11/18 15:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/11/18 08:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/07/13 23:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005/05/17 13:20:08 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atmeltpm.sys -- (atmeltpm)
DRV - [2003/09/11 02:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2003/05/01 13:26:34 | 000,005,220 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2001/08/17 17:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 17:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 17:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 17:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 17:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 16:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 16:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 16:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 16:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 16:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 16:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 16:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 16:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 16:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 16:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 08:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel® 82801 Audio Driver Install Service (WDM)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://lenovo.live.comIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://lenovo.live.comIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://lenovo.live.comIE - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010/05/25 20:57:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010/01/27 10:32:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/26 14:09:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/26 14:25:21 | 000,000,000 | ---D | M]
[2008/11/14 10:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jbailey.DYNEAMARK\Application Data\Mozilla\Extensions
[2010/05/28 09:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jbailey.DYNEAMARK\Application Data\Mozilla\Firefox\Profiles\7fk0tnco.default\extensions
[2010/04/27 08:24:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\jbailey.DYNEAMARK\Application Data\Mozilla\Firefox\Profiles\7fk0tnco.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/09/11 09:03:25 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Documents and Settings\jbailey.DYNEAMARK\Application Data\Mozilla\Firefox\Profiles\7fk0tnco.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2010/04/27 08:24:06 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\jbailey.DYNEAMARK\Application Data\Mozilla\Firefox\Profiles\7fk0tnco.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/11/10 13:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jbailey.DYNEAMARK\Application Data\Mozilla\Firefox\Profiles\7fk0tnco.default\extensions\firefox@tvunetworks.com
[2008/11/16 22:07:03 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Application Data\Mozilla\Firefox\Profiles\7fk0tnco.default\searchplugins\ny-giants.xml
[2010/05/26 14:09:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2009/11/25 17:55:15 | 000,000,152 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.221 viruskill2009.microsoft.com
O1 - Hosts: 91.212.127.221 viruskill2009.com
O1 - Hosts: 91.212.127.221 www.viruskill2009.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [BLOG] C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\system32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142..\Run: [ISUSPM] C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 24
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O15 - HKU\S-1-5-21-2226995957-1088261065-2424906731-1142\..Trusted Domains: ameritrade.com ([wwws] https in Trusted sites)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94}
http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94}
http://www.pcpitstop.com/internet/pcpConnCheck.cab (iCC Class)
O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797}
https://portal.dyneamark.com/XTSAC.cab (XTSAC Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://st.webex.com/client/T26L/webex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = DyneAMark.local
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll (Lenovo Group Limited)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (OWS\S) - File not found
O30 - LSA: Security Packages - (CURITY SOLUTION) - File not found
O30 - LSA: Security Packages - (y Packages sett) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 03:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: winykubd - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006/04/29 20:12:49 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe - (Avanquest Software )
MsConfig - StartUpReg:
ACTray - hkey= - key= - C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )
MsConfig - StartUpReg:
ACWLIcon - hkey= - key= - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )
MsConfig - StartUpReg:
AMSG - hkey= - key= - C:\Program Files\ThinkVantage\AMSG\Amsg.exe (LENOVO)
MsConfig - StartUpReg:
AwaySch - hkey= - key= - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
MsConfig - StartUpReg:
BLOG - hkey= - key= - C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()
MsConfig - StartUpReg:
cssauth - hkey= - key= - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
MsConfig - StartUpReg:
ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg:
DLA - hkey= - key= - File not found
MsConfig - StartUpReg:
EZEJMNAP - hkey= - key= - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Limited)
MsConfig - StartUpReg:
ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (Macrovision Corporation)
MsConfig - StartUpReg:
ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
MsConfig - StartUpReg:
LPManager - hkey= - key= - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
MsConfig - StartUpReg:
NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg:
NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg:
nwiz - hkey= - key= - File not found
MsConfig - StartUpReg:
PWRMGRTR - hkey= - key= - C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
MsConfig - StartUpReg:
SoundMAX - hkey= - key= - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
MsConfig - StartUpReg:
SoundMAXPnP - hkey= - key= - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
MsConfig - StartUpReg:
SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg:
SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg:
SynTPLpr - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
MsConfig - StartUpReg:
TPFNF7 - hkey= - key= - C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
MsConfig - StartUpReg:
TPHOTKEY - hkey= - key= - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
MsConfig - StartUpReg:
TpShocks - hkey= - key= - File not found
MsConfig - StartUpReg:
TVT Scheduler Proxy - hkey= - key= - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
MsConfig - StartUpReg:
WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (69256399187607552)
========== Files/Folders - Created Within 30 Days ========== [2010/05/28 09:47:00 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\OTL(2).exe
[2010/05/26 14:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/05/26 14:03:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jbailey.DYNEAMARK\Recent
[2010/05/26 13:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\plugins
[2010/05/26 11:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\Malware Removal Programs
[2010/05/25 09:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/05/25 09:25:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/04/30 16:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2010/04/30 16:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Guru3D.com
[2010/04/30 16:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\Guru3D.com
[2010/04/30 16:15:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\New Folder (2)
[2010/04/29 13:56:51 | 000,000,000 | ---D | C] -- C:\Program Files\DemoForge
[2010/04/29 13:55:57 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry
[2010/04/29 13:55:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jbailey.DYNEAMARK\InstallAnywhere
[2010/04/29 13:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jbailey.DYNEAMARK\Yugma
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/05/28 09:47:21 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\mbr.exe
[2010/05/28 09:47:07 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\OTL(2).exe
[2010/05/28 09:23:05 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/28 09:14:49 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2010/05/28 09:13:27 | 000,025,269 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2010/05/28 09:12:56 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/28 09:12:35 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/28 09:10:12 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/05/28 09:10:01 | 000,000,480 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2010/05/28 09:09:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/28 09:09:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/28 09:09:44 | 3202,658,304 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/27 22:36:19 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\NTUSER.DAT
[2010/05/27 22:07:01 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/05/27 20:33:02 | 000,045,145 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Seattle_Aqua_Theatre-1951.jpg
[2010/05/27 20:32:29 | 000,075,090 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\SeattlePop1969.jpg
[2010/05/27 20:15:07 | 000,071,335 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\SeattlePop_2.jpg
[2010/05/27 15:08:48 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\Microsoft Office Word 2007.lnk
[2010/05/27 14:39:56 | 003,699,963 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\ComboFix.exe
[2010/05/27 14:00:55 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\Microsoft Office Outlook 2007.lnk
[2010/05/27 10:04:10 | 002,106,616 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\AVX SolidState Connectors.pdf
[2010/05/27 09:36:56 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Latest DRS update 5-21-10.msg
[2010/05/27 09:36:32 | 000,384,000 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\RE DAM transition Lockheed .msg
[2010/05/27 09:35:04 | 000,073,216 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\REIntelligent Media Account Info.msg
[2010/05/27 09:34:36 | 000,770,560 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\DAM transition Invivo, Elster, Atheros, Avidyne, DRS, L3, Nexxus.msg
[2010/05/27 09:32:43 | 000,222,208 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Voraxis Account Info.msg
[2010/05/26 14:09:25 | 000,001,609 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/26 14:04:42 | 000,000,286 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100526_140439.reg
[2010/05/26 14:04:27 | 000,010,196 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100526_140425.reg
[2010/05/26 11:44:34 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\defogger_reenable
[2010/05/26 10:06:52 | 000,021,796 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-9-10.xlsx
[2010/05/25 22:43:03 | 000,720,924 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\Cat.DB
[2010/05/25 14:27:49 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\AVX Product Country of Origin.xls
[2010/05/25 13:14:07 | 000,021,713 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-23-10.xlsx
[2010/05/25 13:08:36 | 000,021,609 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-30-10.xlsx
[2010/05/25 10:40:24 | 000,249,458 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\AVXLighting connectors 10-09.pdf
[2010/05/25 10:37:57 | 000,351,392 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Lighting Bro 4-09.pdf
[2010/05/25 10:33:20 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-25-10 Rev3.xls
[2010/05/25 10:30:03 | 000,061,952 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-25-10 Rev 3.xls
[2010/05/25 09:55:30 | 000,001,472 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100525_095523.reg
[2010/05/25 09:19:43 | 000,001,980 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2010/05/25 09:19:27 | 000,000,434 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/05/24 18:00:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2010/05/24 11:40:24 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/05/18 10:59:36 | 000,204,394 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\8069.pdf
[2010/05/18 10:55:40 | 000,308,517 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5650_1.pdf
[2010/05/18 10:55:19 | 000,198,774 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5650_3.pdf
[2010/05/18 10:54:52 | 000,195,190 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5650_2.pdf
[2010/05/18 10:41:05 | 000,146,130 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\8005.pdf
[2010/05/18 10:32:14 | 000,177,417 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5138.pdf
[2010/05/18 10:26:01 | 000,128,476 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\6288 FFC.pdf
[2010/05/17 15:32:52 | 000,150,528 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\jb DAMC OSR Account Assignment Tracking - June 2010 - MASTER.xls
[2010/05/17 09:47:25 | 000,021,697 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-16-10.xlsx
[2010/05/16 20:28:40 | 000,001,922 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/05/14 09:35:05 | 000,057,856 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\PW.docx
[2010/05/14 02:32:01 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\isolate.ini
[2010/05/13 11:21:04 | 001,140,358 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\6882 High Speed FPC.pdf
[2010/05/13 11:04:05 | 000,010,749 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Customer-CM.xlsx
[2010/05/13 10:47:38 | 000,571,282 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5668.pdf
[2010/05/13 10:47:38 | 000,407,349 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Shielded 5668.pdf
[2010/05/13 10:47:38 | 000,246,340 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\8069 Product Spec (H=1.8mm).pdf
[2010/05/13 10:47:38 | 000,235,271 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\8069 Product Spec (H=3mm).pdf
[2010/05/13 10:47:38 | 000,192,733 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5658 Hybrid Floating BTB.pdf
[2010/05/13 09:28:08 | 000,190,794 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\AXGE-3754-05xy (SFP-1000BX40,60-D5)_V1.1.pdf
[2010/05/12 19:55:03 | 000,060,928 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-12-10 Rev 2.xls
[2010/05/12 07:03:34 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-12-10.xls
[2010/05/11 17:11:55 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-11-10.xls
[2010/05/10 15:30:24 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/05/06 14:48:20 | 000,202,865 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\EE2-KH00-10 converted.pdf
[2010/05/06 14:41:17 | 000,099,111 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\KNH21 Series.pdf
[2010/05/06 08:56:33 | 000,000,294 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100506_085630.reg
[2010/05/06 08:56:14 | 000,009,494 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100506_085611.reg
[2010/05/06 08:43:09 | 000,001,555 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\CCleaner.lnk
[2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symtdi.sys
[2010/05/06 00:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symtdiv.sys
[2010/05/06 00:01:43 | 000,001,473 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnetv.inf
[2010/05/06 00:01:43 | 000,001,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\symnet.inf
[2010/05/04 16:03:57 | 000,015,144 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\KEC Products.docx
[2010/05/03 10:59:20 | 000,021,606 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-2-10.xlsx
[2010/05/02 22:16:02 | 032,556,615 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\NY-_Time_Fades_Away.zip
[2010/04/30 17:28:14 | 004,948,904 | -H-- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Local Settings\Application Data\IconCache.db
[2010/04/30 15:23:39 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\LENOVO Order 2CP74P .msg
[2010/04/30 14:51:58 | 009,982,280 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\KEC Conn Overview.pdf
[2010/04/30 12:16:04 | 001,266,235 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\RF Antenna concepts 2010.pdf
[2010/04/30 10:38:11 | 000,042,496 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Sensitron DAM-Forecast 4 30 10.xls
[2010/04/30 08:56:34 | 000,072,080 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\g2mdlhlpx.exe
[2010/04/29 13:56:13 | 000,000,902 | ---- | M] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\Yugma.lnk
[2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\ironx86.sys
[2010/04/29 01:03:51 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\iron.cat
[2010/04/29 01:03:51 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\iron.inf
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/05/28 09:47:21 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\mbr.exe
[2010/05/27 20:33:02 | 000,045,145 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Seattle_Aqua_Theatre-1951.jpg
[2010/05/27 20:32:29 | 000,075,090 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\SeattlePop1969.jpg
[2010/05/27 20:15:06 | 000,071,335 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\SeattlePop_2.jpg
[2010/05/27 14:39:41 | 003,699,963 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\ComboFix.exe
[2010/05/27 10:04:09 | 002,106,616 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\AVX SolidState Connectors.pdf
[2010/05/27 09:36:56 | 000,100,864 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Latest DRS update 5-21-10.msg
[2010/05/27 09:36:31 | 000,384,000 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\RE DAM transition Lockheed .msg
[2010/05/27 09:35:03 | 000,073,216 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\REIntelligent Media Account Info.msg
[2010/05/27 09:34:36 | 000,770,560 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\DAM transition Invivo, Elster, Atheros, Avidyne, DRS, L3, Nexxus.msg
[2010/05/27 09:32:43 | 000,222,208 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Voraxis Account Info.msg
[2010/05/26 14:09:25 | 000,001,609 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/26 14:04:40 | 000,000,286 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100526_140439.reg
[2010/05/26 14:04:26 | 000,010,196 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100526_140425.reg
[2010/05/26 11:44:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\defogger_reenable
[2010/05/25 14:27:48 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\AVX Product Country of Origin.xls
[2010/05/25 13:08:36 | 000,021,609 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-30-10.xlsx
[2010/05/25 13:08:09 | 000,021,713 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-23-10.xlsx
[2010/05/25 10:40:24 | 000,249,458 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\AVXLighting connectors 10-09.pdf
[2010/05/25 10:37:57 | 000,351,392 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Lighting Bro 4-09.pdf
[2010/05/25 10:33:20 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-25-10 Rev3.xls
[2010/05/25 10:30:02 | 000,061,952 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-25-10 Rev 3.xls
[2010/05/25 09:55:27 | 000,001,472 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100525_095523.reg
[2010/05/18 10:55:36 | 000,308,517 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5650_1.pdf
[2010/05/18 10:55:18 | 000,198,774 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5650_3.pdf
[2010/05/18 10:54:52 | 000,195,190 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5650_2.pdf
[2010/05/18 10:41:05 | 000,146,130 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\8005.pdf
[2010/05/18 10:32:12 | 000,177,417 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5138.pdf
[2010/05/18 10:25:58 | 000,128,476 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\6288 FFC.pdf
[2010/05/17 15:32:52 | 000,150,528 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\jb DAMC OSR Account Assignment Tracking - June 2010 - MASTER.xls
[2010/05/17 09:47:25 | 000,021,697 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-16-10.xlsx
[2010/05/16 20:28:40 | 000,001,922 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/05/14 09:51:28 | 000,021,796 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-9-10.xlsx
[2010/05/13 11:34:22 | 001,298,166 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5151 Micro USB English.pdf
[2010/05/13 11:34:22 | 001,140,358 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\6882 High Speed FPC.pdf
[2010/05/13 11:04:04 | 000,010,749 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Customer-CM.xlsx
[2010/05/13 10:47:38 | 000,571,282 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5668.pdf
[2010/05/13 10:47:38 | 000,407,349 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Shielded 5668.pdf
[2010/05/13 10:47:38 | 000,246,340 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\8069 Product Spec (H=1.8mm).pdf
[2010/05/13 10:47:38 | 000,235,271 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\8069 Product Spec (H=3mm).pdf
[2010/05/13 10:47:38 | 000,204,394 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\8069.pdf
[2010/05/13 10:47:38 | 000,192,733 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\5658 Hybrid Floating BTB.pdf
[2010/05/13 09:28:07 | 000,190,794 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\AXGE-3754-05xy (SFP-1000BX40,60-D5)_V1.1.pdf
[2010/05/12 19:55:03 | 000,060,928 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-12-10 Rev 2.xls
[2010/05/12 07:03:34 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-12-10.xls
[2010/05/11 17:09:59 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Zhone Axcen SFP Quote 5-11-10.xls
[2010/05/06 14:48:19 | 000,202,865 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\EE2-KH00-10 converted.pdf
[2010/05/06 14:41:16 | 000,099,111 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\KNH21 Series.pdf
[2010/05/06 08:56:31 | 000,000,294 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100506_085630.reg
[2010/05/06 08:56:13 | 000,009,494 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\cc_20100506_085611.reg
[2010/05/04 17:06:15 | 001,266,235 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\RF Antenna concepts 2010.pdf
[2010/05/04 16:03:57 | 000,015,144 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\KEC Products.docx
[2010/05/03 10:59:19 | 000,021,606 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Expenses 5-2-10.xlsx
[2010/05/02 22:16:03 | 032,556,615 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\NY-_Time_Fades_Away.zip
[2010/04/30 15:23:39 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\LENOVO Order 2CP74P .msg
[2010/04/30 14:51:17 | 009,982,280 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\KEC Conn Overview.pdf
[2010/04/30 10:38:11 | 000,042,496 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\My Documents\Sensitron DAM-Forecast 4 30 10.xls
[2010/04/29 13:56:13 | 000,000,902 | ---- | C] () -- C:\Documents and Settings\jbailey.DYNEAMARK\Desktop\Yugma.lnk
[2010/03/19 21:17:35 | 000,026,760 | R--- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2010/03/09 22:44:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/13 17:55:17 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/15 17:50:59 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2009/01/15 17:50:07 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2009/01/15 17:50:07 | 000,000,141 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2008/10/27 16:16:02 | 000,000,138 | ---- | C] () -- C:\WINDOWS\ImageRescue3.INI
[2008/08/19 18:13:04 | 000,000,302 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2008/06/18 10:06:12 | 000,139,280 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2008/05/30 17:40:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/05/30 17:31:23 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2008/05/30 17:26:01 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/05/30 17:24:31 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/05/30 17:24:31 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/05/30 17:24:31 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/05/30 17:24:31 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/05/30 17:24:31 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/05/30 17:24:31 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/05/30 17:19:08 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/30 17:19:08 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/30 17:19:07 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/30 17:19:07 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/30 17:15:18 | 000,012,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2008/05/30 17:14:10 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2008/05/30 17:13:10 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2008/05/30 17:12:57 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2008/05/30 16:57:21 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008/01/09 15:01:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/03/02 08:15:36 | 000,025,269 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007/03/02 08:15:25 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007/02/27 20:48:38 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/02/27 20:29:32 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007/01/16 11:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/01/03 11:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 11:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 11:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/09/05 17:20:36 | 000,079,400 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2006/04/30 03:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 03:22:10 | 000,000,887 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/02/17 14:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 14:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== Custom Scans ========== < %systemroot%\system32\*.dll /lockedfiles >[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav >[2006/04/29 20:03:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/04/29 20:03:02 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/04/29 20:03:02 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\*. /mp /s > < %SYSTEMDRIVE%\*.exe >[2010/01/15 12:58:05 | 000,072,080 | ---- | M] () -- C:\g2mdlhlpx.exe
< End of report >
OTL Extras logfile created on: 5/28/2010 9:50:44 AM - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\jbailey.DYNEAMARK\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 54.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.24 Gb Total Space | 33.23 Gb Free Space | 23.20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3.81 Mb Total Space | 1.95 Mb Free Space | 51.02% Space Free | Partition Type: FAT
Drive F: | 232.88 Gb Total Space | 87.23 Gb Free Space | 37.46% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LENOVO-3572C3E5
Current User Name: jbailey
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-2226995957-1088261065-2424906731-1142\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [tralih] -- "C:\Program Files\Trader's Little Helper\tralih.exe" /0 "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"3978:UDP" = 3978:UDP:*:Enabled:Windows Media Format SDK (winamp.exe)
"3996:UDP" = 3996:UDP:*:Enabled:Windows Media Format SDK (winamp.exe)
"4318:UDP" = 4318:UDP:*:Enabled:Windows Media Format SDK (winamp.exe)
"4336:UDP" = 4336:UDP:*:Enabled:Windows Media Format SDK (winamp.exe)
"4357:UDP" = 4357:UDP:*:Enabled:Windows Media Format SDK (winamp.exe)
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
"C:\Program Files\play2p\play2p.exe" = C:\Program Files\play2p\play2p.exe:*:Disabled:play2p -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"C:\Program Files\TVUPlayer\TVUPlayer.exe" = C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component -- (TVU networks)
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\play2p\play2p.exe" = C:\Program Files\play2p\play2p.exe:*:Enabled:play2p -- File not found
"C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe" = C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe:*:Enabled:StreamTorrent P2P Media Player -- (StreamTorrent Team)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{34E9509A-583C-49A1-A57C-C9301C8D6D2C}" = CONTEX Presenter
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5B7CF62F-D339-4FAA-A610-372ED5A2787F}" = BlackBerry Desktop Software 5.0.1
"{627EAB2D-F5AE-4815-AD8E-79129D7959E7}" = Memory Stick File Rescue
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_AccessR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_AccessR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_AccessR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_AccessR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_AccessR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_AccessR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_AccessR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0015-0000-0000-0000000FF1CE}" = Microsoft Office Access 2007
"{91120000-0015-0000-0000-0000000FF1CE}_AccessR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0015-0000-0000-0000000FF1CE}_AccessR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g)
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Power Manager
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-2448-0000-800000000003}" = Chinese Traditional Fonts Support For Adobe Reader 8
"{AC76BA86-7AD7-5670-0000-800000000003}" = Korean Fonts Support For Adobe Reader 8
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2DA1CDC-EF9D-4B7C-91F8-710B17AD44A7}" = Microsoft Office Live Meeting 2007
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6876FE6-A314-4628-B0D7-F3EE5E35C4B4}" = Windows Live Toolbar
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D728E945-256D-4477-B377-6BBA693714AC}" = Productivity Center Supplement for ThinkPad
"{D81FBA6E-5492-4C46-BAE3-3A9242C27210}" = TaxCut Basic + Efile 2008
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{F055E1B2-8A05-4D87-8039-1BE979BA4193}" = Client Security Solution
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F813E3A8-1641-4510-9C35-BF4656C63B8C}" = AT&T Communication Manager
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"7-Zip" = 7-Zip 4.57
"AccessR" = Microsoft Office Access 2007
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Atomic Clock Sync" = Atomic Clock Sync
"AVGantiRootkit" = AVG Anti-Rootkit Free
"AwayTask" = Maintenance Manager
"BlackBerry_{5B7CF62F-D339-4FAA-A610-372ED5A2787F}" = BlackBerry Desktop Software 5.0.1
"CCleaner" = CCleaner
"CentraClient" = Centra Client
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Defraggler" = Defraggler (remove only)
"DMX4_is1" = DriverMax 4
"DMX5_is1" = DriverMax 5
"DVD Identifier_is1" = DVD Identifier
"EB88B6218325D2AB47CFFBF7170236B60A6198FF" = Windows Driver Package - Microsoft Corporation (usbvideo) Image (05/25/2007 1.0.3656.0)
"Exact Audio Copy" = Exact Audio Copy 0.99pb4
"ExtractNow_is1" = ExtractNow
"F13EE0B22AD5D087DFA50E3D4D6F13FC1AAAFB32" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"Family Lawyer 2003" = Family Lawyer 2003
"FL2003 Registration" = FL2003 Registration
"Free RAR Extract Frog" = Free RAR Extract Frog
"Google Updater" = Google Updater
"GPL Ghostscript 8.63" = GPL Ghostscript 8.63
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mirage Driver_is1" = Mirage Driver 1.1
"Monitor Calibration Wizard" = Monitor Calibration Wizard 1.0
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OnScreenDisplay" = On Screen Display
"PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox
"PCMCIAPW" = ThinkPad PC Card Power Policy
"Pdf995" = Pdf995 (installed by TaxCut)
"PdfEdit995" = PdfEdit995 (installed by TaxCut)
"Power Management Driver" = ThinkPad Power Management Driver
"PROHYBRIDR" = 2007 Microsoft Office system
"PROSet" = Intel® PRO Network Connections Drivers
"Recuva" = Recuva (remove only)
"Remove Multimedia Center" = Remove Multimedia Center
"SopCast" = SopCast 3.0.3
"StreamTorrent 1.0" = StreamTorrent 1.0
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"TradersLittleHelper_is1" = Trader's Little Helper 2.4.1
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"TVAnts 1.0" = TVAnts 1.0
"TVUPlayer" = TVUPlayer 2.3.7.1
"USA TODAY MileTracker" = USA TODAY MileTracker
"VLC media player" = VLC media player 0.9.2
"Winamp" = Winamp
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yugma" = Yugma
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2226995957-1088261065-2424906731-1142\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.5.0.452
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 5/26/2010 6:33:07 PM | Computer Name = LENOVO-3572C3E5 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 5/26/2010 6:33:07 PM | Computer Name = LENOVO-3572C3E5 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 5/26/2010 6:33:16 PM | Computer Name = LENOVO-3572C3E5 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 5/26/2010 6:34:41 PM | Computer Name = LENOVO-3572C3E5 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for DYNEAMARK\jbailey failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 5/27/2010 1:59:26 PM | Computer Name = LENOVO-3572C3E5 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (A socket operation was attempted to an unreachable host. ). Group Policy
processing aborted.
Error - 5/27/2010 1:59:26 PM | Computer Name = LENOVO-3572C3E5 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (A socket operation was attempted to an unreachable host. ). Group Policy
processing aborted.
Error - 5/27/2010 7:51:44 PM | Computer Name = LENOVO-3572C3E5 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 5/27/2010 7:51:44 PM | Computer Name = LENOVO-3572C3E5 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 5/27/2010 7:51:53 PM | Computer Name = LENOVO-3572C3E5 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 5/27/2010 7:53:03 PM | Computer Name = LENOVO-3572C3E5 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for DYNEAMARK\jbailey failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
[ OSession Events ]
Error - 8/26/2008 10:40:38 PM | Computer Name = LENOVO-3572C3E5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 720
seconds with 300 seconds of active time. This session ended with a crash.
Error - 9/2/2008 4:28:47 PM | Computer Name = LENOVO-3572C3E5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5741
seconds with 840 seconds of active time. This session ended with a crash.
Error - 9/8/2008 2:17:25 PM | Computer Name = LENOVO-3572C3E5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 12893
seconds with 60 seconds of active time. This session ended with a crash.
Error - 3/26/2009 2:10:59 PM | Computer Name = LENOVO-3572C3E5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 18392
seconds with 3960 seconds of active time. This session ended with a crash.
Error - 5/3/2009 12:34:29 PM | Computer Name = LENOVO-3572C3E5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3586
seconds with 120 seconds of active time. This session ended with a crash.
Error - 5/13/2009 1:47:04 PM | Computer Name = LENOVO-3572C3E5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 15961
seconds with 3540 seconds of active time. This session ended with a crash.
Error - 5/19/2009 2:05:19 PM | Computer Name = LENOVO-3572C3E5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 16757
seconds with 2820 seconds of active time. This session ended with a crash.
Error - 9/11/2009 11:26:37 AM | Computer Name = LENOVO-3572C3E5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 8745
seconds with 2280 seconds of active time. This session ended with a crash.
Error - 3/26/2010 8:35:00 AM | Computer Name = LENOVO-3572C3E5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 749
seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 5/27/2010 7:58:39 PM | Computer Name = LENOVO-3572C3E5 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 5/27/2010 8:13:41 PM | Computer Name = LENOVO-3572C3E5 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.
Error - 5/27/2010 8:43:41 PM | Computer Name = LENOVO-3572C3E5 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 59 minutes. NtpClient has no source of accurate
time.
Error - 5/27/2010 9:43:42 PM | Computer Name = LENOVO-3572C3E5 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 119 minutes. NtpClient has no source of accurate
time.
Error - 5/28/2010 8:50:52 AM | Computer Name = LENOVO-3572C3E5 | Source = NetBT | ID = 4321
Description = The name "DYNEAMARK :1d" could not be registered on the Interface
with IP address 192.168.2.133. The machine with the IP address 192.168.2.10 did
not allow the name to be claimed by this machine.
Error - 5/28/2010 8:56:04 AM | Computer Name = LENOVO-3572C3E5 | Source = NetBT | ID = 4321
Description = The name "DYNEAMARK :1d" could not be registered on the Interface
with IP address 192.168.2.133. The machine with the IP address 192.168.2.10 did
not allow the name to be claimed by this machine.
Error - 5/28/2010 9:04:44 AM | Computer Name = LENOVO-3572C3E5 | Source = DCOM | ID = 10010
Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register
with DCOM within the required timeout.
Error - 5/28/2010 9:12:49 AM | Computer Name = LENOVO-3572C3E5 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NIS service.
Error - 5/28/2010 9:47:17 AM | Computer Name = LENOVO-3572C3E5 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 5/28/2010 9:48:38 AM | Computer Name = LENOVO-3572C3E5 | Source = NetBT | ID = 4321
Description = The name "DYNEAMARK :1d" could not be registered on the Interface
with IP address 192.168.2.133. The machine with the IP address 192.168.2.10 did
not allow the name to be claimed by this machine.
< End of report >
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer,
http://www.gmer.netdevice: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8AD97D01]<<
kernel: MBR read successfully
user & kernel MBR OK
This topic is locked
Attach.txt 17.94KB
9 downloads
Back to top
