He1pP10x

ill just send it to my cousin for repair since all the scans wont work for my laptop thanks for trying to help

it stop at 24% then give tell me that the problem cant be solved or freeze my computer so then i follow the step below but it just does nothing

i left it scaning and when i came back it turn off and restarted itself and i got this error Problem Event Name: BlueScreen OS Version: 6.0.6002.2.2.0.768.3 Locale ID: 1033 Additional information about the problem: BCCode: 77 BCP1: 0000000000000001 BCP2: 0045669700456697 BCP3: 0000000000000000 BCP4: FFFFFA60019ABA50 OS Version: 6_0_6002 Service Pack: 2_0 Product: 768_1 Files that help describe the problem: C:\Windows\Minidump\Mini053010-01.dmp C:\Users\Leslie\AppData\Local\Temp\WER-473197-0.sysdata.xml C:\Users\Leslie\AppData\Local\Temp\WERCA7F.tmp.version.txt

it was when i was scan with Malwarebytes and i dont think it found any errors

i got this blue screen when running Mbam Problem signature: Problem Event Name: BlueScreen OS Version: 6.0.6002.2.2.0.768.3 Locale ID: 1033 Additional information about the problem: BCCode: 1000007e BCP1: FFFFFFFFC0000005 BCP2: FFFFFA6002E7C001 BCP3: FFFFFA60019B9A78 BCP4: FFFFFA60019B9450 OS Version: 6_0_6002 Service Pack: 2_0 Product: 768_1 Files that help describe the problem: C:\Windows\Minidump\Mini052910-01.dmp C:\Users\Leslie\AppData\Local\Temp\WER-267900-0.sysdata.xml C:\Users\Leslie\AppData\Local\Temp\WERDEE9.tmp.version.txt

LockSearch by jpshortstuff (05.11.09.1) Log created at 11:58 on 29/05/2010 (Leslie) Scanning C:\ C:\hiberfil.sys ------------------------- C:\pagefile.sys ------------------------- -=E.O.F=-

and yes the same problem with quick

i dont use Window Live so i guess its ok

i ran Mbam in safemode once but everything disappear from the desktop and the scan wasn't responding the scan stop at C:/Program File(x86)\Common Files\Windows Live\Cache\cc91c4681cad7bc\Spam Filter Data.msi and it was a full scan

All processes killed ========== OTL ========== HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: KewlKenny ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Leslie ->Temp folder emptied: 4384879776 bytes ->Temporary Internet Files folder emptied: 157759320 bytes ->Java cache emptied: 79178413 bytes ->Google Chrome cache emptied: 6222564 bytes ->Flash cache emptied: 2057922 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 212350 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6449140731 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 10,566.00 mb OTL by OldTimer - Version 3.2.5.0 log created on 05292010_093818 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

no i didnt observe it but i will now

OTL logfile created on: 5/29/2010 8:55:48 AM - Run 2 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Leslie\Documents\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 63.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 254.15 Gb Total Space | 199.05 Gb Free Space | 78.32% Space Free | Partition Type: NTFS Drive D: | 29.19 Gb Total Space | 26.12 Gb Free Space | 89.48% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LESLIE-PC Current User Name: Leslie Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/05/28 15:43:20 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Leslie\Documents\Downloads\OTL.exe PRC - [2010/05/12 16:01:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Leslie\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe PRC - [2010/04/26 10:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Users\Leslie\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010/01/09 16:55:58 | 002,936,832 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFaceIII\PManage.exe PRC - [2010/01/09 16:55:07 | 000,446,464 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe PRC - [2009/07/27 17:19:10 | 000,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exe PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2008/08/11 17:14:32 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files (x86)\ATK Hotkey\HControl.exe PRC - [2008/07/29 11:40:38 | 000,430,080 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe PRC - [2008/07/24 18:10:02 | 008,857,488 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe PRC - [2008/07/03 02:29:48 | 000,098,304 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\HControlUser.exe PRC - [2008/06/18 18:47:11 | 000,284,096 | ---- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe PRC - [2008/05/09 18:55:24 | 002,555,904 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\ATKOSD.exe PRC - [2008/02/14 13:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe PRC - [2008/01/23 10:51:28 | 000,151,552 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\WDC.exe PRC - [2008/01/20 19:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IgrsSvcs.exe PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007/11/28 15:26:00 | 000,294,912 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\Atouch64.exe PRC - [2007/11/04 19:48:06 | 000,106,496 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\MsgTranAgt.exe PRC - [2007/10/02 21:53:00 | 000,094,208 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\AsLdrSrv.exe PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe ========== Modules (SafeList) ========== MOD - [2010/05/28 15:43:20 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Leslie\Documents\Downloads\OTL.exe MOD - [2009/04/10 23:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2008/01/20 19:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/09/24 18:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache) SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV:64bit: - [2009/04/11 00:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (BthServ) SRV:64bit: - [2008/07/29 11:40:38 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor) SRV:64bit: - [2008/07/09 15:29:18 | 000,798,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins) SRV:64bit: - [2008/01/20 19:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (usprserv) SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2010/05/11 16:10:32 | 002,478,640 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3697.dll -- (Akamai) SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/11/16 15:22:00 | 003,260,060 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/03/29 21:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) SRV - [2008/02/14 13:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2008/01/29 10:09:58 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService) SRV - [2008/01/20 19:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\IgrsSvcs.exe -- (IncSvc) SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007/10/02 21:53:00 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) SRV - [2006/11/02 06:34:14 | 000,000,000 | ---D | M] [unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2006/11/01 23:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2006/11/01 23:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010/03/08 10:03:36 | 000,067,104 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir) DRV:64bit: - [2010/03/02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb) DRV:64bit: - [2010/02/16 14:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010/01/09 13:46:23 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi) DRV:64bit: - [2009/08/05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr) DRV:64bit: - [2009/06/24 17:38:44 | 000,871,408 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd) DRV:64bit: - [2009/05/19 05:43:32 | 000,026,128 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AcpiVpc.sys -- (ACPIVPC) DRV:64bit: - [2009/05/09 02:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys -- (NuidFltr) DRV:64bit: - [2009/04/10 22:40:06 | 000,694,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT) DRV:64bit: - [2009/04/10 22:39:57 | 000,178,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI) DRV:64bit: - [2009/04/10 22:39:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum) DRV:64bit: - [2009/04/10 22:39:53 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB) DRV:64bit: - [2009/04/10 22:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus) DRV:64bit: - [2009/03/09 23:02:17 | 000,065,856 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\funfrm.sys -- (funfrm) DRV:64bit: - [2008/09/05 10:50:19 | 000,058,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2008/08/26 10:04:33 | 005,074,456 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Lenovo EasyCamera(UVC) DRV:64bit: - [2008/07/10 23:08:52 | 000,055,360 | ---- | M] (Lenovo) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\tvtumon.sys -- (tvtumon) DRV:64bit: - [2008/07/09 02:16:19 | 000,092,200 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2008/06/24 13:50:00 | 000,065,024 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2008/06/17 18:28:48 | 000,118,768 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSVD.sys -- (WSVD) DRV:64bit: - [2008/06/11 03:32:35 | 001,204,224 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\smserial.sys -- (smserial) DRV:64bit: - [2008/05/29 01:29:45 | 000,324,656 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP) DRV:64bit: - [2008/05/13 06:02:13 | 000,019,880 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid) DRV:64bit: - [2008/05/13 06:02:11 | 000,121,896 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2008/05/07 02:40:37 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor) DRV:64bit: - [2008/04/27 15:38:11 | 004,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel® DRV:64bit: - [2008/03/28 04:44:22 | 000,249,344 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2008/01/28 19:46:57 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2008/01/24 10:08:56 | 000,012,544 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ITEhidCIR.sys -- (vhidmini) DRV:64bit: - [2008/01/20 19:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM) DRV:64bit: - [2008/01/20 19:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam) DRV:64bit: - [2008/01/20 19:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network) DRV:64bit: - [2008/01/20 19:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MODEMCSA.sys -- (MODEMCSA) DRV:64bit: - [2008/01/20 19:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt) DRV:64bit: - [2007/07/27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp) DRV:64bit: - [2007/07/26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2007/06/20 19:57:36 | 000,029,184 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motmodem.sys -- (motmodem) DRV:64bit: - [2006/11/02 03:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wimfltr.sys -- (WimFltr) DRV:64bit: - [2006/11/01 22:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService) DRV:64bit: - [2006/10/27 06:01:07 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATK64AMD.sys -- (MTsensor) DRV - [2010/04/06 21:02:45 | 000,141,612 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\dump_wmimmc.sys -- (dump_wmimmc) DRV - [2009/03/09 23:11:26 | 000,053,248 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\FunFrm.dll -- (funfrm) DRV - [2009/03/09 22:10:53 | 000,000,000 | ---D | M] [Kernel | On_Demand | Running] -- C:\Windows\ITECIR -- (itecir) DRV - [2006/09/18 14:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2006/09/18 14:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) DRV - [2005/01/04 02:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.garena.com/portal/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 [2010/05/22 17:22:25 | 000,000,000 | ---D | M] -- C:\Users\Leslie\AppData\Roaming\Mozilla\Extensions [2009/04/17 00:02:49 | 000,000,000 | ---D | M] -- C:\Users\Leslie\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2010/05/22 17:22:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/05/21 18:25:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/01/22 16:25:24 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll [2007/04/16 10:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\npViewpoint.dll O1 HOSTS File: ([2009/05/25 17:39:21 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.) O4 - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ATK Hotkey\HcontrolUser.exe () O4 - HKLM..\Run: [updateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFaceIII\PManage.exe () O4 - HKCU..\Run: [ReadyComm] C:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Leslie\Pictures\hallow itchigo.jpg O24 - Desktop BackupWallPaper: C:\Users\Leslie\Pictures\hallow itchigo.jpg O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{70ea959d-e062-11de-936e-00248c468d97}\Shell\AutoRun\command - "" = G:\Setup.exe -- File not found O33 - MountPoints2\{c2812597-6121-11de-93e1-00234ef118ae}\Shell - "" = AutoRun O33 - MountPoints2\{c2812597-6121-11de-93e1-00234ef118ae}\Shell\AutoRun\command - "" = F:\autoplay.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found ========== Files/Folders - Created Within 30 Days ========== [2010/05/27 18:03:47 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Roaming\Avira [2010/05/27 17:23:26 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010/05/27 17:23:26 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010/05/27 17:23:26 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys [2010/05/27 17:23:26 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys [2010/05/27 17:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010/05/27 17:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010/05/27 17:16:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs [2010/05/26 19:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2010/05/25 17:47:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010/05/25 17:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010/05/22 20:08:42 | 000,000,000 | ---D | C] -- C:\Users\Leslie\Documents\Downloads [2010/05/21 18:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010/05/21 18:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010/05/21 18:25:15 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010/05/21 18:25:15 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010/05/21 18:25:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010/05/21 18:25:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010/05/11 19:06:00 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Roaming\Google [2010/05/11 19:06:00 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Local\Google [2010/05/11 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Roaming\LolClient [2010/05/10 16:52:23 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010/05/10 16:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2010/05/10 16:51:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2010/05/04 15:29:08 | 000,000,000 | ---D | C] -- C:\swshare [2010/05/02 03:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010/05/02 02:50:31 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Local\igodkqjbr [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/05/29 09:01:31 | 002,097,152 | -HS- | M] () -- C:\Users\Leslie\NTUSER.DAT [2010/05/29 08:23:04 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715332734-2804880807-3678603915-1003UA.job [2010/05/29 08:20:24 | 000,056,734 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010/05/29 08:19:21 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/05/29 08:19:19 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/05/29 08:19:10 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo [2010/05/29 08:19:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/05/29 08:18:59 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2010/05/29 08:18:55 | 2144,210,944 | -HS- | M] () -- C:\hiberfil.sys [2010/05/29 02:10:23 | 000,524,288 | -HS- | M] () -- C:\Users\Leslie\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms [2010/05/29 02:10:23 | 000,065,536 | -HS- | M] () -- C:\Users\Leslie\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf [2010/05/29 02:10:02 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/05/29 02:09:48 | 003,564,909 | -H-- | M] () -- C:\Users\Leslie\AppData\Local\IconCache.db [2010/05/28 17:23:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715332734-2804880807-3678603915-1003Core.job [2010/05/28 16:50:37 | 459,556,915 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/05/27 22:47:10 | 000,002,840 | ---- | M] () -- C:\Users\Leslie\Desktop\ark.zip [2010/05/27 20:56:44 | 000,293,376 | ---- | M] () -- C:\Users\Leslie\Desktop\bieqydih.exe [2010/05/27 20:33:11 | 000,000,020 | ---- | M] () -- C:\Users\Leslie\defogger_reenable [2010/05/27 18:44:30 | 000,056,734 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010/05/27 17:23:37 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/05/26 22:43:05 | 000,103,320 | ---- | M] () -- C:\Users\Leslie\AppData\Local\GDIPFONTCACHEV1.DAT [2010/05/26 22:40:28 | 000,394,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010/05/26 21:06:21 | 000,000,128 | ---- | M] () -- C:\Windows\win.ini [2010/05/26 18:34:09 | 000,000,732 | ---- | M] () -- C:\Users\Leslie\AppData\Local\d3d9caps64.dat [2010/05/25 17:47:55 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/22 17:21:24 | 000,002,047 | ---- | M] () -- C:\Users\Leslie\Desktop\Google Chrome.lnk [2010/05/22 10:21:06 | 000,002,124 | ---- | M] () -- C:\Users\Leslie\Desktop\OneKey Recovery.lnk [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/05/27 22:47:10 | 000,002,840 | ---- | C] () -- C:\Users\Leslie\Desktop\ark.zip [2010/05/27 20:59:17 | 000,293,376 | ---- | C] () -- C:\Users\Leslie\Desktop\bieqydih.exe [2010/05/27 20:33:10 | 000,000,020 | ---- | C] () -- C:\Users\Leslie\defogger_reenable [2010/05/27 18:32:49 | 2144,210,944 | -HS- | C] () -- C:\hiberfil.sys [2010/05/27 17:23:37 | 000,001,861 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/05/27 17:21:44 | 000,438,996 | ---- | C] () -- C:\Users\Leslie\AppData\Local\dd_vcredistMSI0146.txt [2010/05/27 17:21:43 | 000,011,602 | ---- | C] () -- C:\Users\Leslie\AppData\Local\dd_vcredistUI0146.txt [2010/05/25 17:47:55 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/22 17:21:24 | 000,002,047 | ---- | C] () -- C:\Users\Leslie\Desktop\Google Chrome.lnk [2010/05/22 17:18:57 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715332734-2804880807-3678603915-1003UA.job [2010/05/22 17:18:56 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715332734-2804880807-3678603915-1003Core.job [2010/05/11 16:11:31 | 000,366,670 | ---- | C] () -- C:\Users\Leslie\AppData\Local\dd_vcredistMSI696B.txt [2010/05/11 16:11:31 | 000,011,178 | ---- | C] () -- C:\Users\Leslie\AppData\Local\dd_vcredistUI696B.txt [2010/04/06 16:21:14 | 000,141,612 | ---- | C] () -- C:\Windows\SysWow64\drivers\dump_wmimmc.sys [2009/12/29 17:05:03 | 000,000,020 | ---- | C] () -- C:\Windows\GKLauncherInfo.ini [2009/12/03 17:29:42 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009/12/03 17:27:43 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/12/01 23:41:55 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2009/04/12 11:33:15 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll [2009/03/09 23:11:28 | 009,338,880 | ---- | C] () -- C:\Windows\SysWow64\Facev.dll [2009/03/09 23:11:28 | 000,491,520 | ---- | C] () -- C:\Windows\SysWow64\picn.dll [2009/03/09 23:11:28 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\image.dll [2009/03/09 23:11:26 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\SetDev.dll [2009/03/09 23:11:26 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\VideoOp.dll [2009/03/09 23:11:26 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\FunFrm.dll [2009/03/09 23:11:25 | 009,502,720 | ---- | C] () -- C:\Windows\SysWow64\FaceVerify.dll [2009/03/09 23:11:25 | 001,564,672 | ---- | C] () -- C:\Windows\SysWow64\MainOp.dll [2009/03/09 23:11:25 | 001,163,264 | ---- | C] () -- C:\Windows\SysWow64\PicNotify.dll [2009/03/09 23:11:25 | 000,442,368 | ---- | C] () -- C:\Windows\SysWow64\Apblend.dll [2009/03/09 23:11:25 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\Momo.dll [2009/03/09 23:11:25 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\DevFilt.dll [2009/03/09 23:02:18 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll [2009/03/09 23:02:12 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll [2009/03/09 22:47:07 | 000,709,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2008/01/20 19:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2006/11/02 05:13:12 | 000,006,144 | ---- | C] () -- C:\Windows\SysWow64\KBDKYR.DLL ========== Custom Scans ========== < :otl > < IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 > < > < :commands > < [emptytemp] > ========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report >

and there no error report it would shut down and reboot like normally or it would freeze and i would have to hold the power button

in the middle of scanning

proxy for the internet as in a gateway? if so my router

OTL Extras logfile created on: 5/28/2010 3:44:16 PM - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Leslie\Documents\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 68.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 254.15 Gb Total Space | 195.07 Gb Free Space | 76.76% Space Free | Partition Type: NTFS Drive D: | 29.19 Gb Total Space | 26.12 Gb Free Space | 89.48% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LESLIE-PC Current User Name: Leslie Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = ChromeHTML] -- C:\Users\Leslie\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = 11 10 0D 1B 9E C5 CA 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "UacDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "FirstRunDisabled" = 0 "UacDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01EC19B5-6284-4CD8-8EDA-0101816526E1}" = lport=8370 | protocol=6 | dir=in | name=league of legends launcher | "{0ED0B3EF-6A44-4BED-8C4A-88C411EEADC9}" = rport=138 | protocol=17 | dir=out | app=system | "{2194E2DF-30FC-4A30-86B5-0EF250424607}" = lport=445 | protocol=6 | dir=in | app=system | "{234EE0D7-EEEC-4217-972D-4E3EDBC88134}" = lport=8375 | protocol=6 | dir=in | name=league of legends launcher | "{2D5BE60B-1191-41FD-9FB7-2837876E84E2}" = rport=139 | protocol=6 | dir=out | app=system | "{3D1CA98B-6DF9-4DD1-91AE-5506E5106AD9}" = lport=8370 | protocol=17 | dir=in | name=league of legends launcher | "{458747F1-DC61-4DE6-B7D7-0BCDBCA316FF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{4FDF750F-6245-4191-AD14-C8045C2C8029}" = rport=137 | protocol=17 | dir=out | app=system | "{506D141B-199E-4E51-885C-C8B64D6DD680}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface | "{5E232EED-C041-44F5-BE25-05CCF347DD15}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{70824D9D-8977-4CB7-B288-D58483147611}" = lport=6964 | protocol=17 | dir=in | name=league of legends launcher | "{865C4082-AFAD-405C-A288-1509C76AF7EC}" = lport=8372 | protocol=17 | dir=in | name=league of legends launcher | "{A67AA817-C76C-4E33-BF98-8A0F69792EFF}" = lport=8375 | protocol=17 | dir=in | name=league of legends launcher | "{A96C57D6-6751-4900-8D88-4A02E4F3DF82}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{AF2817B0-47B0-4B41-8038-D67DCDC23803}" = lport=138 | protocol=17 | dir=in | app=system | "{B2E77315-0248-44D3-8BB9-33D37A17B6CA}" = lport=8372 | protocol=6 | dir=in | name=league of legends launcher | "{BCE1CA15-8994-4826-B019-E638A328D7F1}" = lport=139 | protocol=6 | dir=in | app=system | "{BD074112-52CC-4D8E-95B1-53281C07DCC8}" = lport=137 | protocol=17 | dir=in | app=system | "{C16C1B4B-7FED-4543-8A52-4EDEBD9FFA7A}" = lport=6964 | protocol=6 | dir=in | name=league of legends launcher | "{C1A961C1-D679-4A7B-AC3C-4547BE66BBA0}" = rport=445 | protocol=6 | dir=out | app=system | "{C9946922-48E6-4356-A69B-F08D8A01EAB0}" = lport=8372 | protocol=6 | dir=in | name=league of legends launcher | "{CA2B4AAD-F4D7-4E7D-82E7-E70445E2E98D}" = lport=8378 | protocol=17 | dir=in | name=league of legends launcher | "{D16627B3-3703-479F-B551-93DB6254DFBE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{D1A7EB2D-C221-47DA-B957-05543F4F6A77}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface | "{D5093136-955C-488E-A4CF-C88C4C4B84CD}" = lport=8372 | protocol=17 | dir=in | name=league of legends launcher | "{F6D3AE97-5DBB-41C5-A31B-62701E7391E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{F955107B-B276-4C4C-AE75-EF4892C74AC9}" = lport=8378 | protocol=6 | dir=in | name=league of legends launcher | "{FBB2E480-E2B9-487E-9CCD-3C405ED0B205}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02BF76A7-2276-4F3F-BAFA-923C58DBA068}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{06E2D54E-B180-4AE1-ABF6-7AD1B2D8D3E1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{079739AA-B458-4516-A877-BB632ACDF7B9}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{096D618D-423A-463D-B17A-F1E5316418C3}" = dir=in | app=c:\windows\system32\igrssvcs.exe | "{0DC66424-9F61-4568-84E3-E092633EEACC}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{107A3555-EAC3-406A-B479-E5325E2423A2}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{133427EE-D71D-48B5-989D-AC89A85FF1FF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{2108B936-E9F5-4086-A8C1-9951F040BFA7}" = protocol=6 | dir=in | app=c:\program files (x86)\ogplanet\lostsaga\autoupgrade.exe | "{29AD9DB2-1347-46E9-B0BC-EA5196FA81C3}" = protocol=17 | dir=in | app=c:\program files (x86)\aim6\aim6.exe | "{2BFD3433-FBBF-439D-8E6C-14FA1C2B69FF}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{2FC503A9-D38E-417A-A122-0249C4BE8A51}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{3130C7BD-2966-4AB7-B90B-A47C4E3416F9}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\projectionist.exe | "{3524F54B-FD88-4721-B205-7D12D194205D}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{3E4A7942-48A6-43F9-8189-B482E5544C3C}" = protocol=17 | dir=in | app=c:\nexon\poptag\nmcosrv.exe | "{4171EDF1-D480-464F-A685-231EC3C67B39}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{45EC1B56-C085-47FE-8023-A6E95F8DE048}" = protocol=17 | dir=in | app=c:\program files (x86)\thunder network\thunder\program\thunder5.exe | "{4BCBB357-645C-4B9E-B0AC-D7424D62D7DC}" = protocol=17 | dir=in | app=c:\nexon\poptag\ca.exe | "{4CF00DE0-0A2B-4737-B258-D5E316225613}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{5156EEA0-F174-4FE7-A0D6-8D8EE94FBA89}" = protocol=6 | dir=in | app=c:\nexon\poptag\ca.exe | "{612B1D0F-1455-4D2A-83F3-0317A59F3CB1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{624FB650-8964-42C3-BE33-F8858B9FE74B}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\projectionist.exe | "{686BCC0F-AFB5-4FEE-9C57-598FAC3B7AFC}" = protocol=6 | dir=in | app=c:\program files (x86)\aim6\aim6.exe | "{6CBD532A-F0B5-4E54-9ECC-7305EC40E68C}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{70B404FB-A661-43C0-9EE5-13EB88E1A221}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{81CF5993-3C1B-4501-A5A7-5A7D33AC2732}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{879E71FB-A80A-400B-ADD8-4BC5F319EAD1}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{8B3A7896-4948-44BE-B8AB-132FDA2B4226}" = protocol=17 | dir=in | app=c:\program files (x86)\ogplanet\lostsaga\autoupgrade.exe | "{8D38BFBF-E4A5-4F6F-8A71-24390BBDBFAF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{8E011FF3-FB03-40B0-AEAB-7DC899EA1569}" = dir=out | app=c:\windows\system32\igrssvcs.exe | "{92A4168E-9B58-4DA0-BE0C-1421BBC17665}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\filereceiver.exe | "{95607137-1EB8-43C9-9CC0-AB31AACA7D71}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{99B4A7C4-E2E1-4226-89D8-440E62F355C0}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{9D6DFD11-4ADB-45DA-9034-8C77A7E1583F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9E012B59-AAB0-44C3-BC11-E180F6F3857A}" = protocol=6 | dir=in | app=c:\program files (x86)\ogplanet\lostsaga\lostsaga.exe | "{A1A33587-4918-4055-B9D2-D9739EBE49D0}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\readycomm.exe | "{AF5BAA72-3C7F-4613-B541-2B329E488842}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{B3B0A00B-A778-42C9-889F-C4CC5744D5B0}" = protocol=6 | dir=in | app=c:\nexon\combat arms\nmservice.exe | "{B7F536DD-B31F-4FEA-9184-623A46EFF264}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | "{C7C0FC61-AAA6-4B69-8F4D-E54666B21272}" = protocol=17 | dir=in | app=c:\nexon\combat arms\nmservice.exe | "{D1D6F53E-C94E-46C2-8B7A-1130B7B819A9}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{D5AE3386-0A41-4064-8F88-48B8C7F9A300}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{D687FD28-ADAE-42BE-A3E6-323448BF36A1}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\filereceiver.exe | "{D7FA5B4F-7987-4699-8184-759897161846}" = protocol=6 | dir=in | app=c:\program files (x86)\thunder network\thunder\program\thunder5.exe | "{D8CAD60B-1934-4D12-B144-4B74F439AE67}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{D8D10B04-85DF-4F4C-9F5F-9FD1C9E10AF3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{DB19F893-E28D-4040-AA12-2329BCABBDF1}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{DCC4BB36-420E-46A4-8365-73F9425F4667}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{DCFB794C-9157-4227-B501-E1EE0280D69B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{DF98EBC2-BEC7-4AA1-B985-627894EA0ADB}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\readycomm.exe | "{E20E6B60-C1D9-409F-9B97-828FB0043B0A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{E9C8FF0B-2500-4077-9226-D6651FA79675}" = protocol=6 | dir=in | app=c:\nexon\poptag\nmcosrv.exe | "{EB59D3FE-2EC2-40C7-8F36-8FCC7D7458D5}" = protocol=17 | dir=in | app=c:\program files (x86)\ogplanet\lostsaga\lostsaga.exe | "{F56B5EBD-6124-4B0F-A13E-D0381430BD4F}" = protocol=17 | dir=in | app=c:\program files (x86)\aim6\aim6.exe | "{F65C0803-2432-45B4-8BB7-2B4C702B7C4E}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{F7E23B70-F593-44B1-BB10-A2245B4A42F4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{FCF4F243-CC65-4D71-9791-F0D6B9BE2CC1}" = protocol=6 | dir=in | app=c:\program files (x86)\aim6\aim6.exe | "{FE800187-E1CE-44ED-B85A-6CEC529DECDD}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | "TCP Query User{1B252EBD-C216-4FAD-A916-E2E418B5DB21}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "TCP Query User{5CE92CFE-6458-4F5C-AA72-3F6B2A4BE8A3}C:\users\leslie\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\leslie\program files (x86)\dna\btdna.exe | "UDP Query User{7E8C5335-4E5F-48A7-B0EC-CC67C9EF7706}C:\users\leslie\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\leslie\program files (x86)\dna\btdna.exe | "UDP Query User{E5F1E089-52BF-4A93-A8FA-A1DA1EDFCFCD}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = Lenovo Bluetooth with Enhanced Data Rate Software 6.1.0.4800 "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}" = HP Deskjet D1500 Printer Driver Software 10.0 Rel .3 "{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{A23E5590-6799-437B-9723-2627BA800B6F}" = Dolby Control Center "{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F7513E19-6224-485E-988D-9BF45BE64B53}" = Windows Live Family Safety "98F430CBCDF7F19069C50A7D55044EEBE2311133" = Windows Driver Package - Lenovo (ACPIVPC) System (01/03/2008 3.1.0.1) "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "lenovo_11.74" = Lenovo EasyCamera Driver Package v11.74.1024 "MFZ0CODEC" = MFZ0 codec (Remove Only) "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NVIDIA Drivers" = NVIDIA Drivers "Shop for HP Supplies" = Shop for HP Supplies "SMSERIAL" = Motorola SM56 Speakerphone Modem "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 20 "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64) "{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant "{38436888-9EAA-4cec-A56F-65B73D9D423C}" = D1500 "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}" = Lenovo System Repair - Windows Update Monitor "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 4.0 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{82C113AD-486F-4bd5-A2EA-2383AF57D084}" = D1500_Help "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{8B8240B3-891D-4965-AA51-8799622D44FF}" = DJ_SF_03_D1500_ProductContext "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2 "{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management "{B1421599-A42D-47ef-B512-B9B0317BD599}" = DJ_SF_03_D1500_Software "{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2 "{B39AA98E-C966-46C9-ACA2-D2586E300988}" = WinFlash "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AIM_6" = AIM 6 "Akamai" = Akamai NetSession Interface "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2 "Carbonite Setup Lite" = Carbonite Online Backup Setup "Cheat Engine 5.6_is1" = Cheat Engine 5.6 "EasyCapture3.0" = EasyCapture "ESET Online Scanner" = ESET Online Scanner v3 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MapleStory" = MapleStory "McAfee Security Scan" = McAfee Security Scan "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "SoftwareUpdUtility" = Download Updater (AOL LLC) "VeriFace III" = VeriFace III "ViewpointMediaPlayer" = Viewpoint Media Player "WildTangent wildgames Master Uninstall" = WildGames "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent DNA" = DNA "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 3/16/2010 8:46:56 PM | Computer Name = Leslie-PC | Source = Windows Search Service | ID = 3013 Description = Error - 3/16/2010 8:54:46 PM | Computer Name = Leslie-PC | Source = Windows Search Service | ID = 3013 Description = Error - 3/16/2010 8:54:46 PM | Computer Name = Leslie-PC | Source = Windows Search Service | ID = 3013 Description = Error - 3/16/2010 9:06:30 PM | Computer Name = Leslie-PC | Source = WinMgmt | ID = 10 Description = Error - 3/16/2010 9:26:36 PM | Computer Name = Leslie-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 28c Start Time: 01cac56ffc1433c5 Termination Time: 0 Error - 3/16/2010 9:51:40 PM | Computer Name = Leslie-PC | Source = Windows Search Service | ID = 3013 Description = Error - 3/17/2010 2:45:50 AM | Computer Name = Leslie-PC | Source = WinMgmt | ID = 10 Description = Error - 3/17/2010 2:50:42 AM | Computer Name = Leslie-PC | Source = WinMgmt | ID = 10 Description = Error - 3/17/2010 3:14:19 AM | Computer Name = Leslie-PC | Source = WinMgmt | ID = 10 Description = Error - 3/17/2010 3:35:30 AM | Computer Name = Leslie-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 4/4/2009 2:02:35 PM | Computer Name = Leslie-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 4/4/2009 2:02:35 PM | Computer Name = Leslie-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 4/4/2009 2:02:35 PM | Computer Name = Leslie-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 4/4/2009 2:02:35 PM | Computer Name = Leslie-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 4/4/2009 2:02:35 PM | Computer Name = Leslie-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 4/4/2009 2:02:35 PM | Computer Name = Leslie-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 4/4/2009 2:02:35 PM | Computer Name = Leslie-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 4/4/2009 2:02:35 PM | Computer Name = Leslie-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 4/4/2009 2:07:21 PM | Computer Name = Leslie-PC | Source = Service Control Manager | ID = 7030 Description = Error - 4/4/2009 7:07:11 PM | Computer Name = Leslie-PC | Source = HTTP | ID = 15016 Description = < End of report >

OTL logfile created on: 5/28/2010 3:44:16 PM - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Leslie\Documents\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 68.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 254.15 Gb Total Space | 195.07 Gb Free Space | 76.76% Space Free | Partition Type: NTFS Drive D: | 29.19 Gb Total Space | 26.12 Gb Free Space | 89.48% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LESLIE-PC Current User Name: Leslie Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/05/28 15:43:20 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Leslie\Documents\Downloads\OTL.exe PRC - [2010/05/12 16:01:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Leslie\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe PRC - [2010/04/26 10:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Users\Leslie\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010/01/09 16:55:58 | 002,936,832 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFaceIII\PManage.exe PRC - [2010/01/09 16:55:07 | 000,446,464 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe PRC - [2009/07/27 17:19:10 | 000,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exe PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2008/08/11 17:14:32 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files (x86)\ATK Hotkey\HControl.exe PRC - [2008/07/29 11:40:38 | 000,430,080 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe PRC - [2008/07/24 18:10:02 | 008,857,488 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe PRC - [2008/07/03 02:29:48 | 000,098,304 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\HControlUser.exe PRC - [2008/06/18 18:47:11 | 000,284,096 | ---- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe PRC - [2008/05/09 18:55:24 | 002,555,904 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\ATKOSD.exe PRC - [2008/02/14 13:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe PRC - [2008/01/23 10:51:28 | 000,151,552 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\WDC.exe PRC - [2008/01/20 19:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IgrsSvcs.exe PRC - [2008/01/11 22:16:38 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007/11/28 15:26:00 | 000,294,912 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\Atouch64.exe PRC - [2007/11/04 19:48:06 | 000,106,496 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\MsgTranAgt.exe PRC - [2007/10/02 21:53:00 | 000,094,208 | R--- | M] () -- C:\Program Files (x86)\ATK Hotkey\AsLdrSrv.exe PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe ========== Modules (SafeList) ========== MOD - [2010/05/28 15:43:20 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Leslie\Documents\Downloads\OTL.exe MOD - [2009/04/10 23:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2008/01/20 19:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/09/24 18:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache) SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV:64bit: - [2009/04/11 00:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (BthServ) SRV:64bit: - [2008/07/29 11:40:38 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor) SRV:64bit: - [2008/07/09 15:29:18 | 000,798,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins) SRV:64bit: - [2008/01/20 19:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (usprserv) SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2010/05/11 16:10:32 | 002,478,640 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3697.dll -- (Akamai) SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/11/16 15:22:00 | 003,260,060 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/03/29 21:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) SRV - [2008/02/14 13:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2008/01/29 10:09:58 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService) SRV - [2008/01/20 19:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\IgrsSvcs.exe -- (IncSvc) SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007/10/02 21:53:00 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) SRV - [2006/11/02 06:34:14 | 000,000,000 | ---D | M] [unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2006/11/01 23:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2006/11/01 23:35:15 | 000,055,846 | ---- | M] () [On_Demand | Running] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010/03/08 10:03:36 | 000,067,104 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir) DRV:64bit: - [2010/03/02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb) DRV:64bit: - [2010/02/16 14:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010/01/09 13:46:23 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi) DRV:64bit: - [2009/08/05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr) DRV:64bit: - [2009/06/24 17:38:44 | 000,871,408 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd) DRV:64bit: - [2009/05/19 05:43:32 | 000,026,128 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AcpiVpc.sys -- (ACPIVPC) DRV:64bit: - [2009/05/09 02:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys -- (NuidFltr) DRV:64bit: - [2009/04/10 22:40:06 | 000,694,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT) DRV:64bit: - [2009/04/10 22:39:57 | 000,178,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI) DRV:64bit: - [2009/04/10 22:39:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum) DRV:64bit: - [2009/04/10 22:39:53 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB) DRV:64bit: - [2009/04/10 22:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus) DRV:64bit: - [2009/03/09 23:02:17 | 000,065,856 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\funfrm.sys -- (funfrm) DRV:64bit: - [2008/09/05 10:50:19 | 000,058,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2008/08/26 10:04:33 | 005,074,456 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Lenovo EasyCamera(UVC) DRV:64bit: - [2008/07/10 23:08:52 | 000,055,360 | ---- | M] (Lenovo) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\tvtumon.sys -- (tvtumon) DRV:64bit: - [2008/07/09 02:16:19 | 000,092,200 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2008/06/24 13:50:00 | 000,065,024 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2008/06/17 18:28:48 | 000,118,768 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSVD.sys -- (WSVD) DRV:64bit: - [2008/06/11 03:32:35 | 001,204,224 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\smserial.sys -- (smserial) DRV:64bit: - [2008/05/29 01:29:45 | 000,324,656 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP) DRV:64bit: - [2008/05/13 06:02:13 | 000,019,880 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid) DRV:64bit: - [2008/05/13 06:02:11 | 000,121,896 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2008/05/07 02:40:37 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor) DRV:64bit: - [2008/04/27 15:38:11 | 004,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel® DRV:64bit: - [2008/03/28 04:44:22 | 000,249,344 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2008/01/28 19:46:57 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2008/01/24 10:08:56 | 000,012,544 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ITEhidCIR.sys -- (vhidmini) DRV:64bit: - [2008/01/20 19:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM) DRV:64bit: - [2008/01/20 19:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam) DRV:64bit: - [2008/01/20 19:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network) DRV:64bit: - [2008/01/20 19:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MODEMCSA.sys -- (MODEMCSA) DRV:64bit: - [2008/01/20 19:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt) DRV:64bit: - [2007/07/27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp) DRV:64bit: - [2007/07/26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2007/06/20 19:57:36 | 000,029,184 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motmodem.sys -- (motmodem) DRV:64bit: - [2006/11/02 03:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wimfltr.sys -- (WimFltr) DRV:64bit: - [2006/11/01 22:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService) DRV:64bit: - [2006/10/27 06:01:07 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATK64AMD.sys -- (MTsensor) DRV - [2010/04/06 21:02:45 | 000,141,612 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\dump_wmimmc.sys -- (dump_wmimmc) DRV - [2009/03/09 23:11:26 | 000,053,248 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\FunFrm.dll -- (funfrm) DRV - [2009/03/09 22:10:53 | 000,000,000 | ---D | M] [Kernel | On_Demand | Running] -- C:\Windows\ITECIR -- (itecir) DRV - [2006/09/18 14:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2006/09/18 14:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) DRV - [2005/01/04 02:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.garena.com/portal/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 [2010/05/22 17:22:25 | 000,000,000 | ---D | M] -- C:\Users\Leslie\AppData\Roaming\Mozilla\Extensions [2009/04/17 00:02:49 | 000,000,000 | ---D | M] -- C:\Users\Leslie\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2010/05/22 17:22:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/05/21 18:25:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/01/22 16:25:24 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll [2007/04/16 10:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\npViewpoint.dll O1 HOSTS File: ([2009/05/25 17:39:21 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.) O4 - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ATK Hotkey\HcontrolUser.exe () O4 - HKLM..\Run: [updateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFaceIII\PManage.exe () O4 - HKCU..\Run: [ReadyComm] C:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Leslie\Pictures\hallow itchigo.jpg O24 - Desktop BackupWallPaper: C:\Users\Leslie\Pictures\hallow itchigo.jpg O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{70ea959d-e062-11de-936e-00248c468d97}\Shell\AutoRun\command - "" = G:\Setup.exe -- File not found O33 - MountPoints2\{c2812597-6121-11de-93e1-00234ef118ae}\Shell - "" = AutoRun O33 - MountPoints2\{c2812597-6121-11de-93e1-00234ef118ae}\Shell\AutoRun\command - "" = F:\autoplay.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2008/01/20 20:06:38 | 000,000,000 | ---D | M] NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation) NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation) NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008/01/20 20:08:35 | 000,000,000 | ---D | M] NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: VDS - C:\Windows\SysWOW64\wbem\vds.mof () SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfPf - Driver SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MPSDrv - C:\Windows\SysWOW64\wbem\mpsdrv.mof () SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: Tcpip - C:\Windows\SysWOW64\wbem\tcpip.mof () SafeBootNet: TDI - Driver Group SafeBootNet: VDS - C:\Windows\SysWOW64\wbem\vds.mof () SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: aux - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: midi - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: midi1 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: midi2 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: midi3 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: midi4 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: midimapper - C:\Windows\SysNative\midimap.dll (Microsoft Corporation) Drivers32:64bit: mixer - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: mixer1 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: mixer2 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: mixer3 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: mixer4 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: msacm.imaadpcm - C:\Windows\SysNative\imaadp32.acm (Microsoft Corporation) Drivers32:64bit: msacm.l3acm - C:\Windows\SysNative\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: msacm.msadpcm - C:\Windows\SysNative\msadp32.acm (Microsoft Corporation) Drivers32:64bit: msacm.msg711 - C:\Windows\SysNative\msg711.acm (Microsoft Corporation) Drivers32:64bit: msacm.msgsm610 - C:\Windows\SysNative\msgsm32.acm (Microsoft Corporation) Drivers32:64bit: MSVideo - C:\Windows\SysNative\vfwwdm32.dll (Microsoft Corporation) Drivers32:64bit: MSVideo8 - C:\Windows\SysNative\vfwwdm32.dll (Microsoft Corporation) Drivers32:64bit: vidc.i420 - C:\Windows\SysNative\lvcod64.dll (Logitech Inc.) Drivers32:64bit: VIDC.IYUV - C:\Windows\SysNative\iyuv_32.dll (Microsoft Corporation) Drivers32:64bit: VIDC.MFZ0 - C:\Windows\SysNative\MyFlashZip0.ax (Moyea Inc.) Drivers32:64bit: vidc.mrle - C:\Windows\SysNative\msrle32.dll (Microsoft Corporation) Drivers32:64bit: vidc.msvc - C:\Windows\SysNative\msvidc32.dll (Microsoft Corporation) Drivers32:64bit: VIDC.UYVY - C:\Windows\SysNative\msyuv.dll (Microsoft Corporation) Drivers32:64bit: VIDC.YUY2 - C:\Windows\SysNative\msyuv.dll (Microsoft Corporation) Drivers32:64bit: VIDC.YVU9 - C:\Windows\SysNative\tsbyuv.dll (Microsoft Corporation) Drivers32:64bit: VIDC.YVYU - C:\Windows\SysNative\msyuv.dll (Microsoft Corporation) Drivers32:64bit: wave - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: wave1 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: wave2 - C:\Windows\SysNative\serwvdrv.dll (Microsoft Corporation) Drivers32:64bit: wave3 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: wave4 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: wave5 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation) Drivers32:64bit: wavemapper - C:\Windows\SysNative\msacm32.drv (Microsoft Corporation) Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.) Drivers32: wave2 - C:\Windows\SysWow64\serwvdrv.dll (Microsoft Corporation) ========== Files/Folders - Created Within 30 Days ========== [2010/05/27 18:03:47 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Roaming\Avira [2010/05/27 17:23:26 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010/05/27 17:23:26 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010/05/27 17:23:26 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys [2010/05/27 17:23:26 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys [2010/05/27 17:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010/05/27 17:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010/05/27 17:16:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs [2010/05/26 19:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2010/05/25 17:47:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010/05/25 17:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010/05/22 20:08:42 | 000,000,000 | ---D | C] -- C:\Users\Leslie\Documents\Downloads [2010/05/21 18:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010/05/21 18:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010/05/21 18:25:15 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010/05/21 18:25:15 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010/05/21 18:25:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010/05/21 18:25:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010/05/11 19:06:00 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Roaming\Google [2010/05/11 19:06:00 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Local\Google [2010/05/11 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Roaming\LolClient [2010/05/10 16:52:23 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010/05/10 16:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2010/05/10 16:51:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2010/05/04 15:29:08 | 000,000,000 | ---D | C] -- C:\swshare [2010/05/02 03:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010/05/02 02:50:31 | 000,000,000 | ---D | C] -- C:\Users\Leslie\AppData\Local\igodkqjbr [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/05/28 15:51:21 | 002,097,152 | -HS- | M] () -- C:\Users\Leslie\NTUSER.DAT [2010/05/28 15:39:36 | 000,056,734 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010/05/28 15:39:18 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/05/28 15:39:17 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/05/28 15:39:09 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo [2010/05/28 15:39:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/05/28 15:39:00 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2010/05/28 15:38:56 | 2144,210,944 | -HS- | M] () -- C:\hiberfil.sys [2010/05/27 23:32:19 | 459,946,035 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/05/27 23:23:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715332734-2804880807-3678603915-1003UA.job [2010/05/27 22:47:10 | 000,002,840 | ---- | M] () -- C:\Users\Leslie\Desktop\ark.zip [2010/05/27 20:56:44 | 000,293,376 | ---- | M] () -- C:\Users\Leslie\Desktop\bieqydih.exe [2010/05/27 20:33:40 | 000,524,288 | -HS- | M] () -- C:\Users\Leslie\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms [2010/05/27 20:33:40 | 000,065,536 | -HS- | M] () -- C:\Users\Leslie\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf [2010/05/27 20:33:19 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/05/27 20:33:11 | 000,000,020 | ---- | M] () -- C:\Users\Leslie\defogger_reenable [2010/05/27 18:55:15 | 003,563,956 | -H-- | M] () -- C:\Users\Leslie\AppData\Local\IconCache.db [2010/05/27 18:44:30 | 000,056,734 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010/05/27 17:23:37 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/05/27 17:23:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715332734-2804880807-3678603915-1003Core.job [2010/05/26 22:43:05 | 000,103,320 | ---- | M] () -- C:\Users\Leslie\AppData\Local\GDIPFONTCACHEV1.DAT [2010/05/26 22:40:28 | 000,394,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010/05/26 21:06:21 | 000,000,128 | ---- | M] () -- C:\Windows\win.ini [2010/05/26 18:34:09 | 000,000,732 | ---- | M] () -- C:\Users\Leslie\AppData\Local\d3d9caps64.dat [2010/05/25 17:47:55 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/22 17:21:24 | 000,002,047 | ---- | M] () -- C:\Users\Leslie\Desktop\Google Chrome.lnk [2010/05/22 10:21:06 | 000,002,124 | ---- | M] () -- C:\Users\Leslie\Desktop\OneKey Recovery.lnk [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/05/27 22:47:10 | 000,002,840 | ---- | C] () -- C:\Users\Leslie\Desktop\ark.zip [2010/05/27 20:59:17 | 000,293,376 | ---- | C] () -- C:\Users\Leslie\Desktop\bieqydih.exe [2010/05/27 20:33:10 | 000,000,020 | ---- | C] () -- C:\Users\Leslie\defogger_reenable [2010/05/27 18:32:49 | 2144,210,944 | -HS- | C] () -- C:\hiberfil.sys [2010/05/27 17:23:37 | 000,001,861 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/05/27 17:21:44 | 000,438,996 | ---- | C] () -- C:\Users\Leslie\AppData\Local\dd_vcredistMSI0146.txt [2010/05/27 17:21:43 | 000,011,602 | ---- | C] () -- C:\Users\Leslie\AppData\Local\dd_vcredistUI0146.txt [2010/05/25 17:47:55 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/22 17:21:24 | 000,002,047 | ---- | C] () -- C:\Users\Leslie\Desktop\Google Chrome.lnk [2010/05/22 17:18:57 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715332734-2804880807-3678603915-1003UA.job [2010/05/22 17:18:56 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715332734-2804880807-3678603915-1003Core.job [2010/05/11 16:11:31 | 000,366,670 | ---- | C] () -- C:\Users\Leslie\AppData\Local\dd_vcredistMSI696B.txt [2010/05/11 16:11:31 | 000,011,178 | ---- | C] () -- C:\Users\Leslie\AppData\Local\dd_vcredistUI696B.txt [2010/04/06 16:21:14 | 000,141,612 | ---- | C] () -- C:\Windows\SysWow64\drivers\dump_wmimmc.sys [2009/12/29 17:05:03 | 000,000,020 | ---- | C] () -- C:\Windows\GKLauncherInfo.ini [2009/12/03 17:29:42 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009/12/03 17:27:43 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/12/01 23:41:55 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2009/04/12 11:33:15 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll [2009/03/09 23:11:28 | 009,338,880 | ---- | C] () -- C:\Windows\SysWow64\Facev.dll [2009/03/09 23:11:28 | 000,491,520 | ---- | C] () -- C:\Windows\SysWow64\picn.dll [2009/03/09 23:11:28 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\image.dll [2009/03/09 23:11:26 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\SetDev.dll [2009/03/09 23:11:26 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\VideoOp.dll [2009/03/09 23:11:26 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\FunFrm.dll [2009/03/09 23:11:25 | 009,502,720 | ---- | C] () -- C:\Windows\SysWow64\FaceVerify.dll [2009/03/09 23:11:25 | 001,564,672 | ---- | C] () -- C:\Windows\SysWow64\MainOp.dll [2009/03/09 23:11:25 | 001,163,264 | ---- | C] () -- C:\Windows\SysWow64\PicNotify.dll [2009/03/09 23:11:25 | 000,442,368 | ---- | C] () -- C:\Windows\SysWow64\Apblend.dll [2009/03/09 23:11:25 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\Momo.dll [2009/03/09 23:11:25 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\DevFilt.dll [2009/03/09 23:02:18 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll [2009/03/09 23:02:12 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll [2009/03/09 22:47:07 | 000,709,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2008/01/20 19:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2006/11/02 05:13:12 | 000,006,144 | ---- | C] () -- C:\Windows\SysWow64\KBDKYR.DLL ========== Custom Scans ========== < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report >

could not scan for malware DDS (Ver_10-03-17.01) - NTFSX64 Run by Leslie at 20:45:07.91 on Thu 05/27/2010 Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_20 Microsoft

everytime i scan with malware it shut down the computer or freeze it and it a problem because my internet is slow, it usually isn't