I'm back. This time it's my laptop. It seems I can surf the net for hours on end, but as soon as I try to log into my webmail, iexplorer slows to a halt. Restarting iexplorer doesn't help, it stays that way until I reboot, but the rest of the computer stays perfectly operational, as near as I can tell. Here are my files...
Malwarebytes' Anti-Malware 1.40
Database version: 2713
Windows 6.0.6002 Service Pack 2
8/29/2009 6:13:39 PM
mbam-log-2009-08-29 (18-13-39).txt
Scan type: Full Scan (C:\|)
Objects scanned: 217510
Time elapsed: 1 hour(s), 2 minute(s), 59 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logfile created on: 8/29/2009 8:59:04 PM - Run 13
OTL by OldTimer - Version 3.0.6.5 Folder = C:\Users\gandhl\Desktop\Scan Logs
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 52.50% Memory free
4.00 Gb Paging File | 3.23 Gb Available in Paging File | 80.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106.52 Gb Total Space | 46.36 Gb Free Space | 43.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GREG-PC
Current User Name: Greg
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2007/06/01 02:02:06 | 00,036,400 | ---- | M] (Lenovo) -- C:\Windows\System32\ibmpmsvc.exe
PRC - [2007/10/18 11:24:46 | 00,801,296 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
PRC - [2008/03/19 11:56:58 | 00,145,936 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
PRC - [2008/04/15 12:50:44 | 00,281,104 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
PRC - [2007/10/18 11:24:46 | 01,010,192 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
PRC - [2006/11/20 01:14:14 | 00,108,080 | ---- | M] (Lenovo Group Limited) -- C:\Windows\System32\IPSSVC.EXE
PRC - [2007/03/09 17:23:02 | 00,083,504 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2007/02/06 12:44:24 | 00,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/09/12 18:27:24 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PRC - [2008/08/30 15:14:36 | 00,144,696 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
PRC - [2007/04/19 01:36:32 | 00,303,104 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2006/11/15 19:20:46 | 00,634,988 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2008/09/29 19:48:58 | 00,283,888 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
PRC - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2006/12/15 19:50:52 | 00,011,776 | ---- | M] ( ) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2006/12/13 14:43:16 | 00,644,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2006/12/26 01:06:00 | 00,037,168 | ---- | M] (Lenovo.) -- C:\Windows\System32\TPHDEXLG.exe
PRC - [2006/10/13 00:08:56 | 00,055,928 | ---- | M] () -- C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
PRC - [2006/12/14 02:13:02 | 00,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2006/12/14 02:11:14 | 00,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2006/12/14 02:23:42 | 01,118,208 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2006/12/14 00:46:08 | 00,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
PRC - [2009/07/30 18:17:13 | 00,255,216 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
PRC - [2009/06/01 16:09:36 | 01,400,832 | ---- | M] () -- C:\Windows\System32\svcprs32.exe
PRC - [2006/12/14 01:59:04 | 00,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2006/11/27 17:44:58 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe
PRC - [2007/03/09 17:23:08 | 00,194,096 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2009/06/01 16:01:02 | 02,289,664 | ---- | M] () -- C:\Windows\System32\mdmcls32.exe
PRC - [2007/03/09 17:24:04 | 00,124,464 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2009/04/11 02:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/08/28 10:52:50 | 00,189,680 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
PRC - [2007/01/17 14:01:00 | 00,058,416 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2007/11/22 02:08:56 | 00,820,520 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/11/10 00:26:08 | 00,064,128 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2006/12/26 00:15:18 | 00,181,808 | ---- | M] (Lenovo.) -- C:\Windows\System32\TpShocks.exe
PRC - [2006/11/28 13:30:00 | 00,243,248 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
PRC - [2006/10/13 00:09:00 | 00,073,256 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2006/09/06 03:39:10 | 00,091,688 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Zoom\TpScrex.exe
PRC - [2006/12/14 02:23:50 | 00,536,576 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2007/01/31 13:01:00 | 00,120,368 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
PRC - [2006/11/07 06:51:40 | 00,091,688 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
PRC - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/11/22 01:55:28 | 00,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2008/02/11 20:13:12 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/02/11 20:13:02 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/02/11 20:13:08 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/02/11 20:13:10 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2009/06/03 21:19:09 | 00,181,488 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
PRC - [2009/06/01 15:59:16 | 10,940,416 | ---- | M] () -- C:\Windows\cfgmng32.exe
PRC - [2009/07/30 18:17:13 | 00,230,640 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe
PRC - [2009/06/03 21:11:24 | 00,014,088 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe
PRC - [2008/08/28 10:52:50 | 00,173,296 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
PRC - [2007/02/28 17:50:50 | 00,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBLive 24-Bit External\Volume Panel\VolPanlu.exe
PRC - [2007/07/10 10:40:30 | 01,282,048 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2006/09/22 12:35:58 | 00,045,056 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2008/06/05 10:19:18 | 00,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2009/06/03 21:19:09 | 00,214,256 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
PRC - [2008/08/27 18:44:28 | 00,238,832 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
PRC - [2008/08/27 18:44:28 | 00,185,584 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
PRC - [2009/06/01 16:01:02 | 02,289,664 | ---- | M] () -- C:\Windows\System32\mdmcls32.exe
PRC - [2006/12/14 01:48:50 | 00,180,224 | ---- | M] (Lenovo Group LTD) -- C:\Program Files\Common Files\Lenovo\bmgr\bmgr32.exe
PRC - [2009/07/07 14:28:02 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\gandhl\Desktop\Scan Logs\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2007/03/09 17:23:02 | 00,083,504 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc [Auto | Running])
SRV - [2007/03/09 17:23:08 | 00,194,096 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc [Auto | Running])
SRV - [2007/02/06 12:44:24 | 00,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters [Auto | Running])
SRV - [2007/09/12 18:27:24 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])
SRV - [2009/06/03 21:19:09 | 00,214,256 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP [On_Demand | Running])
SRV - [2008/08/30 15:14:36 | 00,144,696 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe -- (CAISafe [Auto | Running])
SRV - [2009/03/30 00:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - File not found -- -- (CLTNetCnService [Auto | Stopped])
SRV - [2007/04/19 01:36:32 | 00,303,104 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService [Auto | Running])
SRV - [2006/11/15 19:20:46 | 00,634,988 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper [Auto | Running])
SRV - [2008/01/19 03:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/04/11 02:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/02/18 14:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/08/07 12:43:04 | 00,045,816 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [On_Demand | Stopped])
SRV - [2006/12/04 00:53:55 | 00,135,608 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2007/06/01 02:02:06 | 00,036,400 | ---- | M] (Lenovo) -- C:\Windows\System32\ibmpmsvc.exe -- (IBMPMSVC [Auto | Running])
SRV - [2004/10/22 06:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009/02/18 14:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2006/11/20 01:14:14 | 00,108,080 | ---- | M] (Lenovo Group Limited) -- C:\Windows\System32\IPSSVC.EXE -- (IPSSVC [Auto | Running])
SRV - [2006/11/02 05:46:05 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2008/09/29 19:48:58 | 00,283,888 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC [Auto | Running])
SRV - [2007/09/12 18:27:24 | 02,999,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - File not found -- -- (LiveUpdate Notice Ex [Auto | Stopped])
SRV - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service [Auto | Running])
SRV - [2009/02/18 14:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/08/27 18:44:28 | 00,185,584 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe -- (PPCtlPriv [On_Demand | Running])
SRV - [2006/12/15 19:50:52 | 00,011,776 | ---- | M] ( ) -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService [Auto | Running])
SRV - [2006/12/13 14:43:16 | 00,644,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service [Auto | Running])
SRV - [2006/12/26 01:06:00 | 00,037,168 | ---- | M] (Lenovo.) -- C:\Windows\System32\TPHDEXLG.exe -- (TPHDEXLGSVC [Auto | Running])
SRV - [2006/10/13 00:08:56 | 00,055,928 | ---- | M] () -- C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe -- (TPHKSVC [Auto | Running])
SRV - [2006/12/14 02:13:02 | 00,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service [Auto | Running])
SRV - [2006/12/14 02:11:14 | 00,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service [Auto | Running])
SRV - [2006/12/14 02:23:42 | 01,118,208 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler [Auto | Running])
SRV - [2006/12/14 00:46:08 | 00,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- (tvtnetwk [Auto | Running])
SRV - [2007/10/18 11:24:46 | 01,010,192 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe -- (UmxAgent [Auto | Running])
SRV - [2007/10/18 11:24:46 | 00,801,296 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe -- (UmxCfg [Auto | Running])
SRV - [2008/03/19 11:56:58 | 00,145,936 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe -- (UmxFwHlp [Auto | Running])
SRV - [2008/04/15 12:50:44 | 00,281,104 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe -- (UmxPol [Auto | Running])
SRV - [2009/07/30 18:17:13 | 00,255,216 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe -- (VETMSGNT [Auto | Running])
SRV - [2008/01/19 03:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Disabled | Stopped])
SRV - [2009/06/01 16:09:36 | 01,400,832 | ---- | M] () -- C:\Windows\System32\svcprs32.exe -- (WinSvchostManager [Auto | Running])
SRV - [2008/01/19 03:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2006/11/27 17:44:58 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])
========== Driver Services (SafeList) ==========
DRV - [2007/10/04 16:14:44 | 00,348,160 | ---- | M] (Analog Devices, Inc.) -- C:\Windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])
DRV - [2006/11/02 05:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 05:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 05:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 05:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2009/04/03 01:26:13 | 00,017,592 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2006/11/02 05:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 05:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2007/05/02 11:43:58 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\b57nd60x.sys -- (b57nd60x [On_Demand | Running])
DRV - [2006/11/02 04:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 04:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 04:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 04:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 04:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 04:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2009/04/03 01:26:13 | 00,019,128 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 03:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2006/11/02 05:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2006/11/02 05:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2006/11/02 03:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2006/12/21 12:50:24 | 00,985,600 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2006/12/21 12:49:04 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2008/02/11 19:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (ialm [On_Demand | Stopped])
DRV - [2007/02/12 00:36:54 | 00,277,784 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2006/11/02 05:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2007/06/01 02:01:30 | 00,021,424 | ---- | M] (Lenovo.) -- C:\Windows\System32\DRIVERS\ibmpmdrv.sys -- (IBMPMDRV [On_Demand | Running])
DRV - [2008/02/11 19:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])
DRV - [2006/11/02 05:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2006/11/02 05:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 05:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/03/21 16:00:06 | 00,063,504 | ---- | M] (CA) -- C:\Windows\System32\DRIVERS\kmxagent.sys -- (KmxAgent [System | Running])
DRV - [2008/06/04 12:27:46 | 00,138,744 | ---- | M] (CA) -- C:\Windows\System32\DRIVERS\KmxCF.sys -- (KmxCF [Auto | Running])
DRV - [2008/05/30 16:56:30 | 00,088,816 | ---- | M] (CA) -- C:\Windows\System32\DRIVERS\kmxcfg.sys -- (KmxCfg [On_Demand | Running])
DRV - [2008/03/21 16:00:06 | 00,045,584 | ---- | M] (CA) -- C:\Windows\System32\DRIVERS\KmxFile.sys -- (KmxFile [System | Running])
DRV - [2008/05/30 16:56:44 | 00,051,704 | ---- | M] (CA) -- C:\Windows\System32\DRIVERS\KmxFilter.sys -- (KmxFilter [System | Running])
DRV - [2008/03/19 11:57:02 | 00,103,952 | ---- | M] (CA) -- C:\Windows\System32\DRIVERS\kmxfw.sys -- (KmxFw [Boot | Running])
DRV - [2008/03/21 16:00:06 | 00,066,576 | ---- | M] (CA) -- C:\Windows\System32\DRIVERS\KmxSbx.sys -- (KmxSbx [Auto | Running])
DRV - [2007/08/06 16:36:02 | 00,422,144 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\ksaud.sys -- (ksaud [On_Demand | Stopped])
DRV - [2006/08/30 06:04:04 | 00,013,744 | ---- | M] (Lenovo Group Limited) -- C:\Windows\System32\DRIVERS\smiif32.sys -- (lenovo.smi [System | Running])
DRV - [2006/11/02 05:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 05:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 05:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/06/19 01:26:00 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2006/11/02 05:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2006/11/02 05:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2006/12/18 20:12:22 | 01,786,880 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Running])
DRV - [2006/11/02 05:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/01/19 01:55:24 | 00,030,720 | ---- | M] (National Semiconductor Corporation) -- C:\Windows\System32\DRIVERS\nscirda.sys -- (NSCIRDA [On_Demand | Running])
DRV - [2006/11/02 03:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2006/11/02 05:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2006/11/02 05:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2006/11/06 04:24:56 | 00,012,080 | ---- | M] (Lenovo Group Limited) -- C:\Windows\System32\DRIVERS\PROCDD.SYS -- (PROCDD [Auto | Running])
DRV - [2006/09/13 01:42:18 | 00,028,224 | ---- | M] (Lenovo (United States) Inc.) -- C:\Windows\System32\DRIVERS\psadd.sys -- (psadd [On_Demand | Running])
DRV - [2006/09/27 17:53:22 | 00,036,560 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006/11/02 05:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2006/11/02 02:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2006/12/26 01:05:00 | 00,100,144 | ---- | M] (Lenovo.) -- C:\Windows\System32\DRIVERS\Apsx86.sys -- (Shockprf [Boot | Running])
DRV - [2006/11/02 05:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 05:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2006/11/02 05:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 05:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 05:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2007/11/22 02:08:58 | 00,181,168 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/07/06 00:44:00 | 00,168,448 | ---- | M] (Texas Instruments) -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21 [On_Demand | Running])
DRV - [2006/12/26 01:03:00 | 00,019,760 | ---- | M] (Lenovo.) -- C:\Windows\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN [Boot | Running])
DRV - [2008/01/19 03:42:12 | 00,045,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tpm.sys -- (TPM [On_Demand | Running])
DRV - [2006/12/19 13:01:00 | 00,012,080 | ---- | M] () -- C:\Windows\System32\drivers\Tppwr32v.sys -- (TPPWRIF [System | Running])
DRV - [2009/04/03 02:17:54 | 00,033,536 | ---- | M] (Lenovo) -- C:\Windows\System32\DRIVERS\tvtfilter.sys -- (tvtfilter [Auto | Running])
DRV - [2006/09/13 15:42:44 | 00,035,264 | ---- | M] (Lenovo (United States) Inc.) -- C:\Windows\System32\DRIVERS\Tvti2c.sys -- (TVTI2C [On_Demand | Running])
DRV - [2006/11/02 05:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 05:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2006/11/02 04:55:04 | 00,071,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2006/11/02 04:55:05 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\usbser.sys -- (usbser [On_Demand | Stopped])
DRV - [2009/07/30 18:17:14 | 00,026,352 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vet-filt.sys -- (VET-FILT [System | Running])
DRV - [2009/07/30 18:17:14 | 00,021,104 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vet-rec.sys -- (VET-REC [System | Running])
DRV - [2009/06/03 21:19:09 | 00,108,368 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\veteboot.sys -- (VETEBOOT [On_Demand | Running])
DRV - [2009/06/03 21:19:09 | 00,880,560 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vetefile.sys -- (VETEFILE [System | Running])
DRV - [2009/07/30 18:17:14 | 00,021,488 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vetfddnt.sys -- (VETFDDNT [System | Running])
DRV - [2009/07/30 18:17:14 | 00,161,008 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vetmonnt.sys -- (VETMONNT [System | Running])
DRV - [2009/04/03 01:26:13 | 00,020,152 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/11/02 05:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2006/12/21 12:48:54 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2007/01/11 17:36:54 | 00,018,168 | ---- | M] (X-Rite, Inc.) -- C:\Windows\System32\DRIVERS\XrUsb.sys -- (X-Rite [On_Demand | Stopped])
DRV - [2006/11/27 17:44:52 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.optimum.net/optonline
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{e9259cba-e7ad-4f74-863f-ef9fe935394d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\Firefox [2009/06/03 21:11:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox [2009/06/03 21:11:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/11 11:21:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox [2009/06/03 21:11:38 | 00,000,000 | ---D | M]
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CA Toolbar Helper) - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O3 - HKLM\..\Toolbar: (CA Toolbar) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [BLOG] C:\Program Files\ThinkPad\Utilities\BTVLOGEX.DLL ()
O4 - HKLM..\Run: [cafw] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe (CA, Inc.)
O4 - HKLM..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe (CA, Inc.)
O4 - HKLM..\Run: [CAVRID] C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe (CA, Inc.)
O4 - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\System32\sbavmon.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [dvHighMem] C:\Windows\cfgmng32.exe ()
O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [LPManager] C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [QOELOADER] C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe (CA)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe ()
O4 - HKLM..\Run: [TpShocks] C:\Windows\System32\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBLive 24-Bit External\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Creative MediaSource Go] File not found
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\winsflt.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.com/srl_bin/sysreqlab_ind.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareup...15108/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\Windows\System32\UmxWnp.Dll (CA)
O28 - HKLM ShellExecuteHooks: {1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\CIDLinkAdvisor.dll (CallingID Ltd.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/08/29 18:30:41 | 00,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Creative
[2009/08/29 16:34:31 | 00,000,904 | ---- | C] () -- C:\Users\Public\Desktop\Resume Adobe Downloads.lnk
[2009/08/29 10:39:28 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/08/29 10:39:28 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/08/29 10:39:28 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/08/28 22:38:17 | 00,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/28 22:38:14 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/28 22:38:13 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/08/28 22:38:13 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/26 07:31:03 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.dll
[2009/08/26 07:31:03 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/08/26 07:31:03 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdigest.dll
[2009/08/26 07:31:02 | 01,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/08/26 07:31:02 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
[2009/08/26 07:31:01 | 00,439,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2009/08/26 07:31:01 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/08/26 07:31:01 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
[2009/08/26 03:01:25 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/08/25 22:11:11 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2009/08/25 22:11:11 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009/08/22 08:49:24 | 00,286,208 | ---- | C] () -- C:\Windows\System32\winsfinst.exe
[2009/08/11 21:10:22 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
[2009/08/11 21:10:20 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkssvc.dll
[2009/08/11 21:10:17 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll
[2009/08/11 21:10:15 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2009/08/11 21:10:09 | 10,628,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/08/11 21:10:07 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpdxm.dll
[2009/08/11 21:10:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009/08/11 21:10:07 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009/08/11 21:10:07 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2009/08/11 21:10:06 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/08/11 21:10:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2009/08/11 21:10:06 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2009/07/11 11:39:46 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/04 21:02:17 | 00,001,611 | ---- | C] () -- C:\Windows\System32\AudioDrv.ini
[2009/06/04 21:01:26 | 00,022,535 | R--- | C] () -- C:\Windows\System32\ksaud.ini
[2009/06/04 20:59:45 | 00,106,496 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009/06/04 20:59:45 | 00,069,120 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2009/06/03 21:11:51 | 00,000,007 | ---- | C] () -- C:\Windows\System32\mkghj.dll
[2009/06/03 21:09:47 | 04,747,264 | ---- | C] () -- C:\Windows\System32\win32cpr.dll
[2009/06/03 21:09:47 | 01,867,776 | ---- | C] () -- C:\Windows\System32\winsflt.dll
[2009/05/30 19:10:31 | 00,044,344 | ---- | C] () -- C:\Windows\System32\drivers\SEQCAL.SYS
[2009/05/30 19:10:31 | 00,044,344 | ---- | C] () -- C:\Windows\System32\drivers\EyeOneDp.sys
[2009/05/30 19:10:19 | 00,045,056 | ---- | C] () -- C:\Windows\System32\Mplps.dll
[2009/04/05 09:05:15 | 00,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009/04/03 01:52:39 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2009/04/03 01:48:24 | 00,012,080 | ---- | C] () -- C:\Windows\System32\drivers\TPPWR32V.SYS
[2009/04/03 01:44:19 | 12,006,784 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys
[2009/04/03 01:44:19 | 00,024,832 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys
[2009/04/03 01:44:19 | 00,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2009/04/03 01:44:18 | 00,126,976 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll
[2009/04/03 01:44:17 | 00,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll
[2008/02/11 19:55:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/12/14 14:14:16 | 00,025,269 | ---- | C] () -- C:\Windows\System32\PROCDB.INI
[2006/12/14 14:14:10 | 00,000,480 | ---- | C] () -- C:\Windows\System32\IPSCtrl.INI
[2006/11/30 13:31:53 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 06:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/05 17:20:36 | 00,079,400 | ---- | C] () -- C:\Windows\System32\DEVMAN.DLL
========== Files - Modified Within 30 Days ==========
[1 C:\Windows\System32\*.tmp files]
[2009/08/29 20:56:05 | 00,025,269 | ---- | M] () -- C:\Windows\System32\PROCDB.INI
[2009/08/29 20:56:05 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 20:56:05 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 20:56:05 | 00,000,480 | ---- | M] () -- C:\Windows\System32\IPSCtrl.INI
[2009/08/29 20:56:02 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/29 20:55:57 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/29 20:55:25 | 21,353,75872 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/29 20:54:43 | 00,252,664 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2009/08/29 20:54:43 | 00,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2009/08/29 20:54:43 | 00,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2009/08/29 20:54:43 | 00,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2009/08/29 20:54:43 | 00,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2009/08/29 20:54:43 | 00,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2009/08/29 20:54:43 | 00,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2009/08/29 20:54:43 | 00,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2009/08/29 20:15:49 | 02,155,128 | -H-- | M] () -- C:\Users\Greg\AppData\Local\IconCache.db
[2009/08/29 19:11:19 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/29 19:11:19 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/29 19:11:19 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/29 16:34:31 | 00,000,904 | ---- | M] () -- C:\Users\Public\Desktop\Resume Adobe Downloads.lnk
[2009/08/28 22:38:17 | 00,000,828 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/22 08:49:26 | 04,747,264 | ---- | M] () -- C:\Windows\System32\win32cpr.dll
[2009/08/22 08:49:25 | 01,867,776 | ---- | M] () -- C:\Windows\System32\winsflt.dll
[2009/08/09 11:13:45 | 00,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLbx.DAT
[2009/08/07 17:45:37 | 00,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdw.DAT
[2009/08/03 22:11:00 | 00,000,512 | ---- | M] () -- C:\Windows\tasks\CAAntiSpywareScan_Daily as Greg at 9 11 PM.job
[2009/08/03 21:48:26 | 00,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== LOP Check ==========
[2009/08/29 18:30:41 | 00,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming
[2009/06/03 21:11:41 | 00,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\CallingID
[2009/06/03 20:49:56 | 00,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\GetRightToGo
[2009/04/02 22:57:02 | 00,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Lenovo
[2006/11/02 08:37:34 | 00,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Media Center Programs
[2009/05/25 14:10:14 | 00,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Nikon
[2009/08/03 22:11:00 | 00,000,512 | ---- | M] () -- C:\Windows\Tasks\CAAntiSpywareScan_Daily as Greg at 9 11 PM.job
[2009/08/29 20:56:02 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/08/29 20:54:23 | 00,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Results of screen317's Security Check version 0.98.4
Windows Vista Service Pack 2
``````````````````````````````
Antivirus/Firewall Check:
``````````````````````````````
Windows Firewall Disabled!
CAAnti-Virus
Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
``````````````````````````````
CA Anti-Spyware
Malwarebytes' Anti-Malware
Java™ 6 Update 15
Java™ SE Runtime Environment 6
Out of date Java installed!
Adobe Flash Player 10
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
CA CA Internet Security Suite CA Anti-Virus ISafe.exe
CA CA Internet Security Suite CA Anti-Virus VetMsg.exe
CA CA Internet Security Suite CA Anti-Virus cavrid.exe
CA CA Internet Security Suite CA Personal Firewall capfsem.exe
CA CA Internet Security Suite CA Personal Firewall capfasem.exe
``````````````````````````````
DNS Vulnerability Check:
``````````````````````````````
GREAT! (Very random)
Scan took 14 seconds.
`````````End of Log```````````
You may notice the lack of an extras.txt... For some reason OTL doesn't seem to be outputing it... I ran it correctly earlier, so here is that file, but since this was created, I got the newset version of Java installed and the older versions removed.
OTL Extras logfile created on: 8/29/2009 10:04:57 AM - Run 1
OTL by OldTimer - Version 3.0.6.5 Folder = C:\Users\gandhl\Desktop\Scan Logs
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.64% Memory free
4.00 Gb Paging File | 3.12 Gb Available in Paging File | 78.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106.52 Gb Total Space | 47.28 Gb Free Space | 44.39% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GREG-PC
Current User Name: Greg
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\CA Personal Firewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
File not found -- Reg Error: Unknown registry data type
File not found -- Reg Error: Unknown registry data type
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0AFD47CE-CA9C-4372-AA20-CB05D33638FA}" = CA Desktop DNA Migrator
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3412904A-EBCE-4D0B-9052-A3001B8ED666}" = Sound Blaster Live! 24-Bit External
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{5A05B328-35EB-4CED-B16F-62FA5A2642E6}" =
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Integrated camera
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Home
"{7E4C16B8-8F76-4940-8505-98E93C00BF19}" = Rescue and Recovery
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89883FFF-054E-4BCE-A131-15F3D9F50E6F}" = EZcolor 2.6.5
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEAD18F3-6481-4ef4-96B5-A24D5ADAC30D}" = CA Anti-Spyware
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{C8616041-2802-4DE2-B3BD-6285AAD65C2A}" = Nikon RAW Codec
"{CDB98E2F-7B2A-42C2-B718-F1F6B31586DF}" = CA Website Inspector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D728E945-256D-4477-B377-6BBA693714AC}" = Productivity Center Supplement for ThinkPad
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Power Manager
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E0EF321A-1949-451B-9484-7886F4F4719E}" = ThinkPad Mobility Center Customization
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F05A5232-CE5E-4274-AB27-44EB8105898D}" = CA Pest Patrol Realtime Protection
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"3CD6E6EC537F34026EA60F5BE964BCA8B58F5703" = Windows Driver Package - Lenovo (IBMPMDRV) System (11/01/2006 1.41)
"67CCAA793684CADDDCD55BAD807632E611CA05D2" = Windows Driver Package - Intel (iaStor) hdc (02/12/2007 7.0.0.1020)
"73501D040246FD1119FF9BD02EAA9CA1541A9E01" = Windows Driver Package - Intel USB (09/13/2006 8.2.0.1008)
"8B51271D05166ED3E2A0A7FD52BCB8628E296043" = Windows Driver Package - Intel System (09/15/2006 7.0.0.1020)
"9DE44D33DF9291DE11A1A790CFBF8541856C70DC" = Windows Driver Package - Intel hdc (09/15/2006 8.2.0.1008)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AudioCS" = Creative Audio Console
"AwayTask" = Maintenance Manager
"C07FE7FC75ACBDD151782F792980433C19F635D4" = Windows Driver Package - Intel hdc (09/15/2006 8.2.0.1008)
"CAFD8C258F6EB727276162D1667A38A8901813F2" = Windows Driver Package - Broadcom (b57nd60x) Net (11/09/2006 9.36.0.0)
"Capture NX 2" = Capture NX 2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"DADE94E03F9586B655AEA5F99234D390348E108C" = Windows Driver Package - Intel System (09/15/2006 8.2.0.1008)
"Dipmon" = Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista
"E6CEFD9A59425A2A27E92572AB367B28C371D3D8" = Windows Driver Package - Intel System (09/15/2006 7.0.0.1011)
"eTrust Suite Personal" = CA Internet Security Suite
"FPIRPOn" = Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista
"HCFR Colorimeter_is1" = HCFR Colorimeter Version 2.1.0
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallShield_{0AFD47CE-CA9C-4372-AA20-CB05D33638FA}" = CA Desktop DNA Migrator
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Lenovo Registration" = Lenovo Registration
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"OnScreenDisplay" = On Screen Display
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Picasa2" = Picasa 2
"Power Management Driver" = ThinkPad Power Management Driver
"RoomEQWizard" = RoomEQWizard
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"ToolCrib" = ToolCrib
"UFRaw_is1" = UFRaw 0.15
"USBPMon" = Registry patch for Windows Vista USB S3 PM Enablement
"VETWIN32Vp5" = CA Anti-Virus
"WaveStudio 7" = Creative WaveStudio 7
"WinGimp-2.0_is1" = GIMP 2.6.6
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/26/2009 7:51:06 AM | Computer Name = Greg-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18813 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: c90 Start Time: 01ca26435d40f3c5 Termination Time: 16
Error - 8/26/2009 7:57:44 PM | Computer Name = Greg-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x8007041D
Error - 8/27/2009 7:52:19 AM | Computer Name = Greg-PC | Source = UmxAgent | ID = 108
Description = Cannot open mailslot of Ask User client. Product 0x1, Session 1, Error
0x2.
Error - 8/28/2009 9:54:54 PM | Computer Name = Greg-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18813 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 163c Start Time: 01ca284b0adf5016 Termination Time: 0
Error - 8/28/2009 9:55:55 PM | Computer Name = Greg-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18813 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 11fc Start Time: 01ca284bb3a32b96 Termination Time: 0
Error - 8/28/2009 9:59:52 PM | Computer Name = Greg-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18813 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 12e8 Start Time: 01ca284c46c5e346 Termination Time: 32
Error - 8/28/2009 10:14:24 PM | Computer Name = Greg-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18813 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1218 Start Time: 01ca284dfce8da06 Termination Time: 0
Error - 8/28/2009 10:14:50 PM | Computer Name = Greg-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18813 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 15ac Start Time: 01ca284e6db0d496 Termination Time: 47
Error - 8/28/2009 11:04:56 PM | Computer Name = Greg-PC | Source = Windows Search Service | ID = 3024
Description =
Error - 8/28/2009 11:10:57 PM | Computer Name = Greg-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18813 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1594 Start Time: 01ca2856400c21e6 Termination Time: 15
[ System Events ]
Error - 6/11/2009 9:42:30 PM | Computer Name = Greg-PC | Source = HTTP | ID = 15016
Description =
Error - 6/11/2009 9:43:37 PM | Computer Name = Greg-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6/11/2009 9:43:37 PM | Computer Name = Greg-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 6/11/2009 9:43:54 PM | Computer Name = Greg-PC | Source = Microsoft-Windows-FilterManager | ID = 3
Description =
Error - 6/11/2009 9:44:30 PM | Computer Name = Greg-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 6/11/2009 9:45:03 PM | Computer Name = Greg-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 6/14/2009 12:32:02 PM | Computer Name = Greg-PC | Source = Microsoft-Windows-TBS | ID = 516
Description =
Error - 6/14/2009 12:32:02 PM | Computer Name = Greg-PC | Source = TPM | ID = 393229
Description = The device driver for the Trusted Platform Module (TPM) encountered
a non-recoverable error in the TPM hardware, which prevents TPM services (such
as data encryption) from being used. For further help, please contact the computer
manufacturer.
Error - 6/14/2009 12:53:14 PM | Computer Name = Greg-PC | Source = Microsoft-Windows-FilterManager | ID = 3
Description =
Error - 6/14/2009 12:53:17 PM | Computer Name = Greg-PC | Source = Microsoft-Windows-FilterManager | ID = 3
Description =
< End of report >
The machine is a lenovo Z61t running Vista 32, with CA security...
Please help
Full Version: Internet freezes...
The logs are clean so we can rule out malware/virus.
Did this just start? Have you been able to use IE8 successfully before or is this problem related to IE8?
As a test only, turn off your AV (usually this is an option in the tray icon) and see is the problem persists. Be sure to turn your AV back on.
Also, check your Problem Reports and Solutions control panel. The event logs show a few entries for IE8 hanging. There may be more information there.
Did this just start? Have you been able to use IE8 successfully before or is this problem related to IE8?
As a test only, turn off your AV (usually this is an option in the tray icon) and see is the problem persists. Be sure to turn your AV back on.
Also, check your Problem Reports and Solutions control panel. The event logs show a few entries for IE8 hanging. There may be more information there.
QUOTE (LoPhatPhuud @ Aug 30 2009, 11:04 AM) 
The logs are clean so we can rule out malware/virus.
Did this just start? Have you been able to use IE8 successfully before or is this problem related to IE8?
As a test only, turn off your AV (usually this is an option in the tray icon) and see is the problem persists. Be sure to turn your AV back on.
Also, check your Problem Reports and Solutions control panel. The event logs show a few entries for IE8 hanging. There may be more information there.
Did this just start? Have you been able to use IE8 successfully before or is this problem related to IE8?
As a test only, turn off your AV (usually this is an option in the tray icon) and see is the problem persists. Be sure to turn your AV back on.
Also, check your Problem Reports and Solutions control panel. The event logs show a few entries for IE8 hanging. There may be more information there.
I thought so on the clean logs, but I wasn't sure.
I've been using IE8 for at least a few months now, with very few problems, nothing persistent like this. I wouldn't rule out IE8 being the problem, though... if there've been any recent updates to it?
I did notice that CA AV updated on the 22nd... could be related...
I tried turning off the AV, and nothing changed. Yesterday I had tried turning off the firewall, also with no results... is the CA spyware function next?
I also noticed the hanging in the file logs, but when I checked yesterday, there was more info, most of which I didn't understand, other than it looked like an applet was causing the failure, so I was excited when I saw JAva needed to be updated, but that did help, but no solutions offered (I had it look for new ones, to no avail)...
Anyway, here is the latest entry in the error reporting log...
Description
A problem caused this program to stop interacting with Windows.
Problem signature
Problem Event Name: AppHangB1
Application Name: iexplore.exe
Application Version: 8.0.6001.18813
Application Timestamp: 4a6621ae
Hang Signature: abaf
Hang Type: 6144
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 1033
Additional Hang Signature 1: 2a4bfcf1cfbe53fb2593b8bb9154ed2c
Additional Hang Signature 2: cb1e
Additional Hang Signature 3: befffed9100696367d03d8a4a2850a2a
Additional Hang Signature 4: abaf
Additional Hang Signature 5: 2a4bfcf1cfbe53fb2593b8bb9154ed2c
Additional Hang Signature 6: cb1e
Additional Hang Signature 7: befffed9100696367d03d8a4a2850a2a
Extra information about the problem
Bucket ID: 662691101
Also for reference, everything seems to be working fine on another machine on the same network, that ones wired LAN, this laptop that's acting weird is wireless, but the good one's also running IE8 but with McAfee AV...
Possibly the CA AV. The problem is beyond the scope of this forum so I need to sign off on this issue for now. You might try the MS support newsgroups or the MS group on BroadBandReports. (http://www.dslreports.com)
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.