themice Posted August 18, 2010 Posted August 18, 2010 Hi I hope someone can help me. I have a Lenovo T60 laptop running windows XP. My Kapersky recently expired so I uninstalled it and reinstalled a new trial version whilst I waited for actiivation key to be sent. From the next day I have had the following messages appear on start up. 1) lsass.exe - Unable To Locate Component - This application has failed to start because msls52.dll was not found. Re-installing the application may fix this problem. 2) userinit.exe - Unable To Locate Component - This application has failed to start because msls52.dll was not found. Re-installing the application may fix this problem. 3) EXPLORER.EXE - Unable To Locate Component - This application has failed to start because msls52.dll was not found. Re-installing the application may fix this problem. I can clear through the messages but I am met with an empty desktop and no start menu or system tray. I can open applications through task manager although I get the same 'Unable To Locate Component' message for them all. I can also browse through folders but cannot access any files. Does anyone have any solutions???? Quote
DSTM Posted August 19, 2010 Posted August 19, 2010 Hi themice. Welcome to Extreme Tech Support - Free PC Help. Here is a previous thread re msls52.dll file, which may be helpful. http://extremetechsupport.com/forum/malware-infection-removal/9479-missing-msls52-dll-file.html Quote Confidence, is the feeling I get, moments before I stuff something up.
themice Posted August 19, 2010 Author Posted August 19, 2010 Hi Unfortunately I don't have the installation disk. I have read a couple of threads on the site about it. The most promising one suggested downloading OTLPE.iso but I cannot find the link??? Quote
DSTM Posted August 19, 2010 Posted August 19, 2010 Download and install Malwarebytes free first, and run a full scan. It's possible this could be malware related. Malwarebytes' Anti-Malware: Malwarebytes Quote Confidence, is the feeling I get, moments before I stuff something up.
DSTM Posted August 19, 2010 Posted August 19, 2010 Try Safe Mode and see if it makes any difference. Quote Confidence, is the feeling I get, moments before I stuff something up.
themice Posted August 19, 2010 Author Posted August 19, 2010 I have already tried Malwarebytes and safe mode and neither have been successful, although I haven't submitted any logs for any experts to look at. Quote
RandyL Posted August 19, 2010 Posted August 19, 2010 Hi. It does seem you are in a bit of a mess. As this may very well be malware related I would advise you to wait for one of our malware team members to look at this issue. In the mean time for their benefit can you clarify if you are able to boot to safemode. From safemode there are many options but please don't try them until our security team reviews this issue. Quote We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.Get help with computer problems. Join Free PC Help here Donations are welcome. Read Here
themice Posted August 19, 2010 Author Posted August 19, 2010 Hi. I am able to boot to safe mode, and I have tried to open to last settings and I have also tried using restore points prior to the problem, but neither work. I am able to use programmes via task manager but I cannot access any files which is the main issue as I have a lot of work/music photos etc. I am out of ideas?????? Quote
DSTM Posted August 19, 2010 Posted August 19, 2010 I would wait for the Malware Experts to advise you further. There has been a nasty Virus around since May, that attacks the OS similar to issues, your having. Quote Confidence, is the feeling I get, moments before I stuff something up.
seedy21 Posted August 19, 2010 Posted August 19, 2010 I would wait for the Malware Experts to advise you further. There has been a nasty Virus around since May, that attacks the OS similar to issues, your having. While you are waiting for one of the Malware Team to read you can do this to speed up the process. Please download OTL from one of the following mirrors: This is THE Mirror [*]Save it to your desktop. [*]Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/OTL/otlDesktopIcon.png icon on your desktop. [*]Under the Custom Scan box paste this in netsvcs %SYSTEMDRIVE%\*.exe /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys /md5stop %systemroot%\*. /mp /s CREATERESTOREPOINT [*]Push the Quick Scan button. [*]Two reports will open, copy and paste them in a reply here: OTL.txt <-- Will be opened Extra.txt <-- Will be minimized What this will do is create 2 logs that the Malware Experts will look at to see what's going on in that computer. Please copy and paste them in a reply here Seedy21 Quote “It's only after we've lost everything that we're free to do anything.”― Chuck Palahniuk, Fight Club http://www.geekstogo.com/downloads/unite_blue.png Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members.Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.
themice Posted August 19, 2010 Author Posted August 19, 2010 Hi Logs below. OTL logfile created on: 19/08/2010 21:50:42 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\GBULT\My Documents\Downloads Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1,014.00 Mb Total Physical Memory | 553.00 Mb Available Physical Memory | 55.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.49 Gb Total Space | 59.23 Gb Free Space | 79.51% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LTGBPETE105 Current User Name: GBULT Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010/08/19 21:49:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GBULT\My Documents\Downloads\OTL.exe PRC - [2010/08/07 17:41:39 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010/08/07 17:41:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/07/27 09:50:38 | 000,025,976 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe PRC - [2008/04/09 12:39:08 | 003,068,352 | ---- | M] () -- C:\Program Files\Kontiki\KService.exe PRC - [2007/03/12 22:23:21 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe PRC - [2007/03/12 10:27:02 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdjcoms.exe PRC - [2007/01/15 10:41:44 | 000,325,008 | ---- | M] (CapaSystems A/S) -- C:\WINDOWS\system32\CIStub.exe PRC - [2006/11/17 04:06:00 | 000,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe PRC - [2006/11/17 04:06:00 | 000,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe PRC - [2006/08/02 01:39:20 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2006/08/02 01:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2006/08/02 01:24:22 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2005/11/10 09:33:00 | 000,073,782 | ---- | M] () -- C:\WINDOWS\system32\ibmpmsvc.exe PRC - [2005/06/20 13:15:00 | 000,077,824 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe PRC - [2005/06/06 22:26:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe PRC - [2004/04/14 11:31:40 | 001,425,424 | ---- | M] (Cisco Systems, Inc.) -- c:\Program Files\Cisco Systems\cvpnd.exe ========== Modules (SafeList) ========== MOD - [2010/08/19 21:49:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GBULT\My Documents\Downloads\OTL.exe MOD - [2006/08/25 09:45:56 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2004/08/04 13:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP) SRV - [2010/07/26 16:01:58 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus® SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2008/04/09 12:39:08 | 003,068,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Kontiki\KService.exe -- (KService) SRV - [2007/03/12 22:23:21 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7) SRV - [2007/03/12 10:27:02 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdjcoms.exe -- (lxdj_device) SRV - [2007/01/15 10:41:44 | 000,325,008 | ---- | M] (CapaSystems A/S) [Auto | Running] -- C:\WINDOWS\system32\CIStub.exe -- (cistub) SRV - [2006/11/17 04:06:00 | 000,104,000 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework) SRV - [2006/08/02 01:39:20 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel® SRV - [2006/08/02 01:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel® SRV - [2006/08/02 01:24:22 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel® SRV - [2006/05/31 14:06:16 | 000,199,168 | ---- | M] (DameWare Development LLC) [On_Demand | Stopped] -- C:\WINDOWS\System32\DWRCS.EXE -- (DWMRCS) SRV - [2005/11/10 09:33:00 | 000,073,782 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC) SRV - [2005/06/20 13:15:00 | 000,077,824 | ---- | M] (Lenovo.) [Auto | Running] -- C:\WINDOWS\system32\TPHDEXLG.exe -- (TPHDEXLGSVC) SRV - [2005/06/06 22:26:22 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC) SRV - [2004/04/14 11:31:40 | 001,425,424 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- c:\Program Files\Cisco Systems\cvpnd.exe -- (CVPND) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\kl1.sys -- (kl1) DRV - [2009/07/15 18:39:08 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg) DRV - [2009/07/14 23:23:09 | 000,213,520 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2008/03/25 20:07:10 | 000,024,592 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2008/03/13 19:02:46 | 000,026,640 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klfltdev.sys -- (KLFLTDEV) DRV - [2006/09/27 03:36:24 | 001,709,696 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32) Intel® DRV - [2006/08/02 09:54:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SMAPINT.SYS -- (Smapint) DRV - [2006/08/02 09:54:00 | 000,009,343 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS -- (TDSMAPI) DRV - [2006/08/02 02:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2006/05/25 09:13:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF) DRV - [2006/04/20 15:06:50 | 000,181,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel® DRV - [2006/03/15 18:08:00 | 000,088,576 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\shockprf.sys -- (Shockprf) DRV - [2006/02/13 22:04:58 | 000,177,664 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006/01/30 19:19:34 | 000,176,128 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2005/12/05 19:21:32 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hsx_dpv.sys -- (HSF_DPV) DRV - [2005/12/05 19:20:48 | 000,192,512 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hsxhwazl.sys -- (HSXHWAZL) DRV - [2005/12/05 19:20:42 | 000,670,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hsx_cnxt.sys -- (winachsf) DRV - [2005/11/10 09:33:00 | 000,010,112 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV) DRV - [2005/07/04 22:57:06 | 000,017,699 | ---- | M] (IBM Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\TPHKDRV.sys -- (TPHKDRV) DRV - [2005/06/20 13:18:00 | 000,004,736 | ---- | M] (Lenovo.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ShockMgr.sys -- (ShockMgr) DRV - [2005/05/16 18:20:06 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atmeltpm.sys -- (atmeltpm) DRV - [2005/01/07 18:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004/08/04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM) DRV - [2004/08/04 00:00:52 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA) DRV - [2004/04/14 11:30:56 | 000,268,874 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV - [2003/08/28 22:40:26 | 000,189,792 | ---- | M] (Zone Labs Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2003/07/24 19:55:50 | 000,139,604 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE) DRV - [2003/05/01 14:26:34 | 000,005,220 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Mobile Phones | Broadband & Mobile Broadband UK Deals | Free Web Email | Orange.co.uk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.cpcorp.net;*biz.coloplast.com;172.16.*;172.26.*;172.27.*;127.0.0.*;172.28.*;192.168.0.*;10.*;192.168.11.*;194.218.203.57;172.30.*;192.168.1.*;<local> IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.87 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/07 17:41:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/07 17:44:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\THBExt [2010/08/01 21:43:05 | 000,000,000 | ---D | M] [2009/11/16 23:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GBULT\Application Data\Mozilla\Extensions [2010/08/19 20:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GBULT\Application Data\Mozilla\Firefox\Profiles\g29chc10.default\extensions [2010/05/19 23:12:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\GBULT\Application Data\Mozilla\Firefox\Profiles\g29chc10.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010/08/07 17:44:41 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\GBULT\Application Data\Mozilla\Firefox\Profiles\g29chc10.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010/08/01 21:40:29 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\GBULT\Application Data\Mozilla\Firefox\Profiles\g29chc10.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}(2) [2010/08/15 21:58:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/05/19 23:11:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/01 21:42:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010/05/19 23:11:24 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/08/07 17:41:40 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2010/08/07 17:41:40 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2010/08/07 17:41:40 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2010/08/07 17:41:40 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll File not found O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe File not found O4 - HKLM..\Run: C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL () O4 - HKLM..\Run: [CapaInstaller Info Center] C:\Program Files\CapaInstaller\Client\Util\JobTrig.exe (CapaSystems A/S) O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [five Media Manager Tray] C:\Program Files\Entriq\MediaSphere\EntriqMediaTray.exe (Entriq, Inc.) O4 - HKLM..\Run: [lxdjamon] C:\Program Files\Lexmark 1400 Series\lxdjamon.exe (Lexmark) O4 - HKLM..\Run: [LXDJCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDJtime.DLL (Lexmark International, Inc.) O4 - HKLM..\Run: [lxdjmon.exe] C:\Program Files\Lexmark 1400 Series\lxdjmon.exe File not found O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.) O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe () O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo) O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo, Ltd. and IBM Corporation.) O4 - HKCU..\Run: [RemoveIT Pro v8Ent] C:\Program Files\InCode Solutions\RemoveIT Pro 2010 Enterprise\removeit.exe (InCode Solutions) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [*Restore] C:\WINDOWS\System32\restore\rstrui.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [uninstall Adobe Download Manager] File not found O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10h_Plugin.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\vpngui.exe (Cisco Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll File not found O9 - Extra Button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cpcorp.net O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\tpfnf2: DllName - notifyf2.dll - C:\WINDOWS\System32\notifyf2.dll () O20 - Winlogon\Notify\tphotkey: DllName - tphklock.dll - C:\WINDOWS\System32\tphklock.dll () O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\System32\andevyrip.dll File not found O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\DOCUME~1\GBULT\LOCALS~1\Temp\5182052795.dll File not found O24 - Desktop WallPaper: C:\Documents and Settings\GBULT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\GBULT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/06/13 10:13:34 | 000,023,986 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{3d0b6be8-bb13-11de-ac4a-0015587f35b8}\Shell - "" = AutoRun O33 - MountPoints2\{3d0b6be8-bb13-11de-ac4a-0015587f35b8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{3d0b6be8-bb13-11de-ac4a-0015587f35b8}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point (16620634377289728) ========== Files/Folders - Created Within 90 Days ========== [2010/08/16 20:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010/08/07 17:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2010/08/01 23:31:08 | 000,000,000 | ---D | C] -- C:\RemoveIT Pro 2010 Enterprise [2010/08/01 22:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GBULT\Application Data\Uniblue [2010/08/01 22:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue [2010/08/01 22:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\InCode Solutions [2010/08/01 21:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp [2010/08/01 21:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2010/08/01 21:42:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab [2010/07/21 23:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2010/07/21 23:19:48 | 000,000,000 | ---D | C] -- C:\Config.Msi [2010/07/21 23:05:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010/07/21 22:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GBULT\Application Data\SUPERAntiSpyware.com [2010/07/21 22:12:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GBULT\Desktop\Language [2010/07/20 21:22:30 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab(2) [2010/07/20 21:22:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab(2) [2010/07/20 21:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files [2010/06/30 17:09:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GBULT\Desktop\P;KIU[[]_files [2008/04/01 12:26:39 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjinpa.dll [2008/04/01 12:26:39 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjhcp.dll [2008/04/01 12:26:38 | 001,232,896 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjserv.dll [2008/04/01 12:26:38 | 000,999,424 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjusb1.dll [2008/04/01 12:26:38 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjiesc.dll [2008/04/01 12:26:37 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjpmui.dll [2008/04/01 12:26:37 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjlmpm.dll [2008/04/01 12:26:37 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjprox.dll [2008/04/01 12:26:37 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjpplc.dll [2008/04/01 12:26:35 | 000,700,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjhbn3.dll [2008/04/01 12:26:33 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcomc.dll [2008/04/01 12:26:33 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcomm.dll [2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010/08/19 21:32:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/08/19 20:15:23 | 000,471,326 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/08/19 20:15:23 | 000,402,274 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/08/19 20:15:23 | 000,063,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/08/19 20:11:20 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/08/19 20:11:19 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job [2010/08/19 20:11:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/08/19 20:09:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/08/19 20:09:10 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys [2010/08/18 22:52:50 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2010/08/18 22:52:50 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2010/08/18 22:52:50 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2010/08/18 22:52:49 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2010/08/18 22:52:22 | 003,145,728 | ---- | M] () -- C:\Documents and Settings\GBULT\ntuser.dat [2010/08/18 22:52:22 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\GBULT\ntuser.ini [2010/08/18 19:00:44 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2010/08/18 18:15:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/08/07 17:45:32 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk [2010/08/07 17:45:32 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2010/08/02 21:18:30 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini [2010/08/02 21:18:30 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010/08/02 21:18:30 | 000,000,211 | -HS- | M] () -- C:\Boot.ini [2010/08/02 19:54:50 | 000,001,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RemoveIT Pro 2010 Enterprise.lnk [2010/08/01 22:30:06 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\GBULT\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk [2010/08/01 22:30:06 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RegistryBooster.lnk [2010/07/21 22:12:21 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\GBULT\Desktop\Uninstall.dat [2010/07/21 10:59:24 | 001,482,589 | ---- | M] () -- C:\Documents and Settings\GBULT\Desktop\PROCESSLISTRELATED.DB [2010/07/21 10:58:42 | 028,300,779 | ---- | M] () -- C:\Documents and Settings\GBULT\Desktop\PROCESSLIST.DB [2010/07/20 22:24:45 | 007,789,790 | -H-- | M] () -- C:\Documents and Settings\GBULT\Local Settings\Application Data\IconCache.db [2010/07/20 21:38:08 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010/07/20 21:38:08 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010/07/17 15:23:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/07/15 22:32:02 | 000,486,400 | ---- | M] () -- C:\Documents and Settings\GBULT\My Documents\SkyFF.doc [2010/07/01 19:30:36 | 000,205,312 | ---- | M] () -- C:\Documents and Settings\GBULT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/30 17:54:27 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\GBULT\Desktop\Reset Sky.doc [2010/06/30 17:09:32 | 000,230,098 | ---- | M] () -- C:\Documents and Settings\GBULT\Desktop\P;KIU[[].htm [2010/06/26 01:57:52 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\GBULT\My Documents\Ian.doc [2010/06/09 22:20:26 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\GBULT\My Documents\WCMice1-5.doc [2010/06/09 20:54:41 | 000,115,592 | ---- | M] () -- C:\Documents and Settings\GBULT\My Documents\watch(2).htm [2010/06/09 20:40:20 | 000,259,218 | ---- | M] () -- C:\Documents and Settings\GBULT\Desktop\2010fwc%5fmatchschedule7709.pdf [2010/06/07 22:25:22 | 000,559,616 | ---- | M] () -- C:\Documents and Settings\GBULT\My Documents\WC8.doc [2010/06/07 22:24:59 | 000,567,808 | ---- | M] () -- C:\Documents and Settings\GBULT\My Documents\WC7.doc [2010/06/07 22:24:39 | 000,567,296 | ---- | M] () -- C:\Documents and Settings\GBULT\My Documents\WC6.doc [2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/08/07 17:45:32 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk [2010/08/07 17:45:32 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2010/08/02 21:18:16 | 000,001,760 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [2010/08/02 21:18:16 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cisco Systems VPN Client.lnk [2010/08/02 19:54:50 | 000,001,862 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RemoveIT Pro 2010 Enterprise.lnk [2010/08/01 22:30:15 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job [2010/08/01 22:30:06 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\GBULT\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk [2010/08/01 22:30:06 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RegistryBooster.lnk [2010/07/21 23:29:40 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2010/07/21 23:29:40 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2010/07/21 23:29:40 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2010/07/21 23:29:40 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2010/07/21 22:41:21 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys [2010/07/21 22:12:12 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\GBULT\Desktop\Uninstall.dat [2010/07/21 10:59:24 | 001,482,589 | ---- | C] () -- C:\Documents and Settings\GBULT\Desktop\PROCESSLISTRELATED.DB [2010/07/21 10:58:42 | 028,300,779 | ---- | C] () -- C:\Documents and Settings\GBULT\Desktop\PROCESSLIST.DB [2010/07/20 21:23:53 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2010/07/20 21:23:53 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2010/07/15 22:32:02 | 000,486,400 | ---- | C] () -- C:\Documents and Settings\GBULT\My Documents\SkyFF.doc [2010/07/01 21:34:53 | 003,145,728 | ---- | C] () -- C:\Documents and Settings\GBULT\ntuser.dat [2010/06/30 17:54:26 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\GBULT\Desktop\Reset Sky.doc [2010/06/30 17:09:29 | 000,230,098 | ---- | C] () -- C:\Documents and Settings\GBULT\Desktop\P;KIU[[].htm [2010/06/25 23:16:16 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\GBULT\My Documents\Ian.doc [2010/06/09 22:20:25 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\GBULT\My Documents\WCMice1-5.doc [2010/06/09 20:54:41 | 000,115,592 | ---- | C] () -- C:\Documents and Settings\GBULT\My Documents\watch(2).htm [2010/06/07 22:25:22 | 000,559,616 | ---- | C] () -- C:\Documents and Settings\GBULT\My Documents\WC8.doc [2010/06/07 22:24:59 | 000,567,808 | ---- | C] () -- C:\Documents and Settings\GBULT\My Documents\WC7.doc [2010/06/07 22:24:38 | 000,567,296 | ---- | C] () -- C:\Documents and Settings\GBULT\My Documents\WC6.doc [2008/04/01 12:32:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdjvs.dll [2008/04/01 12:32:35 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxdjcoin.dll [2008/04/01 12:26:55 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdjrwrd.ini [2008/04/01 12:26:39 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\lxdjinst.dll [2008/04/01 12:26:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdjgrd.dll [2007/12/30 16:52:57 | 000,205,312 | ---- | C] () -- C:\Documents and Settings\GBULT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/03/12 22:23:21 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt.dll [2007/03/08 17:28:40 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll [2007/02/06 10:11:41 | 000,000,400 | ---- | C] () -- C:\WINDOWS\hpbafd.ini [2007/02/01 14:58:39 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2007/02/01 14:58:10 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll [2007/02/01 14:58:01 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll [2007/02/01 14:57:49 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS [2007/02/01 14:09:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007/02/01 14:04:36 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2007/02/01 14:04:36 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2007/02/01 14:04:35 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2007/02/01 14:04:35 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2007/02/01 14:04:35 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2007/02/01 14:04:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2007/02/01 14:01:49 | 000,139,288 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll [2007/02/01 13:58:31 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll [2007/02/01 13:58:30 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll [2007/02/01 13:21:55 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig [2007/01/04 14:37:08 | 001,036,298 | ---- | C] () -- C:\WINDOWS\System32\32loes.dll [1980/01/01 01:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [1980/01/01 01:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys ========== LOP Check ========== [2008/09/04 23:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Entriq [2008/09/04 23:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki [2007/02/01 13:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lotus [2007/11/18 22:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GBULT\Application Data\ICAClient [2009/01/31 10:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GBULT\Application Data\InterVideo [2008/04/01 17:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GBULT\Application Data\Lexmark Imaging Studio [2010/08/04 21:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GBULT\Application Data\SnowMate [2010/08/01 22:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GBULT\Application Data\Uniblue [2010/08/18 19:00:44 | 000,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job [2010/08/19 20:11:19 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys < MD5 for: ATAPI.SYS > [2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys [2004/08/04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys < MD5 for: EVENTLOG.DLL > [2004/08/04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004/08/04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: IASTOR.SYS > [2005/10/11 20:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\DRIVERS\other\iastor.sys [2005/10/11 20:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\SWTOOLS\DRIVERS\IMSM\iastor.sys < MD5 for: NETLOGON.DLL > [2004/08/04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll [2004/08/04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll < MD5 for: SCECLI.DLL > [2004/08/04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll [2004/08/04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll < %systemroot%\*. /mp /s > < End of report > OTL Extras logfile created on: 19/08/2010 21:50:42 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\GBULT\My Documents\Downloads Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1,014.00 Mb Total Physical Memory | 553.00 Mb Available Physical Memory | 55.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.49 Gb Total Space | 59.23 Gb Free Space | 79.51% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LTGBPETE105 Current User Name: GBULT Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "12946:TCP" = 12946:TCP:LocalSubNet:Enabled:CapaInstaller Agent Service communication port "11954:TCP" = 11954:TCP:LocalSubNet:Enabled:CapaInstaller InfoCenter communication port [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "12946:TCP" = 12946:TCP:LocalSubNet:Enabled:CapaInstaller Agent Service communication port "11954:TCP" = 11954:TCP:LocalSubNet:Enabled:CapaInstaller InfoCenter communication port ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Lexmark 1400 Series\Wireless\lxdjwpss.exe" = C:\Program Files\Lexmark 1400 Series\Wireless\lxdjwpss.exe:*:Enabled: -- (Lexmark International, Inc.) "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjpswx.exe:*:Enabled: -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjjswx.exe:*:Enabled: -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjtime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjtime.exe:*:Enabled: -- (Lexmark International, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update "{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar "{10EB435F-58AB-426E-83CF-3E2161E9A02C}" = SD DesignToolbar™ for PowerPoint "{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth "{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = ThinkPad Keyboard Customizer Utility "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9 "{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}" = Apple Mobile Device Support "{3D71A498-3003-4B12-899E-8EDF20E81494}" = CapaInstaller Client v4.6 "{3FD04A40-C073-4EBD-9517-51375870398E}" = Software Installer v1.1 "{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5624C000-B109-11D4-9DB4-00E0290FCAC5}" = VPN Client "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{72806716-7088-41B2-8FA6-717A2A164DAB}" = ThinkVantage Active Protection System "{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = ThinkPad UltraNav Wizard "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Internet Security 2009 "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90520409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Viewer 2003 (English) "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{9786F3F9-0E83-4C69-AF9C-7BC8320E9829}" = ProxyDisabler "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML "{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Power Manager "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver "{A580547F-4FB6-433E-A595-21CAA858C556}" = Microsoft Office Live Small Business Image Uploader "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8 "{BAB1DDFC-9AE6-4358-B0AD-15DC2FDBA636}" = GameShadow "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{EA4FA30B-7321-4428-90E9-28B088EC8DC9}" = Runtime 8.0 Libraries "{EA664480-3844-11D5-8C25-444553540000}" = TrackPoint Accessibility Features "{EF6C4600-306D-4F6A-A119-C2A877D25B4A}" = iTunes "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = ThinkPad Configuration "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem "Demand Five Player_is1" = Demand Five Player "Entriq MediaSphere_is1" = Uninstall Entriq MediaSphere "ERUNT_is1" = ERUNT 1.1j "HijackThis" = HijackThis 2.0.2 "InstallWIX_{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Internet Security 2009 "Lexmark 1400 Series" = Lexmark 1400 Series "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Power Management Driver" = ThinkPad Power Management Driver "ProInst" = Intel® PROSet/Wireless Software "PROSet" = Intel® PRO Network Connections Drivers "RemoveIT Pro 2010 Enterprise_is1" = RemoveIT Pro 2010 Enterprise "ShockwaveFlash" = Macromedia Flash Player 8 "SynTPDeinstKey" = ThinkPad UltraNav Driver "ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier "WilliamHillPokerXP" = William Hill Poker "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "SnowMate" = SnowMate ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 18/08/2010 16:25:49 | Computer Name = LTGBPETE105 | Source = UserInit | ID = 1000 Description = Could not execute the following script addvd.bat. The system cannot find the file specified. . Error - 18/08/2010 16:25:49 | Computer Name = LTGBPETE105 | Source = UserInit | ID = 1000 Description = Could not execute the following script EnforceEpoAgent.vbs. The system cannot find the file specified. . Error - 18/08/2010 16:25:50 | Computer Name = LTGBPETE105 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\cpcorp.net\SysVol\cpcorp.net\scripts\GB\InstallCapaAgent.vbs. The system cannot find the file specified. . Error - 18/08/2010 16:25:50 | Computer Name = LTGBPETE105 | Source = UserInit | ID = 1000 Description = Could not execute the following script GPOProxyFix.vbs. The system cannot find the file specified. . Error - 19/08/2010 15:11:08 | Computer Name = LTGBPETE105 | Source = Userenv | ID = 1054 Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. Error - 19/08/2010 15:12:09 | Computer Name = LTGBPETE105 | Source = AutoEnrollment | ID = 15 Description = Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed. Error - 19/08/2010 15:13:05 | Computer Name = LTGBPETE105 | Source = UserInit | ID = 1000 Description = Could not execute the following script addvd.bat. The system cannot find the file specified. . Error - 19/08/2010 15:13:05 | Computer Name = LTGBPETE105 | Source = UserInit | ID = 1000 Description = Could not execute the following script EnforceEpoAgent.vbs. The system cannot find the file specified. . Error - 19/08/2010 15:13:05 | Computer Name = LTGBPETE105 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\cpcorp.net\SysVol\cpcorp.net\scripts\GB\InstallCapaAgent.vbs. The system cannot find the file specified. . Error - 19/08/2010 15:13:05 | Computer Name = LTGBPETE105 | Source = UserInit | ID = 1000 Description = Could not execute the following script GPOProxyFix.vbs. The system cannot find the file specified. . [ System Events ] Error - 19/08/2010 15:11:31 | Computer Name = LTGBPETE105 | Source = Cdrom | ID = 262155 Description = The driver detected a controller error on \Device\CdRom0. Error - 19/08/2010 15:11:31 | Computer Name = LTGBPETE105 | Source = Cdrom | ID = 262155 Description = The driver detected a controller error on \Device\CdRom0. Error - 19/08/2010 15:11:31 | Computer Name = LTGBPETE105 | Source = Cdrom | ID = 262155 Description = The driver detected a controller error on \Device\CdRom0. Error - 19/08/2010 15:11:31 | Computer Name = LTGBPETE105 | Source = Cdrom | ID = 262155 Description = The driver detected a controller error on \Device\CdRom0. Error - 19/08/2010 15:11:31 | Computer Name = LTGBPETE105 | Source = Cdrom | ID = 262155 Description = The driver detected a controller error on \Device\CdRom0. Error - 19/08/2010 15:12:43 | Computer Name = LTGBPETE105 | Source = Service Control Manager | ID = 7022 Description = The CapaInstaller Agent Service service hung on starting. Error - 19/08/2010 15:12:43 | Computer Name = LTGBPETE105 | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: kl1 Error - 19/08/2010 15:26:22 | Computer Name = LTGBPETE105 | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 29 minutes. NtpClient has no source of accurate time. Error - 19/08/2010 15:56:22 | Computer Name = LTGBPETE105 | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 59 minutes. NtpClient has no source of accurate time. Error - 19/08/2010 16:50:42 | Computer Name = LTGBPETE105 | Source = Cdrom | ID = 262155 Description = The driver detected a controller error on \Device\CdRom0. < End of report > Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.