1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Reboot, Blue screen and malware

Discussion in 'Malware and Virus Removal Archive' started by scorpion657, 2010/12/25.

Page 1 of 2
  1. 2010/12/25
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    [Resolved] Reboot, Blue screen and malware

    Hey guys,

    Thanks in advance for your help on this. My friend is not really computer savy and has issue with his laptop. The computer keeps restarting with a blue screen and barely stays up in safe mode. I ran all the tools and it looks like the MBR is damaged and it might have some infections. I need help :). Here are all the logs:

    Malware bytes:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5363

    Windows 6.1.7600 (Safe Mode)
    Internet Explorer 8.0.7600.16385

    12/25/2010 3:46:38 PM
    mbam-log-2010-12-25 (15-46-33).txt

    Scan type: Quick scan
    Objects scanned: 145935
    Time elapsed: 3 minute(s), 10 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 1
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    DDS:

    DDS (Ver_10-12-12.02) - NTFSx86 NETWORK
    Run by vincebaze at 15:47:30.66 on Sat 12/25/2010
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1909.1447 [GMT -5:00]

    AV: Norton Internet Security *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\Explorer.EXE
    C:\Windows\system32\ctfmon.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\vincebaze\Desktop\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    uSearch Bar = Preserve
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: TranslatorBar 1.2 Toolbar: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - c:\program files\translatorbar_1.2\tbTran.dll
    uURLSearchHooks: TranslatorBar 5 Toolbar: {b9b97401-98e1-4942-930d-c36652dab7f2} - c:\program files\translatorbar_5\tbTra1.dll
    mURLSearchHooks: TranslatorBar 1.2 Toolbar: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - c:\program files\translatorbar_1.2\tbTran.dll
    mURLSearchHooks: TranslatorBar 5 Toolbar: {b9b97401-98e1-4942-930d-c36652dab7f2} - c:\program files\translatorbar_5\tbTra1.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.15.4\bh\BabylonToolbar.dll
    BHO: TranslatorBar 1.2 Toolbar: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - c:\program files\translatorbar_1.2\tbTran.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.8.0.41\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.8.0.41\IPSBHO.DLL
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: TranslatorBar 5 Toolbar: {b9b97401-98e1-4942-930d-c36652dab7f2} - c:\program files\translatorbar_5\tbTra1.dll
    BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
    BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.8.0.41\coIEPlg.dll
    TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
    TB: TranslatorBar 1.2 Toolbar: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - c:\program files\translatorbar_1.2\tbTran.dll
    TB: TranslatorBar 5 Toolbar: {b9b97401-98e1-4942-930d-c36652dab7f2} - c:\program files\translatorbar_5\tbTra1.dll
    TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.15.4\BabylonToolbarTlbr.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [Google Update] "c:\users\vincebaze\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe
    mRun: [<NO NAME>]
    mRun: [TpShocks] TpShocks.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
    mRun: [Message Center Plus] c:\program files\lenovo\message center plus\MCPLaunch.exe /start
    mRun: [AcWin7Hlpr] c:\program files\lenovo\access connections\AcTBenabler.exe
    mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0401.0\mswinext.exe "
    mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
    mRun: [BabylonToolbar] "c:\program files\babylontoolbar\babylontoolbar\1.4.15.4\BabylonToolbarsrv.exe" /md I
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
    IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.8.0.41\CoIEPlg.dll
    Notify: igfxcui - igfxdev.dll
    LSA: Notification Packages = scecli ACGina

    ============= SERVICES / DRIVERS ===============

    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1008000.029\SymEFA.sys [2010-6-26 310320]
    R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-10-9 20520]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
    R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-9-15 6114816]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-5-4 204288]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
    S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1008000.029\BHDrvx86.sys [2010-6-26 259632]
    S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1008000.029\cchpx86.sys [2010-6-26 482432]
    S1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100723.001\IDSvix86.sys [2010-7-23 344112]
    S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2009-12-9 13480]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-27 135664]
    S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\lenovo\hotkey\cammute.exe [2009-12-9 54632]
    S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2009-12-9 44984]
    S2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.8.0.41\ccSvcHst.exe [2010-6-26 117640]
    S2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);c:\program files\qualcomm\qdlservice2k\QDLService2kLenovo.exe [2010-2-5 331512]
    S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
    S2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2009-12-9 62904]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-5-4 2320920]
    S3 5U877;USB Video Device;c:\windows\system32\drivers\5U877.sys [2010-5-4 125568]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-5-4 132352]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2010-5-4 232448]
    S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
    S3 PCDSRVC{3037D694-FD904ACA-06020000}_0;PCDSRVC{3037D694-FD904ACA-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2010-5-7 21360]
    S3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-5-4 75112]
    S3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);c:\windows\system32\drivers\qcfilterlno2k.sys [2010-2-5 5248]
    S3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);c:\windows\system32\drivers\qcusbnetlno2k.sys [2010-2-5 207360]
    S3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);c:\windows\system32\drivers\qcusbserlno2k.sys [2010-2-5 106880]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-5-4 186912]
    S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
    S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
    S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
    S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\nis\1008000.029\symndisv.sys [2010-6-26 48688]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-25 1343400]

    =============== Created Last 30 ================

    2010-12-25 17:15:22 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{ce7f90d7-eab2-4bdb-92ab-2c097c97e3a7}\mpengine.dll
    2010-12-25 05:53:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-12-25 05:53:10 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-25 05:09:53 -------- d-----w- c:\users\vinceb~1\appdata\roaming\Malwarebytes
    2010-12-25 05:09:50 -------- d-----w- c:\progra~2\Malwarebytes
    2010-12-25 05:09:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-12-16 02:33:32 4277016 ----a-w- c:\progra~2\microsoft\ehome\packages\mceclientux\updateablemarkup-3\markup.dll
    2010-12-15 12:37:50 42776 ----a-w- c:\progra~2\microsoft\ehome\packages\mceclientux\dsm-2\StartResources.dll
    2010-12-15 02:43:05 516096 ----a-w- c:\program files\windows mail\wab.exe
    2010-12-15 02:43:04 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-12-11 00:00:18 539968 ----a-w- c:\progra~2\microsoft\ehome\packages\mcespotlight\mcespotlight-2\SpotlightResources.dll

    ==================== Find3M ====================

    2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll
    2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec
    2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll
    2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll
    2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll
    2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe
    2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe
    2010-10-20 04:54:18 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-10-20 03:00:24 2327552 ----a-w- c:\windows\system32\win32k.sys
    2010-10-20 02:58:41 294400 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-19 15:41:44 222080 ----a-w- c:\windows\system32\MpSigStub.exe
    2010-10-16 04:41:02 101760 ----a-w- c:\windows\system32\consent.exe
    2010-10-16 04:36:10 314368 ----a-w- c:\windows\system32\webio.dll

    =================== ROOTKIT ====================

    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Windows 6.1.7600 Disk: ST925031 rev.0020 -> Harddisk0\DR0 -> \Device\Ide\iaStor0

    device: opened successfully
    user: MBR read successfully

    Disk trace:
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x85A43555]<<
    _asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x85a497b0]; MOV EAX, [0x85a4982c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
    1 ntkrnlpa!IofCallDriver[0x82281458] -> \Device\Harddisk0\DR0[0x85A1E030]
    3 CLASSPNP[0x883B459E] -> ntkrnlpa!IofCallDriver[0x82281458] -> [0x84E968C8]
    5 ACPI[0x87C2A3B2] -> ntkrnlpa!IofCallDriver[0x82281458] -> \IAAStorageDevice-1[0x84E94028]
    \Driver\iaStor[0x85A1F030] -> IRP_MJ_CREATE -> 0x85A43555
    error: Read Access is denied.
    kernel: MBR read successfully
    _asm { JMP 0x10; }
    detected disk devices:
    \Device\Ide\IAAStorageDevice-1 -> \??\IDE#DiskST9250315AS_____________________________0020LVM1#4&2529a666&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
    detected hooks:
    user & kernel MBR OK
    Warning: possible TDL3 rootkit infection !

    ============= FINISH: 15:48:30.97 ===============

    Attach:


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 6/25/2010 3:26:52 AM
    System Uptime: 12/25/2010 3:11:59 PM (0 hours ago)

    Motherboard: LENOVO | | 03019AU
    Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz | CPU 1 | 2128/133mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 222 GiB total, 183.888 GiB free.
    D: is CDROM ()
    E: is Removable
    Q: is FIXED (NTFS) - 10 GiB total, 3.56 GiB free.
    S: is FIXED (NTFS) - 1 GiB total, 0.524 GiB free.

    ==== Disabled Device Manager Items =============

    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: Symantec Network Dispatch Driver
    Device ID: ROOT\LEGACY_SYMTDI\0000
    Manufacturer:
    Name: Symantec Network Dispatch Driver
    PNP Device ID: ROOT\LEGACY_SYMTDI\0000
    Service: SYMTDI

    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: Security Processor Loader Driver
    Device ID: ROOT\LEGACY_SPLDR\0000
    Manufacturer:
    Name: Security Processor Loader Driver
    PNP Device ID: ROOT\LEGACY_SPLDR\0000
    Service: spldr

    ==== System Restore Points ===================

    RP62: 11/2/2010 4:54:10 PM - Windows Update
    RP63: 11/4/2010 3:58:22 PM - Windows Update
    RP64: 11/5/2010 6:12:25 PM - Windows Update
    RP65: 11/9/2010 11:32:06 PM - Windows Update
    RP66: 11/10/2010 12:02:20 AM - Windows Update
    RP67: 11/14/2010 7:54:26 AM - Windows Update
    RP68: 11/16/2010 4:43:52 AM - Windows Update
    RP69: 11/19/2010 7:03:05 PM - Windows Update
    RP70: 11/20/2010 10:10:33 AM - Installed Java(TM) 6 Update 22
    RP71: 11/23/2010 10:50:49 PM - Windows Update
    RP72: 11/26/2010 4:13:15 PM - Windows Update
    RP73: 11/30/2010 7:11:34 PM - Windows Update
    RP74: 12/3/2010 3:39:59 PM - Windows Update
    RP75: 12/7/2010 10:06:50 PM - Windows Update
    RP76: 12/10/2010 7:01:00 PM - Windows Update
    RP77: 12/14/2010 9:42:45 PM - Windows Update
    RP78: 12/14/2010 10:17:16 PM - Windows Update
    RP79: 12/17/2010 6:27:43 PM - Windows Update
    RP80: 12/18/2010 3:00:21 AM - Windows Update

    ==== Installed Programs ======================

    Registry Patch to arrange icons in Device and Printers folder of Windows 7
    2007 Microsoft Office system
    Access Help
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.1
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AT&T Service Activation
    Bonjour
    Burn.Now 4.5
    Business Contact Manager for Outlook 2007 SP2
    Client Security - Password Manager
    Corel Burn.Now Lenovo Edition
    Corel DVD MovieFactory 7
    Corel DVD MovieFactory Lenovo Edition
    Create Recovery Media
    Direct DiscRecorder
    e-Sword
    GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
    Google Chrome
    Google Talk Plugin
    Google Toolbar for Internet Explorer
    Google Update Helper
    Integrated Camera Driver Installer Package Ver.1.0.1.2
    Integrated Camera TWAIN
    Intel PROSet Wireless
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Management Engine Components
    Intel(R) PROSet/Wireless WiFi Software
    Intel(R) Rapid Storage Technology
    Intel(R) TV Wizard
    InterVideo WinDVD 8
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 22
    Junk Mail filter update
    Lenovo System Interface Driver
    Lenovo ThinkVantage Toolbox
    Lenovo Warranty Information
    Lenovo Welcome
    Malwarebytes' Anti-Malware
    Message Center Plus
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Default Manager
    Microsoft Office 2003 Web Components
    Microsoft Office 2007 Primary Interop Assemblies
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Hybrid 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Small Business Connectivity Components
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft Research AutoCollage Touch 2009
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
    Microsoft SQL Server Native Client
    Microsoft SQL Server Setup Support Files (English)
    Microsoft SQL Server VSS Writer
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft UI Engine
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Mobile Broadband Connect
    MobileMe Control Panel
    MSN Toolbar
    MSN Toolbar Platform
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyBabylon toolbar
    Norton Internet Security
    OGA Notifier 2.0.0048.0
    On Screen Display
    Qualcomm Gobi 2000 Package for Lenovo
    QuickTime
    Realtek Ethernet Controller Driver For Windows Vista and Later
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
    Rescue and Recovery
    Safari
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2289158)
    Security Update for 2007 Microsoft Office System (KB2344875)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2345035)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Skypeâ„¢ 4.0
    System Update
    ThinkPad Hotkey Features Integration Setup
    ThinkPad Power Management Driver
    ThinkPad Power Manager
    ThinkPad UltraNav Driver
    ThinkVantage Access Connections
    ThinkVantage Active Protection System
    ThinkVantage GPS
    TranslatorBar 1.2 Toolbar
    TranslatorBar 5 Toolbar
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office Outlook 2007 (KB2412171)
    Update for Outlook 2007 Junk Email Filter (KB2466076)
    Verizon Wireless Mobile Broadband Self Activation
    Windows Driver Package - Intel hdc (06/04/2009 7.0.0.1013)
    Windows Driver Package - Intel System (06/04/2009 1.0.0.0002)
    Windows Driver Package - Intel System (10/28/2009 9.1.1.1022)
    Windows Driver Package - Intel USB (08/20/2009 9.1.1.1020)
    Windows Driver Package - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4)
    Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (12/10/2009 6.0.1.6000)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer

    ==== Event Viewer Messages From Past Week ========

    12/25/2010 3:46:54 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
    12/25/2010 3:36:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    12/25/2010 3:36:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    12/25/2010 3:36:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    12/25/2010 3:36:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments " " in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    12/25/2010 3:12:44 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
    12/25/2010 3:12:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccHP discache eeCtrl IDSVix86 lenovo.smi spldr SRTSPX SYMTDI TPPWRIF Wanarpv6
    12/25/2010 3:12:19 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f7 (0x8ac3dc7c, 0x884180c2, 0x77be7f3d, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-16598-01.
    12/25/2010 2:44:34 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    12/25/2010 2:44:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments " " in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    12/25/2010 2:44:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments " " in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    12/25/2010 2:43:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccHP CSC DfsC discache eeCtrl IDSVix86 lenovo.smi NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIM SYMTDI tdx TPPWRIF vwififlt Wanarpv6 WfpLwf
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    12/25/2010 2:43:27 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    12/25/2010 2:25:20 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x87a57310, 0x8ac8daa0, 0x8ac8d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-30654-01.
    12/25/2010 2:18:41 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
    12/25/2010 12:56:46 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x85a47310, 0x89442aa0, 0x89442680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-20124-01.
    12/25/2010 12:44:16 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x85a43310, 0x8a86daa0, 0x8a86d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-19094-01.
    12/25/2010 12:43:15 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x87a55310, 0x8ac8daa0, 0x8ac8d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-20654-01.
    12/25/2010 12:39:25 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.
    12/25/2010 12:38:40 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f7 (0x0f41a6b8, 0x883e50e8, 0x77c1af17, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-22479-01.
    12/25/2010 12:33:36 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000be (0x837dc95a, 0x03ceb121, 0x8ac91af4, 0x0000000b). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-18985-01.
    12/25/2010 12:28:47 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0x8a86e000, 0x00000001, 0x822777f3, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-17253-01.
    12/25/2010 12:28:37 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service.
    12/25/2010 12:28:37 PM, Error: Service Control Manager [7001] - The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
    12/25/2010 12:27:46 PM, Error: Service Control Manager [7001] - The System Update service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
    12/25/2010 12:26:34 AM, Error: Service Control Manager [7034] - The ThinkPad PM Service service terminated unexpectedly. It has done this 1 time(s).
    12/25/2010 12:25:16 PM, Error: Service Control Manager [7001] - The AcSvc service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
    12/25/2010 12:24:45 PM, Error: Service Control Manager [7022] - The User Profile Service service hung on starting.
    12/25/2010 12:21:23 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x87a56310, 0x8ac91aa0, 0x8ac91680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-28236-01.
    12/25/2010 12:12:53 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x85a47310, 0x8a86daa0, 0x8a86d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-22510-01.
    12/25/2010 1:05:57 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x85a47310, 0x89442aa0, 0x89442680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122510-22245-01.
    12/24/2010 11:50:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f7 (0x8aa6dc36, 0x885e503f, 0x77a1afc0, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122410-19297-01.
    12/24/2010 11:40:56 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0x8aa6e000, 0x00000001, 0x822477f3, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 122410-17799-01.
    12/18/2010 9:40:26 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x87a57310, 0x8ac8daa0, 0x8ac8d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121810-22261-01.
    12/18/2010 2:21:13 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x87a55310, 0x8ac8daa0, 0x8ac8d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121810-18813-01.
    12/18/2010 2:15:05 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x87a56310, 0x8ac8daa0, 0x8ac8d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121810-20404-01.
    12/18/2010 2:08:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x87a52310, 0x8ac8daa0, 0x8ac8d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121810-19344-01.
    12/18/2010 11:55:59 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    12/18/2010 11:54:15 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    12/18/2010 11:53:36 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x85a46310, 0x8a66daa0, 0x8a66d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121810-18252-01.
    12/18/2010 11:50:20 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0x8ac8e000, 0x00000001, 0x82e7f7f3, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121810-21060-01.
    12/18/2010 1:59:51 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x87a55310, 0x8ac8daa0, 0x8ac8d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121810-23244-01.
    12/18/2010 1:51:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x87a56310, 0x8ac8daa0, 0x8ac8d680). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121810-22854-01.

    ==== End Of File ===========================

    MBR Check:

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Professional
    Windows Information: (build 7600), 32-bit
    Base Board Manufacturer: LENOVO
    BIOS Manufacturer: LENOVO
    System Manufacturer: LENOVO
    System Product Name: 03019AU
    Logical Drives Mask: 0x0005000c

    Kernel Drivers (total 162):
    0x82245000 \SystemRoot\system32\ntkrnlpa.exe
    0x8220E000 \SystemRoot\system32\halmacpi.dll
    0x85D15000 \SystemRoot\system32\kdcom.dll
    0x87A08000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x87A80000 \SystemRoot\system32\PSHED.dll
    0x87A91000 \SystemRoot\system32\BOOTVID.dll
    0x87A99000 \SystemRoot\system32\CLFS.SYS
    0x87ADB000 \SystemRoot\system32\CI.dll
    0x87B86000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x87C13000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x87C21000 \SystemRoot\system32\DRIVERS\ACPI.sys
    0x87C69000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
    0x87C72000 \SystemRoot\system32\DRIVERS\msisadrv.sys
    0x87C7A000 \SystemRoot\system32\DRIVERS\pci.sys
    0x87CA4000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
    0x87CAF000 \SystemRoot\System32\drivers\partmgr.sys
    0x87CC0000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x87CC8000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x87CD3000 \SystemRoot\system32\DRIVERS\volmgr.sys
    0x87CE3000 \SystemRoot\System32\drivers\volmgrx.sys
    0x87D2E000 \SystemRoot\System32\drivers\mountmgr.sys
    0x87E2D000 \SystemRoot\system32\DRIVERS\iaStor.sys
    0x87FE0000 \SystemRoot\system32\DRIVERS\atapi.sys
    0x87E00000 \SystemRoot\system32\DRIVERS\ataport.SYS
    0x87E23000 \SystemRoot\system32\DRIVERS\msahci.sys
    0x87FE9000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
    0x87FF7000 \SystemRoot\system32\DRIVERS\amdxata.sys
    0x87D44000 \SystemRoot\system32\drivers\fltmgr.sys
    0x87D78000 \SystemRoot\system32\drivers\fileinfo.sys
    0x87D89000 \SystemRoot\system32\drivers\NIS\1008000.029\SYMEFA.SYS
    0x88021000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x88150000 \SystemRoot\System32\Drivers\msrpc.sys
    0x8817B000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x8818E000 \SystemRoot\System32\Drivers\cng.sys
    0x881EB000 \SystemRoot\System32\drivers\pcw.sys
    0x88000000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x8820E000 \SystemRoot\system32\drivers\ndis.sys
    0x882C5000 \SystemRoot\system32\drivers\NETIO.SYS
    0x88303000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x88427000 \SystemRoot\System32\drivers\tcpip.sys
    0x88570000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x885A1000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
    0x885AA000 \SystemRoot\system32\DRIVERS\volsnap.sys
    0x885E9000 \SystemRoot\System32\DRIVERS\ApsHM86.sys
    0x88328000 \SystemRoot\System32\drivers\rdyboost.sys
    0x88400000 \SystemRoot\System32\DRIVERS\Apsx86.sys
    0x88355000 \SystemRoot\System32\Drivers\mup.sys
    0x88365000 \SystemRoot\System32\drivers\hwpolicy.sys
    0x8836D000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x8839F000 \SystemRoot\system32\DRIVERS\disk.sys
    0x883B0000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    0x8B5EF000 \SystemRoot\System32\Drivers\Null.SYS
    0x8B5F6000 \SystemRoot\System32\Drivers\Beep.SYS
    0x8B400000 \SystemRoot\System32\drivers\vga.sys
    0x883D5000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x8B40C000 \SystemRoot\System32\drivers\watchdog.sys
    0x8B419000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x88200000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x88009000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x87DD8000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x87DEF000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x8C414000 \SystemRoot\system32\drivers\afd.sys
    0x8C46E000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x8C4A0000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x8C4A7000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x8C4C6000 \SystemRoot\system32\DRIVERS\vwififlt.sys
    0x8C4D7000 \SystemRoot\system32\DRIVERS\SymIMv.sys
    0x8C4E0000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x8C4EE000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x8C52F000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x8C539000 \SystemRoot\system32\drivers\csc.sys
    0x8C59D000 \SystemRoot\System32\Drivers\dfsc.sys
    0x8C5B5000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x8C5D6000 \SystemRoot\system32\DRIVERS\HECI.sys
    0x8C5E1000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x8D039000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x8D084000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x8D21B000 \SystemRoot\system32\DRIVERS\NETw5s32.sys
    0x8D200000 \SystemRoot\system32\DRIVERS\vwifibus.sys
    0x8D0A3000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
    0x8D0D8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0x8D20A000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x8D0F0000 \SystemRoot\system32\DRIVERS\SynTP.sys
    0x8D217000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x8D12A000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x8D7FA000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys
    0x8D137000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x8D156000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x8D17D000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x8D18B000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
    0x8D198000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x8D1A2000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x8D1B4000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x8D1CC000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x8D1D7000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x8D000000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x8D018000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x8D15C000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x8D173000 \SystemRoot\system32\DRIVERS\rdpbus.sys
    0x8C5F0000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x8D219000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x8DE30000 \SystemRoot\system32\DRIVERS\ks.sys
    0x8DE64000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x8DE72000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x8DEB6000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x8F360000 \SystemRoot\System32\win32k.sys
    0x8DEC7000 \SystemRoot\System32\drivers\Dxapi.sys
    0x8F5B0000 \SystemRoot\System32\drivers\dxg.sys
    0x8F5E0000 \SystemRoot\System32\TSDDD.dll
    0x8F260000 \SystemRoot\System32\framebuf.dll
    0x8DED1000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x8B421000 \SystemRoot\System32\Drivers\dump_iaStor.sys
    0x8DEDE000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x8DEEF000 \SystemRoot\system32\drivers\WudfPf.sys
    0x8DF38000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x8DF4F000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0x8DF95000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0x8DFA5000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x8DFBE000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x8DFD0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x93204000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x9323F000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x9325A000 \SystemRoot\system32\DRIVERS\vwifimp.sys
    0x77210000 \Windows\System32\ntdll.dll
    0x48420000 \Windows\System32\smss.exe
    0x77450000 \Windows\System32\apisetschema.dll
    0x00490000 \Windows\System32\autochk.exe
    0x773F0000 \Windows\System32\gdi32.dll
    0x77390000 \Windows\System32\difxapi.dll
    0x770D0000 \Windows\System32\urlmon.dll
    0x77040000 \Windows\System32\clbcatq.dll
    0x76FF0000 \Windows\System32\Wldap32.dll
    0x77380000 \Windows\System32\nsi.dll
    0x763A0000 \Windows\System32\shell32.dll
    0x77370000 \Windows\System32\lpk.dll
    0x76340000 \Windows\System32\shlwapi.dll
    0x762A0000 \Windows\System32\advapi32.dll
    0x76210000 \Windows\System32\oleaut32.dll
    0x76160000 \Windows\System32\msvcrt.dll
    0x77360000 \Windows\System32\psapi.dll
    0x760E0000 \Windows\System32\comdlg32.dll
    0x76010000 \Windows\System32\user32.dll
    0x75F30000 \Windows\System32\kernel32.dll
    0x75F10000 \Windows\System32\sechost.dll
    0x75D70000 \Windows\System32\setupapi.dll
    0x75CC0000 \Windows\System32\rpcrt4.dll
    0x75BC0000 \Windows\System32\wininet.dll
    0x75B80000 \Windows\System32\ws2_32.dll
    0x75A20000 \Windows\System32\ole32.dll
    0x75950000 \Windows\System32\msctf.dll
    0x75750000 \Windows\System32\iertutil.dll
    0x756B0000 \Windows\System32\usp10.dll
    0x77350000 \Windows\System32\normaliz.dll
    0x75680000 \Windows\System32\imagehlp.dll
    0x75660000 \Windows\System32\imm32.dll
    0x75610000 \Windows\System32\KernelBase.dll
    0x754F0000 \Windows\System32\crypt32.dll
    0x754C0000 \Windows\System32\cfgmgr32.dll
    0x75430000 \Windows\System32\comctl32.dll
    0x75400000 \Windows\System32\wintrust.dll
    0x753E0000 \Windows\System32\devobj.dll
    0x753D0000 \Windows\System32\msasn1.dll

    Processes (total 25):
    0 System Idle Process
    4 System
    340 C:\Windows\System32\smss.exe
    428 csrss.exe
    464 C:\Windows\System32\wininit.exe
    476 csrss.exe
    540 C:\Windows\System32\services.exe
    564 C:\Windows\System32\lsass.exe
    572 C:\Windows\System32\lsm.exe
    664 C:\Windows\System32\svchost.exe
    744 C:\Windows\System32\winlogon.exe
    756 C:\Windows\System32\svchost.exe
    860 C:\Windows\System32\svchost.exe
    912 C:\Windows\System32\svchost.exe
    968 C:\Windows\System32\svchost.exe
    1020 C:\Windows\System32\svchost.exe
    1056 C:\Windows\System32\svchost.exe
    1204 C:\Windows\System32\svchost.exe
    1536 C:\Windows\System32\svchost.exe
    532 C:\Windows\System32\userinit.exe
    1164 C:\Windows\explorer.exe
    1492 C:\Windows\System32\WerFault.exe
    1628 C:\Windows\System32\ctfmon.exe
    1700 C:\Users\vincebaze\Desktop\MBRCheck.exe
    1852 C:\Windows\System32\conhost.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`4b100000 (NTFS)
    \\.\Q: --> \\.\PhysicalDrive0 at offset 0x00000037`c7a00000 (NTFS)
    \\.\S: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)

    PhysicalDrive0 Model Number: ST9250315AS, Rev: 0020LVM1

    Size Device Name MBR Status
    --------------------------------------------
    232 GB \\.\PhysicalDrive0 Unknown MBR code
    SHA1: D3EB96F8BE5DD6258063FB4A13E953549F9EFB48


    Found non-standard or infected MBR.
    Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    Options:
    [1] Dump the MBR of a physical disk to file.
    [2] Restore the MBR of a physical disk with a standard boot code.
    [3] Exit.

    Enter your choice:
     
    scorpion657,
    #1
  2. 2010/12/25
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    We have a few issues here.

    First of all your MBAM log says "No action taken ".
    Re-run it, fix ALL issues and post fresh log.

    When done....

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
     
    broni,
    #2


  3. to hide this advert.

  4. 2010/12/25
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    I'm trying to run tdsskiller but it keeps giving me a Bleue screen with crash dumb even in safe mode. I was suspecting the ram to maybe be defective but after running memtest, it found no issues. I will attempt to run the scan again and keep you posted.

    Thanks again
     
    scorpion657,
    #3
  5. 2010/12/25
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Well, definitely, you're infected with a rootkit.
    Try TDSSKiller in Safe Mode.
     
    broni,
    #4
  6. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    Finally I was able to run TDSSKiller:

    2010/12/26 11:59:44.0956 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
    2010/12/26 11:59:44.0956 ================================================================================
    2010/12/26 11:59:44.0956 SystemInfo:
    2010/12/26 11:59:44.0956
    2010/12/26 11:59:44.0956 OS Version: 6.1.7600 ServicePack: 0.0
    2010/12/26 11:59:44.0956 Product type: Workstation
    2010/12/26 11:59:44.0956 ComputerName: VINCEBAZE-THINK
    2010/12/26 11:59:44.0971 UserName: vincebaze
    2010/12/26 11:59:44.0971 Windows directory: C:\Windows
    2010/12/26 11:59:44.0971 System windows directory: C:\Windows
    2010/12/26 11:59:44.0971 Processor architecture: Intel x86
    2010/12/26 11:59:44.0971 Number of processors: 4
    2010/12/26 11:59:44.0971 Page size: 0x1000
    2010/12/26 11:59:44.0971 Boot type: Normal boot
    2010/12/26 11:59:44.0971 ================================================================================
    2010/12/26 11:59:45.0564 Initialize success
    2010/12/26 11:59:48.0575 ================================================================================
    2010/12/26 11:59:48.0575 Scan started
    2010/12/26 11:59:48.0575 Mode: Manual;
    2010/12/26 11:59:48.0575 ================================================================================
    2010/12/26 11:59:51.0055 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
    2010/12/26 11:59:51.0149 5U877 (d623af0d0db0f13d32cae34d3f0dad39) C:\Windows\system32\DRIVERS\5U877.sys
    2010/12/26 11:59:51.0258 ACPI (c69d550c6b3f8f32913e7e5200de8dd9) C:\Windows\system32\DRIVERS\ACPI.sys
    2010/12/26 11:59:51.0352 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
    2010/12/26 11:59:51.0492 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    2010/12/26 11:59:51.0570 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    2010/12/26 11:59:51.0648 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    2010/12/26 11:59:51.0788 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
    2010/12/26 11:59:51.0882 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
    2010/12/26 11:59:52.0069 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    2010/12/26 11:59:52.0178 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
    2010/12/26 11:59:52.0288 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
    2010/12/26 11:59:52.0381 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
    2010/12/26 11:59:52.0459 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    2010/12/26 11:59:52.0506 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    2010/12/26 11:59:52.0615 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
    2010/12/26 11:59:52.0693 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    2010/12/26 11:59:52.0756 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
    2010/12/26 11:59:52.0849 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
    2010/12/26 11:59:53.0052 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    2010/12/26 11:59:53.0099 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    2010/12/26 11:59:53.0192 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    2010/12/26 11:59:53.0286 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
    2010/12/26 11:59:53.0442 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    2010/12/26 11:59:53.0567 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    2010/12/26 11:59:53.0692 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    2010/12/26 11:59:53.0848 BHDrvx86 (76154fa6a742c613b44bb636b1a7c057) C:\Windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
    2010/12/26 11:59:53.0910 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    2010/12/26 11:59:54.0160 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
    2010/12/26 11:59:54.0206 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    2010/12/26 11:59:54.0269 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    2010/12/26 11:59:54.0378 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    2010/12/26 11:59:54.0456 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    2010/12/26 11:59:54.0768 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    2010/12/26 11:59:54.0830 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    2010/12/26 11:59:54.0924 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
    2010/12/26 11:59:54.0986 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    2010/12/26 11:59:55.0080 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
    2010/12/26 11:59:55.0189 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
    2010/12/26 11:59:55.0314 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
    2010/12/26 11:59:55.0501 ccHP (8973ff34b83572d867b5b928905ad5ac) C:\Windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys
    2010/12/26 11:59:55.0657 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    2010/12/26 11:59:55.0751 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
    2010/12/26 11:59:55.0844 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    2010/12/26 11:59:55.0969 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    2010/12/26 11:59:56.0094 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    2010/12/26 11:59:56.0156 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
    2010/12/26 11:59:56.0281 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    2010/12/26 11:59:56.0390 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    2010/12/26 11:59:56.0468 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
    2010/12/26 11:59:56.0578 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    2010/12/26 11:59:56.0702 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
    2010/12/26 11:59:56.0827 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
    2010/12/26 11:59:56.0905 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    2010/12/26 11:59:56.0999 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    2010/12/26 11:59:57.0155 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    2010/12/26 11:59:57.0295 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
    2010/12/26 11:59:57.0607 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    2010/12/26 11:59:57.0904 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    2010/12/26 11:59:58.0060 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    2010/12/26 11:59:58.0153 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
    2010/12/26 11:59:58.0294 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    2010/12/26 11:59:58.0403 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    2010/12/26 11:59:58.0574 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    2010/12/26 11:59:58.0746 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    2010/12/26 11:59:58.0871 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    2010/12/26 11:59:58.0933 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    2010/12/26 11:59:59.0011 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    2010/12/26 11:59:59.0136 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    2010/12/26 11:59:59.0230 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    2010/12/26 11:59:59.0339 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
    2010/12/26 11:59:59.0417 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    2010/12/26 11:59:59.0542 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    2010/12/26 11:59:59.0651 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    2010/12/26 11:59:59.0744 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
    2010/12/26 11:59:59.0869 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2010/12/26 11:59:59.0947 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys
    2010/12/26 12:00:00.0010 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    2010/12/26 12:00:00.0056 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    2010/12/26 12:00:00.0150 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    2010/12/26 12:00:00.0259 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
    2010/12/26 12:00:00.0400 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
    2010/12/26 12:00:00.0462 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
    2010/12/26 12:00:00.0540 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
    2010/12/26 12:00:00.0649 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
    2010/12/26 12:00:00.0743 iaStor (39f7c9aeee865fe8e98cf3edd2b4bb4a) C:\Windows\system32\DRIVERS\iaStor.sys
    2010/12/26 12:00:00.0868 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
    2010/12/26 12:00:00.0961 IBMPMDRV (400d7095d5ae08970f839bcac1843106) C:\Windows\system32\DRIVERS\ibmpmdrv.sys
    2010/12/26 12:00:01.0180 IDSVix86 (2edd3504457691a10328079da011d0b8) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100723.001\IDSvix86.sys
    2010/12/26 12:00:01.0757 igfx (4ee7874572a515d112d2f35112f5ad41) C:\Windows\system32\DRIVERS\igdkmd32.sys
    2010/12/26 12:00:02.0053 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    2010/12/26 12:00:02.0194 Impcd (1e8154841a0a24d6b38778f07831a82b) C:\Windows\system32\DRIVERS\Impcd.sys
    2010/12/26 12:00:02.0474 IntcAzAudAddService (e286395fd90d15b6a86da1619e3fcebf) C:\Windows\system32\drivers\RTKVHDA.sys
    2010/12/26 12:00:02.0646 IntcDAud (4ea6b57a3b71fd1a208af054e97fba37) C:\Windows\system32\DRIVERS\IntcDAud.sys
    2010/12/26 12:00:02.0724 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
    2010/12/26 12:00:02.0818 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    2010/12/26 12:00:02.0911 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2010/12/26 12:00:03.0005 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    2010/12/26 12:00:03.0067 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    2010/12/26 12:00:03.0161 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    2010/12/26 12:00:03.0239 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
    2010/12/26 12:00:03.0301 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
    2010/12/26 12:00:03.0410 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2010/12/26 12:00:03.0473 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
    2010/12/26 12:00:03.0520 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
    2010/12/26 12:00:03.0598 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
    2010/12/26 12:00:03.0785 lenovo.smi (3c3f7f424e324c6971632c5de5ff458f) C:\Windows\system32\DRIVERS\smiif32.sys
    2010/12/26 12:00:03.0878 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    2010/12/26 12:00:04.0019 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    2010/12/26 12:00:04.0066 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    2010/12/26 12:00:04.0128 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    2010/12/26 12:00:04.0190 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    2010/12/26 12:00:04.0315 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    2010/12/26 12:00:04.0393 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    2010/12/26 12:00:04.0487 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    2010/12/26 12:00:04.0596 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    2010/12/26 12:00:04.0721 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    2010/12/26 12:00:04.0799 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    2010/12/26 12:00:04.0892 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    2010/12/26 12:00:04.0939 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
    2010/12/26 12:00:05.0017 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
    2010/12/26 12:00:05.0080 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    2010/12/26 12:00:05.0126 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
    2010/12/26 12:00:05.0204 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2010/12/26 12:00:05.0251 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2010/12/26 12:00:05.0345 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2010/12/26 12:00:05.0423 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
    2010/12/26 12:00:05.0532 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
    2010/12/26 12:00:05.0735 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    2010/12/26 12:00:05.0782 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    2010/12/26 12:00:05.0844 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
    2010/12/26 12:00:06.0047 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    2010/12/26 12:00:06.0172 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    2010/12/26 12:00:06.0203 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    2010/12/26 12:00:06.0250 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    2010/12/26 12:00:06.0328 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
    2010/12/26 12:00:06.0468 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    2010/12/26 12:00:06.0562 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    2010/12/26 12:00:06.0624 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    2010/12/26 12:00:06.0749 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    2010/12/26 12:00:07.0264 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
    2010/12/26 12:00:07.0466 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    2010/12/26 12:00:07.0576 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    2010/12/26 12:00:07.0669 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
    2010/12/26 12:00:07.0732 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
    2010/12/26 12:00:07.0825 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
    2010/12/26 12:00:07.0966 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    2010/12/26 12:00:08.0012 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
    2010/12/26 12:00:08.0340 NETw5s32 (ef51b405ad8acaae6f0231290d20f516) C:\Windows\system32\DRIVERS\NETw5s32.sys
    2010/12/26 12:00:08.0839 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
    2010/12/26 12:00:09.0073 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    2010/12/26 12:00:09.0182 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    2010/12/26 12:00:09.0245 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    2010/12/26 12:00:09.0338 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
    2010/12/26 12:00:09.0416 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    2010/12/26 12:00:09.0541 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
    2010/12/26 12:00:09.0604 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
    2010/12/26 12:00:09.0650 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
    2010/12/26 12:00:09.0744 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
    2010/12/26 12:00:09.0869 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    2010/12/26 12:00:09.0916 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
    2010/12/26 12:00:09.0962 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    2010/12/26 12:00:10.0103 PCDSRVC{3037D694-FD904ACA-06020000}_0 (ae5fc5fe7127744a84102128fdc6810b) c:\program files\pc-doctor\pcdsrvc.pkms
    2010/12/26 12:00:10.0321 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
    2010/12/26 12:00:10.0384 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
    2010/12/26 12:00:10.0508 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    2010/12/26 12:00:10.0586 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    2010/12/26 12:00:10.0711 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    2010/12/26 12:00:11.0039 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    2010/12/26 12:00:11.0086 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    2010/12/26 12:00:11.0242 psadd (72de205cd4006dc45b1401859c506679) C:\Windows\system32\DRIVERS\psadd.sys
    2010/12/26 12:00:11.0413 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    2010/12/26 12:00:11.0522 qcfilterlno2k (34a8537519c22ae23e0d2041b47b577d) C:\Windows\system32\DRIVERS\qcfilterlno2k.sys
    2010/12/26 12:00:11.0616 qcusbnetlno2k (879b89a42d02655ab2eab26df7e12872) C:\Windows\system32\DRIVERS\qcusbnetlno2k.sys
    2010/12/26 12:00:11.0710 qcusbserlno2k (b886803639aabd81e18f772c37a979e3) C:\Windows\system32\DRIVERS\qcusbserlno2k.sys
    2010/12/26 12:00:11.0850 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    2010/12/26 12:00:12.0022 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    2010/12/26 12:00:12.0084 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    2010/12/26 12:00:12.0162 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    2010/12/26 12:00:12.0271 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    2010/12/26 12:00:12.0334 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2010/12/26 12:00:12.0474 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    2010/12/26 12:00:12.0521 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    2010/12/26 12:00:12.0599 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
    2010/12/26 12:00:12.0755 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    2010/12/26 12:00:12.0802 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2010/12/26 12:00:12.0864 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
    2010/12/26 12:00:13.0114 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    2010/12/26 12:00:13.0285 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    2010/12/26 12:00:13.0348 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
    2010/12/26 12:00:13.0441 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
    2010/12/26 12:00:13.0582 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
    2010/12/26 12:00:13.0738 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
    2010/12/26 12:00:13.0862 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    2010/12/26 12:00:13.0925 RSUSBSTOR (867beb23207ba425c85293bb0d3ea971) C:\Windows\system32\Drivers\RtsUStor.sys
    2010/12/26 12:00:14.0159 RTL8167 (c5a68c5ec01fd6f03396dd154b48db56) C:\Windows\system32\DRIVERS\Rt86win7.sys
    2010/12/26 12:00:14.0221 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
    2010/12/26 12:00:14.0346 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
    2010/12/26 12:00:14.0408 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
    2010/12/26 12:00:14.0518 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
    2010/12/26 12:00:14.0689 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2010/12/26 12:00:14.0830 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    2010/12/26 12:00:14.0892 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    2010/12/26 12:00:14.0986 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    2010/12/26 12:00:15.0126 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
    2010/12/26 12:00:15.0188 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    2010/12/26 12:00:15.0266 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
    2010/12/26 12:00:15.0391 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    2010/12/26 12:00:15.0469 Shockprf (486a1bd22dd66d0a8542ebb0cd792bdb) C:\Windows\system32\DRIVERS\Apsx86.sys
    2010/12/26 12:00:15.0563 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
    2010/12/26 12:00:15.0812 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    2010/12/26 12:00:15.0890 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    2010/12/26 12:00:16.0015 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    2010/12/26 12:00:16.0124 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    2010/12/26 12:00:16.0436 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\Windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS
    2010/12/26 12:00:16.0655 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\Windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS
    2010/12/26 12:00:16.0904 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
    2010/12/26 12:00:17.0076 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
    2010/12/26 12:00:17.0201 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    2010/12/26 12:00:17.0294 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
    2010/12/26 12:00:17.0544 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
    2010/12/26 12:00:17.0653 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
    2010/12/26 12:00:17.0794 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    2010/12/26 12:00:17.0918 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
    2010/12/26 12:00:18.0059 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
    2010/12/26 12:00:18.0152 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
    2010/12/26 12:00:18.0340 SymEFA (d0885f6e24259a6c65e68d6ad749910a) C:\Windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS
    2010/12/26 12:00:18.0496 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\Windows\system32\Drivers\SYMEVENT.SYS
    2010/12/26 12:00:18.0636 SYMFW (1e825026436c4eac3e1a11d1e9c33f2c) C:\Windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS
    2010/12/26 12:00:18.0808 SymIM (34f1c9d5dcc19df1e824d6b73767b8af) C:\Windows\system32\DRIVERS\SymIMv.sys
    2010/12/26 12:00:18.0932 SYMNDISV (dcbf73da96cce94933c8cc6eded3c98b) C:\Windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS
    2010/12/26 12:00:18.0995 SYMTDI (e4fa8bbb96e314e9508865de1a767538) C:\Windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
    2010/12/26 12:00:19.0088 SynTP (5cdd124913e91c7f79b4d5cae1c7c4de) C:\Windows\system32\DRIVERS\SynTP.sys
    2010/12/26 12:00:19.0322 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
    2010/12/26 12:00:19.0666 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
    2010/12/26 12:00:19.0853 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
    2010/12/26 12:00:19.0915 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
    2010/12/26 12:00:19.0978 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
    2010/12/26 12:00:20.0025 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
    2010/12/26 12:00:20.0087 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
    2010/12/26 12:00:20.0243 TPDIGIMN (20a439d6475d6fe1909159c0143d0466) C:\Windows\system32\DRIVERS\ApsHM86.sys
    2010/12/26 12:00:20.0383 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\Windows\system32\drivers\tpm.sys
    2010/12/26 12:00:20.0493 TPPWRIF (6412da2b8d079d821b99b3a99943284e) C:\Windows\system32\drivers\Tppwr32v.sys
    2010/12/26 12:00:20.0617 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2010/12/26 12:00:20.0695 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
    2010/12/26 12:00:20.0789 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    2010/12/26 12:00:20.0836 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
    2010/12/26 12:00:20.0929 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
    2010/12/26 12:00:21.0039 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
    2010/12/26 12:00:21.0101 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    2010/12/26 12:00:21.0210 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
    2010/12/26 12:00:21.0241 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
    2010/12/26 12:00:21.0273 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
    2010/12/26 12:00:21.0319 usbehci (0eeedd78c2bedac75e8ed1ba8d77878b) C:\Windows\system32\DRIVERS\usbehci.sys
    2010/12/26 12:00:21.0382 usbhub (ba50148445e5b2b3abdba208fc9b6fb5) C:\Windows\system32\DRIVERS\usbhub.sys
    2010/12/26 12:00:21.0429 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
    2010/12/26 12:00:21.0460 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    2010/12/26 12:00:21.0507 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2010/12/26 12:00:21.0553 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
    2010/12/26 12:00:21.0585 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
    2010/12/26 12:00:21.0725 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
    2010/12/26 12:00:21.0772 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    2010/12/26 12:00:21.0819 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    2010/12/26 12:00:21.0850 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
    2010/12/26 12:00:21.0912 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
    2010/12/26 12:00:21.0959 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    2010/12/26 12:00:22.0006 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
    2010/12/26 12:00:22.0053 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
    2010/12/26 12:00:22.0099 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
    2010/12/26 12:00:22.0146 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
    2010/12/26 12:00:22.0193 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    2010/12/26 12:00:22.0255 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
    2010/12/26 12:00:22.0365 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    2010/12/26 12:00:22.0427 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
    2010/12/26 12:00:22.0521 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
    2010/12/26 12:00:22.0583 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
    2010/12/26 12:00:22.0661 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    2010/12/26 12:00:22.0723 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/12/26 12:00:22.0755 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/12/26 12:00:22.0926 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    2010/12/26 12:00:23.0004 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    2010/12/26 12:00:23.0207 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    2010/12/26 12:00:23.0254 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    2010/12/26 12:00:23.0503 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
    2010/12/26 12:00:23.0659 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2010/12/26 12:00:23.0769 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    2010/12/26 12:00:23.0878 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
    2010/12/26 12:00:24.0034 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2010/12/26 12:00:24.0174 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
    2010/12/26 12:00:24.0174 ================================================================================
    2010/12/26 12:00:24.0174 Scan finished
    2010/12/26 12:00:24.0174 ================================================================================
    2010/12/26 12:00:24.0205 Detected object count: 1
    2010/12/26 12:00:32.0848 \HardDisk0 - will be cured after reboot
    2010/12/26 12:00:32.0848 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
    2010/12/26 12:00:36.0030 Deinitialize success


    MBAM:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5363

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    12/26/2010 12:11:55 PM
    mbam-log-2010-12-26 (12-11-55).txt

    Scan type: Quick scan
    Objects scanned: 147045
    Time elapsed: 3 minute(s), 44 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
     
    scorpion657,
    #5
  7. 2010/12/26
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Good job :)

    Download Bootkit Remover to your Desktop.

    • You then need to extract the remover.exe file from the RAR using a program capable of extracing RAR compressed files. If you don't have an extraction program, you can use 7-Zip: http://www.7-zip.org/
    • After extracing remover.exe to your Desktop, double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator.
    • It will show a Black screen with some data on it.
    • Right click on the screen and click Select All.
    • Press CTRL+C
    • Open a Notepad and press CTRL+V
    • Post the output back here.
     
    broni,
    #6
  8. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    Here is the output:

    Bootkit Remover
    (c) 2009 eSage Lab
    www.esagelab.com

    Program version: 1.2.0.0
    OS Version: Microsoft Windows 7 (build 7600), 32-bit

    System volume is \\.\C:
    \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`4b100000
    Boot sector MD5 is: f5df6a764c7d1420afc28111ce5b60f6

    Size Device Name MBR Status
    --------------------------------------------
    232 GB \\.\PhysicalDrive0 Unknown boot code

    Unknown boot code has been found on some of your physical disks.
    To inspect the boot code manually, dump the master boot sector:
    remover.exe dump <device_name> [output_file]
    To disinfect the master boot sector, use the following command:
    remover.exe fix <device_name>


    Done;
    Press any key to quit...
     
    scorpion657,
    #7
  9. 2010/12/26
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Yeah, we have to fix it...

    Please download NTBR by noahdfear and save it to your Desktop.
    File size: 2.44 MB (2,565,432 bytes)

    • Place a blank CD in your CD drive.
    • Double click on NTBR_CD.exe file and a folder of the same name will appear.
    • Open the folder and double click on BurnItCD.cmd file. If your CD drive will open, simply close it back.
    • Follow the prompts to burn the CD.
    • Now you will need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)
    • If you have any questions about this step, ask before you proceed. If you enter the BIOS and are unsure if you have carried out the step correctly, there should be an option to exit without keeping changes, so you won't do any harm.
    • Insert the newly created CD into your infected PC and reboot your computer.
    • Once you have rebooted please press Enter when prompted to continue booting from CD - you have a whole 15 seconds to do this!
    • Read the warning and then continue as prompted.
    • You first need to select your keyboard layout - press Enter for English.
    • Next you want to select the appropriate tool. Enter 1 to choose 1. MBRWORK
    • On the following screen enter 5 to select Install Standard MBR code.
    • Enter 2 to overwrite the infected MBR Code with the Windows 7 MBR code.
    • When asked to confirm please do so.
    • Afterwards, please enter E to leave MBRWORK, then 6 to leave the bootable CD.
    • Eject the disc and then press ctrl+alt+del to reboot the PC.
    Once rebooted, run MBRCheck again and post its log.
     
    broni,
    #8
  10. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    Here is the new log:

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Professional
    Windows Information: (build 7600), 32-bit
    Base Board Manufacturer: LENOVO
    BIOS Manufacturer: LENOVO
    System Manufacturer: LENOVO
    System Product Name: 03019AU
    Logical Drives Mask: 0x0005000c

    Kernel Drivers (total 205):
    0x82E07000 \SystemRoot\system32\ntkrnlpa.exe
    0x83217000 \SystemRoot\system32\halmacpi.dll
    0x80B9B000 \SystemRoot\system32\kdcom.dll
    0x88605000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x8867D000 \SystemRoot\system32\PSHED.dll
    0x8868E000 \SystemRoot\system32\BOOTVID.dll
    0x88696000 \SystemRoot\system32\CLFS.SYS
    0x886D8000 \SystemRoot\system32\CI.dll
    0x88783000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x88839000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x88847000 \SystemRoot\system32\DRIVERS\ACPI.sys
    0x8888F000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
    0x88898000 \SystemRoot\system32\DRIVERS\msisadrv.sys
    0x888A0000 \SystemRoot\system32\DRIVERS\pci.sys
    0x888CA000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
    0x888D5000 \SystemRoot\System32\drivers\partmgr.sys
    0x888E6000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x888EE000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x888F9000 \SystemRoot\system32\DRIVERS\volmgr.sys
    0x88909000 \SystemRoot\System32\drivers\volmgrx.sys
    0x88954000 \SystemRoot\System32\drivers\mountmgr.sys
    0x88A3D000 \SystemRoot\system32\DRIVERS\iaStor.sys
    0x88BF0000 \SystemRoot\system32\DRIVERS\atapi.sys
    0x88A00000 \SystemRoot\system32\DRIVERS\ataport.SYS
    0x88A23000 \SystemRoot\system32\DRIVERS\msahci.sys
    0x88A2D000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
    0x8896A000 \SystemRoot\system32\DRIVERS\amdxata.sys
    0x88973000 \SystemRoot\system32\drivers\fltmgr.sys
    0x889A7000 \SystemRoot\system32\drivers\fileinfo.sys
    0x88C27000 \SystemRoot\system32\drivers\NIS\1008000.029\SYMEFA.SYS
    0x88C76000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x88DA5000 \SystemRoot\System32\Drivers\msrpc.sys
    0x88DD0000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x88E0D000 \SystemRoot\System32\Drivers\cng.sys
    0x88E6A000 \SystemRoot\System32\drivers\pcw.sys
    0x88E78000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x88E81000 \SystemRoot\system32\drivers\ndis.sys
    0x88F38000 \SystemRoot\system32\drivers\NETIO.SYS
    0x88F76000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x89012000 \SystemRoot\System32\drivers\tcpip.sys
    0x8915B000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x8918C000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
    0x89195000 \SystemRoot\system32\DRIVERS\volsnap.sys
    0x891D4000 \SystemRoot\System32\DRIVERS\ApsHM86.sys
    0x891DD000 \SystemRoot\System32\Drivers\spldr.sys
    0x88F9B000 \SystemRoot\System32\drivers\rdyboost.sys
    0x88FC8000 \SystemRoot\System32\DRIVERS\Apsx86.sys
    0x891E5000 \SystemRoot\System32\Drivers\mup.sys
    0x891F5000 \SystemRoot\System32\drivers\hwpolicy.sys
    0x889B8000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x89000000 \SystemRoot\system32\DRIVERS\disk.sys
    0x88C00000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    0x8DA00000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x8DA1F000 \SystemRoot\System32\Drivers\Null.SYS
    0x8DA26000 \SystemRoot\System32\Drivers\Beep.SYS
    0x8DBF4000 \SystemRoot\System32\drivers\vga.sys
    0x88800000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x88E00000 \SystemRoot\System32\drivers\watchdog.sys
    0x88FF5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x88DE3000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x88DEB000 \SystemRoot\system32\drivers\rdprefmp.sys
    0x88DF3000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x88821000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x8E209000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x8E220000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x8E22B000 \SystemRoot\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
    0x8E25F000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
    0x8E284000 \SystemRoot\system32\drivers\afd.sys
    0x8E2DE000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x8E310000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x8E317000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x8E336000 \SystemRoot\system32\DRIVERS\vwififlt.sys
    0x8E347000 \SystemRoot\system32\DRIVERS\SymIMv.sys
    0x8E350000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x8E35E000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x8E371000 \SystemRoot\System32\drivers\Tppwr32v.sys
    0x8E378000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x8E388000 \SystemRoot\system32\drivers\NIS\1008000.029\SRTSPX.SYS
    0x8E392000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x8E3D3000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x8E3DD000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x8E3E7000 \SystemRoot\system32\DRIVERS\smiif32.sys
    0x8F408000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100723.001\IDSvix86.sys
    0x8F460000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    0x8F4BE000 \SystemRoot\System32\drivers\discache.sys
    0x8F4CA000 \SystemRoot\system32\drivers\csc.sys
    0x8F52E000 \SystemRoot\System32\Drivers\dfsc.sys
    0x8F546000 \SystemRoot\System32\Drivers\NIS\1008000.029\ccHPx86.sys
    0x8F5C1000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x8EC09000 \SystemRoot\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
    0x8EC4B000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x8FE26000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
    0x904AC000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x90563000 \SystemRoot\System32\drivers\dxgmms1.sys
    0x9059C000 \SystemRoot\system32\DRIVERS\HECI.sys
    0x905A7000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x8EC6C000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x905B6000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x92C05000 \SystemRoot\system32\DRIVERS\NETw5s32.sys
    0x931E4000 \SystemRoot\system32\DRIVERS\vwifibus.sys
    0x8ECB7000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
    0x905D5000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0x931EE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x8ECEC000 \SystemRoot\system32\DRIVERS\SynTP.sys
    0x931FB000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x905ED000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x92C00000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys
    0x905FA000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x8FE00000 \SystemRoot\system32\DRIVERS\Impcd.sys
    0x8ED26000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x8FE21000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x8ED38000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
    0x8ED45000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x8ED57000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x8ED6F000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x8ED7A000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x8ED9C000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x8EDB4000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x8EDCB000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x8EDE2000 \SystemRoot\system32\DRIVERS\rdpbus.sys
    0x8EDEC000 \SystemRoot\system32\DRIVERS\psadd.sys
    0x931FD000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x92A1D000 \SystemRoot\system32\DRIVERS\ks.sys
    0x92A51000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x92A5F000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x92AA3000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x97C18000 \SystemRoot\system32\drivers\RTKVHDA.sys
    0x97EED000 \SystemRoot\system32\drivers\portcls.sys
    0x97F1C000 \SystemRoot\system32\drivers\drmk.sys
    0x97F35000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
    0x984B0000 \SystemRoot\System32\win32k.sys
    0x97F73000 \SystemRoot\System32\drivers\Dxapi.sys
    0x97F7D000 \SystemRoot\system32\DRIVERS\cdfs.sys
    0x97F93000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x97F9E000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x8DA2D000 \SystemRoot\System32\Drivers\dump_iaStor.sys
    0x97FAB000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x98710000 \SystemRoot\System32\TSDDD.dll
    0x97C00000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x98740000 \SystemRoot\System32\cdd.dll
    0x97FBC000 \SystemRoot\system32\DRIVERS\5U877.sys
    0x97FDB000 \SystemRoot\system32\DRIVERS\STREAM.SYS
    0x92ACF000 \SystemRoot\system32\drivers\luafv.sys
    0x92AEA000 \SystemRoot\system32\drivers\WudfPf.sys
    0x97FE9000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x92B04000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0x92B4A000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0x92B5A000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x92B6D000 \SystemRoot\system32\drivers\HTTP.sys
    0x92A00000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x8F5CF000 \SystemRoot\System32\drivers\mpsdrv.sys
    0xADE3B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0xADE5E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0xADE99000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0xADECC000 \SystemRoot\system32\drivers\peauth.sys
    0xADF65000 \SystemRoot\system32\drivers\regi.sys
    0xADF69000 \SystemRoot\System32\Drivers\secdrv.SYS
    0xADF73000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0xADF94000 \SystemRoot\System32\drivers\tcpipreg.sys
    0xADFA1000 \SystemRoot\system32\DRIVERS\vwifimp.sys
    0xADFAA000 \SystemRoot\System32\DRIVERS\srv2.sys
    0xB0C30000 \SystemRoot\System32\DRIVERS\srv.sys
    0xB0C81000 \SystemRoot\system32\DRIVERS\qcfilterlno2k.sys
    0xB0C83000 \SystemRoot\system32\DRIVERS\qcusbnetlno2k.sys
    0xB0CBA000 \SystemRoot\system32\DRIVERS\qcusbserlno2k.sys
    0xB0CD5000 \SystemRoot\system32\drivers\modem.sys
    0x77460000 \Windows\System32\ntdll.dll
    0x48160000 \Windows\System32\smss.exe
    0x776A0000 \Windows\System32\apisetschema.dll
    0x00300000 \Windows\System32\autochk.exe
    0x775F0000 \Windows\System32\usp10.dll
    0x773D0000 \Windows\System32\clbcatq.dll
    0x77300000 \Windows\System32\user32.dll
    0x77250000 \Windows\System32\rpcrt4.dll
    0x771F0000 \Windows\System32\difxapi.dll
    0x77110000 \Windows\System32\kernel32.dll
    0x775D0000 \Windows\System32\imm32.dll
    0x775C0000 \Windows\System32\lpk.dll
    0x775B0000 \Windows\System32\normaliz.dll
    0x764C0000 \Windows\System32\shell32.dll
    0x76380000 \Windows\System32\urlmon.dll
    0x775A0000 \Windows\System32\nsi.dll
    0x761E0000 \Windows\System32\setupapi.dll
    0x76150000 \Windows\System32\oleaut32.dll
    0x76120000 \Windows\System32\imagehlp.dll
    0x76020000 \Windows\System32\wininet.dll
    0x75E20000 \Windows\System32\iertutil.dll
    0x75DD0000 \Windows\System32\gdi32.dll
    0x75D50000 \Windows\System32\comdlg32.dll
    0x75CA0000 \Windows\System32\msvcrt.dll
    0x75C40000 \Windows\System32\shlwapi.dll
    0x75C00000 \Windows\System32\ws2_32.dll
    0x75B30000 \Windows\System32\msctf.dll
    0x75AE0000 \Windows\System32\Wldap32.dll
    0x75A40000 \Windows\System32\advapi32.dll
    0x758E0000 \Windows\System32\ole32.dll
    0x758D0000 \Windows\System32\psapi.dll
    0x758B0000 \Windows\System32\sechost.dll
    0x75890000 \Windows\System32\devobj.dll
    0x75860000 \Windows\System32\wintrust.dll
    0x75830000 \Windows\System32\cfgmgr32.dll
    0x757A0000 \Windows\System32\comctl32.dll
    0x75680000 \Windows\System32\crypt32.dll
    0x75630000 \Windows\System32\KernelBase.dll
    0x75620000 \Windows\System32\msasn1.dll

    Processes (total 79):
    0 System Idle Process
    4 System
    356 C:\Windows\System32\smss.exe
    492 csrss.exe
    564 C:\Windows\System32\wininit.exe
    572 csrss.exe
    616 C:\Windows\System32\services.exe
    632 C:\Windows\System32\lsass.exe
    640 C:\Windows\System32\lsm.exe
    748 C:\Windows\System32\winlogon.exe
    816 C:\Windows\System32\svchost.exe
    880 C:\Windows\System32\ibmpmsvc.exe
    936 C:\Windows\System32\svchost.exe
    1020 C:\Windows\System32\svchost.exe
    1064 C:\Windows\System32\svchost.exe
    1100 C:\Windows\System32\svchost.exe
    1180 C:\Windows\System32\audiodg.exe
    1248 C:\Windows\System32\svchost.exe
    1380 C:\Windows\System32\svchost.exe
    1536 C:\Windows\System32\svchost.exe
    1596 C:\Windows\System32\wlanext.exe
    1604 C:\Windows\System32\conhost.exe
    1700 C:\Windows\System32\spoolsv.exe
    1796 C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
    1820 C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
    1868 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    1900 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    1928 C:\Program Files\Bonjour\mDNSResponder.exe
    1964 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    2004 C:\Windows\System32\svchost.exe
    2036 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    440 C:\Program Files\Lenovo\HOTKEY\cammute.exe
    676 C:\Program Files\Lenovo\HOTKEY\micmute.exe
    700 C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    952 C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
    1332 C:\Program Files\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
    1772 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    2060 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    2156 C:\Windows\System32\svchost.exe
    2248 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    2308 C:\Program Files\Lenovo\Access Connections\AcSvc.exe
    2676 C:\Windows\System32\dwm.exe
    2684 C:\Windows\System32\taskhost.exe
    2732 C:\Windows\explorer.exe
    2884 C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
    2924 C:\Windows\System32\taskeng.exe
    2944 C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
    3260 unsecapp.exe
    3396 C:\Windows\System32\SearchIndexer.exe
    3548 WmiPrvSE.exe
    3588 WmiPrvSE.exe
    3796 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    1492 C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    1452 C:\Windows\System32\TpShocks.exe
    2440 C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
    2488 C:\Windows\System32\hkcmd.exe
    1504 C:\Windows\System32\igfxpers.exe
    2584 C:\Windows\System32\rundll32.exe
    2608 C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
    2576 C:\Windows\System32\igfxsrvc.exe
    3192 C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
    3040 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    3004 C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
    1516 C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.4\BabylonToolbarsrv.exe
    776 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    4184 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    4196 C:\Windows\System32\igfxext.exe
    4364 C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
    4520 C:\Windows\System32\SearchProtocolHost.exe
    4552 C:\Program Files\iTunes\iTunesHelper.exe
    4580 C:\Windows\System32\SearchFilterHost.exe
    4640 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    4736 C:\Program Files\Skype\Phone\Skype.exe
    5316 C:\Program Files\iPod\bin\iPodService.exe
    5768 taskhost.exe
    4544 dllhost.exe
    5072 dllhost.exe
    4988 C:\Users\vincebaze\Desktop\MBRCheck.exe
    5160 C:\Windows\System32\conhost.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`4b100000 (NTFS)
    \\.\Q: --> \\.\PhysicalDrive0 at offset 0x00000037`c7a00000 (NTFS)
    \\.\S: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)

    PhysicalDrive0 Model Number: ST9250315AS, Rev: 0020LVM1

    Size Device Name MBR Status
    --------------------------------------------
    232 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
    SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


    Done!
     
    scorpion657,
    #9
  11. 2010/12/26
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Good job :)

    Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

    [color= "Blue"]**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**[/color]
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".
      • Click on [color= "Red"]this link[/color] to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
      • Close any open browsers.
      • [color= "Red"]WARNING:[/color] Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results ". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion ", restart computer to fix the issue.



    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.

    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 4 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click Rkill and choose Run as Administrator

    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    Rkill.com
    Rkill.scr
    Rkill.pif
    Rkill.exe

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
    broni,
    #10
  12. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    Here is the Combo fix log:

    ComboFix 10-12-26.01 - vincebaze 12/26/2010 21:17:14.1.4 - x86
    Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1909.1091 [GMT -5:00]
    Running from: c:\users\vincebaze\Desktop\ComboFix.exe
    AV: Norton Internet Security *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
    SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\PC-Doctor\Downloads\0318cd92-1082-41a8-8005-567dbdd61aa7.dll
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc.dll
    c:\program files\PC-Doctor\Downloads\12e0957c-a028-458b-a713-04f2f380501c.dll
    c:\program files\PC-Doctor\Downloads\5896c39c-8fca-4c0e-962d-81133d551d30.dll
    c:\program files\PC-Doctor\Downloads\6361920f-14b3-491b-8015-e043646f580a.dll
    c:\program files\PC-Doctor\Downloads\adf234e4-b843-4624-a554-881298b1790e.dll
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2.dll
    c:\windows\system32\Thumbs.db
    Q:\Autorun.inf

    .
    ((((((((((((((((((((((((( Files Created from 2010-11-27 to 2010-12-27 )))))))))))))))))))))))))))))))
    .

    2010-12-27 02:30 . 2010-12-27 02:49 -------- d-----w- c:\users\vincebaze\AppData\Local\temp
    2010-12-27 02:30 . 2010-12-27 02:30 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-12-25 17:15 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CE7F90D7-EAB2-4BDB-92AB-2C097C97E3A7}\mpengine.dll
    2010-12-25 05:53 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-12-25 05:53 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-25 05:09 . 2010-12-25 05:09 -------- d-----w- c:\users\vincebaze\AppData\Roaming\Malwarebytes
    2010-12-25 05:09 . 2010-12-25 05:09 -------- d-----w- c:\programdata\Malwarebytes
    2010-12-25 05:09 . 2010-12-25 17:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-12-16 02:33 . 2010-12-16 02:33 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-3\markup.dll
    2010-12-15 12:37 . 2010-12-15 12:37 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    2010-12-15 02:43 . 2010-10-12 04:25 516096 ----a-w- c:\program files\Windows Mail\wab.exe
    2010-12-15 02:43 . 2010-10-27 04:32 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-12-11 00:00 . 2010-12-11 00:00 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-12-16 02:17 . 2010-10-22 22:03 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2010-10-22 22:04 . 2010-10-22 22:04 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2010-10-22 22:04 . 2010-10-22 22:04 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2010-10-22 22:03 . 2010-10-22 22:03 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2010-10-19 15:41 . 2010-06-25 07:34 222080 ----a-w- c:\windows\system32\MpSigStub.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{548f6736-8fe4-4680-82f2-170d6c07e1d2} "= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]
    "{b9b97401-98e1-4942-930d-c36652dab7f2} "= "c:\program files\TranslatorBar_5\tbTra1.dll" [2010-09-11 2735200]

    [HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]

    [HKEY_CLASSES_ROOT\clsid\{b9b97401-98e1-4942-930d-c36652dab7f2}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
    2010-06-03 22:24 2736736 ----a-w- c:\program files\TranslatorBar_1.2\tbTran.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b9b97401-98e1-4942-930d-c36652dab7f2}]
    2010-09-11 23:30 2735200 ----a-w- c:\program files\TranslatorBar_5\tbTra1.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{548f6736-8fe4-4680-82f2-170d6c07e1d2} "= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]
    "{b9b97401-98e1-4942-930d-c36652dab7f2} "= "c:\program files\TranslatorBar_5\tbTra1.dll" [2010-09-11 2735200]

    [HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]

    [HKEY_CLASSES_ROOT\clsid\{b9b97401-98e1-4942-930d-c36652dab7f2}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{548F6736-8FE4-4680-82F2-170D6C07E1D2} "= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]
    "{B9B97401-98E1-4942-930D-C36652DAB7F2} "= "c:\program files\TranslatorBar_5\tbTra1.dll" [2010-09-11 2735200]

    [HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]

    [HKEY_CLASSES_ROOT\clsid\{b9b97401-98e1-4942-930d-c36652dab7f2}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-27 39408]
    "msnmsgr "= "c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "Google Update "= "c:\users\vincebaze\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-06-27 135664]
    "Skype "= "c:\program files\Skype\Phone\Skype.exe" [2009-06-26 24235816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TPHOTKEY "= "c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-11-17 69568]
    "TpShocks "= "TpShocks.exe" [2009-12-11 337256]
    "HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2010-02-01 175640]
    "Persistence "= "c:\windows\system32\igfxpers.exe" [2010-02-01 166936]
    "PWMTRV "= "c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-01-05 869736]
    "Message Center Plus "= "c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]
    "AcWin7Hlpr "= "c:\program files\Lenovo\Access Connections\AcTBenabler.exe" [2009-10-14 36864]
    "cssauth "= "c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2009-08-26 3089720]
    "MSN Toolbar "= "c:\program files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe" [2010-02-12 240992]
    "Microsoft Default Manager "= "c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
    "BabylonToolbar "= "c:\program files\BabylonToolbar\BabylonToolbar\1.4.15.4\BabylonToolbarsrv.exe" [2010-08-09 286720]
    "QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
    "AppleSyncNotifier "= "c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-22 47904]
    "iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2010-11-18 421160]
    "SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "Malwarebytes' Anti-Malware (reboot) "= "c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin "= 5 (0x5)
    "ConsentPromptBehaviorUser "= 3 (0x3)
    "EnableUIADesktopToggle "= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1 "=wdmaud.drv

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
    @= "FSFilter Activity Monitor "

    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 135664]
    R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
    R3 PCDSRVC{3037D694-FD904ACA-06020000}_0;PCDSRVC{3037D694-FD904ACA-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2010-05-07 21360]
    R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-05 75112]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-08 186912]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
    R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [2010-06-25 48688]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-25 1343400]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS [2010-06-25 310320]
    S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520]
    S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys [2010-01-20 259632]
    S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys [2010-06-26 482432]
    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100723.001\IDSvix86.sys [2010-06-05 344112]
    S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\LENOVO\HOTKEY\CAMMUTE.exe [2009-11-09 54632]
    S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-11-17 44984]
    S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [2010-06-25 117640]
    S2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);c:\program files\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [2010-02-05 331512]
    S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
    S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-11-16 62904]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
    S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2009-06-18 125568]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-01-06 132352]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-07 232448]
    S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
    S3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);c:\windows\system32\DRIVERS\qcfilterlno2k.sys [2010-02-05 5248]
    S3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);c:\windows\system32\DRIVERS\qcusbnetlno2k.sys [2010-02-05 207360]
    S3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);c:\windows\system32\DRIVERS\qcusbserlno2k.sys [2010-02-05 106880]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-10-02 204288]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

    .
    Contents of the 'Scheduled Tasks' folder

    2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 21:11]

    2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 21:11]

    2010-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1399031874-2588190885-375607663-1003Core.job
    - c:\users\vincebaze\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 21:11]

    2010-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1399031874-2588190885-375607663-1003UA.job
    - c:\users\vincebaze\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 21:11]

    2010-06-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
    - c:\program files\PC-Doctor\uaclauncher.exe [2010-05-07 19:46]

    2010-12-16 c:\windows\Tasks\SystemToolsDailyTest.job
    - c:\program files\PC-Doctor\pcdrcui.exe [2010-05-08 21:08]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    .
    - - - - ORPHANS REMOVED - - - -

    Toolbar-Locked - (no file)
    HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe



    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Norton Internet Security]
    "ImagePath "= "\ "c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe\" /s \ "Norton Internet Security\" /m \ "c:\program files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll\" /prefetch:1 "

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{3037D694-FD904ACA-06020000}_0]
    "ImagePath "= "\??\c:\program files\pc-doctor\pcdsrvc.pkms "
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial "=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'Explorer.exe'(5124)
    c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
    c:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLL
    c:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\ibmpmsvc.exe
    c:\windows\system32\WLANExt.exe
    c:\windows\system32\conhost.exe
    c:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Intel\WiFi\bin\EvtEng.exe
    c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    c:\program files\Lenovo\Access Connections\AcSvc.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    c:\program files\Lenovo\System Update\SUService.exe
    c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    c:\progra~1\Lenovo\HOTKEY\tpnumlkd.exe
    c:\windows\system32\taskhost.exe
    c:\windows\system32\conhost.exe
    c:\windows\System32\TpShocks.exe
    c:\program files\Lenovo\HOTKEY\TPONSCR.exe
    c:\windows\System32\rundll32.exe
    c:\windows\system32\igfxsrvc.exe
    c:\program files\Synaptics\SynTP\SynTPEnh.exe
    c:\program files\Synaptics\SynTP\SynTPLpr.exe
    c:\program files\Synaptics\SynTP\SynTPHelper.exe
    c:\windows\system32\igfxext.exe
    c:\program files\iPod\bin\iPodService.exe
    .
    **************************************************************************
    .
    Completion time: 2010-12-26 22:00:22 - machine was rebooted
    ComboFix-quarantined-files.txt 2010-12-27 03:00

    Pre-Run: 197,117,030,400 bytes free
    Post-Run: 196,858,474,496 bytes free

    - - End Of File - - 5D73DE0E86F169F4EF9AE85F4BC4A4EC
     
    scorpion657,
    #11
  13. 2010/12/26
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    1. Please open Notepad
    • Click Start , then Run
    • Type notepad .exe in the Run Box.

    2. Now copy/paste the entire content of the codebox below into the Notepad window:

    Code:
    File::
c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
c:\windows\Tasks\SystemToolsDailyTest.job


Folder::
c:\program files\PC-Doctor


Registry::
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{3037D694-FD904ACA-06020000}_0]
 "ImagePath "=-

    3. Save the above as CFScript.txt

    4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

    5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

    [​IMG]


    6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
    • Combofix.txt
     
    broni,
    #12
  14. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    Here is the new log:

    ComboFix 10-12-26.01 - vincebaze 12/26/2010 22:32:32.2.4 - x86
    Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1909.993 [GMT -5:00]
    Running from: c:\users\vincebaze\Desktop\ComboFix.exe
    Command switches used :: c:\users\vincebaze\Desktop\CFScript.txt
    AV: Norton Internet Security *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
    SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    FILE ::
    "c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job "
    "c:\windows\Tasks\SystemToolsDailyTest.job "
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\PC-Doctor
    c:\program files\PC-Doctor\AddOns\PCDoctor.AddOns.dll
    c:\program files\PC-Doctor\AddOns\PCDoctor.AddOns.Ltt.dll
    c:\program files\PC-Doctor\applauncher.exe
    c:\program files\PC-Doctor\Asapi.dll
    c:\program files\PC-Doctor\asapicsharp.dll
    c:\program files\PC-Doctor\AsapiLoggerConfig.xml
    c:\program files\PC-Doctor\Ata.dll
    c:\program files\PC-Doctor\AtaInfo.dll
    c:\program files\PC-Doctor\ATLPcdToolbar545009.dll
    c:\program files\PC-Doctor\ATLPcdToolbar551452.dll
    c:\program files\PC-Doctor\Audio.dll
    c:\program files\PC-Doctor\Battery.dll
    c:\program files\PC-Doctor\bundle.dll.mui
    c:\program files\PC-Doctor\colladadom.dll
    c:\program files\PC-Doctor\Common.dll
    c:\program files\PC-Doctor\Configuration\conditionalTests.xml
    c:\program files\PC-Doctor\Configuration\conditionalTests_lenovo.xml
    c:\program files\PC-Doctor\Configuration\contact.properties
    c:\program files\PC-Doctor\Configuration\deviceinfo.xml
    c:\program files\PC-Doctor\Configuration\externalTools.xml
    c:\program files\PC-Doctor\Configuration\helpcategories.xml
    c:\program files\PC-Doctor\Configuration\linkpanelcategories.xml
    c:\program files\PC-Doctor\Configuration\linkpanelcategories_lenovo.xml
    c:\program files\PC-Doctor\Configuration\mini-sysinfo.xml
    c:\program files\PC-Doctor\Configuration\pieSetting.xml
    c:\program files\PC-Doctor\Configuration\RMATip_Battery_SysinfoFilter.xml
    c:\program files\PC-Doctor\Configuration\sysinfo-extended_lenovo.xml
    c:\program files\PC-Doctor\Configuration\sysinfo-profiler.xml
    c:\program files\PC-Doctor\Configuration\sysinfo.xml
    c:\program files\PC-Doctor\Configuration\sysinfo_lenovo.xml
    c:\program files\PC-Doctor\Configuration\sysinfoincludes.xml
    c:\program files\PC-Doctor\Configuration\troubleshooters.xml
    c:\program files\PC-Doctor\cpStrings.dll
    c:\program files\PC-Doctor\cptasks.xml
    c:\program files\PC-Doctor\CSharpCommon.dll
    c:\program files\PC-Doctor\Csmi.dll
    c:\program files\PC-Doctor\cudart.dll
    c:\program files\PC-Doctor\CudaTest.dll
    c:\program files\PC-Doctor\D3DCompiler_42.dll
    c:\program files\PC-Doctor\d3dx10_42.dll
    c:\program files\PC-Doctor\d3dx11_42.dll
    c:\program files\PC-Doctor\d3dx9_42.dll
    c:\program files\PC-Doctor\Dapi5.dll
    c:\program files\PC-Doctor\DataStore.dll
    c:\program files\PC-Doctor\DataStoreCSharp.dll
    c:\program files\PC-Doctor\DiskScanner.dll
    c:\program files\PC-Doctor\DiskScannerCSharp.dll
    c:\program files\PC-Doctor\Downloads\0318cd92-1082-41a8-8005-567dbdd61aa7-aa60bda1-c1de-4588-bb77-d8121be180fd.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_da.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_de.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_es.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_fi.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_fr.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_it.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_ja.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_ko.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_nb.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_nl.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_pl.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_pt.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_ru.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_sv.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_zh-cn.p5p
    c:\program files\PC-Doctor\Downloads\09ce0ed7-58db-4be9-b311-80b4fd9fd9bc-53a0e557-aa4a-4941-bf87-269a4563fc16_zh-tw.p5p
    c:\program files\PC-Doctor\Downloads\0e53a45b-5a41-43e5-96ab-776b00e48a6e-51507ce0-0b3e-44c9-a0bc-1bdae2a46536.p5p
    c:\program files\PC-Doctor\Downloads\0e53a45b-5a41-43e5-96ab-776b00e48a6e.dll
    c:\program files\PC-Doctor\Downloads\12e0957c-a028-458b-a713-04f2f380501c-22f98075-f5cb-4ad1-b6df-79d4b0eff4ad.p5p
    c:\program files\PC-Doctor\Downloads\283cdc40-c633-4749-b3ad-8eb5e8b11b5c-d33d8341-868d-4957-938d-7a4ce8857169.p5p
    c:\program files\PC-Doctor\Downloads\283cdc40-c633-4749-b3ad-8eb5e8b11b5c.dll
    c:\program files\PC-Doctor\Downloads\434b795d-fe06-4495-801e-fa92d93babbc-22697878-46ef-40bf-aa37-55d0d7bf98be.p5p
    c:\program files\PC-Doctor\Downloads\434b795d-fe06-4495-801e-fa92d93babbc.dll
    c:\program files\PC-Doctor\Downloads\4506fabd-988f-4627-a1de-44b2f1093b08-f54fc382-dc9f-4cd5-91ac-eb92e5ef6e69.p5p
    c:\program files\PC-Doctor\Downloads\4506fabd-988f-4627-a1de-44b2f1093b08.dll
    c:\program files\PC-Doctor\Downloads\562ad818-216b-4d77-8b40-834630104d2c-ca2f9bd4-359e-4a9d-b830-84f01c59cf5b.p5p
    c:\program files\PC-Doctor\Downloads\562ad818-216b-4d77-8b40-834630104d2c.dll
    c:\program files\PC-Doctor\Downloads\5896c39c-8fca-4c0e-962d-81133d551d30-5bc3a0c6-d200-41be-9cb4-13eb148a9797.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_da.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_de.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_es.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_fi.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_fr.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_it.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_ja.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_ko.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_nb.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_nl.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_pl.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_pt.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_ru.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_sv.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_zh-cn.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f-71d06fd7-05e5-483a-999a-144e0d18ac80_zh-tw.p5p
    c:\program files\PC-Doctor\Downloads\746b3523-df66-4ed9-beaa-88464b84933f.dll
    c:\program files\PC-Doctor\Downloads\83db0f34-4452-4946-92c2-31dcd99767dd-f17f4d1d-8742-4761-a6f2-ad4108699e96.p5p
    c:\program files\PC-Doctor\Downloads\83db0f34-4452-4946-92c2-31dcd99767dd.dll
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_da.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_de.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_es.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_fi.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_fr.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_it.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_ja.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_ko.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_nb.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_nl.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_pl.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_pt.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_ru.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_sv.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_zh-cn.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3-294f7ba7-0a7e-4abd-bb8c-6f7d78792019_zh-tw.p5p
    c:\program files\PC-Doctor\Downloads\90110d4d-0aa3-42f8-b48a-92aebd9d59f3.dll
    c:\program files\PC-Doctor\Downloads\9ad80016-92d9-41a4-9436-c44907366397-94b17d1d-185f-43e9-92c8-6695ee351578.p5p
    c:\program files\PC-Doctor\Downloads\9ad80016-92d9-41a4-9436-c44907366397.dll
    c:\program files\PC-Doctor\Downloads\adf234e4-b843-4624-a554-881298b1790e-c6efc4b7-e9c6-4b10-a449-e3e0651092eb_zh-cn.p5p
    c:\program files\PC-Doctor\Downloads\b34a10f6-a592-424f-af97-b051783f9dd2-502d8695-947b-4c9f-9e47-60ea7777ebdf.p5p
    c:\program files\PC-Doctor\Downloads\b34a10f6-a592-424f-af97-b051783f9dd2.dll
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_da.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_de.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_es.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_fi.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_fr.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_it.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_ja.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_ko.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_nb.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_nl.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_pl.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_pt.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_ru.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_sv.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_zh-cn.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60-55898fb7-5ccf-4e52-b8e2-c1b9a30020e0_zh-tw.p5p
    c:\program files\PC-Doctor\Downloads\bead45d2-b2dc-44e3-94f8-c7de6979be60.dll
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_da.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_de.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_es.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_fi.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_fr.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_it.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_ja.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_ko.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_nb.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_nl.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_pl.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_pt.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_ru.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_sv.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_zh-cn.p5p
    c:\program files\PC-Doctor\Downloads\d754c4cc-ae68-4d17-afb7-55002296e1e2-faa25953-e7f6-4655-a37a-ef56bd336055_zh-tw.p5p
    c:\program files\PC-Doctor\Downloads\deb3a078-d61f-432f-954b-2bdea6e53e8e-62598e80-66ed-4af8-b823-b5bbbc5751a1.p5p
    c:\program files\PC-Doctor\Downloads\deb3a078-d61f-432f-954b-2bdea6e53e8e.dll
    c:\program files\PC-Doctor\Downloads\ec6735a3-9204-4734-bb0f-5859e58b13b2-516fd882-9853-4186-b5b6-768150be6bc4.p5p
    c:\program files\PC-Doctor\Downloads\ec6735a3-9204-4734-bb0f-5859e58b13b2.dll
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_da.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_de.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_es.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_fi.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_fr.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_it.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_ja.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_ko.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_nl.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_pl.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_pt.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_ru.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_sv.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_zh-cn.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c-6e424466-4307-4ab9-82ab-eba6860d6a77_zh-tw.p5p
    c:\program files\PC-Doctor\Downloads\f1d18230-9731-47f0-b9f4-b537abcbb39c.dll
    c:\program files\PC-Doctor\Downloads\f64109b2-74cc-4638-ae17-228b7886774b-a7cd0963-b813-49a3-822c-aef8c4adde46.p5p
    c:\program files\PC-Doctor\Downloads\f64109b2-74cc-4638-ae17-228b7886774b.dll
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_da.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_de.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_es.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_fi.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_fr.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_it.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_ja.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_ko.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_nb.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_nl.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_pl.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_pt.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_ru.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_sv.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_zh-cn.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27-4a929f9e-3f39-460b-a76b-8f0a8e85911d_zh-tw.p5p
    c:\program files\PC-Doctor\Downloads\fd85aea7-408e-4ff8-bdca-73b1320e8b27.dll
    c:\program files\PC-Doctor\Downloads\proxy-74492c49-e416-4663-89bb-684651f1ab67.dll
    c:\program files\PC-Doctor\Drive.dll
    c:\program files\PC-Doctor\Drive2.dll
    c:\program files\PC-Doctor\drivers\pcdrndisuio\x86\pcdrndisuio.cat
    c:\program files\PC-Doctor\drivers\pcdrndisuio\x86\pcdrndisuio.inf
    c:\program files\PC-Doctor\drivers\pcdrndisuio\x86\pcdrndisuio.sys
    c:\program files\PC-Doctor\EnableToolbarW32.exe
    c:\program files\PC-Doctor\Engine.dll
    c:\program files\PC-Doctor\EngineLoggerConfig.xml
    c:\program files\PC-Doctor\Enumerator.dll
    c:\program files\PC-Doctor\externalinterfaces.dll
    c:\program files\PC-Doctor\FilterDriverFix.exe
    c:\program files\PC-Doctor\Gapi.dll
    c:\program files\PC-Doctor\GapiCSharp.dll
    c:\program files\PC-Doctor\Http_winhttp.dll
    c:\program files\PC-Doctor\Images\aboutImage.png
    c:\program files\PC-Doctor\Images\access_connections_thumbnail.png
    c:\program files\PC-Doctor\Images\application_icon.png
    c:\program files\PC-Doctor\Images\blue_talk_bubble.png
    c:\program files\PC-Doctor\Images\bootable_diags_96dpi.png
    c:\program files\PC-Doctor\Images\branding\png\lenovo\lenovo_logo.png
    c:\program files\PC-Doctor\Images\carecenter\advanced_tools.png
    c:\program files\PC-Doctor\Images\carecenter\alert_bar_gray.png
    c:\program files\PC-Doctor\Images\carecenter\alert_bar_green.png
    c:\program files\PC-Doctor\Images\carecenter\alert_bar_red.png
    c:\program files\PC-Doctor\Images\carecenter\alert_bar_yellow.png
    c:\program files\PC-Doctor\Images\carecenter\app_overlay_icon_lenovo.png
    c:\program files\PC-Doctor\Images\carecenter\down.png
    c:\program files\PC-Doctor\Images\carecenter\feedback_icon.png
    c:\program files\PC-Doctor\Images\carecenter\folder.png
    c:\program files\PC-Doctor\Images\carecenter\hand_closed.png
    c:\program files\PC-Doctor\Images\carecenter\hand_open.png
    c:\program files\PC-Doctor\Images\carecenter\help.png
    c:\program files\PC-Doctor\Images\carecenter\help\HelpAct.png
    c:\program files\PC-Doctor\Images\carecenter\help\HelpClick.png
    c:\program files\PC-Doctor\Images\carecenter\help\HelpFocus.png
    c:\program files\PC-Doctor\Images\carecenter\help\HelpRollo.png
    c:\program files\PC-Doctor\Images\carecenter\home_diagsandtools.png
    c:\program files\PC-Doctor\Images\carecenter\home_diagsandtools_focus.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_health_error.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_health_error_focus.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_health_good.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_health_good_focus.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_health_gray.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_health_gray_focus.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_health_warning.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_health_warning_focus.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_security_error.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_security_error_focus.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_security_good.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_security_good_focus.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_security_gray.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_security_gray_focus.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_security_warning.png
    c:\program files\PC-Doctor\Images\carecenter\home_system_security_warning_focus.png
    c:\program files\PC-Doctor\Images\carecenter\img24\feedback.png
    c:\program files\PC-Doctor\Images\carecenter\img32\advanced_tools.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_de.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_en.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_es.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_fr.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_de.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_en.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_es.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_fr.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_it.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_ja.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_ko.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_nl.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_pt.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_ru.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_zh-cn.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_hover_zh-tw.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_it.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_ja.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_ko.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_nl.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_pt.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_ru.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_zh-cn.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\AddMemoryOffer_zh-tw.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_de.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_en.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_es.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_fr.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_de.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_en.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_es.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_fr.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_it.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_ja.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_ko.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_nl.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_pt.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_ru.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_zh-cn.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_hover_zh-tw.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_it.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_ja.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_ko.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_nl.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_pt.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_ru.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_zh-cn.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\BackupOffer_zh-tw.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_de.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_en.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_es.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_fr.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_de.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_en.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_es.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_fr.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_it.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_ja.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_ko.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_nl.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_pt.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_ru.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_zh-cn.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_hover_zh-tw.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_it.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_ja.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_ko.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_nl.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_pt.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_ru.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_zh-cn.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewAcAdapter_zh-tw.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_de.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_en.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_es.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_fr.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_de.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_en.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_es.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_fr.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_it.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_ja.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_ko.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_nl.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_pt.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_ru.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_zh-cn.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_hover_zh-tw.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_it.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_ja.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_ko.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_nl.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_pt.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_ru.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_zh-cn.png
    c:\program files\PC-Doctor\Images\carecenter\marketing\primitive\NewBattery_zh-tw.png
    c:\program files\PC-Doctor\Images\carecenter\powered_by.png
    c:\program files\PC-Doctor\Images\carecenter\refresh.png
    c:\program files\PC-Doctor\Images\carecenter\support_downloads_icon.png
    c:\program files\PC-Doctor\Images\carecenter\system_health_fail.png
    c:\program files\PC-Doctor\Images\carecenter\system_health_pass.png
    c:\program files\PC-Doctor\Images\carecenter\system_security_fail.png
    c:\program files\PC-Doctor\Images\carecenter\system_security_pass.png
    c:\program files\PC-Doctor\Images\carecenter\tools\control_panel.png
    c:\program files\PC-Doctor\Images\carecenter\tools\device_manager.png
    c:\program files\PC-Doctor\Images\carecenter\tools\full_system_test.png
    c:\program files\PC-Doctor\Images\carecenter\tools\help.png
    c:\program files\PC-Doctor\Images\carecenter\tools\installed_programs.png
    c:\program files\PC-Doctor\Images\carecenter\tools\power_options.png
    c:\program files\PC-Doctor\Images\carecenter\tools\scheduled_hardware_check.png
    c:\program files\PC-Doctor\Images\carecenter\tools\security.png
    c:\program files\PC-Doctor\Images\carecenter\tools\system_stress_test.png
    c:\program files\PC-Doctor\Images\carecenter\tools\web_help.png
    c:\program files\PC-Doctor\Images\carecenter\up.png
    c:\program files\PC-Doctor\Images\carecenter\zoom_in.png
    c:\program files\PC-Doctor\Images\carecenter\zoom_out.png
    c:\program files\PC-Doctor\Images\circle_blue.png
    c:\program files\PC-Doctor\Images\circle_blue_i.png
    c:\program files\PC-Doctor\Images\circle_gray.png
    c:\program files\PC-Doctor\Images\circle_gray_wait.png
    c:\program files\PC-Doctor\Images\circle_green.png
    c:\program files\PC-Doctor\Images\circle_green_tick.png
    c:\program files\PC-Doctor\Images\circle_offer.png
    c:\program files\PC-Doctor\Images\circle_orange.png
    c:\program files\PC-Doctor\Images\circle_red.png
    c:\program files\PC-Doctor\Images\circle_red_x.png
    c:\program files\PC-Doctor\Images\circle_yellow.png
    c:\program files\PC-Doctor\Images\circle_yellow_bang.png
    c:\program files\PC-Doctor\Images\close_button.png
    c:\program files\PC-Doctor\Images\close_hover.png
    c:\program files\PC-Doctor\Images\close_normal.png
    c:\program files\PC-Doctor\Images\Downloads\0318cd92-1082-41a8-8005-567dbdd61aa7-aa60bda1-c1de-4588-bb77-d8121be180fd\toast_holiday_promotion.png
    c:\program files\PC-Doctor\Images\Downloads\12e0957c-a028-458b-a713-04f2f380501c-22f98075-f5cb-4ad1-b6df-79d4b0eff4ad\ubt_holiday_promotion.png
    c:\program files\PC-Doctor\Images\Downloads\283cdc40-c633-4749-b3ad-8eb5e8b11b5c-d33d8341-868d-4957-938d-7a4ce8857169\ubt_gobi_verizon_att_sprint.png
    c:\program files\PC-Doctor\Images\Downloads\434b795d-fe06-4495-801e-fa92d93babbc-22697878-46ef-40bf-aa37-55d0d7bf98be\ubt_support_recommended_action.png
    c:\program files\PC-Doctor\Images\Downloads\4506fabd-988f-4627-a1de-44b2f1093b08-f54fc382-dc9f-4cd5-91ac-eb92e5ef6e69\ubt_slim_power_supply2.PNG
    c:\program files\PC-Doctor\Images\Downloads\5896c39c-8fca-4c0e-962d-81133d551d30-5bc3a0c6-d200-41be-9cb4-13eb148a9797\ubt_holiday_accessories.png
    c:\program files\PC-Doctor\Images\Downloads\83db0f34-4452-4946-92c2-31dcd99767dd-f17f4d1d-8742-4761-a6f2-ad4108699e96\ubt_support_recommended_action.png
    c:\program files\PC-Doctor\Images\Downloads\deb3a078-d61f-432f-954b-2bdea6e53e8e-62598e80-66ed-4af8-b823-b5bbbc5751a1\ubt_gobi_verizon.png
    c:\program files\PC-Doctor\Images\Downloads\ec6735a3-9204-4734-bb0f-5859e58b13b2-516fd882-9853-4186-b5b6-768150be6bc4\ubt_warranty_upgrade_2.png
     
    Last edited: 2010/12/26
    scorpion657,
    #13
  15. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    c:\program files\PC-Doctor\Images\generic_banner.png
    c:\program files\PC-Doctor\Images\generic_banner_rtl.png
    c:\program files\PC-Doctor\Images\gold_talk_bubble.png
    c:\program files\PC-Doctor\Images\gradient_divider.png
    c:\program files\PC-Doctor\Images\help.png
    c:\program files\PC-Doctor\Images\help_focused.png
    c:\program files\PC-Doctor\Images\help_focused_hovered.png
    c:\program files\PC-Doctor\Images\help_hovered.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_black.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_black_mini.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_blue.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_gray.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_gray_mini.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_green.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_green_mini.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_red.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_red_mini.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_yellow.png
    c:\program files\PC-Doctor\Images\historyreport\history_report_yellow_mini.png
    c:\program files\PC-Doctor\Images\icon_channel_backdrop.png
    c:\program files\PC-Doctor\Images\icons\png\256_256\laptop.png
    c:\program files\PC-Doctor\Images\icons\png\256_256\monitor.png
    c:\program files\PC-Doctor\Images\icons\png\256_256\widescreen_television.png
    c:\program files\PC-Doctor\Images\icons\png\32_32\display_port.png
    c:\program files\PC-Doctor\Images\icons\png\32_32\dvi_port.png
    c:\program files\PC-Doctor\Images\icons\png\32_32\hdmi_port.png
    c:\program files\PC-Doctor\Images\icons\png\32_32\laptop.png
    c:\program files\PC-Doctor\Images\icons\png\32_32\monitor.png
    c:\program files\PC-Doctor\Images\icons\png\32_32\unknown_port.png
    c:\program files\PC-Doctor\Images\icons\png\32_32\vga_port.png
    c:\program files\PC-Doctor\Images\icons\png\32_32\widescreen_television.png
    c:\program files\PC-Doctor\Images\icons\png\64_64\display_port.png
    c:\program files\PC-Doctor\Images\icons\png\64_64\dvi_port.png
    c:\program files\PC-Doctor\Images\icons\png\64_64\hdmi_port.png
    c:\program files\PC-Doctor\Images\icons\png\64_64\laptop.png
    c:\program files\PC-Doctor\Images\icons\png\64_64\monitor.png
    c:\program files\PC-Doctor\Images\icons\png\64_64\unknown_port.png
    c:\program files\PC-Doctor\Images\icons\png\64_64\vga_port.png
    c:\program files\PC-Doctor\Images\icons\png\64_64\widescreen_television.png
    c:\program files\PC-Doctor\Images\img16_16\1394.png
    c:\program files\PC-Doctor\Images\img16_16\akilok_blue.png
    c:\program files\PC-Doctor\Images\img16_16\akilok_green.png
    c:\program files\PC-Doctor\Images\img16_16\akilok_red.png
    c:\program files\PC-Doctor\Images\img16_16\akilok_yellow.png
    c:\program files\PC-Doctor\Images\img16_16\alert.png
    c:\program files\PC-Doctor\Images\img16_16\alert_2.png
    c:\program files\PC-Doctor\Images\img16_16\antenna_diversity.png
    c:\program files\PC-Doctor\Images\img16_16\application_icon.png
    c:\program files\PC-Doctor\Images\img16_16\arrow_left.png
    c:\program files\PC-Doctor\Images\img16_16\arrow_right.png
    c:\program files\PC-Doctor\Images\img16_16\audio.png
    c:\program files\PC-Doctor\Images\img16_16\battery.png
    c:\program files\PC-Doctor\Images\img16_16\benchmark.png
    c:\program files\PC-Doctor\Images\img16_16\bluetooth.png
    c:\program files\PC-Doctor\Images\img16_16\burn_in.png
    c:\program files\PC-Doctor\Images\img16_16\change_options.png
    c:\program files\PC-Doctor\Images\img16_16\circle_blue.png
    c:\program files\PC-Doctor\Images\img16_16\circle_green.png
    c:\program files\PC-Doctor\Images\img16_16\circle_grey.png
    c:\program files\PC-Doctor\Images\img16_16\circle_orange.png
    c:\program files\PC-Doctor\Images\img16_16\circle_red.png
    c:\program files\PC-Doctor\Images\img16_16\circle_yellow.png
    c:\program files\PC-Doctor\Images\img16_16\cleanmgr.png
    c:\program files\PC-Doctor\Images\img16_16\clock.png
    c:\program files\PC-Doctor\Images\img16_16\color_mgmt.png
    c:\program files\PC-Doctor\Images\img16_16\communications-category.png
    c:\program files\PC-Doctor\Images\img16_16\communications.png
    c:\program files\PC-Doctor\Images\img16_16\completeTest.png
    c:\program files\PC-Doctor\Images\img16_16\computer_diagnostics.png
    c:\program files\PC-Doctor\Images\img16_16\computer_system_mini_tower.png
    c:\program files\PC-Doctor\Images\img16_16\control.png
    c:\program files\PC-Doctor\Images\img16_16\controller.png
    c:\program files\PC-Doctor\Images\img16_16\cp_DManager.png
    c:\program files\PC-Doctor\Images\img16_16\cp_keyboard.png
    c:\program files\PC-Doctor\Images\img16_16\cp_modem.png
    c:\program files\PC-Doctor\Images\img16_16\cp_mouse.png
    c:\program files\PC-Doctor\Images\img16_16\cp_network.png
    c:\program files\PC-Doctor\Images\img16_16\cp_printer.png
    c:\program files\PC-Doctor\Images\img16_16\cpu.png
    c:\program files\PC-Doctor\Images\img16_16\data.png
    c:\program files\PC-Doctor\Images\img16_16\desktop-computer.png
    c:\program files\PC-Doctor\Images\img16_16\dfrg.png
    c:\program files\PC-Doctor\Images\img16_16\disabled.png
    c:\program files\PC-Doctor\Images\img16_16\display.png
    c:\program files\PC-Doctor\Images\img16_16\dxdiag.png
    c:\program files\PC-Doctor\Images\img16_16\edit_settings.png
    c:\program files\PC-Doctor\Images\img16_16\editSettings.png
    c:\program files\PC-Doctor\Images\img16_16\ergonomic-keyboard.png
    c:\program files\PC-Doctor\Images\img16_16\error-2.png
    c:\program files\PC-Doctor\Images\img16_16\error_1.png
    c:\program files\PC-Doctor\Images\img16_16\errorReport.png
    c:\program files\PC-Doctor\Images\img16_16\fail.png
    c:\program files\PC-Doctor\Images\img16_16\fast_forward_2.png
    c:\program files\PC-Doctor\Images\img16_16\fingerprint_sensor.png
    c:\program files\PC-Doctor\Images\img16_16\firewall.png
    c:\program files\PC-Doctor\Images\img16_16\floppy-drive.png
    c:\program files\PC-Doctor\Images\img16_16\folder.png
    c:\program files\PC-Doctor\Images\img16_16\globe.png
    c:\program files\PC-Doctor\Images\img16_16\green_check.png
    c:\program files\PC-Doctor\Images\img16_16\harddrive.png
    c:\program files\PC-Doctor\Images\img16_16\help.png
    c:\program files\PC-Doctor\Images\img16_16\help_sq.png
    c:\program files\PC-Doctor\Images\img16_16\help_sq_focus.png
    c:\program files\PC-Doctor\Images\img16_16\home.png
    c:\program files\PC-Doctor\Images\img16_16\installed_program.png
    c:\program files\PC-Doctor\Images\img16_16\internetProperties.png
    c:\program files\PC-Doctor\Images\img16_16\irda.png
    c:\program files\PC-Doctor\Images\img16_16\laptop.png
    c:\program files\PC-Doctor\Images\img16_16\log.png
    c:\program files\PC-Doctor\Images\img16_16\magnifying_glass.png
    c:\program files\PC-Doctor\Images\img16_16\media-drive.png
    c:\program files\PC-Doctor\Images\img16_16\memory-reader.png
    c:\program files\PC-Doctor\Images\img16_16\memory.png
    c:\program files\PC-Doctor\Images\img16_16\microphone.png
    c:\program files\PC-Doctor\Images\img16_16\minitower-computer.png
    c:\program files\PC-Doctor\Images\img16_16\modem.png
    c:\program files\PC-Doctor\Images\img16_16\monitor.png
    c:\program files\PC-Doctor\Images\img16_16\motherboard.png
    c:\program files\PC-Doctor\Images\img16_16\mouse.png
    c:\program files\PC-Doctor\Images\img16_16\msconfig.png
    c:\program files\PC-Doctor\Images\img16_16\music_note.png
    c:\program files\PC-Doctor\Images\img16_16\na.gif
    c:\program files\PC-Doctor\Images\img16_16\na.png
    c:\program files\PC-Doctor\Images\img16_16\network.png
    c:\program files\PC-Doctor\Images\img16_16\normal-keyboard.png
    c:\program files\PC-Doctor\Images\img16_16\optical-drive.png
    c:\program files\PC-Doctor\Images\img16_16\other.png
    c:\program files\PC-Doctor\Images\img16_16\parallelport.png
    c:\program files\PC-Doctor\Images\img16_16\pass-2.png
    c:\program files\PC-Doctor\Images\img16_16\pass.png
    c:\program files\PC-Doctor\Images\img16_16\pccard.png
    c:\program files\PC-Doctor\Images\img16_16\pci.png
    c:\program files\PC-Doctor\Images\img16_16\power.png
    c:\program files\PC-Doctor\Images\img16_16\preShipment_Test.png
    c:\program files\PC-Doctor\Images\img16_16\printer.png
    c:\program files\PC-Doctor\Images\img16_16\printer_default.png
    c:\program files\PC-Doctor\Images\img16_16\product-update.png
    c:\program files\PC-Doctor\Images\img16_16\quick_test.png
    c:\program files\PC-Doctor\Images\img16_16\ready_boost.png
    c:\program files\PC-Doctor\Images\img16_16\refresh.png
    c:\program files\PC-Doctor\Images\img16_16\removable-drive.png
    c:\program files\PC-Doctor\Images\img16_16\results.png
    c:\program files\PC-Doctor\Images\img16_16\rewind_2.png
    c:\program files\PC-Doctor\Images\img16_16\run_script.png
    c:\program files\PC-Doctor\Images\img16_16\script-pass.png
    c:\program files\PC-Doctor\Images\img16_16\scsi.png
    c:\program files\PC-Doctor\Images\img16_16\serialport.png
    c:\program files\PC-Doctor\Images\img16_16\settings_icon.png
    c:\program files\PC-Doctor\Images\img16_16\sndvol32.png
    c:\program files\PC-Doctor\Images\img16_16\speakers.png
    c:\program files\PC-Doctor\Images\img16_16\stopTest.png
    c:\program files\PC-Doctor\Images\img16_16\storage.png
    c:\program files\PC-Doctor\Images\img16_16\system.png
    c:\program files\PC-Doctor\Images\img16_16\system_information.png
    c:\program files\PC-Doctor\Images\img16_16\system_information_2.png
    c:\program files\PC-Doctor\Images\img16_16\system_profiler.png
    c:\program files\PC-Doctor\Images\img16_16\temperature.png
    c:\program files\PC-Doctor\Images\img16_16\tools.png
    c:\program files\PC-Doctor\Images\img16_16\touchscreen.png
    c:\program files\PC-Doctor\Images\img16_16\usb.png
    c:\program files\PC-Doctor\Images\img16_16\users.png
    c:\program files\PC-Doctor\Images\img16_16\video-card.png
    c:\program files\PC-Doctor\Images\img16_16\video-strip.png
    c:\program files\PC-Doctor\Images\img16_16\video.png
    c:\program files\PC-Doctor\Images\img16_16\warning-3.png
    c:\program files\PC-Doctor\Images\img16_16\warning.png
    c:\program files\PC-Doctor\Images\img16_16\webcam.png
    c:\program files\PC-Doctor\Images\img16_16\widget.png
    c:\program files\PC-Doctor\Images\img16_16\windows.png
    c:\program files\PC-Doctor\Images\img16_16\wirelessConfig.png
    c:\program files\PC-Doctor\Images\img16_16\workstation-computer.png
    c:\program files\PC-Doctor\Images\img16_16\yield-1.png
    c:\program files\PC-Doctor\Images\img24_24\1394.png
    c:\program files\PC-Doctor\Images\img24_24\akilok_blue.png
    c:\program files\PC-Doctor\Images\img24_24\akilok_green.png
    c:\program files\PC-Doctor\Images\img24_24\akilok_red.png
    c:\program files\PC-Doctor\Images\img24_24\akilok_yellow.png
    c:\program files\PC-Doctor\Images\img24_24\alert.png
    c:\program files\PC-Doctor\Images\img24_24\alert_2.png
    c:\program files\PC-Doctor\Images\img24_24\antenna_diversity.png
    c:\program files\PC-Doctor\Images\img24_24\appIcon.png
    c:\program files\PC-Doctor\Images\img24_24\application_icon.png
    c:\program files\PC-Doctor\Images\img24_24\arrow_down.png
    c:\program files\PC-Doctor\Images\img24_24\arrow_left.png
    c:\program files\PC-Doctor\Images\img24_24\arrow_right.png
    c:\program files\PC-Doctor\Images\img24_24\arrow_up.png
    c:\program files\PC-Doctor\Images\img24_24\audio.png
    c:\program files\PC-Doctor\Images\img24_24\back_disabled.png
    c:\program files\PC-Doctor\Images\img24_24\battery.png
    c:\program files\PC-Doctor\Images\img24_24\benchmark.png
    c:\program files\PC-Doctor\Images\img24_24\bluetooth.png
    c:\program files\PC-Doctor\Images\img24_24\burn_in.png
    c:\program files\PC-Doctor\Images\img24_24\change_options.png
    c:\program files\PC-Doctor\Images\img24_24\circle_blue.png
    c:\program files\PC-Doctor\Images\img24_24\circle_green.png
    c:\program files\PC-Doctor\Images\img24_24\circle_grey.png
    c:\program files\PC-Doctor\Images\img24_24\circle_orange.png
    c:\program files\PC-Doctor\Images\img24_24\circle_red.png
    c:\program files\PC-Doctor\Images\img24_24\circle_yellow.png
    c:\program files\PC-Doctor\Images\img24_24\cleanmgr.png
    c:\program files\PC-Doctor\Images\img24_24\clock.png
    c:\program files\PC-Doctor\Images\img24_24\color_mgmt.png
    c:\program files\PC-Doctor\Images\img24_24\communications-category.png
    c:\program files\PC-Doctor\Images\img24_24\communications.png
    c:\program files\PC-Doctor\Images\img24_24\completeTest.png
    c:\program files\PC-Doctor\Images\img24_24\computer_system_mini_tower.png
    c:\program files\PC-Doctor\Images\img24_24\control.png
    c:\program files\PC-Doctor\Images\img24_24\controller.png
    c:\program files\PC-Doctor\Images\img24_24\cp_DManager.png
    c:\program files\PC-Doctor\Images\img24_24\cp_keyboard.png
    c:\program files\PC-Doctor\Images\img24_24\cp_modem.png
    c:\program files\PC-Doctor\Images\img24_24\cp_mouse.png
    c:\program files\PC-Doctor\Images\img24_24\cp_network.png
    c:\program files\PC-Doctor\Images\img24_24\cp_printer.png
    c:\program files\PC-Doctor\Images\img24_24\cpu.png
    c:\program files\PC-Doctor\Images\img24_24\data.png
    c:\program files\PC-Doctor\Images\img24_24\desktop-computer.png
    c:\program files\PC-Doctor\Images\img24_24\dfrg.png
    c:\program files\PC-Doctor\Images\img24_24\disabled.png
    c:\program files\PC-Doctor\Images\img24_24\display.png
    c:\program files\PC-Doctor\Images\img24_24\dxdiag.png
    c:\program files\PC-Doctor\Images\img24_24\edit_settings.png
    c:\program files\PC-Doctor\Images\img24_24\editSettings.png
    c:\program files\PC-Doctor\Images\img24_24\ergonomic-keyboard.png
    c:\program files\PC-Doctor\Images\img24_24\error-2.png
    c:\program files\PC-Doctor\Images\img24_24\error_1.png
    c:\program files\PC-Doctor\Images\img24_24\errorReport.png
    c:\program files\PC-Doctor\Images\img24_24\fail.png
    c:\program files\PC-Doctor\Images\img24_24\fast_forward_2.png
    c:\program files\PC-Doctor\Images\img24_24\fingerprint_sensor.png
    c:\program files\PC-Doctor\Images\img24_24\firewall.png
    c:\program files\PC-Doctor\Images\img24_24\floppy-drive.png
    c:\program files\PC-Doctor\Images\img24_24\folder.png
    c:\program files\PC-Doctor\Images\img24_24\globe.png
    c:\program files\PC-Doctor\Images\img24_24\green_check.png
    c:\program files\PC-Doctor\Images\img24_24\harddrive.png
    c:\program files\PC-Doctor\Images\img24_24\help.png
    c:\program files\PC-Doctor\Images\img24_24\help_sq.png
    c:\program files\PC-Doctor\Images\img24_24\help_sq_focus.png
    c:\program files\PC-Doctor\Images\img24_24\home.png
    c:\program files\PC-Doctor\Images\img24_24\installed_programs.png
    c:\program files\PC-Doctor\Images\img24_24\internetProperties.png
    c:\program files\PC-Doctor\Images\img24_24\irda.png
    c:\program files\PC-Doctor\Images\img24_24\laptop.png
    c:\program files\PC-Doctor\Images\img24_24\log.png
    c:\program files\PC-Doctor\Images\img24_24\magnifying_glass.png
    c:\program files\PC-Doctor\Images\img24_24\media-drive.png
    c:\program files\PC-Doctor\Images\img24_24\memory-reader.png
    c:\program files\PC-Doctor\Images\img24_24\memory.png
    c:\program files\PC-Doctor\Images\img24_24\microphone.png
    c:\program files\PC-Doctor\Images\img24_24\minitower-computer.png
    c:\program files\PC-Doctor\Images\img24_24\modem.png
    c:\program files\PC-Doctor\Images\img24_24\monitor.png
    c:\program files\PC-Doctor\Images\img24_24\motherboard.png
    c:\program files\PC-Doctor\Images\img24_24\mouse.png
    c:\program files\PC-Doctor\Images\img24_24\msconfig.png
    c:\program files\PC-Doctor\Images\img24_24\music_note.png
    c:\program files\PC-Doctor\Images\img24_24\na.png
    c:\program files\PC-Doctor\Images\img24_24\network.png
    c:\program files\PC-Doctor\Images\img24_24\normal-keyboard.png
    c:\program files\PC-Doctor\Images\img24_24\optical-drive.png
    c:\program files\PC-Doctor\Images\img24_24\other.png
    c:\program files\PC-Doctor\Images\img24_24\parallelport.png
    c:\program files\PC-Doctor\Images\img24_24\pass-2.png
    c:\program files\PC-Doctor\Images\img24_24\pass.png
    c:\program files\PC-Doctor\Images\img24_24\pccard.png
    c:\program files\PC-Doctor\Images\img24_24\pci.png
    c:\program files\PC-Doctor\Images\img24_24\power.png
    c:\program files\PC-Doctor\Images\img24_24\preShipment_Test.png
    c:\program files\PC-Doctor\Images\img24_24\printer.png
    c:\program files\PC-Doctor\Images\img24_24\printer_default.png
    c:\program files\PC-Doctor\Images\img24_24\product-update.png
    c:\program files\PC-Doctor\Images\img24_24\quick_test.png
    c:\program files\PC-Doctor\Images\img24_24\ready_boost.png
    c:\program files\PC-Doctor\Images\img24_24\refresh.png
    c:\program files\PC-Doctor\Images\img24_24\removable-drive.png
    c:\program files\PC-Doctor\Images\img24_24\results.png
    c:\program files\PC-Doctor\Images\img24_24\rewind_2.png
    c:\program files\PC-Doctor\Images\img24_24\run_script.png
    c:\program files\PC-Doctor\Images\img24_24\script-pass.png
    c:\program files\PC-Doctor\Images\img24_24\scsi.png
    c:\program files\PC-Doctor\Images\img24_24\security_center.png
    c:\program files\PC-Doctor\Images\img24_24\serialport.png
    c:\program files\PC-Doctor\Images\img24_24\sndvol32.png
    c:\program files\PC-Doctor\Images\img24_24\speakers.png
    c:\program files\PC-Doctor\Images\img24_24\stopTest.png
    c:\program files\PC-Doctor\Images\img24_24\storage.png
    c:\program files\PC-Doctor\Images\img24_24\system.png
    c:\program files\PC-Doctor\Images\img24_24\system_information.png
    c:\program files\PC-Doctor\Images\img24_24\system_information_2.png
    c:\program files\PC-Doctor\Images\img24_24\system_profiler.png
    c:\program files\PC-Doctor\Images\img24_24\temperature.png
    c:\program files\PC-Doctor\Images\img24_24\tools.png
    c:\program files\PC-Doctor\Images\img24_24\touchscreen.png
    c:\program files\PC-Doctor\Images\img24_24\usb.png
    c:\program files\PC-Doctor\Images\img24_24\users.png
    c:\program files\PC-Doctor\Images\img24_24\video-card.png
    c:\program files\PC-Doctor\Images\img24_24\video-strip.png
    c:\program files\PC-Doctor\Images\img24_24\video.png
    c:\program files\PC-Doctor\Images\img24_24\warning-3.png
    c:\program files\PC-Doctor\Images\img24_24\warning.png
    c:\program files\PC-Doctor\Images\img24_24\webcam.png
    c:\program files\PC-Doctor\Images\img24_24\widget.png
    c:\program files\PC-Doctor\Images\img24_24\windows.png
    c:\program files\PC-Doctor\Images\img24_24\wirelessConfig.png
    c:\program files\PC-Doctor\Images\img24_24\workstation-computer.png
    c:\program files\PC-Doctor\Images\img24_24\yield-1.png
    c:\program files\PC-Doctor\Images\img32_32\1394.png
    c:\program files\PC-Doctor\Images\img32_32\akilok_blue.png
    c:\program files\PC-Doctor\Images\img32_32\akilok_green.png
    c:\program files\PC-Doctor\Images\img32_32\akilok_red.png
    c:\program files\PC-Doctor\Images\img32_32\akilok_yellow.png
    c:\program files\PC-Doctor\Images\img32_32\alert.png
    c:\program files\PC-Doctor\Images\img32_32\alert_2.png
    c:\program files\PC-Doctor\Images\img32_32\antenna_diversity.png
    c:\program files\PC-Doctor\Images\img32_32\appIcon.png
    c:\program files\PC-Doctor\Images\img32_32\application_icon.png
    c:\program files\PC-Doctor\Images\img32_32\arrow_down.png
    c:\program files\PC-Doctor\Images\img32_32\arrow_left.png
    c:\program files\PC-Doctor\Images\img32_32\arrow_right.png
    c:\program files\PC-Doctor\Images\img32_32\arrow_up.png
    c:\program files\PC-Doctor\Images\img32_32\audio.png
    c:\program files\PC-Doctor\Images\img32_32\battery.png
    c:\program files\PC-Doctor\Images\img32_32\benchmark.png
    c:\program files\PC-Doctor\Images\img32_32\bluetooth.png
    c:\program files\PC-Doctor\Images\img32_32\burn_in.png
    c:\program files\PC-Doctor\Images\img32_32\change_options.png
    c:\program files\PC-Doctor\Images\img32_32\circle_blue.png
    c:\program files\PC-Doctor\Images\img32_32\circle_green.png
    c:\program files\PC-Doctor\Images\img32_32\circle_grey.png
    c:\program files\PC-Doctor\Images\img32_32\circle_orange.png
    c:\program files\PC-Doctor\Images\img32_32\circle_red.png
    c:\program files\PC-Doctor\Images\img32_32\circle_yellow.png
    c:\program files\PC-Doctor\Images\img32_32\cleanmgr.png
    c:\program files\PC-Doctor\Images\img32_32\clock.png
    c:\program files\PC-Doctor\Images\img32_32\color_mgmt.png
    c:\program files\PC-Doctor\Images\img32_32\communications-category.png
    c:\program files\PC-Doctor\Images\img32_32\communications.png
    c:\program files\PC-Doctor\Images\img32_32\completeTest.png
    c:\program files\PC-Doctor\Images\img32_32\computer_diagnostics.png
    c:\program files\PC-Doctor\Images\img32_32\computer_system_mini_tower.png
    c:\program files\PC-Doctor\Images\img32_32\control.png
    c:\program files\PC-Doctor\Images\img32_32\controller.png
    c:\program files\PC-Doctor\Images\img32_32\cp_DManager.png
    c:\program files\PC-Doctor\Images\img32_32\cp_keyboard.png
    c:\program files\PC-Doctor\Images\img32_32\cp_modem.png
    c:\program files\PC-Doctor\Images\img32_32\cp_mouse.png
    c:\program files\PC-Doctor\Images\img32_32\cp_network.png
    c:\program files\PC-Doctor\Images\img32_32\cp_printer.png
    c:\program files\PC-Doctor\Images\img32_32\cpu.png
    c:\program files\PC-Doctor\Images\img32_32\data.png
    c:\program files\PC-Doctor\Images\img32_32\desktop-computer.png
    c:\program files\PC-Doctor\Images\img32_32\dfrg.png
    c:\program files\PC-Doctor\Images\img32_32\disabled.png
    c:\program files\PC-Doctor\Images\img32_32\display.png
    c:\program files\PC-Doctor\Images\img32_32\dxdiag.png
    c:\program files\PC-Doctor\Images\img32_32\edit_settings.png
    c:\program files\PC-Doctor\Images\img32_32\editSettings.png
    c:\program files\PC-Doctor\Images\img32_32\ergonomic-keyboard.png
    c:\program files\PC-Doctor\Images\img32_32\error-2.png
    c:\program files\PC-Doctor\Images\img32_32\error_1.png
    c:\program files\PC-Doctor\Images\img32_32\error_x.png
    c:\program files\PC-Doctor\Images\img32_32\errorReport.png
    c:\program files\PC-Doctor\Images\img32_32\fail.png
    c:\program files\PC-Doctor\Images\img32_32\fast_forward_2.png
    c:\program files\PC-Doctor\Images\img32_32\file_sig_verification.png
    c:\program files\PC-Doctor\Images\img32_32\fingerprint_sensor.png
    c:\program files\PC-Doctor\Images\img32_32\firewall.png
    c:\program files\PC-Doctor\Images\img32_32\floppy-drive.png
    c:\program files\PC-Doctor\Images\img32_32\folder.png
    c:\program files\PC-Doctor\Images\img32_32\globe.png
    c:\program files\PC-Doctor\Images\img32_32\green_check.png
    c:\program files\PC-Doctor\Images\img32_32\harddrive.png
    c:\program files\PC-Doctor\Images\img32_32\help.png
    c:\program files\PC-Doctor\Images\img32_32\home.png
    c:\program files\PC-Doctor\Images\img32_32\installed_programs.png
    c:\program files\PC-Doctor\Images\img32_32\internetProperties.png
    c:\program files\PC-Doctor\Images\img32_32\irda.png
    c:\program files\PC-Doctor\Images\img32_32\laptop.png
    c:\program files\PC-Doctor\Images\img32_32\log.png
    c:\program files\PC-Doctor\Images\img32_32\magnifying_glass.png
    c:\program files\PC-Doctor\Images\img32_32\media-drive.png
    c:\program files\PC-Doctor\Images\img32_32\memory-reader.png
    c:\program files\PC-Doctor\Images\img32_32\memory.png
    c:\program files\PC-Doctor\Images\img32_32\microphone.png
    c:\program files\PC-Doctor\Images\img32_32\minitower-computer.png
    c:\program files\PC-Doctor\Images\img32_32\modem.png
    c:\program files\PC-Doctor\Images\img32_32\monitor.png
    c:\program files\PC-Doctor\Images\img32_32\motherboard.png
    c:\program files\PC-Doctor\Images\img32_32\mouse.png
    c:\program files\PC-Doctor\Images\img32_32\msconfig.png
    c:\program files\PC-Doctor\Images\img32_32\music_note.png
    c:\program files\PC-Doctor\Images\img32_32\na.png
    c:\program files\PC-Doctor\Images\img32_32\network.png
    c:\program files\PC-Doctor\Images\img32_32\normal-keyboard.png
    c:\program files\PC-Doctor\Images\img32_32\optical-drive.png
    c:\program files\PC-Doctor\Images\img32_32\other.png
    c:\program files\PC-Doctor\Images\img32_32\parallelport.png
    c:\program files\PC-Doctor\Images\img32_32\pass-2.png
    c:\program files\PC-Doctor\Images\img32_32\pass.png
    c:\program files\PC-Doctor\Images\img32_32\pccard.png
    c:\program files\PC-Doctor\Images\img32_32\pci.png
    c:\program files\PC-Doctor\Images\img32_32\power.png
    c:\program files\PC-Doctor\Images\img32_32\preShipment_Test.png
    c:\program files\PC-Doctor\Images\img32_32\printer.png
    c:\program files\PC-Doctor\Images\img32_32\printer_default.png
    c:\program files\PC-Doctor\Images\img32_32\product-update.png
    c:\program files\PC-Doctor\Images\img32_32\quick_test.png
    c:\program files\PC-Doctor\Images\img32_32\ready_boost.png
    c:\program files\PC-Doctor\Images\img32_32\refresh.png
    c:\program files\PC-Doctor\Images\img32_32\removable-drive.png
    c:\program files\PC-Doctor\Images\img32_32\results.png
    c:\program files\PC-Doctor\Images\img32_32\rewind_2.png
    c:\program files\PC-Doctor\Images\img32_32\run_script.png
    c:\program files\PC-Doctor\Images\img32_32\script-pass.png
    c:\program files\PC-Doctor\Images\img32_32\scsi.png
    c:\program files\PC-Doctor\Images\img32_32\security_center.png
    c:\program files\PC-Doctor\Images\img32_32\serialport.png
    c:\program files\PC-Doctor\Images\img32_32\sndvol32.png
    c:\program files\PC-Doctor\Images\img32_32\speakers.png
    c:\program files\PC-Doctor\Images\img32_32\stopTest.png
    c:\program files\PC-Doctor\Images\img32_32\storage.png
    c:\program files\PC-Doctor\Images\img32_32\system.png
    c:\program files\PC-Doctor\Images\img32_32\system_information.png
    c:\program files\PC-Doctor\Images\img32_32\system_information_2.png
    c:\program files\PC-Doctor\Images\img32_32\system_profiler.png
    c:\program files\PC-Doctor\Images\img32_32\temperature.png
    c:\program files\PC-Doctor\Images\img32_32\tools.png
    c:\program files\PC-Doctor\Images\img32_32\touchscreen.png
    c:\program files\PC-Doctor\Images\img32_32\usb.png
    c:\program files\PC-Doctor\Images\img32_32\users.png
    c:\program files\PC-Doctor\Images\img32_32\video-card.png
    c:\program files\PC-Doctor\Images\img32_32\video-strip.png
    c:\program files\PC-Doctor\Images\img32_32\video.png
    c:\program files\PC-Doctor\Images\img32_32\vista_tools_icons.zip
    c:\program files\PC-Doctor\Images\img32_32\warning-3.png
    c:\program files\PC-Doctor\Images\img32_32\warning.png
    c:\program files\PC-Doctor\Images\img32_32\webcam.png
    c:\program files\PC-Doctor\Images\img32_32\widget.png
    c:\program files\PC-Doctor\Images\img32_32\windows.png
    c:\program files\PC-Doctor\Images\img32_32\wirelessConfig.png
    c:\program files\PC-Doctor\Images\img32_32\workstation-computer.png
    c:\program files\PC-Doctor\Images\img32_32\yield-1.png
    c:\program files\PC-Doctor\Images\img48_48\1394.png
    c:\program files\PC-Doctor\Images\img48_48\akilok_blue.png
    c:\program files\PC-Doctor\Images\img48_48\akilok_green.png
    c:\program files\PC-Doctor\Images\img48_48\akilok_red.png
    c:\program files\PC-Doctor\Images\img48_48\akilok_yellow.png
    c:\program files\PC-Doctor\Images\img48_48\alert.png
    c:\program files\PC-Doctor\Images\img48_48\alert_2.png
    c:\program files\PC-Doctor\Images\img48_48\antenna_diversity.png
    c:\program files\PC-Doctor\Images\img48_48\appIcon.png
    c:\program files\PC-Doctor\Images\img48_48\application_icon.png
    c:\program files\PC-Doctor\Images\img48_48\arrow_left.png
    c:\program files\PC-Doctor\Images\img48_48\arrow_right.png
    c:\program files\PC-Doctor\Images\img48_48\audio.png
    c:\program files\PC-Doctor\Images\img48_48\battery.png
    c:\program files\PC-Doctor\Images\img48_48\benchmark.png
    c:\program files\PC-Doctor\Images\img48_48\bluetooth.png
    c:\program files\PC-Doctor\Images\img48_48\burn_in.png
    c:\program files\PC-Doctor\Images\img48_48\change_options.png
    c:\program files\PC-Doctor\Images\img48_48\circle_blue.png
    c:\program files\PC-Doctor\Images\img48_48\circle_green.png
    c:\program files\PC-Doctor\Images\img48_48\circle_grey.png
    c:\program files\PC-Doctor\Images\img48_48\circle_orange.png
    c:\program files\PC-Doctor\Images\img48_48\circle_red.png
    c:\program files\PC-Doctor\Images\img48_48\circle_yellow.png
    c:\program files\PC-Doctor\Images\img48_48\color_mgmt.png
    c:\program files\PC-Doctor\Images\img48_48\communications.png
    c:\program files\PC-Doctor\Images\img48_48\completeTest.png
    c:\program files\PC-Doctor\Images\img48_48\computer_diagnostics.png
    c:\program files\PC-Doctor\Images\img48_48\computer_system_mini_tower.png
    c:\program files\PC-Doctor\Images\img48_48\control.png
    c:\program files\PC-Doctor\Images\img48_48\controller.png
    c:\program files\PC-Doctor\Images\img48_48\cpu.png
    c:\program files\PC-Doctor\Images\img48_48\data.png
    c:\program files\PC-Doctor\Images\img48_48\desktop-computer.png
    c:\program files\PC-Doctor\Images\img48_48\disabled.png
    c:\program files\PC-Doctor\Images\img48_48\edit_settings.png
    c:\program files\PC-Doctor\Images\img48_48\ergonomic-keyboard.png
    c:\program files\PC-Doctor\Images\img48_48\error-2.png
    c:\program files\PC-Doctor\Images\img48_48\error_1.png
    c:\program files\PC-Doctor\Images\img48_48\fail.png
    c:\program files\PC-Doctor\Images\img48_48\fast_forward_2.png
    c:\program files\PC-Doctor\Images\img48_48\fingerprint_sensor.png
    c:\program files\PC-Doctor\Images\img48_48\floppy-drive.png
    c:\program files\PC-Doctor\Images\img48_48\folder.png
    c:\program files\PC-Doctor\Images\img48_48\globe.png
    c:\program files\PC-Doctor\Images\img48_48\green_check.png
    c:\program files\PC-Doctor\Images\img48_48\harddrive.png
    c:\program files\PC-Doctor\Images\img48_48\help.png
    c:\program files\PC-Doctor\Images\img48_48\home.png
    c:\program files\PC-Doctor\Images\img48_48\installed_programs.png
    c:\program files\PC-Doctor\Images\img48_48\irda.png
    c:\program files\PC-Doctor\Images\img48_48\laptop.png
    c:\program files\PC-Doctor\Images\img48_48\log.png
    c:\program files\PC-Doctor\Images\img48_48\magnifying_glass.png
    c:\program files\PC-Doctor\Images\img48_48\media-drive.png
    c:\program files\PC-Doctor\Images\img48_48\memory-reader.png
    c:\program files\PC-Doctor\Images\img48_48\memory.png
    c:\program files\PC-Doctor\Images\img48_48\microphone.png
    c:\program files\PC-Doctor\Images\img48_48\minitower-computer.png
    c:\program files\PC-Doctor\Images\img48_48\modem.png
    c:\program files\PC-Doctor\Images\img48_48\monitor.png
    c:\program files\PC-Doctor\Images\img48_48\motherboard.png
    c:\program files\PC-Doctor\Images\img48_48\mouse.png
    c:\program files\PC-Doctor\Images\img48_48\music_note.png
    c:\program files\PC-Doctor\Images\img48_48\na.png
    c:\program files\PC-Doctor\Images\img48_48\network.png
    c:\program files\PC-Doctor\Images\img48_48\normal-keyboard.png
    c:\program files\PC-Doctor\Images\img48_48\optical-drive.png
    c:\program files\PC-Doctor\Images\img48_48\other.png
    c:\program files\PC-Doctor\Images\img48_48\parallelport.png
    c:\program files\PC-Doctor\Images\img48_48\pass-2.png
    c:\program files\PC-Doctor\Images\img48_48\pass.png
    c:\program files\PC-Doctor\Images\img48_48\pccard.png
    c:\program files\PC-Doctor\Images\img48_48\pci.png
    c:\program files\PC-Doctor\Images\img48_48\power.png
    c:\program files\PC-Doctor\Images\img48_48\preShipment_Test.png
    c:\program files\PC-Doctor\Images\img48_48\printer.png
    c:\program files\PC-Doctor\Images\img48_48\printer_default.png
    c:\program files\PC-Doctor\Images\img48_48\product-update.png
    c:\program files\PC-Doctor\Images\img48_48\quick-test.png
    c:\program files\PC-Doctor\Images\img48_48\quick_test.png
    c:\program files\PC-Doctor\Images\img48_48\ready_boost.png
    c:\program files\PC-Doctor\Images\img48_48\refresh.png
    c:\program files\PC-Doctor\Images\img48_48\removable-drive.png
    c:\program files\PC-Doctor\Images\img48_48\results.png
    c:\program files\PC-Doctor\Images\img48_48\rewind_2.png
    c:\program files\PC-Doctor\Images\img48_48\run_script.png
    c:\program files\PC-Doctor\Images\img48_48\script-pass.png
    c:\program files\PC-Doctor\Images\img48_48\scsi.png
    c:\program files\PC-Doctor\Images\img48_48\serialport.png
    c:\program files\PC-Doctor\Images\img48_48\speakers.png
    c:\program files\PC-Doctor\Images\img48_48\stopTest.png
    c:\program files\PC-Doctor\Images\img48_48\storage.png
    c:\program files\PC-Doctor\Images\img48_48\system.png
    c:\program files\PC-Doctor\Images\img48_48\system_information.png
    c:\program files\PC-Doctor\Images\img48_48\system_information_2.png
    c:\program files\PC-Doctor\Images\img48_48\system_information_3.png
    c:\program files\PC-Doctor\Images\img48_48\system_profiler.png
    c:\program files\PC-Doctor\Images\img48_48\temperature.png
    c:\program files\PC-Doctor\Images\img48_48\tools.png
    c:\program files\PC-Doctor\Images\img48_48\touchscreen.png
    c:\program files\PC-Doctor\Images\img48_48\usb.png
    c:\program files\PC-Doctor\Images\img48_48\users.png
    c:\program files\PC-Doctor\Images\img48_48\video-card.png
    c:\program files\PC-Doctor\Images\img48_48\video-strip.png
    c:\program files\PC-Doctor\Images\img48_48\video.png
    c:\program files\PC-Doctor\Images\img48_48\warning-3.png
    c:\program files\PC-Doctor\Images\img48_48\warning.png
    c:\program files\PC-Doctor\Images\img48_48\webcam.png
    c:\program files\PC-Doctor\Images\img48_48\widget.png
    c:\program files\PC-Doctor\Images\img48_48\windows.png
    c:\program files\PC-Doctor\Images\img48_48\workstation-computer.png
    c:\program files\PC-Doctor\Images\img64_64\1394.png
    c:\program files\PC-Doctor\Images\img64_64\akilok_blue.png
    c:\program files\PC-Doctor\Images\img64_64\akilok_green.png
    c:\program files\PC-Doctor\Images\img64_64\akilok_red.png
    c:\program files\PC-Doctor\Images\img64_64\akilok_yellow.png
    c:\program files\PC-Doctor\Images\img64_64\alert.png
    c:\program files\PC-Doctor\Images\img64_64\alert_2.png
    c:\program files\PC-Doctor\Images\img64_64\antenna_diversity.png
    c:\program files\PC-Doctor\Images\img64_64\application_icon.png
    c:\program files\PC-Doctor\Images\img64_64\arrow_left.png
    c:\program files\PC-Doctor\Images\img64_64\arrow_right.png
    c:\program files\PC-Doctor\Images\img64_64\audio.png
    c:\program files\PC-Doctor\Images\img64_64\battery.png
    c:\program files\PC-Doctor\Images\img64_64\benchmark.png
    c:\program files\PC-Doctor\Images\img64_64\bluetooth.png
    c:\program files\PC-Doctor\Images\img64_64\burn_in.png
    c:\program files\PC-Doctor\Images\img64_64\change_options.png
    c:\program files\PC-Doctor\Images\img64_64\circle_blue.png
    c:\program files\PC-Doctor\Images\img64_64\circle_green.png
    c:\program files\PC-Doctor\Images\img64_64\circle_grey.png
    c:\program files\PC-Doctor\Images\img64_64\circle_orange.png
    c:\program files\PC-Doctor\Images\img64_64\circle_red.png
    c:\program files\PC-Doctor\Images\img64_64\circle_yellow.png
    c:\program files\PC-Doctor\Images\img64_64\communications.png
    c:\program files\PC-Doctor\Images\img64_64\computer_diagnostics.png
    c:\program files\PC-Doctor\Images\img64_64\computer_system_mini_tower.png
    c:\program files\PC-Doctor\Images\img64_64\controller.png
    c:\program files\PC-Doctor\Images\img64_64\cpu.png
    c:\program files\PC-Doctor\Images\img64_64\data.png
    c:\program files\PC-Doctor\Images\img64_64\desktop-computer.png
    c:\program files\PC-Doctor\Images\img64_64\disabled.png
    c:\program files\PC-Doctor\Images\img64_64\edit_settings.png
    c:\program files\PC-Doctor\Images\img64_64\ergonomic-keyboard.png
    c:\program files\PC-Doctor\Images\img64_64\error_1.png
    c:\program files\PC-Doctor\Images\img64_64\fail.png
    c:\program files\PC-Doctor\Images\img64_64\fast_forward_2.png
    c:\program files\PC-Doctor\Images\img64_64\fingerprint_sensor.png
    c:\program files\PC-Doctor\Images\img64_64\floppy-drive.png
    c:\program files\PC-Doctor\Images\img64_64\globe.png
    c:\program files\PC-Doctor\Images\img64_64\green_check.png
    c:\program files\PC-Doctor\Images\img64_64\harddrive.png
    c:\program files\PC-Doctor\Images\img64_64\help.png
    c:\program files\PC-Doctor\Images\img64_64\home.png
    c:\program files\PC-Doctor\Images\img64_64\irda.png
    c:\program files\PC-Doctor\Images\img64_64\laptop.png
    c:\program files\PC-Doctor\Images\img64_64\log.png
    c:\program files\PC-Doctor\Images\img64_64\magnifying_glass.png
    c:\program files\PC-Doctor\Images\img64_64\media-drive.png
    c:\program files\PC-Doctor\Images\img64_64\memory-reader.png
    c:\program files\PC-Doctor\Images\img64_64\memory.png
    c:\program files\PC-Doctor\Images\img64_64\microphone.png
    c:\program files\PC-Doctor\Images\img64_64\minitower-computer.png
    c:\program files\PC-Doctor\Images\img64_64\modem.png
    c:\program files\PC-Doctor\Images\img64_64\monitor.png
    c:\program files\PC-Doctor\Images\img64_64\motherboard.png
    c:\program files\PC-Doctor\Images\img64_64\mouse.png
    c:\program files\PC-Doctor\Images\img64_64\music_note.png
    c:\program files\PC-Doctor\Images\img64_64\na.png
    c:\program files\PC-Doctor\Images\img64_64\network.png
    c:\program files\PC-Doctor\Images\img64_64\normal-keyboard.png
    c:\program files\PC-Doctor\Images\img64_64\optical-drive.png
    c:\program files\PC-Doctor\Images\img64_64\other.png
    c:\program files\PC-Doctor\Images\img64_64\parallelport.png
    c:\program files\PC-Doctor\Images\img64_64\pass.png
    c:\program files\PC-Doctor\Images\img64_64\pccard.png
    c:\program files\PC-Doctor\Images\img64_64\pci.png
    c:\program files\PC-Doctor\Images\img64_64\power.png
    c:\program files\PC-Doctor\Images\img64_64\preShipment_Test.png
    c:\program files\PC-Doctor\Images\img64_64\printer.png
    c:\program files\PC-Doctor\Images\img64_64\printer_default.png
    c:\program files\PC-Doctor\Images\img64_64\product-update.png
    c:\program files\PC-Doctor\Images\img64_64\quick_test.png
    c:\program files\PC-Doctor\Images\img64_64\ready_boost.png
    c:\program files\PC-Doctor\Images\img64_64\refresh.png
    c:\program files\PC-Doctor\Images\img64_64\removable-drive.png
    c:\program files\PC-Doctor\Images\img64_64\results.png
    c:\program files\PC-Doctor\Images\img64_64\rewind_2.png
    c:\program files\PC-Doctor\Images\img64_64\run_script.png
    c:\program files\PC-Doctor\Images\img64_64\scsi.png
    c:\program files\PC-Doctor\Images\img64_64\serialport.png
    c:\program files\PC-Doctor\Images\img64_64\speakers.png
    c:\program files\PC-Doctor\Images\img64_64\storage.png
    c:\program files\PC-Doctor\Images\img64_64\system.png
    c:\program files\PC-Doctor\Images\img64_64\system_information.png
    c:\program files\PC-Doctor\Images\img64_64\system_information_2.png
    c:\program files\PC-Doctor\Images\img64_64\system_profiler.png
    c:\program files\PC-Doctor\Images\img64_64\temperature.png
    c:\program files\PC-Doctor\Images\img64_64\tools.png
    c:\program files\PC-Doctor\Images\img64_64\touchscreen.png
    c:\program files\PC-Doctor\Images\img64_64\usb.png
    c:\program files\PC-Doctor\Images\img64_64\users.png
    c:\program files\PC-Doctor\Images\img64_64\video-card.png
    c:\program files\PC-Doctor\Images\img64_64\video-strip.png
    c:\program files\PC-Doctor\Images\img64_64\video.png
    c:\program files\PC-Doctor\Images\img64_64\warning.png
    c:\program files\PC-Doctor\Images\img64_64\webcam.png
    c:\program files\PC-Doctor\Images\img64_64\widget.png
    c:\program files\PC-Doctor\Images\img64_64\windows.png
    c:\program files\PC-Doctor\Images\img64_64\workstation-computer.png
    c:\program files\PC-Doctor\Images\lenovo_logo.png
    c:\program files\PC-Doctor\Images\ltt\about_image.png
    c:\program files\PC-Doctor\Images\ltt\about_lenovo_logo.png
    c:\program files\PC-Doctor\Images\ltt\alert_close.png
    c:\program files\PC-Doctor\Images\ltt\arrow_left.png
    c:\program files\PC-Doctor\Images\ltt\arrow_left_hover.png
    c:\program files\PC-Doctor\Images\ltt\arrow_right.png
    c:\program files\PC-Doctor\Images\ltt\arrow_right_hover.png
    c:\program files\PC-Doctor\Images\ltt\desktop_system_health.png
    c:\program files\PC-Doctor\Images\ltt\desktop_system_health_selected.png
    c:\program files\PC-Doctor\Images\ltt\desktop_system_health_selected_small.png
    c:\program files\PC-Doctor\Images\ltt\diagnostics.png
    c:\program files\PC-Doctor\Images\ltt\diagnostics_selected.png
    c:\program files\PC-Doctor\Images\ltt\diagnostics_selected_small.png
    c:\program files\PC-Doctor\Images\ltt\diagnostics_small.png
    c:\program files\PC-Doctor\Images\ltt\diagnostics_small_msgs.png
    c:\program files\PC-Doctor\Images\ltt\external_link.png
    c:\program files\PC-Doctor\Images\ltt\home\access connections.png
    c:\program files\PC-Doctor\Images\ltt\home\aps.png
    c:\program files\PC-Doctor\Images\ltt\home\audio and video.png
    c:\program files\PC-Doctor\Images\ltt\home\carrying case.png
    c:\program files\PC-Doctor\Images\ltt\home\constant secure.png
    c:\program files\PC-Doctor\Images\ltt\home\constant.png
    c:\program files\PC-Doctor\Images\ltt\home\curl_left.png
    c:\program files\PC-Doctor\Images\ltt\home\curl_right.png
    c:\program files\PC-Doctor\Images\ltt\home\fp reader.png
    c:\program files\PC-Doctor\Images\ltt\home\integrated5.png
    c:\program files\PC-Doctor\Images\ltt\home\keyboard-n.png
    c:\program files\PC-Doctor\Images\ltt\home\memory-n.png
    c:\program files\PC-Doctor\Images\ltt\home\monitor.png
    c:\program files\PC-Doctor\Images\ltt\home\Msg from Lenovo2.png
    c:\program files\PC-Doctor\Images\ltt\home\online data backup.png
    c:\program files\PC-Doctor\Images\ltt\home\password manager.png
    c:\program files\PC-Doctor\Images\ltt\home\power manager.png
    c:\program files\PC-Doctor\Images\ltt\home\printer.png
    c:\program files\PC-Doctor\Images\ltt\home\rescue.png
    c:\program files\PC-Doctor\Images\ltt\home\sdd.png
    c:\program files\PC-Doctor\Images\ltt\home\software solution.png
    c:\program files\PC-Doctor\Images\ltt\home\think2.png
    c:\program files\PC-Doctor\Images\ltt\home\ubt_2010_ms_office.png
    c:\program files\PC-Doctor\Images\ltt\home\ubt_ms_office.png
    c:\program files\PC-Doctor\Images\ltt\home\ubt_welcome.png
    c:\program files\PC-Doctor\Images\ltt\home\ubt_welcome_critical_alert.png
    c:\program files\PC-Doctor\Images\ltt\home\ubt_welcome_desktop.png
    c:\program files\PC-Doctor\Images\ltt\home\ubt_welcome_laptop.png
    c:\program files\PC-Doctor\Images\ltt\home\ubt_welcome_system_combo.png
    c:\program files\PC-Doctor\Images\ltt\lenovo_value.png
    c:\program files\PC-Doctor\Images\ltt\lenovo_value_alert.png
    c:\program files\PC-Doctor\Images\ltt\lenovo_value_selected.png
    c:\program files\PC-Doctor\Images\ltt\lenovo_value_selected_small.png
    c:\program files\PC-Doctor\Images\ltt\lenovo_value_small.png
    c:\program files\PC-Doctor\Images\ltt\lenovo_value_small_msgs.png
    c:\program files\PC-Doctor\Images\ltt\msg_icon_bg_gray.png
    c:\program files\PC-Doctor\Images\ltt\msg_icon_bg_red.png
    c:\program files\PC-Doctor\Images\ltt\msg_icon_bg_yellow.png
    c:\program files\PC-Doctor\Images\ltt\news_information.png
    c:\program files\PC-Doctor\Images\ltt\news_information_selected.png
    c:\program files\PC-Doctor\Images\ltt\news_information_selected_small.png
    c:\program files\PC-Doctor\Images\ltt\news_information_small.png
    c:\program files\PC-Doctor\Images\ltt\news_information_small_msgs.png
    c:\program files\PC-Doctor\Images\ltt\notebook_system_health.png
    c:\program files\PC-Doctor\Images\ltt\notebook_system_health_selected.png
    c:\program files\PC-Doctor\Images\ltt\notebook_system_health_selected_small.png
    c:\program files\PC-Doctor\Images\ltt\reflect.png
    c:\program files\PC-Doctor\Images\ltt\reflect_alert.png
    c:\program files\PC-Doctor\Images\ltt\reflect_selected.png
    c:\program files\PC-Doctor\Images\ltt\security_networking.png
    c:\program files\PC-Doctor\Images\ltt\security_networking_selected.png
    c:\program files\PC-Doctor\Images\ltt\security_networking_selected_small.png
    c:\program files\PC-Doctor\Images\ltt\security_networking_small.png
    c:\program files\PC-Doctor\Images\ltt\security_networking_small_msgs.png
    c:\program files\PC-Doctor\Images\ltt\system_health_desktop_small.png
    c:\program files\PC-Doctor\Images\ltt\system_health_desktop_small_msgs.png
    c:\program files\PC-Doctor\Images\ltt\system_health_notebook_small.png
    c:\program files\PC-Doctor\Images\ltt\system_health_notebook_small_msgs.png
    c:\program files\PC-Doctor\Images\ltt\thinkvantage_technologies.png
    c:\program files\PC-Doctor\Images\ltt\toolbar\ltt_toolbar_default.png
    c:\program files\PC-Doctor\Images\ltt\toolbar\ltt_toolbar_mouseover.png
    c:\program files\PC-Doctor\Images\maximize_button.png
    c:\program files\PC-Doctor\Images\maximize_hover.png
    c:\program files\PC-Doctor\Images\maximize_normal.png
    c:\program files\PC-Doctor\Images\minimize_button.png
    c:\program files\PC-Doctor\Images\minimize_hover.png
    c:\program files\PC-Doctor\Images\minimize_normal.png
    c:\program files\PC-Doctor\Images\modem_picture_tip.png
    c:\program files\PC-Doctor\Images\Network\active_incoming_network_arrow.png
    c:\program files\PC-Doctor\Images\Network\active_outgoing_network_arrow.png
    c:\program files\PC-Doctor\Images\Network\globe.png
    c:\program files\PC-Doctor\Images\Network\inactive_incoming_network_arrow.png
    c:\program files\PC-Doctor\Images\Network\inactive_outgoing_network_arrow.png
    c:\program files\PC-Doctor\Images\Network\modem.png
    c:\program files\PC-Doctor\Images\Network\network.png
    c:\program files\PC-Doctor\Images\panel_blank.png
    c:\program files\PC-Doctor\Images\pcdr_vista.ico
    c:\program files\PC-Doctor\Images\powered_by_logo.png
    c:\program files\PC-Doctor\Images\powered_by_logo_black.png
    c:\program files\PC-Doctor\Images\resize_handle.png
    c:\program files\PC-Doctor\Images\restore_button.png
    c:\program files\PC-Doctor\Images\restore_hover.png
    c:\program files\PC-Doctor\Images\restore_normal.png
    c:\program files\PC-Doctor\Images\scriptlet_spinner.gif
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\actionitem_gradient.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\gray_bottom.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\gray_middle.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\gray_top.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\green_bottom.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\green_middle.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\green_top.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\red_bottom.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\red_middle.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\red_top.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\yellow_bottom.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\yellow_middle.png
    c:\program files\PC-Doctor\Images\scriptlets\actionitemedge\yellow_top.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\AntiVirus.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\BatteryStatus.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\CreateBootableDiags.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\DisabledHardwareAlerts.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\DriveSpaceManager.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\FileAndPrinterSharing.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\FileSharing.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\FingerprintReader.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\Firewall.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\HardDriveStatus.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\HardwareCheck.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\ImportantSupportLinks.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\infotable_even.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\infotable_odd.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\InvalidBackground.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\LNewsAndInformation.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\MobileBroadband.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\Network.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\Passwords.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\Performance.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\PerformanceAndConfigueationHistory.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\PrinterSharing.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\ScreenSaver.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\SoftwareUpdate.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\SupportMessages.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\SystemInformation.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\SystemTests.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\TestADevice.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\ThinkVantageRescueRecovery.png
    c:\program files\PC-Doctor\Images\scriptlets\backgrounds\WarrantyStatus.png
    c:\program files\PC-Doctor\Images\scriptlets\bullets\bulb.gif
    c:\program files\PC-Doctor\Images\scriptlets\bullets\support_messages_error.png
    c:\program files\PC-Doctor\Images\scriptlets\bullets\support_messages_info.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\AlertsPage_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\AlertsPage_left_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\AlertsPage_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\AlertsPage_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_hover.png
     
    scorpion657,
    #14
  16. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_partial_10.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_partial_20.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_partial_30.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_partial_40.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_partial_50.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_partial_60.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_partial_70.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_partial_80.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_left_partial_90.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_right_partial_25.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_right_partial_50.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\ExpandableActionItem_right_partial_75.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\green-button_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\green-button_left_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\green-button_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\green-button_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\HealthActionItem_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\HealthActionItem_left_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\HealthActionItem_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\HealthActionItem_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\HomePage_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\HomePage_left_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\HomePage_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\HomePage_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\mini-offer_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\mini-offer_left_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\mini-offer_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\mini-offer_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\red-button_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\red-button_left_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\red-button_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\red-button_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\SecurityActionItem_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\SecurityActionItem_left_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\SecurityActionItem_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\SecurityActionItem_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\Troubleshooter_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\Troubleshooter_left_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\Troubleshooter_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\Troubleshooter_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\yellow-button_left.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\yellow-button_left_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\yellow-button_right.png
    c:\program files\PC-Doctor\Images\scriptlets\buttons\yellow-button_right_hover.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\expander_background.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_blue_e.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_blue_n.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_blue_ne.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_blue_nw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_blue_s.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_blue_se.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_blue_sw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_blue_w.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_gray_e.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_gray_n.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_gray_ne.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_gray_nw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_gray_s.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_gray_se.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_gray_sw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_gray_w.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_green_e.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_green_n.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_green_ne.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_green_nw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_green_s.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_green_se.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_green_sw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_green_w.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_red_e.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_red_n.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_red_ne.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_red_nw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_red_s.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_red_se.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_red_sw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_red_w.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_yellow_e.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_yellow_n.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_yellow_ne.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_yellow_nw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_yellow_s.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_yellow_se.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_yellow_sw.png
    c:\program files\PC-Doctor\Images\scriptlets\panels\Expander_yellow_w.png
    c:\program files\PC-Doctor\Images\scriptlets\popups\LightBulbOff.png
    c:\program files\PC-Doctor\Images\scriptlets\tables\support_messages_border.png
    c:\program files\PC-Doctor\Images\scriptlets\tables\support_messages_border_hover.png
    c:\program files\PC-Doctor\Images\sys_info_back_white.png
    c:\program files\PC-Doctor\Images\tools\tools_additional_tools.png
    c:\program files\PC-Doctor\Images\tools\tools_help.png
    c:\program files\PC-Doctor\Images\tools\tools_manage_hard_drive.png
    c:\program files\PC-Doctor\Images\tools\tools_reports.png
    c:\program files\PC-Doctor\Images\tools\tools_test_hardware.png
    c:\program files\PC-Doctor\Images\tools\tools_troubleshooting.png
    c:\program files\PC-Doctor\Images\widget.png
    c:\program files\PC-Doctor\imstrayicon.exe
    c:\program files\PC-Doctor\installinfo.xml
    c:\program files\PC-Doctor\Interop.shdocvw.dll
    c:\program files\PC-Doctor\Inventory.dll
    c:\program files\PC-Doctor\Ionic.Zip.Reduced.dll
    c:\program files\PC-Doctor\IPC2.dll
    c:\program files\PC-Doctor\IsProcessActive.exe
    c:\program files\PC-Doctor\KernelMode.dll
    c:\program files\PC-Doctor\LaunchApp.exe
    c:\program files\PC-Doctor\LaunchApp.exe.manifest
    c:\program files\PC-Doctor\LenovoInfo.dll
    c:\program files\PC-Doctor\libAdapterDeviceDX10.dll
    c:\program files\PC-Doctor\libAsapiCSharp.dll
    c:\program files\PC-Doctor\libAudioVista.dll
    c:\program files\PC-Doctor\libCSharpCommonCS.dll
    c:\program files\PC-Doctor\libDataStoreCSharp.dll
    c:\program files\PC-Doctor\libDiskScannerCSharp.dll
    c:\program files\PC-Doctor\libDXVersion.dll
    c:\program files\PC-Doctor\libGapiCSharp.dll
    c:\program files\PC-Doctor\libGPUInfo.dll
    c:\program files\PC-Doctor\libIPv6.dll
    c:\program files\PC-Doctor\libModuleCommon.dll
    c:\program files\PC-Doctor\libNdis.dll
    c:\program files\PC-Doctor\libOSWindowsCSharp.dll
    c:\program files\PC-Doctor\libReadyBoost.dll
    c:\program files\PC-Doctor\libSynaptics.dll
    c:\program files\PC-Doctor\libTonopahClientCSharp.dll
    c:\program files\PC-Doctor\libUsbEnumerator.dll
    c:\program files\PC-Doctor\libVideo.dll
    c:\program files\PC-Doctor\libVideoDX10.dll
    c:\program files\PC-Doctor\libVideoDX11.dll
    c:\program files\PC-Doctor\libVideoDX9.dll
    c:\program files\PC-Doctor\libVideoInfo.dll
    c:\program files\PC-Doctor\libVideoPortInfo.dll
    c:\program files\PC-Doctor\libVideoPortInfoWin7.dll
    c:\program files\PC-Doctor\libVistaAudioConfigTest.dll
    c:\program files\PC-Doctor\libWindowTools.dll
    c:\program files\PC-Doctor\licenseClient.pcl2
    c:\program files\PC-Doctor\log4net.dll
    c:\program files\PC-Doctor\log4netcfg.xml
    c:\program files\PC-Doctor\LST.ico
    c:\program files\PC-Doctor\Matrix.dll
    c:\program files\PC-Doctor\MFC.dll
    c:\program files\PC-Doctor\mfc90.dll
    c:\program files\PC-Doctor\mfc90u.dll
    c:\program files\PC-Doctor\mfcm90.dll
    c:\program files\PC-Doctor\mfcm90u.dll
    c:\program files\PC-Doctor\Microsoft.VC90.CRT.manifest
    c:\program files\PC-Doctor\Microsoft.VC90.MFC.manifest
    c:\program files\PC-Doctor\MiscDriveTests.dll
    c:\program files\PC-Doctor\mixerVista.dll
    c:\program files\PC-Doctor\mixerXP.dll
    c:\program files\PC-Doctor\modules.xml
    c:\program files\PC-Doctor\msvcm90.dll
    c:\program files\PC-Doctor\msvcp90.dll
    c:\program files\PC-Doctor\msvcr90.dll
    c:\program files\PC-Doctor\OSWindows.dll
    c:\program files\PC-Doctor\OSWindowsCSharp.dll
    c:\program files\PC-Doctor\pcdcsharpcommon.dll
    c:\program files\PC-Doctor\pcdlauncher.exe
    c:\program files\PC-Doctor\PCDoctor.Core.dll
    c:\program files\PC-Doctor\PCDoctor.Core.Interfaces.dll
    c:\program files\PC-Doctor\PCDoctor.Core.Utilities.dll
    c:\program files\PC-Doctor\PCDoctor.Utilities.dll
    c:\program files\PC-Doctor\pcdr.ini
    c:\program files\PC-Doctor\pcdr1394.p5m
    c:\program files\PC-Doctor\pcdr1394.p5x
    c:\program files\PC-Doctor\pcdr2d3dvideo-vistaSpecific.dll
    c:\program files\PC-Doctor\pcdr2d3dvideo.p5m
    c:\program files\PC-Doctor\pcdr2d3dvideo.p5x
    c:\program files\PC-Doctor\pcdr2d3dvideocommon.dll
    c:\program files\PC-Doctor\pcdr2d3dvideodx10.dll
    c:\program files\PC-Doctor\pcdr2d3dvideodx11.dll
    c:\program files\PC-Doctor\pcdr2d3dvideodx9.dll
    c:\program files\PC-Doctor\pcdrantenna.p5m
    c:\program files\PC-Doctor\pcdrantenna.p5x
    c:\program files\PC-Doctor\pcdravi.p5m
    c:\program files\PC-Doctor\pcdravi.p5x
    c:\program files\PC-Doctor\pcdrbddrive.p5m
    c:\program files\PC-Doctor\pcdrbddrive.p5x
    c:\program files\PC-Doctor\pcdrbdre.p5m
    c:\program files\PC-Doctor\pcdrbdre.p5x
    c:\program files\PC-Doctor\pcdrbluetooth.p5m
    c:\program files\PC-Doctor\pcdrbluetooth.p5x
    c:\program files\PC-Doctor\pcdrcardreader.p5m
    c:\program files\PC-Doctor\pcdrcardreader.p5x
    c:\program files\PC-Doctor\pcdrcddrive.p5m
    c:\program files\PC-Doctor\pcdrcddrive.p5x
    c:\program files\PC-Doctor\pcdrcdr.p5m
    c:\program files\PC-Doctor\pcdrcdr.p5x
    c:\program files\PC-Doctor\pcdrcdrw.p5m
    c:\program files\PC-Doctor\pcdrcdrw.p5x
    c:\program files\PC-Doctor\pcdrcmos.p5m
    c:\program files\PC-Doctor\pcdrcmos.p5x
    c:\program files\PC-Doctor\pcdrcpu.p5m
    c:\program files\PC-Doctor\pcdrcpu.p5x
    c:\program files\PC-Doctor\pcdrcuda.p5m
    c:\program files\PC-Doctor\pcdrcuda.p5x
    c:\program files\PC-Doctor\pcdrcui.exe
    c:\program files\PC-Doctor\pcdrcui.exe.config
    c:\program files\PC-Doctor\pcdrcui.exe.manifest
    c:\program files\PC-Doctor\pcdrdigitizer.p5m
    c:\program files\PC-Doctor\pcdrdigitizer.p5x
    c:\program files\PC-Doctor\pcdrdvddrive.p5m
    c:\program files\PC-Doctor\pcdrdvddrive.p5x
    c:\program files\PC-Doctor\pcdrdvdminusr.p5m
    c:\program files\PC-Doctor\pcdrdvdminusr.p5x
    c:\program files\PC-Doctor\pcdrdvdminusrdl.p5m
    c:\program files\PC-Doctor\pcdrdvdminusrdl.p5x
    c:\program files\PC-Doctor\pcdrdvdminusrw.p5m
    c:\program files\PC-Doctor\pcdrdvdminusrw.p5x
    c:\program files\PC-Doctor\pcdrdvdplusr.p5m
    c:\program files\PC-Doctor\pcdrdvdplusr.p5x
    c:\program files\PC-Doctor\pcdrdvdplusrdl.p5m
    c:\program files\PC-Doctor\pcdrdvdplusrdl.p5x
    c:\program files\PC-Doctor\pcdrdvdplusrw.p5m
    c:\program files\PC-Doctor\pcdrdvdplusrw.p5x
    c:\program files\PC-Doctor\pcdrdvdramdrive.p5m
    c:\program files\PC-Doctor\pcdrdvdramdrive.p5x
    c:\program files\PC-Doctor\PcdrEngine.exe
    c:\program files\PC-Doctor\pcdrfloppy.p5m
    c:\program files\PC-Doctor\pcdrfloppy.p5x
    c:\program files\PC-Doctor\pcdrharddrive.p5m
    c:\program files\PC-Doctor\pcdrharddrive.p5x
    c:\program files\PC-Doctor\pcdrhddvddrive.p5m
    c:\program files\PC-Doctor\pcdrhddvddrive.p5x
    c:\program files\PC-Doctor\pcdrjoystick.p5m
    c:\program files\PC-Doctor\pcdrjoystick.p5x
    c:\program files\PC-Doctor\pcdrkeyboard.p5m
    c:\program files\PC-Doctor\pcdrkeyboard.p5x
    c:\program files\PC-Doctor\pcdrlenovobattery.p5m
    c:\program files\PC-Doctor\pcdrlenovobattery.p5x
    c:\program files\PC-Doctor\pcdrmemory.p5m
    c:\program files\PC-Doctor\pcdrmemory.p5x
    c:\program files\PC-Doctor\pcdrmicrophone.p5m
    c:\program files\PC-Doctor\pcdrmicrophone.p5x
    c:\program files\PC-Doctor\pcdrmobilebroadband.p5m
    c:\program files\PC-Doctor\pcdrmobilebroadband.p5x
    c:\program files\PC-Doctor\pcdrmodem.p5m
    c:\program files\PC-Doctor\pcdrmodem.p5x
    c:\program files\PC-Doctor\pcdrmodemui.dll
    c:\program files\PC-Doctor\pcdrmonitor.p5m
    c:\program files\PC-Doctor\pcdrmonitor.p5x
    c:\program files\PC-Doctor\pcdrmouse.p5m
    c:\program files\PC-Doctor\pcdrmouse.p5x
    c:\program files\PC-Doctor\pcdrnetwork.p5m
    c:\program files\PC-Doctor\pcdrnetwork.p5x
    c:\program files\PC-Doctor\pcdroverrides.p5i.readonly
    c:\program files\PC-Doctor\pcdrparallelport.p5m
    c:\program files\PC-Doctor\pcdrparallelport.p5x
    c:\program files\PC-Doctor\pcdrpccard.p5m
    c:\program files\PC-Doctor\pcdrpccard.p5x
    c:\program files\PC-Doctor\pcdrpci.p5m
    c:\program files\PC-Doctor\pcdrpci.p5x
    c:\program files\PC-Doctor\pcdrpciexpress.p5m
    c:\program files\PC-Doctor\pcdrpciexpress.p5x
    c:\program files\PC-Doctor\pcdrprinter.p5m
    c:\program files\PC-Doctor\pcdrprinter.p5x
    c:\program files\PC-Doctor\pcdrreadyboost.p5m
    c:\program files\PC-Doctor\pcdrreadyboost.p5x
    c:\program files\PC-Doctor\pcdrrealtime.p5m
    c:\program files\PC-Doctor\pcdrrealtime.p5x
    c:\program files\PC-Doctor\pcdrscsi2.p5m
    c:\program files\PC-Doctor\pcdrscsi2.p5x
    c:\program files\PC-Doctor\pcdrserialport.p5m
    c:\program files\PC-Doctor\pcdrserialport.p5x
    c:\program files\PC-Doctor\pcdrsmart.p5m
    c:\program files\PC-Doctor\pcdrsmart.p5x
    c:\program files\PC-Doctor\pcdrsmart2.p5m
    c:\program files\PC-Doctor\pcdrsmart2.p5x
    c:\program files\PC-Doctor\pcdrsound.ico
    c:\program files\PC-Doctor\pcdrsound.p5m
    c:\program files\PC-Doctor\pcdrsound.p5x
    c:\program files\PC-Doctor\pcdrsysinfobluetooth.p5m
    c:\program files\PC-Doctor\pcdrsysinfobluetooth.p5x
    c:\program files\PC-Doctor\pcdrsysinfocommunication.p5m
    c:\program files\PC-Doctor\pcdrsysinfocommunication.p5x
    c:\program files\PC-Doctor\pcdrsysinfocpu_x86.p5m
    c:\program files\PC-Doctor\pcdrsysinfocpu_x86.p5x
    c:\program files\PC-Doctor\pcdrsysinfocsmi.p5m
    c:\program files\PC-Doctor\pcdrsysinfocsmi.p5x
    c:\program files\PC-Doctor\pcdrsysinfodirect.p5m
    c:\program files\PC-Doctor\pcdrsysinfodirect.p5x
    c:\program files\PC-Doctor\pcdrsysinfoperipheral.p5m
    c:\program files\PC-Doctor\pcdrsysinfoperipheral.p5x
    c:\program files\PC-Doctor\pcdrsysinfosmbios2.p5m
    c:\program files\PC-Doctor\pcdrsysinfosmbios2.p5x
    c:\program files\PC-Doctor\pcdrsysinfosoftware.p5m
    c:\program files\PC-Doctor\pcdrsysinfosoftware.p5x
    c:\program files\PC-Doctor\pcdrsysinfostorage.p5m
    c:\program files\PC-Doctor\pcdrsysinfostorage.p5x
    c:\program files\PC-Doctor\pcdrsysinfosystemboard.p5m
    c:\program files\PC-Doctor\pcdrsysinfosystemboard.p5x
    c:\program files\PC-Doctor\pcdrsysinfovideocapture.p5m
    c:\program files\PC-Doctor\pcdrsysinfovideocapture.p5x
    c:\program files\PC-Doctor\pcdrsystemboard.p5m
    c:\program files\PC-Doctor\pcdrsystemboard.p5x
    c:\program files\PC-Doctor\pcdrtoaster.exe
    c:\program files\PC-Doctor\pcdrtouchscrn.p5m
    c:\program files\PC-Doctor\pcdrtouchscrn.p5x
    c:\program files\PC-Doctor\pcdrtvcard.p5m
    c:\program files\PC-Doctor\pcdrtvcard.p5x
    c:\program files\PC-Doctor\pcdrusb.p5m
    c:\program files\PC-Doctor\pcdrusb.p5x
    c:\program files\PC-Doctor\pcdrusbloopback.p5m
    c:\program files\PC-Doctor\pcdrusbloopback.p5x
    c:\program files\PC-Doctor\pcdrvideoports.p5m
    c:\program files\PC-Doctor\pcdrvideoports.p5x
    c:\program files\PC-Doctor\pcdrwebcam.p5m
    c:\program files\PC-Doctor\pcdrwebcam.p5x
    c:\program files\PC-Doctor\pcdsecondarysplash.exe
    c:\program files\PC-Doctor\pcdsrvc.pkms
    c:\program files\PC-Doctor\pcdsrvc_x64.pkms
    c:\program files\PC-Doctor\pcduicommon.dll
    c:\program files\PC-Doctor\Pci2.dll
    c:\program files\PC-Doctor\PreEnumerationPlugin.dll
    c:\program files\PC-Doctor\Quip.dll
    c:\program files\PC-Doctor\RbLaunchProp64.exe
    c:\program files\PC-Doctor\Regex.dll
    c:\program files\PC-Doctor\resource.db
    c:\program files\PC-Doctor\Resources\libMatrixProfiler\defaultProfilerFilter.xml
    c:\program files\PC-Doctor\Resources\libMatrixProfiler\defaultProfilerFilter_hardware.xml
    c:\program files\PC-Doctor\Resources\libMatrixProfiler\defaultProfilerFilter_performance.xml
    c:\program files\PC-Doctor\Resources\libMatrixProfiler\defaultProfilerFilter_restorepoints.xml
    c:\program files\PC-Doctor\Resources\libMatrixProfiler\defaultProfilerFilter_smartdata.xml
    c:\program files\PC-Doctor\Resources\libMatrixProfiler\defaultProfilerFilter_software.xml
    c:\program files\PC-Doctor\Resources\libMatrixProfiler\defaultProfilerFilter_software_lenovo.xml
    c:\program files\PC-Doctor\Resources\networkapp\networkrepair.bat
    c:\program files\PC-Doctor\Resources\networkapp\NetworkToolList.xml
    c:\program files\PC-Doctor\Resources\PCDEventLauncher.xml
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 1\scene_1_frame_1.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 1\scene_1_frame_2.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 1\scene_1_frame_3.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 1\scene_1_frame_4.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 1\scene_1_frame_5.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 2\scene_2_frame_1.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 2\scene_2_frame_2.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 2\scene_2_frame_3.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 2\scene_2_frame_4.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 2\scene_2_frame_5.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 2\scene_2_frame_6.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_1.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_10.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_2.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_3.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_4.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_5.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_6.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_7.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_8.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 3\scene_3_frame_9.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 4\scene_4_frame_1.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 4\scene_4_frame_2.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 4\scene_4_frame_3.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 4\scene_4_frame_4.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 4\scene_4_frame_5.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\Scene 4\scene_4_frame_6.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\scene_fail.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\scene_pass.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Animation Frames\scene_test_image.png
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\computer.DAE
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\computer.DAE.trimesh
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\computer.x
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Lighting.fxo
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\MultiPointLight.fxo
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\MultiPointLight_4_1.fxo
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\MultiPointLight50.fxo
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\passthrough.fxo
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\ShadowMap.fxo
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\skinnedMeshRenderTest.fxo
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\agpTop.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\brownPlastic.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\contacts.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\default.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\eyes.tga
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\floppyCable.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\floppyCableBump.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\ideCable.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\logoHead.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\logoHead.tga
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\memory.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\memoryTop.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\metal.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\motherboard.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\pciTop.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\portalEffect.tga
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\powerSupply.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\powerSupplyGrate.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\powerSupplySticker.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\powerSupplyTexture.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\shirtPocket.tga
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\soundCard.jpg
    c:\program files\PC-Doctor\Resources\pcdr2d3dvideo\Textures\videocard.jpg
    c:\program files\PC-Doctor\Resources\pcdrantenna\signal_disabled.png
    c:\program files\PC-Doctor\Resources\pcdrantenna\signal_enabled.png
    c:\program files\PC-Doctor\Resources\pcdravi\VIDTEST.avi
    c:\program files\PC-Doctor\Resources\pcdrkeyboard\images\keyboard.png
    c:\program files\PC-Doctor\Resources\pcdrkeyboard\images\led_off.png
    c:\program files\PC-Doctor\Resources\pcdrkeyboard\images\led_on.png
    c:\program files\PC-Doctor\Resources\pcdrkeyboard\layouts\101EnhKbd.p3k
    c:\program files\PC-Doctor\Resources\pcdrkeyboard\layouts\99UsbKbd.p3k
    c:\program files\PC-Doctor\Resources\pcdrkeyboard\layouts\Std104Kbd.p3k
    c:\program files\PC-Doctor\Resources\pcdrkeyboard\layouts\Std106Kbd.p3k
    c:\program files\PC-Doctor\Resources\pcdrmouse\touchpad_button_left.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\touchpad_button_left_click.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\touchpad_button_right.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\touchpad_button_right_click.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\touchpad_pad.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\touchpad_reticle.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\trackpoint_button_center.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\trackpoint_button_center_click.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\trackpoint_button_left.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\trackpoint_button_left_click.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\trackpoint_button_main.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\trackpoint_button_right.png
    c:\program files\PC-Doctor\Resources\pcdrmouse\trackpoint_button_right_click.png
    c:\program files\PC-Doctor\Resources\pcdrnetwork\checksum.csm
    c:\program files\PC-Doctor\Resources\pcdrreadyboost\fail.png
    c:\program files\PC-Doctor\Resources\pcdrreadyboost\fail_small.png
    c:\program files\PC-Doctor\Resources\pcdrreadyboost\na.png
    c:\program files\PC-Doctor\Resources\pcdrreadyboost\na_small.png
    c:\program files\PC-Doctor\Resources\pcdrreadyboost\pass.png
    c:\program files\PC-Doctor\Resources\pcdrreadyboost\pass_small.png
    c:\program files\PC-Doctor\Resources\pcdrsound\C_Disabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\C_Enabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\C_Playing.png
    c:\program files\PC-Doctor\Resources\pcdrsound\center_piece.png
    c:\program files\PC-Doctor\Resources\pcdrsound\center_piece_click.png
    c:\program files\PC-Doctor\Resources\pcdrsound\center_piece_hover.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LB_Disabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LB_Enabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LB_Playing.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LF_Disabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LF_Enabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LF_Playing.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LFE_Disabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LFE_Enabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LFE_Playing.png
    c:\program files\PC-Doctor\Resources\pcdrsound\lightning.wav
    c:\program files\PC-Doctor\Resources\pcdrsound\LS_Disabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LS_Enabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\LS_Playing.png
    c:\program files\PC-Doctor\Resources\pcdrsound\midboth.mid
    c:\program files\PC-Doctor\Resources\pcdrsound\notes.png
    c:\program files\PC-Doctor\Resources\pcdrsound\one.wav
    c:\program files\PC-Doctor\Resources\pcdrsound\RB_Disabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\RB_Enabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\RB_Playing.png
    c:\program files\PC-Doctor\Resources\pcdrsound\RF_Disabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\RF_Enabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\RF_Playing.png
    c:\program files\PC-Doctor\Resources\pcdrsound\RS_Disabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\RS_Enabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\RS_Playing.png
    c:\program files\PC-Doctor\Resources\pcdrsound\speaker.png
    c:\program files\PC-Doctor\Resources\pcdrsound\speaker_disabled.png
    c:\program files\PC-Doctor\Resources\pcdrsound\speaker_disabled_lg.png
    c:\program files\PC-Doctor\Resources\pcdrsound\speaker_lg.png
    c:\program files\PC-Doctor\Resources\pcdrsound\st_anim_frame0.png
    c:\program files\PC-Doctor\Resources\pcdrsound\st_anim_frame1.png
    c:\program files\PC-Doctor\Resources\pcdrsound\st_anim_frame2.png
    c:\program files\PC-Doctor\Resources\pcdrsound\st_anim_frame3.png
    c:\program files\PC-Doctor\Resources\pcdrsound\st_anim_frame4.png
    c:\program files\PC-Doctor\Resources\pcdrsound\st_internal_active.png
    c:\program files\PC-Doctor\Resources\pcdrsound\st_internal_playing.png
    c:\program files\PC-Doctor\Resources\pcdrsound\Sub.wav
    c:\program files\PC-Doctor\Resources\pcdrsound\two.wav
    c:\program files\PC-Doctor\Resources\pcdrtouchscrn\CoverageTestImage.jpg
    c:\program files\PC-Doctor\Resources\pcdrvideoports\connection.png
    c:\program files\PC-Doctor\Resources\pcdrvideoports\VIDTEST.avi
    c:\program files\PC-Doctor\Resources\templates\allcategoriesreport.html
    c:\program files\PC-Doctor\Resources\templates\correctpng.js
    c:\program files\PC-Doctor\Resources\templates\detectHelpKey.js
    c:\program files\PC-Doctor\Resources\templates\ERFTest.html
    c:\program files\PC-Doctor\Resources\templates\generic-style.css
    c:\program files\PC-Doctor\Resources\templates\helpcontent_lenovo.css
    c:\program files\PC-Doctor\Resources\templates\homepage.css
    c:\program files\PC-Doctor\Resources\templates\HomePageWelcomPanel.html
    c:\program files\PC-Doctor\Resources\templates\lib\builder.js
    c:\program files\PC-Doctor\Resources\templates\lib\controls.js
    c:\program files\PC-Doctor\Resources\templates\lib\dragdrop.js
    c:\program files\PC-Doctor\Resources\templates\lib\effects.js
    c:\program files\PC-Doctor\Resources\templates\lib\prototype.js
    c:\program files\PC-Doctor\Resources\templates\lib\scriptaculous.js
    c:\program files\PC-Doctor\Resources\templates\lib\slider.js
    c:\program files\PC-Doctor\Resources\templates\lib\sound.js
    c:\program files\PC-Doctor\Resources\templates\scriptconfirmation.css
    c:\program files\PC-Doctor\Resources\templates\scriptconfirmation.html
    c:\program files\PC-Doctor\Resources\templates\sysinfopage-extended_lenovo_ltt.html
    c:\program files\PC-Doctor\Resources\templates\sysinfopage.css
    c:\program files\PC-Doctor\Resources\templates\sysinfopage.html
    c:\program files\PC-Doctor\Resources\templates\sysinfopage_forfile.css
    c:\program files\PC-Doctor\Resources\templates\sysinfopage_forfile_lenovo_lttlite.css
    c:\program files\PC-Doctor\Resources\templates\sysinfopage_lenovo.css
    c:\program files\PC-Doctor\Resources\templates\sysinfopage_lenovo_ltt.css
    c:\program files\PC-Doctor\Resources\templates\sysinfopage_lenovo_ltt.html
    c:\program files\PC-Doctor\Resources\templates\sysinfopage_lenovo_lttlite.css
    c:\program files\PC-Doctor\Resources\templates\sysinfopage_lenovo_lttlite.html
    c:\program files\PC-Doctor\resourceUtil.exe
    c:\program files\PC-Doctor\RunProfiler.exe
    c:\program files\PC-Doctor\sceneGraph.dll
    c:\program files\PC-Doctor\scriptlet.dll
    c:\program files\PC-Doctor\scriptlets\accessories\AudioandVideo.xml
    c:\program files\PC-Doctor\scriptlets\accessories\CarryingCases.xml
    c:\program files\PC-Doctor\scriptlets\accessories\ConstantConnect.xml
    c:\program files\PC-Doctor\scriptlets\accessories\IntegratedSoftware.xml
    c:\program files\PC-Doctor\scriptlets\accessories\KeyboardsandMice.xml
    c:\program files\PC-Doctor\scriptlets\accessories\Memory.xml
    c:\program files\PC-Doctor\scriptlets\accessories\Monitors.xml
    c:\program files\PC-Doctor\scriptlets\accessories\OnlineDataBackup.xml
    c:\program files\PC-Doctor\scriptlets\accessories\Printers.xml
    c:\program files\PC-Doctor\scriptlets\accessories\VLSSoftware.xml
    c:\program files\PC-Doctor\scriptlets\diags\CreateBootableDiags.xml
    c:\program files\PC-Doctor\scriptlets\diags\DisabledDeviceAlerts.xml
    c:\program files\PC-Doctor\scriptlets\diags\SystemInformation.xml
    c:\program files\PC-Doctor\scriptlets\diags\SystemTests.xml
    c:\program files\PC-Doctor\scriptlets\diags\TestADevice.xml
    c:\program files\PC-Doctor\scriptlets\health_action_items\BatteryStatus.xml
    c:\program files\PC-Doctor\scriptlets\health_action_items\DefragmentHardDrive.xml
    c:\program files\PC-Doctor\scriptlets\health_action_items\HardwareCheck.xml
    c:\program files\PC-Doctor\scriptlets\health_action_items\ManufacturerUpgrades.js
    c:\program files\PC-Doctor\scriptlets\health_action_items\Performance.xml
    c:\program files\PC-Doctor\scriptlets\health_action_items\RunRequiredApp.js
    c:\program files\PC-Doctor\scriptlets\health_action_items\SoftwareUpdate.xml
    c:\program files\PC-Doctor\scriptlets\health_action_items\ThinkVantageRescueAndRecovery.xml
    c:\program files\PC-Doctor\scriptlets\health_action_items\WarrantyStatus.xml
    c:\program files\PC-Doctor\scriptlets\images\actionitem_size_change\collapse.gif
    c:\program files\PC-Doctor\scriptlets\images\actionitem_size_change\expand.gif
    c:\program files\PC-Doctor\scriptlets\images\network_share_location.gif
    c:\program files\PC-Doctor\scriptlets\information\EmptyAlertPage.xml
    c:\program files\PC-Doctor\scriptlets\information\IgnoredAlertsPage.xml
    c:\program files\PC-Doctor\scriptlets\information\WelcomeMessage.xml
    c:\program files\PC-Doctor\scriptlets\news\DriveSpaceManager.xml
    c:\program files\PC-Doctor\scriptlets\news\PerformanceAndConfigurationHistory.xml
    c:\program files\PC-Doctor\scriptlets\news\SupportMessages.xml
    c:\program files\PC-Doctor\scriptlets\news\WarrantyStatus.xml
    c:\program files\PC-Doctor\scriptlets\security_action_items\AntiVirus.xml
    c:\program files\PC-Doctor\scriptlets\security_action_items\FileAndPrinterSharing.xml
    c:\program files\PC-Doctor\scriptlets\security_action_items\FingerprintReader.xml
    c:\program files\PC-Doctor\scriptlets\security_action_items\Firewall.xml
    c:\program files\PC-Doctor\scriptlets\security_action_items\MobileBroadband.xml
    c:\program files\PC-Doctor\scriptlets\security_action_items\Network.xml
    c:\program files\PC-Doctor\scriptlets\security_action_items\Passwords.xml
    c:\program files\PC-Doctor\scriptlets\solutions\BeginDiagnosis.xml
    c:\program files\PC-Doctor\scriptlets\solutions\CleanDisc.xml
    c:\program files\PC-Doctor\scriptlets\solutions\DiscReadProblems.xml
    c:\program files\PC-Doctor\scriptlets\solutions\DoSystemRestore.xml
    c:\program files\PC-Doctor\scriptlets\solutions\HowToBurn.xml
    c:\program files\PC-Doctor\scriptlets\solutions\images\antenna.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\bluray.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\bluray.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\cd-r.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\cd-r.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\cd-rw.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\cd-rw.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd-r.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd-r.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd-ram.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd-ram.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd-rdl.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd-rdl.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd-rw.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd-rw.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd_video.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvd_video.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvdplusr.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvdplusr.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvdplusrdl.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvdplusrdl.png
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvdplusrw.jpg
    c:\program files\PC-Doctor\scriptlets\solutions\images\dvdplusrw.png
    c:\program files\PC-Doctor\scriptlets\solutions\ImprovePerformance.xml
    c:\program files\PC-Doctor\scriptlets\solutions\LaunchMediaPlayer.xml
    c:\program files\PC-Doctor\scriptlets\solutions\MoviePlaybackProblems.xml
    c:\program files\PC-Doctor\scriptlets\solutions\OpticalDriveEntryPoint.xml
    c:\program files\PC-Doctor\scriptlets\solutions\ProtectYourData.xml
    c:\program files\PC-Doctor\scriptlets\solutions\RunOpticalTest.xml
    c:\program files\PC-Doctor\scriptlets\solutions\SelectAffectedDiscs.xml
    c:\program files\PC-Doctor\scriptlets\solutions\TestOptical.xml
    c:\program files\PC-Doctor\scriptlets\solutions\WirelessEntryPoint.xml
    c:\program files\PC-Doctor\scriptlets\solutions\WorkWithCDs.xml
    c:\program files\PC-Doctor\scriptlets\solutions\WritableMedia.xml
    c:\program files\PC-Doctor\scriptlets\templates\ActionItem.css
    c:\program files\PC-Doctor\scriptlets\templates\ActionItem.js
    c:\program files\PC-Doctor\scriptlets\templates\ActionItem.xml
    c:\program files\PC-Doctor\scriptlets\templates\ActionItemTemplate.xml
    c:\program files\PC-Doctor\scriptlets\templates\BlankUnknown.css
    c:\program files\PC-Doctor\scriptlets\templates\ButtonOffer.js
    c:\program files\PC-Doctor\scriptlets\templates\ClientCustomizations.js
    c:\program files\PC-Doctor\scriptlets\templates\Diagnostics.css
    c:\program files\PC-Doctor\scriptlets\templates\Diagnostics.js
    c:\program files\PC-Doctor\scriptlets\templates\DisplayMessage.js
    c:\program files\PC-Doctor\scriptlets\templates\DisplayMessageContainer.js
    c:\program files\PC-Doctor\scriptlets\templates\DynamicCodeRunnerScriptlet.xml
    c:\program files\PC-Doctor\scriptlets\templates\ExpandableActionItem.js
    c:\program files\PC-Doctor\scriptlets\templates\ExternalExecutorScriptlet.xml
    c:\program files\PC-Doctor\scriptlets\templates\HoverPopup.css
    c:\program files\PC-Doctor\scriptlets\templates\HoverPopup.xml
    c:\program files\PC-Doctor\scriptlets\templates\Invisible.css
    c:\program files\PC-Doctor\scriptlets\templates\Library.js
    c:\program files\PC-Doctor\scriptlets\templates\LTTExpanderTemplate.css
    c:\program files\PC-Doctor\scriptlets\templates\LTTExpanderTemplate.xml
    c:\program files\PC-Doctor\scriptlets\templates\MainTemplate.xml
    c:\program files\PC-Doctor\scriptlets\templates\NewsAndInformation.css
    c:\program files\PC-Doctor\scriptlets\templates\NewsAndInformation.xml
    c:\program files\PC-Doctor\scriptlets\templates\Offer.css
    c:\program files\PC-Doctor\scriptlets\templates\OfferDisplay.css
    c:\program files\PC-Doctor\scriptlets\templates\OfferDisplay.xml
    c:\program files\PC-Doctor\scriptlets\templates\OfferDisplayTemplate.xml
    c:\program files\PC-Doctor\scriptlets\templates\Offers.js
    c:\program files\PC-Doctor\scriptlets\templates\prototype.js
    c:\program files\PC-Doctor\scriptlets\templates\scriptaculous\builder.js
    c:\program files\PC-Doctor\scriptlets\templates\scriptaculous\controls.js
    c:\program files\PC-Doctor\scriptlets\templates\scriptaculous\dragdrop.js
    c:\program files\PC-Doctor\scriptlets\templates\scriptaculous\effects.js
    c:\program files\PC-Doctor\scriptlets\templates\scriptaculous\scriptaculous.js
    c:\program files\PC-Doctor\scriptlets\templates\scriptaculous\slider.js
    c:\program files\PC-Doctor\scriptlets\templates\Scriptlets.css
    c:\program files\PC-Doctor\scriptlets\templates\Solution.css
    c:\program files\PC-Doctor\scriptlets\templates\SolutionTemplate.xml
    c:\program files\PC-Doctor\scriptlets\templates\SolutionUnknown.css
    c:\program files\PC-Doctor\scriptlets\templates\Sysinfo.js
    c:\program files\PC-Doctor\scriptlets\templates\TemplateExpandedActionItem.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\TemplateHoverPopup.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\TemplateInformation.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\TemplateInvisible.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\TemplateMessage.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\TemplateNews.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\TemplateOffer.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\TemplatePopupOffer.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\TemplateSmallActionItem.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\TemplateSolution.xhtml
    c:\program files\PC-Doctor\scriptlets\templates\Tonopah.css
    c:\program files\PC-Doctor\scriptlets\templates\Tonopah.js
    c:\program files\PC-Doctor\scriptlets\templates\TonopahDisplay.css
    c:\program files\PC-Doctor\scriptlets\templates\TonopahDisplay.xml
    c:\program files\PC-Doctor\scriptlets\value\AccessConnections.xml
    c:\program files\PC-Doctor\scriptlets\value\APS.xml
    c:\program files\PC-Doctor\scriptlets\value\FingerprintReader.xml
    c:\program files\PC-Doctor\scriptlets\value\PasswordManager.xml
    c:\program files\PC-Doctor\scriptlets\value\PowerManager.xml
    c:\program files\PC-Doctor\scriptlets\value\RescueandRecovery.xml
    c:\program files\PC-Doctor\scriptlets\value\SecureDataDisposal.xml
    c:\program files\PC-Doctor\scriptlets\value\WelcomeMessage.xml
    c:\program files\PC-Doctor\scripts\advancedtest.xml
    c:\program files\PC-Doctor\scripts\backgroundmon.xml
    c:\program files\PC-Doctor\scripts\cpustresstest.xml
    c:\program files\PC-Doctor\scripts\custom_1.xml
    c:\program files\PC-Doctor\scripts\custom_2.xml
    c:\program files\PC-Doctor\scripts\full_lenovo.xml
    c:\program files\PC-Doctor\scripts\functional_long.xml
    c:\program files\PC-Doctor\scripts\functional_short.xml
    c:\program files\PC-Doctor\scripts\harddrivetest.xml
    c:\program files\PC-Doctor\scripts\interactivesystemtest.xml
    c:\program files\PC-Doctor\scripts\LongHardDriveTest.xml
    c:\program files\PC-Doctor\scripts\memorystresstest.xml
    c:\program files\PC-Doctor\scripts\motherboard.xml
    c:\program files\PC-Doctor\scripts\port.xml
    c:\program files\PC-Doctor\scripts\quicktest.xml
    c:\program files\PC-Doctor\scripts\ShortHardDriveTest.xml
    c:\program files\PC-Doctor\scripts\stresstest.xml
    c:\program files\PC-Doctor\scripts\stresstest_lenovo.xml
    c:\program files\PC-Doctor\scripts\system.xml
    c:\program files\PC-Doctor\scripts\system_lenovo.xml
    c:\program files\PC-Doctor\Scsi.dll
    c:\program files\PC-Doctor\Scsi2.dll
    c:\program files\PC-Doctor\ScsiInfo.dll
    c:\program files\PC-Doctor\SecurityCenter.dll
    c:\program files\PC-Doctor\sessionchecker.exe
    c:\program files\PC-Doctor\Setup_nltd.exe
    c:\program files\PC-Doctor\Smart.dll
    c:\program files\PC-Doctor\Smart2.dll
    c:\program files\PC-Doctor\SmartLog.dll
    c:\program files\PC-Doctor\Smbios2.dll
    c:\program files\PC-Doctor\static.xml
    c:\program files\PC-Doctor\Storage.dll
    c:\program files\PC-Doctor\Sysinfo.dll
    c:\program files\PC-Doctor\SysSpace.dll
    c:\program files\PC-Doctor\TaskScheduler.dll
    c:\program files\PC-Doctor\TonopahClient.dll
    c:\program files\PC-Doctor\tonopahclientcsharp.dll
    c:\program files\PC-Doctor\ToolbarProxy.dll
    c:\program files\PC-Doctor\uaclauncher.exe
    c:\program files\PC-Doctor\uninst.exe
    c:\program files\PC-Doctor\updater\app_updater_angle_bracket.png
    c:\program files\PC-Doctor\updater\app_updater_body.png
    c:\program files\PC-Doctor\updater\app_updater_button.png
    c:\program files\PC-Doctor\updater\app_updater_footer.png
    c:\program files\PC-Doctor\updater\app_updater_header.png
    c:\program files\PC-Doctor\updater\app_updater_icon.png
    c:\program files\PC-Doctor\updater\app_updater_table_bg.png
    c:\program files\PC-Doctor\updater\appupdater.exe
    c:\program files\PC-Doctor\updater\appupdater.exe.config
    c:\program files\PC-Doctor\updater\appupdater.exe.manifest
    c:\program files\PC-Doctor\updater\boards\updater_local_bg.png
    c:\program files\PC-Doctor\updater\boards\updater_local_da.html
    c:\program files\PC-Doctor\updater\boards\updater_local_de.html
    c:\program files\PC-Doctor\updater\boards\updater_local_en.html
    c:\program files\PC-Doctor\updater\boards\updater_local_it.html
    c:\program files\PC-Doctor\updater\boards\updater_local_ja.html
    c:\program files\PC-Doctor\updater\boards\updater_local_ko.html
    c:\program files\PC-Doctor\updater\boards\updater_local_nb.html
    c:\program files\PC-Doctor\updater\boards\updater_local_nl.html
    c:\program files\PC-Doctor\updater\boards\updater_local_pl.html
    c:\program files\PC-Doctor\updater\boards\updater_local_pt.html
    c:\program files\PC-Doctor\updater\boards\updater_local_ru.html
    c:\program files\PC-Doctor\updater\boards\updater_local_sv.html
    c:\program files\PC-Doctor\updater\boards\updater_local_zh_cn.html
    c:\program files\PC-Doctor\updater\boards\updater_local_zh_tw.html
    c:\program files\PC-Doctor\updater\close_hover.png
    c:\program files\PC-Doctor\updater\close_normal.png
    c:\program files\PC-Doctor\updater\download_1.ico
    c:\program files\PC-Doctor\updater\download_10.ico
    c:\program files\PC-Doctor\updater\download_11.ico
    c:\program files\PC-Doctor\updater\download_12.ico
    c:\program files\PC-Doctor\updater\download_2.ico
    c:\program files\PC-Doctor\updater\download_3.ico
    c:\program files\PC-Doctor\updater\download_4.ico
    c:\program files\PC-Doctor\updater\download_5.ico
    c:\program files\PC-Doctor\updater\download_6.ico
    c:\program files\PC-Doctor\updater\download_7.ico
    c:\program files\PC-Doctor\updater\download_8.ico
    c:\program files\PC-Doctor\updater\download_9.ico
    c:\program files\PC-Doctor\updater\flash.icon1.ico
    c:\program files\PC-Doctor\updater\flash.icon2.ico
    c:\program files\PC-Doctor\updater\install_1.ico
    c:\program files\PC-Doctor\updater\install_10.ico
    c:\program files\PC-Doctor\updater\install_11.ico
    c:\program files\PC-Doctor\updater\install_12.ico
    c:\program files\PC-Doctor\updater\install_2.ico
    c:\program files\PC-Doctor\updater\install_3.ico
    c:\program files\PC-Doctor\updater\install_4.ico
    c:\program files\PC-Doctor\updater\install_5.ico
    c:\program files\PC-Doctor\updater\install_6.ico
    c:\program files\PC-Doctor\updater\install_7.ico
    c:\program files\PC-Doctor\updater\install_8.ico
    c:\program files\PC-Doctor\updater\install_9.ico
    c:\program files\PC-Doctor\updater\LangIDsWithPCDLangs.properties
    c:\program files\PC-Doctor\updater\minimize_hover.png
    c:\program files\PC-Doctor\updater\minimize_normal.png
    c:\program files\PC-Doctor\updater\OS_Values.xml
    c:\program files\PC-Doctor\updater\settings_appupdater.xml
    c:\program files\PC-Doctor\updater\strings_appupdater.xml
    c:\program files\PC-Doctor\usbinstr.png
    c:\program files\PC-Doctor\VidCapture.dll
    c:\program files\PC-Doctor\wifiradio.exe
    c:\program files\PC-Doctor\zlib1.dll
    c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
    c:\windows\Tasks\SystemToolsDailyTest.job

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_PCDSRVC{3037D694-FD904ACA-06020000}_0
    -------\Legacy_PCDSRVC{3037D694-FD904ACA-06020000}_0
    -------\Service_PCDSRVC{3037D694-FD904ACA-06020000}_0
    -------\Service_PCDSRVC{3037D694-FD904ACA-06020000}_0


    ((((((((((((((((((((((((( Files Created from 2010-11-27 to 2010-12-27 )))))))))))))))))))))))))))))))
    .

    2010-12-27 03:42 . 2010-12-27 05:04 -------- d-----w- c:\users\vincebaze\AppData\Local\temp
    2010-12-27 03:42 . 2010-12-27 03:42 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-12-27 03:30 . 2010-12-27 03:31 -------- d-----r- C:\32788R22FWJFW
    2010-12-27 03:25 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FEC2F9B9-4047-4B86-98DA-A4FC484A98DF}\mpengine.dll
    2010-12-25 05:53 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-12-25 05:53 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-25 05:09 . 2010-12-25 05:09 -------- d-----w- c:\users\vincebaze\AppData\Roaming\Malwarebytes
    2010-12-25 05:09 . 2010-12-25 05:09 -------- d-----w- c:\programdata\Malwarebytes
    2010-12-25 05:09 . 2010-12-25 17:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-12-16 02:33 . 2010-12-16 02:33 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-3\markup.dll
    2010-12-15 12:37 . 2010-12-15 12:37 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    2010-12-15 02:43 . 2010-10-12 04:25 516096 ----a-w- c:\program files\Windows Mail\wab.exe
    2010-12-15 02:43 . 2010-10-27 04:32 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-12-11 00:00 . 2010-12-11 00:00 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-12-16 02:17 . 2010-10-22 22:03 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2010-10-22 22:04 . 2010-10-22 22:04 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2010-10-22 22:04 . 2010-10-22 22:04 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2010-10-22 22:03 . 2010-10-22 22:03 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2010-10-19 15:41 . 2010-06-25 07:34 222080 ------w- c:\windows\system32\MpSigStub.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
    2010-06-03 22:24 2736736 ----a-w- c:\program files\TranslatorBar_1.2\tbTran.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b9b97401-98e1-4942-930d-c36652dab7f2}]
    2010-09-11 23:30 2735200 ----a-w- c:\program files\TranslatorBar_5\tbTra1.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{548f6736-8fe4-4680-82f2-170d6c07e1d2} "= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]
    "{b9b97401-98e1-4942-930d-c36652dab7f2} "= "c:\program files\TranslatorBar_5\tbTra1.dll" [2010-09-11 2735200]

    [HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]

    [HKEY_CLASSES_ROOT\clsid\{b9b97401-98e1-4942-930d-c36652dab7f2}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{548F6736-8FE4-4680-82F2-170D6C07E1D2} "= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]
    "{B9B97401-98E1-4942-930D-C36652DAB7F2} "= "c:\program files\TranslatorBar_5\tbTra1.dll" [2010-09-11 2735200]

    [HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
     
    scorpion657,
    #15
  17. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    [HKEY_CLASSES_ROOT\clsid\{b9b97401-98e1-4942-930d-c36652dab7f2}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-27 39408]
    "msnmsgr "= "c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "Google Update "= "c:\users\vincebaze\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-06-27 135664]
    "Skype "= "c:\program files\Skype\Phone\Skype.exe" [2009-06-26 24235816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TPHOTKEY "= "c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-11-17 69568]
    "TpShocks "= "TpShocks.exe" [2009-12-11 337256]
    "HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2010-02-01 175640]
    "Persistence "= "c:\windows\system32\igfxpers.exe" [2010-02-01 166936]
    "PWMTRV "= "c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-01-05 869736]
    "Message Center Plus "= "c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]
    "AcWin7Hlpr "= "c:\program files\Lenovo\Access Connections\AcTBenabler.exe" [2009-10-14 36864]
    "cssauth "= "c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2009-08-26 3089720]
    "MSN Toolbar "= "c:\program files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe" [2010-02-12 240992]
    "Microsoft Default Manager "= "c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
    "BabylonToolbar "= "c:\program files\BabylonToolbar\BabylonToolbar\1.4.15.4\BabylonToolbarsrv.exe" [2010-08-09 286720]
    "QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
    "AppleSyncNotifier "= "c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-22 47904]
    "iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2010-11-18 421160]
    "SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "Malwarebytes' Anti-Malware (reboot) "= "c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin "= 5 (0x5)
    "ConsentPromptBehaviorUser "= 3 (0x3)
    "EnableUIADesktopToggle "= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1 "=wdmaud.drv

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
    @= "FSFilter Activity Monitor "

    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 135664]
    R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
    R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-05 75112]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-08 186912]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
    R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [2010-06-25 48688]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-25 1343400]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS [2010-06-25 310320]
    S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520]
    S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys [2010-01-20 259632]
    S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys [2010-06-26 482432]
    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100723.001\IDSvix86.sys [2010-06-05 344112]
    S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\LENOVO\HOTKEY\CAMMUTE.exe [2009-11-09 54632]
    S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-11-17 44984]
    S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [2010-06-25 117640]
    S2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);c:\program files\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [2010-02-05 331512]
    S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
    S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-11-16 62904]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
    S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2009-06-18 125568]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-01-06 132352]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-07 232448]
    S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
    S3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);c:\windows\system32\DRIVERS\qcfilterlno2k.sys [2010-02-05 5248]
    S3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);c:\windows\system32\DRIVERS\qcusbnetlno2k.sys [2010-02-05 207360]
    S3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);c:\windows\system32\DRIVERS\qcusbserlno2k.sys [2010-02-05 106880]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-10-02 204288]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

    .
    Contents of the 'Scheduled Tasks' folder

    2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 21:11]

    2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 21:11]

    2010-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1399031874-2588190885-375607663-1003Core.job
    - c:\users\vincebaze\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 21:11]

    2010-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1399031874-2588190885-375607663-1003UA.job
    - c:\users\vincebaze\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 21:11]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    .
    - - - - ORPHANS REMOVED - - - -

    AddRemove-PC-Doctor for Windows - c:\program files\PC-Doctor\uninst.exe



    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Norton Internet Security]
    "ImagePath "= "\ "c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe\" /s \ "Norton Internet Security\" /m \ "c:\program files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll\" /prefetch:1 "
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial "=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'Explorer.exe'(5600)
    c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
    c:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLL
    c:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\ibmpmsvc.exe
    c:\windows\system32\WLANExt.exe
    c:\windows\system32\conhost.exe
    c:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Intel\WiFi\bin\EvtEng.exe
    c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    c:\program files\Lenovo\Access Connections\AcSvc.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    c:\program files\Lenovo\System Update\SUService.exe
    c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\progra~1\Lenovo\HOTKEY\tpnumlkd.exe
    c:\windows\system32\taskhost.exe
    c:\windows\system32\conhost.exe
    c:\windows\System32\rundll32.exe
    c:\windows\System32\TpShocks.exe
    c:\program files\Lenovo\HOTKEY\TPONSCR.exe
    c:\windows\System32\rundll32.exe
    c:\windows\system32\igfxsrvc.exe
    c:\windows\system32\igfxext.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\windows\system32\DllHost.exe
    .
    **************************************************************************
    .
    Completion time: 2010-12-27 00:07:34 - machine was rebooted
    ComboFix-quarantined-files.txt 2010-12-27 05:07

    Pre-Run: 197,691,011,072 bytes free
    Post-Run: 197,699,522,560 bytes free

    - - End Of File - - F76DC7A9EA566B0E4356804C887E4829
     
    scorpion657,
    #16
  18. 2010/12/26
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Good :)

    How is computer doing?

    Download OTL to your Desktop.

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in:


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
    %PROGRAMFILES%\PC-Doctor\Downloads\*.*
    %PROGRAMFILES%\Internet Explorer\*.tmp
    %PROGRAMFILES%\Internet Explorer\*.dat
    %USERPROFILE%\My Documents\*.exe
    %USERPROFILE%\*.exe
    %systemroot%\ADDINS\*.*
    %systemroot%\assembly\*.bak2
    %systemroot%\Config\*.*
    %systemroot%\REPAIR\*.bak2
    %systemroot%\SECURITY\Database\*.sdb /x
    %systemroot%\SYSTEM\*.bak2
    %systemroot%\Web\*.bak2
    %systemroot%\Driver Cache\*.*
    %PROGRAMFILES%\Mozilla Firefox\0*.exe
    %ProgramFiles%\Microsoft Common\*.*
    %ProgramFiles%\TinyProxy.
    %USERPROFILE%\Favorites\*.url /x
    %systemroot%\system32\*.bk
    %systemroot%\*.te
    %systemroot%\system32\system32\*.*
    %ALLUSERSPROFILE%\*.dat /x
    %systemroot%\system32\drivers\*.rmv
    dir /b "%systemroot%\system32\*.exe" | find /i " " /c
    dir /b "%systemroot%\*.exe" | find /i " " /c
    %PROGRAMFILES%\Microsoft\*.*
    %systemroot%\System32\Wbem\proquota.exe
    %PROGRAMFILES%\Mozilla Firefox\*.dat
    %USERPROFILE%\Cookies\*.txt /x
    %SystemRoot%\system32\fonts\*.*
    %systemroot%\system32\winlog\*.*
    %systemroot%\system32\Language\*.*
    %systemroot%\system32\Settings\*.*
    %systemroot%\system32\*.quo
    %SYSTEMROOT%\AppPatch\*.exe
    %SYSTEMROOT%\inf\*.exe
    %SYSTEMROOT%\Installer\*.exe
    %systemroot%\system32\config\*.bak2
    %systemroot%\system32\Computers\*.*
    %SystemRoot%\system32\Sound\*.*
    %SystemRoot%\system32\SpecialImg\*.*
    %SystemRoot%\system32\code\*.*
    %SystemRoot%\system32\draft\*.*
    %SystemRoot%\system32\MSSSys\*.*
    %ProgramFiles%\Javascript\*.*
    %systemroot%\pchealth\helpctr\System\*.exe /s
    %systemroot%\Web\*.exe
    %systemroot%\system32\msn\*.*
    %systemroot%\system32\*.tro
    %AppData%\Microsoft\Installer\msupdates\*.*
    %ProgramFiles%\Messenger\*.*
    %systemroot%\system32\systhem32\*.*
    %systemroot%\system\*.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    /md5stop


    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
    broni,
    #17
  19. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    The computer is doing really really good so far. Thanks!

    Here is the OTL log:

    OTL logfile created on: 12/27/2010 12:34:33 AM - Run 1
    OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\vincebaze\Desktop
    An unknown product (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
    4.00 Gb Paging File | 3.00 Gb Available in Paging File | 68.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 221.95 Gb Total Space | 184.19 Gb Free Space | 82.99% Space Free | Partition Type: NTFS
    Drive Q: | 9.77 Gb Total Space | 3.56 Gb Free Space | 36.45% Space Free | Partition Type: NTFS
    Drive S: | 1.17 Gb Total Space | 0.52 Gb Free Space | 44.68% Space Free | Partition Type: NTFS

    Computer Name: VINCEBAZE-THINK | User Name: vincebaze | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/12/27 00:33:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\vincebaze\Desktop\OTL.exe
    PRC - [2010/11/09 06:20:01 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe
    PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/06/25 02:42:35 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
    PRC - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    PRC - [2010/03/01 13:29:12 | 000,259,432 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe
    PRC - [2010/03/01 13:29:10 | 000,124,264 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
    PRC - [2010/02/12 10:02:08 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
    PRC - [2010/02/10 17:40:56 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
    PRC - [2010/02/05 14:20:50 | 000,331,512 | ---- | M] (QUALCOMM, Inc.) -- C:\Program Files\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
    PRC - [2010/02/01 03:36:42 | 000,178,200 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
    PRC - [2009/12/11 14:19:02 | 000,337,256 | ---- | M] (Lenovo.) -- C:\Windows\System32\TpShocks.exe
    PRC - [2009/11/23 23:51:20 | 000,176,056 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
    PRC - [2009/11/18 00:04:18 | 000,038,248 | ---- | M] (Lenovo.) -- C:\Windows\System32\ibmpmsvc.exe
    PRC - [2009/11/17 04:06:04 | 000,044,984 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
    PRC - [2009/11/17 00:07:46 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    PRC - [2009/11/16 04:19:38 | 000,062,904 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
    PRC - [2009/11/11 03:33:12 | 000,078,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
    PRC - [2009/11/08 23:48:34 | 000,054,632 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\cammute.exe
    PRC - [2009/11/03 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2009/11/03 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/09/21 17:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    PRC - [2009/09/21 17:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    PRC - [2009/08/26 17:27:02 | 003,089,720 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
    PRC - [2009/08/26 17:02:26 | 001,021,240 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009/07/13 20:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    PRC - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    PRC - [2007/01/04 21:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/12/27 00:33:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\vincebaze\Desktop\OTL.exe
    MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
    MOD - [2009/07/13 20:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
    MOD - [2009/07/13 20:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
    MOD - [2009/07/13 20:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
    MOD - [2009/07/13 20:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
    MOD - [2009/07/13 20:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
    MOD - [2009/07/13 20:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
    MOD - [2009/07/13 20:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
    MOD - [2009/07/13 20:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
    MOD - [2009/07/13 20:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
    MOD - [2009/07/13 20:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/06/25 04:02:21 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2010/06/25 02:42:35 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
    SRV - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2010/03/01 13:29:12 | 000,259,432 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
    SRV - [2010/03/01 13:29:10 | 000,124,264 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
    SRV - [2010/02/10 17:40:56 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
    SRV - [2010/02/05 14:20:50 | 000,331,512 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\Program Files\QUALCOMM\QDLService2k\QDLService2kLenovo.exe -- (QDLService2kLenovo) Qualcomm Gobi 2000 Download Service (Lenovo)
    SRV - [2010/01/05 13:12:00 | 000,075,112 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
    SRV - [2009/11/18 00:04:18 | 000,038,248 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\System32\ibmpmsvc.exe -- (IBMPMSVC)
    SRV - [2009/11/17 04:06:04 | 000,044,984 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
    SRV - [2009/11/16 04:19:38 | 000,062,904 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
    SRV - [2009/11/08 23:48:34 | 000,054,632 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\cammute.exe -- (LENOVO.CAMMUTE)
    SRV - [2009/11/03 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
    SRV - [2009/11/03 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
    SRV - [2009/10/09 14:12:30 | 000,039,976 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\System32\TPHDEXLG.exe -- (TPHDEXLGSVC)
    SRV - [2009/09/21 17:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
    SRV - [2009/09/21 17:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
    SRV - [2009/09/03 23:30:52 | 001,474,560 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
    SRV - [2009/08/26 17:02:26 | 001,021,240 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
    SRV - [2009/07/13 20:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
    SRV - [2009/07/13 20:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
    SRV - [2009/07/13 20:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
    SRV - [2009/07/13 20:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
    SRV - [2009/07/13 20:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
    SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
    SRV - [2009/07/13 20:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
    SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
    SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
    SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
    SRV - [2009/07/13 20:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009/07/13 20:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
    SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009/07/13 20:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
    SRV - [2009/07/13 20:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/07/13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
    SRV - [2009/07/13 20:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
    SRV - [2009/07/13 20:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
    SRV - [2009/07/13 20:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
    SRV - [2009/07/13 20:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
    SRV - [2009/07/13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
    SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
    SRV - [2007/01/04 21:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100724.002\NAVEX15.SYS -- (NAVEX15)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100724.002\NAVENG.SYS -- (NAVENG)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\VINCEB~1\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - [2010/06/26 18:41:26 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys -- (ccHP)
    DRV - [2010/06/25 02:42:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
    DRV - [2010/06/25 02:42:38 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS -- (SYMTDI)
    DRV - [2010/06/25 02:42:38 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS -- (SYMFW)
    DRV - [2010/06/25 02:42:38 | 000,048,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS -- (SYMNDISV)
    DRV - [2010/06/25 02:42:38 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
    DRV - [2010/06/25 02:42:37 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS -- (SymEFA)
    DRV - [2010/06/25 02:42:37 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS -- (SRTSP)
    DRV - [2010/06/25 02:42:37 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
    DRV - [2010/06/24 02:13:30 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
    DRV - [2010/06/04 22:49:16 | 000,344,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100723.001\IDSvix86.sys -- (IDSVix86)
    DRV - [2010/02/08 07:57:16 | 000,186,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - [2010/02/05 12:41:38 | 000,207,360 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\qcusbnetlno2k.sys -- (qcusbnetlno2k) Gobi 2000 USB-NDIS miniport(05C6-9205)
    DRV - [2010/02/05 12:41:38 | 000,106,880 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\qcusbserlno2k.sys -- (qcusbserlno2k) Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205)
    DRV - [2010/02/05 12:41:38 | 000,005,248 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\qcfilterlno2k.sys -- (qcfilterlno2k) Gobi 2000 USB Composite Device Filter Driver(05C6-9205)
    DRV - [2010/02/05 02:49:06 | 000,242,992 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
    DRV - [2010/01/25 03:42:44 | 006,282,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
    DRV - [2010/01/20 16:18:24 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys -- (BHDrvx86)
    DRV - [2010/01/15 14:06:56 | 000,433,176 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
    DRV - [2010/01/07 13:50:08 | 000,232,448 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
    DRV - [2010/01/06 07:32:24 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
    DRV - [2010/01/05 13:12:00 | 000,011,552 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\TPPWR32V.SYS -- (TPPWRIF)
    DRV - [2009/12/11 02:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
    DRV - [2009/12/10 03:33:34 | 002,975,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2009/11/18 00:03:36 | 000,026,608 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
    DRV - [2009/10/09 14:12:02 | 000,120,360 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\Apsx86.sys -- (Shockprf)
    DRV - [2009/10/09 14:10:24 | 000,020,520 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
    DRV - [2009/10/02 05:57:58 | 000,204,288 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
    DRV - [2009/09/16 22:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
    DRV - [2009/09/15 14:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel(R)
    DRV - [2009/07/13 20:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
    DRV - [2009/07/13 20:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
    DRV - [2009/07/13 20:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
    DRV - [2009/07/13 20:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
    DRV - [2009/07/13 20:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
    DRV - [2009/07/13 20:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
    DRV - [2009/07/13 20:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
    DRV - [2009/07/13 20:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
    DRV - [2009/07/13 20:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
    DRV - [2009/07/13 20:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
    DRV - [2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
    DRV - [2009/07/13 20:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
    DRV - [2009/07/13 20:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
    DRV - [2009/07/13 20:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
    DRV - [2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
    DRV - [2009/07/13 20:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
    DRV - [2009/07/13 20:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2009/07/13 20:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
    DRV - [2009/07/13 20:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
    DRV - [2009/07/13 20:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
    DRV - [2009/07/13 20:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
    DRV - [2009/07/13 20:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
    DRV - [2009/07/13 20:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
    DRV - [2009/07/13 20:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
    DRV - [2009/07/13 20:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
    DRV - [2009/07/13 20:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
    DRV - [2009/07/13 20:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
    DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
    DRV - [2009/07/13 20:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
    DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
    DRV - [2009/07/13 20:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
    DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
    DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/07/13 20:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
    DRV - [2009/07/13 20:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
    DRV - [2009/07/13 20:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
    DRV - [2009/07/13 20:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
    DRV - [2009/07/13 20:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
    DRV - [2009/07/13 20:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009/07/13 20:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009/07/13 20:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009/07/13 20:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009/07/13 19:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009/07/13 19:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
    DRV - [2009/07/13 19:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009/07/13 18:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009/07/13 18:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009/07/13 18:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
    DRV - [2009/07/13 18:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
    DRV - [2009/07/13 18:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009/07/13 18:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009/07/13 18:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009/07/13 18:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009/07/13 18:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009/07/13 18:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
    DRV - [2009/07/13 18:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009/07/13 18:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
    DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
    DRV - [2009/07/13 18:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009/07/13 18:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009/07/13 18:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
    DRV - [2009/07/13 18:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
    DRV - [2009/07/13 17:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/13 17:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009/07/13 17:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009/07/13 17:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009/07/13 17:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009/07/13 17:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009/07/13 17:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
    DRV - [2009/07/13 17:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
    DRV - [2009/07/13 17:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
    DRV - [2009/07/13 17:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
    DRV - [2009/07/13 17:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009/07/13 17:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009/07/13 17:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009/07/01 21:16:16 | 000,033,088 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
    DRV - [2009/06/18 12:21:06 | 000,125,568 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\5U877.sys -- (5U877)
    DRV - [2008/05/12 04:04:04 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
    DRV - [2007/04/17 22:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\URLSearchHook: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
    IE - HKLM\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files\TranslatorBar_5\tbTra1.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/06/26 13:04:27 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/26 22:04:25 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin File not found


    O1 HOSTS File: ([2010/12/27 00:04:27 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.4\bh\BabylonToolbar.dll (Babylon BHO)
    O2 - BHO: (TranslatorBar 1.2 Toolbar) - {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
    O2 - BHO: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files\TranslatorBar_5\tbTra1.dll (Conduit Ltd.)
    O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
    O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (TranslatorBar 1.2 Toolbar) - {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.4\BabylonToolbarTlbr.dll (Babylon Ltd.)
    O3 - HKLM\..\Toolbar: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files\TranslatorBar_5\tbTra1.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (TranslatorBar 1.2 Toolbar) - {548F6736-8FE4-4680-82F2-170D6C07E1D2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (TranslatorBar 5 Toolbar) - {B9B97401-98E1-4942-930D-C36652DAB7F2} - C:\Program Files\TranslatorBar_5\tbTra1.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe ()
    O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
    O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.4\BabylonToolbarsrv.exe (Babylon Ltd.)
    O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe ()
    O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe (Microsoft Corp.)
    O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
    O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
    O4 - HKLM..\Run: [TpShocks] C:\Windows\System32\TpShocks.exe (Lenovo.)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found
    NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
    NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

    Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
    Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
    Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)


    ========== Files/Folders - Created Within 30 Days ==========

    [2010/12/27 00:33:44 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\vincebaze\Desktop\OTL.exe
    [2010/12/27 00:06:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2010/12/26 22:42:37 | 000,000,000 | ---D | C] -- C:\Users\vincebaze\AppData\Local\temp
    [2010/12/26 22:30:50 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
    [2010/12/26 22:30:48 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
    [2010/12/26 21:15:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2010/12/26 21:15:19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2010/12/26 21:15:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2010/12/26 21:15:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2010/12/26 21:14:53 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/12/26 18:33:06 | 000,000,000 | ---D | C] -- C:\Users\vincebaze\Desktop\bootkit_remover
    [2010/12/25 18:52:51 | 000,000,000 | ---D | C] -- C:\Users\vincebaze\Desktop\tdsskiller
    [2010/12/25 00:53:21 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\vincebaze\Desktop\TFC.exe
    [2010/12/25 00:53:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/12/25 00:53:10 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/12/25 00:09:53 | 000,000,000 | ---D | C] -- C:\Users\vincebaze\AppData\Roaming\Malwarebytes
    [2010/12/25 00:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/12/25 00:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/12/18 09:38:56 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2010/12/04 07:24:35 | 000,000,000 | ---D | C] -- C:\Users\vincebaze\AppData\Roaming\Mozilla
    [2010/05/04 23:31:37 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

    ========== Files - Modified Within 30 Days ==========

    [2010/12/27 00:33:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\vincebaze\Desktop\OTL.exe
    [2010/12/27 00:29:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1399031874-2588190885-375607663-1003UA.job
    [2010/12/27 00:22:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/12/27 00:04:27 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2010/12/27 00:04:22 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/12/27 00:04:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/12/26 22:51:06 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/12/26 22:51:06 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/12/26 22:48:02 | 000,662,068 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/12/26 22:48:02 | 000,121,224 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/12/26 22:43:34 | 1500,946,432 | -HS- | M] () -- C:\hiberfil.sys
    [2010/12/26 21:13:08 | 003,998,686 | R--- | M] () -- C:\Users\vincebaze\Desktop\ComboFix.exe
    [2010/12/26 11:48:40 | 287,137,194 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010/12/25 15:44:42 | 000,624,128 | ---- | M] () -- C:\Users\vincebaze\Desktop\dds.scr
    [2010/12/25 14:42:32 | 000,080,384 | ---- | M] () -- C:\Users\vincebaze\Desktop\MBRCheck.exe
    [2010/12/25 14:42:14 | 000,296,448 | ---- | M] () -- C:\Users\vincebaze\Desktop\rfu5slyp.exe
    [2010/12/25 12:15:46 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/12/15 21:15:31 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1399031874-2588190885-375607663-1003Core.job
    [2010/12/15 07:29:20 | 000,439,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/12/14 21:30:34 | 000,002,390 | ---- | M] () -- C:\Users\vincebaze\Desktop\Google Chrome.lnk
    [2010/12/10 00:33:30 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\vincebaze\Desktop\TFC.exe
     
    scorpion657,
    #18
  20. 2010/12/26
    scorpion657

    scorpion657 Inactive Thread Starter

    Joined:
    2008/04/03
    Messages:
    78
    Likes Received:
    0
    ========== Files Created - No Company Name ==========

    [2010/12/26 21:15:19 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
    [2010/12/26 21:15:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2010/12/26 21:15:19 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
    [2010/12/26 21:15:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2010/12/26 21:15:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2010/12/26 21:14:18 | 003,998,686 | R--- | C] () -- C:\Users\vincebaze\Desktop\ComboFix.exe
    [2010/12/25 15:47:28 | 000,624,128 | ---- | C] () -- C:\Users\vincebaze\Desktop\dds.scr
    [2010/12/25 14:45:15 | 000,296,448 | ---- | C] () -- C:\Users\vincebaze\Desktop\rfu5slyp.exe
    [2010/12/25 14:45:15 | 000,080,384 | ---- | C] () -- C:\Users\vincebaze\Desktop\MBRCheck.exe
    [2010/12/25 00:53:15 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/12/25 00:38:29 | 287,137,194 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2010/05/04 23:33:58 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
    [2010/05/04 23:31:37 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
    [2010/05/04 23:31:37 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
    [2010/05/04 23:31:11 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
    [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2008/01/15 04:31:00 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx14_ic.ini

    ========== LOP Check ==========

    [2010/10/02 18:04:08 | 000,000,000 | ---D | M] -- C:\Users\vincebaze\AppData\Roaming\GARMIN
    [2010/07/23 06:21:39 | 000,000,000 | ---D | M] -- C:\Users\vincebaze\AppData\Roaming\InterVideo
    [2010/06/25 02:54:37 | 000,000,000 | ---D | M] -- C:\Users\vincebaze\AppData\Roaming\Lenovo
    [2010/09/11 13:57:00 | 000,000,000 | ---D | M] -- C:\Users\vincebaze\AppData\Roaming\TP
    [2010/06/27 16:27:59 | 000,000,000 | ---D | M] -- C:\Users\vincebaze\AppData\Roaming\Update
    [2010/12/25 00:38:54 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
    [2009/07/13 20:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
    [2009/07/21 01:20:38 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
    [2010/12/27 00:07:34 | 000,146,206 | ---- | M] () -- C:\ComboFix.txt
    [2009/06/10 16:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
    [2010/12/26 22:43:34 | 1500,946,432 | -HS- | M] () -- C:\hiberfil.sys
    [2010/12/26 22:43:41 | 2001,264,640 | -HS- | M] () -- C:\pagefile.sys
    [2010/05/04 23:31:10 | 000,002,930 | ---- | M] () -- C:\RHDSetup.log
    [2010/05/04 23:29:08 | 000,000,205 | ---- | M] () -- C:\setup.log
    [2010/08/10 14:33:23 | 000,001,105 | ---- | M] () -- C:\WirelessDiagLog.csv

    < %systemroot%\Fonts\*.com >
    [2009/07/13 23:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
    [2009/07/13 23:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
    [2009/07/13 23:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
    [2009/07/13 23:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2009/06/10 16:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2009/07/13 20:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
    [2009/07/13 20:16:00 | 000,090,624 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\LXKPTPRC.DLL
    [2009/07/13 20:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >
    [2009/07/10 14:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >

    < %PROGRAMFILES%\*.* >
    [2009/07/13 23:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

    < %APPDATA%\Update\*.* >

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2010/06/25 03:26:41 | 000,000,221 | -HS- | M] () -- C:\Users\vincebaze\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

    < %USERPROFILE%\Desktop\*.exe >
    [2010/12/26 21:13:08 | 003,998,686 | R--- | M] () -- C:\Users\vincebaze\Desktop\ComboFix.exe
    [2010/12/25 14:42:32 | 000,080,384 | ---- | M] () -- C:\Users\vincebaze\Desktop\MBRCheck.exe
    [2010/12/27 00:33:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\vincebaze\Desktop\OTL.exe
    [2010/12/25 14:42:14 | 000,296,448 | ---- | M] () -- C:\Users\vincebaze\Desktop\rfu5slyp.exe
    [2010/12/10 00:33:30 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\vincebaze\Desktop\TFC.exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >
    [2009/06/10 16:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\0*.exe >

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2010/08/12 21:00:29 | 000,000,402 | -HS- | M] () -- C:\Users\vincebaze\Favorites\desktop.ini

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >

    < %systemroot%\system32\drivers\*.rmv >

    < dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

    < dir /b "%systemroot%\*.exe" | find /i " " /c >

    < %PROGRAMFILES%\Microsoft\*.* >

    < %systemroot%\System32\Wbem\proquota.exe >

    < %PROGRAMFILES%\Mozilla Firefox\*.dat >

    < %USERPROFILE%\Cookies\*.txt /x >

    < %SystemRoot%\system32\fonts\*.* >

    < %systemroot%\system32\winlog\*.* >

    < %systemroot%\system32\Language\*.* >

    < %systemroot%\system32\Settings\*.* >

    < %systemroot%\system32\*.quo >

    < %SYSTEMROOT%\AppPatch\*.exe >

    < %SYSTEMROOT%\inf\*.exe >

    < %SYSTEMROOT%\Installer\*.exe >

    < %systemroot%\system32\config\*.bak2 >

    < %systemroot%\system32\Computers\*.* >

    < %SystemRoot%\system32\Sound\*.* >

    < %SystemRoot%\system32\SpecialImg\*.* >

    < %SystemRoot%\system32\code\*.* >

    < %SystemRoot%\system32\draft\*.* >

    < %SystemRoot%\system32\MSSSys\*.* >

    < %ProgramFiles%\Javascript\*.* >

    < %systemroot%\pchealth\helpctr\System\*.exe /s >

    < %systemroot%\Web\*.exe >

    < %systemroot%\system32\msn\*.* >

    < %systemroot%\system32\*.tro >

    < %AppData%\Microsoft\Installer\msupdates\*.* >

    < %ProgramFiles%\Messenger\*.* >

    < %systemroot%\system32\systhem32\*.* >

    < %systemroot%\system\*.exe >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


    < End of report >


    The Extra Log:

    OTL Extras logfile created on: 12/27/2010 12:34:33 AM - Run 1
    OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\vincebaze\Desktop
    An unknown product (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
    4.00 Gb Paging File | 3.00 Gb Available in Paging File | 68.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 221.95 Gb Total Space | 184.19 Gb Free Space | 82.99% Space Free | Partition Type: NTFS
    Drive Q: | 9.77 Gb Total Space | 3.56 Gb Free Space | 36.45% Space Free | Partition Type: NTFS
    Drive S: | 1.17 Gb Total Space | 0.52 Gb Free Space | 44.68% Space Free | Partition Type: NTFS

    Computer Name: VINCEBAZE-THINK | User Name: vincebaze | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1 ",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1 "
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
    "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
    "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
    "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
    "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{18554B3F-46EA-40A9-B4EA-7EEE83C0559D}" = Client Security - Password Manager
    "{1F8DA253-3C27-4B01-A63A-BA3533120833}" = Microsoft Research AutoCollage Touch 2009
    "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
    "{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
    "{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
    "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 22
    "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
    "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3C79DC59-6099-323B-B27B-90B45542B270}" = Google Talk Plugin
    "{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
    "{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
    "{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7
    "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
    "{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
    "{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
    "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{66468F4D-BC4E-470C-9093-B3B6A1BB378C}" = MSN Toolbar Platform
    "{67880EA3-63C2-4143-88F4-51A21B516CBE}" = e-Sword
    "{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
    "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
    "{8C7750D1-ADE6-4DAD-A54E-871EB2ABFE98}" = ThinkVantage GPS
    "{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
    "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}" = Integrated Camera TWAIN
    "{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5
    "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
    "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
    "{B383F243-0ABC-4E56-AA30-923B8D85076E}" = Rescue and Recovery
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
    "{C3CD17B4-08B0-492D-8A4C-81716D33E520}" = Integrated Camera Driver Installer Package Ver.1.0.1.2
    "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
    "{C64A877E-DF8D-4017-AA82-000A77C6D809}" = Verizon Wireless Mobile Broadband Self Activation
    "{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
    "{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi Software
    "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
    "{D81486A1-2371-4059-AC70-1AB894AC96E6}" = AT&T Service Activation
    "{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Power Manager
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
    "{E853D04F-8E25-4C68-808D-BFC46749E1B1}" = Qualcomm Gobi 2000 Package for Lenovo
    "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
    "{F4BD11FE-8C8E-4FB8-826E-D3FDBF1CF037}" = Mobile Broadband Connect
    "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
    "{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
    "{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
    "{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
    "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
    "114EB224AD576F278686036AA9E1EFB7847E3935" = Windows Driver Package - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4)
    "1AE98C75AE2DD1284F66876FA76F46BFDF6B9D31" = Windows Driver Package - Intel hdc (06/04/2009 7.0.0.1013)
    "573C3C32A1DB5625CA00E633E584E8A0E6383672" = Windows Driver Package - Intel System (10/28/2009 9.1.1.1022)
    "8FDD0907BD7A0861A870642D396A3C19551E9B73" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (12/10/2009 6.0.1.6000)
    "A7B0B8D913E4DC2FA0B31E392E1512A901CA66B9" = Windows Driver Package - Intel USB (08/20/2009 9.1.1.1020)
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "BabylonToolbar" = MyBabylon toolbar
    "Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
    "D94DFF1289C7A7BEBA126E4CDADE0E85B99E60F1" = Windows Driver Package - Intel System (10/28/2009 9.1.1.1022)
    "E7B58217635B8F723D4744A328A4B3237DB35FA9" = Windows Driver Package - Intel System (06/04/2009 1.0.0.0002)
    "EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
    "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
    "InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition
    "InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition
    "InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
    "Lenovo Welcome_is1" = Lenovo Welcome
    "LENOVO.SMIIF" = Lenovo System Interface Driver
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft SQL Server 2005" = Microsoft SQL Server 2005
    "NIS" = Norton Internet Security
    "OnScreenDisplay" = On Screen Display
    "Power Management Driver" = ThinkPad Power Management Driver
    "PROHYBRIDR" = 2007 Microsoft Office system
    "ProInst" = Intel PROSet Wireless
    "SynTPDeinstKey" = ThinkPad UltraNav Driver
    "TranslatorBar_1.2 Toolbar" = TranslatorBar 1.2 Toolbar
    "TranslatorBar_5 Toolbar" = TranslatorBar 5 Toolbar
    "TVWiz" = Intel(R) TV Wizard
    "W7DevOR" = Registry Patch to arrange icons in Device and Printers folder of Windows 7
    "WinLiveSuite_Wave3" = Windows Live Essentials

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 12/18/2010 4:05:20 AM | Computer Name = vincebaze-THINK | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 12/18/2010 4:05:20 AM | Computer Name = vincebaze-THINK | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 3058

    Error - 12/18/2010 4:05:20 AM | Computer Name = vincebaze-THINK | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 3058

    Error - 12/18/2010 4:05:21 AM | Computer Name = vincebaze-THINK | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 12/18/2010 4:05:21 AM | Computer Name = vincebaze-THINK | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 4119

    Error - 12/18/2010 4:05:21 AM | Computer Name = vincebaze-THINK | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 4119

    Error - 12/18/2010 10:00:23 AM | Computer Name = vincebaze-THINK | Source = PC-Doctor | ID = 1
    Description =

    Error - 12/18/2010 10:00:24 AM | Computer Name = vincebaze-THINK | Source = PC-Doctor | ID = 1
    Description =

    Error - 12/18/2010 10:00:24 AM | Computer Name = vincebaze-THINK | Source = PC-Doctor | ID = 1
    Description =

    Error - 12/18/2010 10:00:32 AM | Computer Name = vincebaze-THINK | Source = PC-Doctor | ID = 1
    Description =

    [ Lenovo-Message Center Plus/Admin Events ]
    Error - 6/27/2010 1:18:10 AM | Computer Name = vincebaze-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 4
    Description = The file C:\ProgramData\Lenovo\MessageCenterPlus\ServerRepository\temp\SeedDB.cab
    does not have a Lenovo Digital Signature. The file will be deleted

    Error - 6/27/2010 1:18:10 AM | Computer Name = vincebaze-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 4
    Description = The Msg SeedDB could not be decompressed

    [ Media Center Events ]
    Error - 12/14/2010 10:32:54 PM | Computer Name = vincebaze-THINK | Source = MCUpdate | ID = 0
    Description = 9:32:54 PM - Failed to retrieve MCEClientUX (Error: Unable to connect
    to the remote server)

    Error - 12/14/2010 10:33:50 PM | Computer Name = vincebaze-THINK | Source = MCUpdate | ID = 0
    Description = 9:33:47 PM - Failed to retrieve Broadband (Error: The underlying connection
    was closed: An unexpected error occurred on a receive.)

    Error - 12/25/2010 1:37:22 PM | Computer Name = vincebaze-THINK | Source = MCUpdate | ID = 0
    Description = 12:37:06 PM - Error connecting to the internet. 12:37:06 PM - Unable
    to contact server..

    [ System Events ]
    Error - 11/26/2010 10:16:45 AM | Computer Name = vincebaze-THINK | Source = Service Control Manager | ID = 7011
    Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
    response from the Netman service.

    Error - 11/27/2010 1:30:19 PM | Computer Name = vincebaze-THINK | Source = Service Control Manager | ID = 7011
    Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
    response from the wlidsvc service.

    Error - 12/2/2010 8:12:20 AM | Computer Name = vincebaze-THINK | Source = Microsoft-Windows-Application-Experience | ID = 205
    Description = The Program Compatibility Assistant service failed to perform the
    phase two initialization.

    Error - 12/3/2010 4:36:20 PM | Computer Name = vincebaze-THINK | Source = ACPI | ID = 327693
    Description = : The embedded controller (EC) did not respond within the specified
    timeout period. This may indicate that there is an error in the EC hardware or
    firmware or that the BIOS is accessing the EC incorrectly. You should check with
    your computer manufacturer for an upgraded BIOS. In some situations, this error
    may cause the computer to function incorrectly.

    Error - 12/9/2010 7:17:23 PM | Computer Name = vincebaze-THINK | Source = ACPI | ID = 327693
    Description = : The embedded controller (EC) did not respond within the specified
    timeout period. This may indicate that there is an error in the EC hardware or
    firmware or that the BIOS is accessing the EC incorrectly. You should check with
    your computer manufacturer for an upgraded BIOS. In some situations, this error
    may cause the computer to function incorrectly.

    Error - 12/11/2010 8:29:38 AM | Computer Name = vincebaze-THINK | Source = Microsoft-Windows-Application-Experience | ID = 205
    Description = The Program Compatibility Assistant service failed to perform the
    phase two initialization.

    Error - 12/11/2010 8:29:43 AM | Computer Name = vincebaze-THINK | Source = ACPI | ID = 327693
    Description = : The embedded controller (EC) did not respond within the specified
    timeout period. This may indicate that there is an error in the EC hardware or
    firmware or that the BIOS is accessing the EC incorrectly. You should check with
    your computer manufacturer for an upgraded BIOS. In some situations, this error
    may cause the computer to function incorrectly.

    Error - 12/13/2010 7:39:27 AM | Computer Name = vincebaze-THINK | Source = ACPI | ID = 327693
    Description = : The embedded controller (EC) did not respond within the specified
    timeout period. This may indicate that there is an error in the EC hardware or
    firmware or that the BIOS is accessing the EC incorrectly. You should check with
    your computer manufacturer for an upgraded BIOS. In some situations, this error
    may cause the computer to function incorrectly.

    Error - 12/15/2010 8:31:45 AM | Computer Name = vincebaze-THINK | Source = ACPI | ID = 327693
    Description = : The embedded controller (EC) did not respond within the specified
    timeout period. This may indicate that there is an error in the EC hardware or
    firmware or that the BIOS is accessing the EC incorrectly. You should check with
    your computer manufacturer for an upgraded BIOS. In some situations, this error
    may cause the computer to function incorrectly.

    Error - 12/16/2010 1:13:59 PM | Computer Name = vincebaze-THINK | Source = ACPI | ID = 327693
    Description = : The embedded controller (EC) did not respond within the specified
    timeout period. This may indicate that there is an error in the EC hardware or
    firmware or that the BIOS is accessing the EC incorrectly. You should check with
    your computer manufacturer for an upgraded BIOS. In some situations, this error
    may cause the computer to function incorrectly.


    < End of report >
     
    scorpion657,
    #19
  21. 2010/12/27
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Good news :)

    Update your Java version here: http://www.java.com/en/download/installed.jsp

    Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

    Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

    Now, we need to remove old Java version and its remnants...

    Download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.

    ================================================================

    Run OTL
    • Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following

      Code:
      :OTL
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/...nAxControl.CAB (Reg Error: Key error.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found


:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
    • Then click the [color= "#FF0000"]Run Fix[/color] button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.

    ==============================================================

    Last scans....

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

      NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


    2. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    3. Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • IMPORTANT! UN-check Remove found threats
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push List of found threats
    • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • NOTE. If Eset won't find any threats, it won't produce any log.
     
    broni,
    #20
Page 1 of 2

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...