Solved Symantec AntiVirus gets terminated

[Resolved] Symantec AntiVirus gets terminated

I have had Symantec AntiVirus disabled all by itself from time to time. Lately, the following error message keeps popping up on bootup and then keeps recurring:

"Microsoft Visual C++ Runtime Library
Runtime Error!
Program: ...\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. "

I suspect there is a trojan or backdoor problem, but scanning with Symantec, Sophos Detection Tool and Portable Kaspersky did not locate the problem.

The version of Symantec AntiVirus I have is 10.1.5.5000.

Here are the two DDS logs:


DDS (Ver_09-03-16.01) - NTFSx86
Run by hchan at 22:53:42.76 on Thu 16/04/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.64.1033.18.3062.1410 [GMT 12:00]

AV: Sophos Anti-Virus *On-access scanning disabled* (Outdated)
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)
FW: Symantec Client Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\C4ebreg\c4ebreg.exe
c:\sdwork\issimsvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\notes\ntmulti.exe
C:\Program Files\AT&T Network Client\NetCfgSv.EXE
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe
c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI\_jvm\jre\bin\java.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\WINDOWS\WRTService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe
C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.3.14\pmonmh.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
c:\program files\lenovo\system update\suservice.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\Program Files\C4ebreg\isamtray.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\Client Security Solution\password_manager.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Xdrive\Xdrive Desktop\XdriveTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\filehippo.com\UpdateChecker.exe
C:\Program Files\Gizmo5\Gizmo5.exe
C:\PROGRA~1\THEWEA~1\Desktop\DesktopWeather.exe
C:\PROGRA~1\HONGKO~1\E-CERT~1\tnctray.exe
C:\Program Files\Hongkong Post e-Cert\e-Cert Control Manager\tncservice.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\IBM\Infoprint Select\ipnotify.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BtStackServer.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe
C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
C:\Program Files\IBM\Rational Portfolio Manager\RPMITray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\BOINC\boinc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\BOINC\projects\www.worldcommunitygrid.org\wcg_hpf2_rosetta_6.03_windows_intelx86
C:\Program Files\BOINC\projects\www.worldcommunitygrid.org\wcg_hpf2_rosetta_6.03_windows_intelx86
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.1.2.200802132253\win32\x86\eclipse.exe
C:\notes\framework\rcp\eclipse\plugins\com.ibm.rcp.j2se.win32.x86_1.5.0.SR6-200802132253\jre\bin\notes2w.exe
C:\notes\nlnotes.exe
C:\notes\ntaskldr.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Symantec Client Security\Symantec AntiVirus\vpc32.exe
C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\hchan\My Documents\My Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://w3-3.ibm.com/tools/print/index.html
uInternet Settings,ProxyOverride = w3-501.ibm.com;w3-113.ibm.com;w3-602.ibm.com;w3-603.ibm.com;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://nz.search.yahoo.com/search?fr=mcafee&p=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\siteadvisor\mcieplg.dll
BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: TBSB07827 Class: {f8decfd3-b735-46dd-aff9-d2d5f06fdc52} - c:\program files\ibm\practitioner portal toolbar\gbsppietoolbar.dll
BHO: TBSB06727 Class: {fc699089-a075-4787-affd-43c027f2f468} - c:\program files\ibm\smallbluetools\smallblue ie toolbar\smallblue.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\siteadvisor\mcieplg.dll
TB: SmallBlue IE Toolbar: {b7d3e479-cc68-42b5-a338-938ece35f419} - c:\program files\ibm\smallbluetools\smallblue ie toolbar\smallblue.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Practitioner Portal Toolbar: {e7128daa-707c-4552-af47-906d4c610549} - c:\program files\ibm\practitioner portal toolbar\gbsppietoolbar.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [NetSP - restore settings on power failure] "c:\program files\at&t network client\NetSP.exe" -show
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [FreeRAM XP] "c:\program files\yourware solutions\freeram xp pro\FreeRAM XP Pro.exe" -win
uRun: [VoipStunt] "c:\program files\voipstunt.com\voipstunt\VoipStunt.exe" -nosplash -minimized
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [XdriveTrayIcon] "c:\program files\xdrive\xdrive desktop\XdriveTray.exe "
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [filehippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /background
uRun: [Gizmo5] "c:\program files\gizmo5\Gizmo5.exe "
uRun: [DW6] "c:\progra~1\thewea~1\desktop\DesktopWeather.exe "
uRun: [PMCRemote]
uRun: [e-Cert Control Manager 2.x] "c:\progra~1\hongko~1\e-cert~1\tnctray.exe "
uRun: [PMCLoader] c:\program files\pinnacle\tvcenter pro\PMCLoader.exe -checktasks
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
mRun: [C4EBReg] "c:\program files\c4ebreg\c4ebreg.exe" /q
mRun: [ISSI EZUpdate Service] "c:\sdwork\issimsvc.exe "
mRun: [MyHelpService] "c:\program files\ibm\my help\workspace\service\delayStart.exe "
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe "
mRun: [vptray] c:\progra~1\symant~2\symant~2\VPTray.exe
mRun: [pmonmh] c:\program files\ibm\my help\workspace\..\plugins\com.ibm.myhelp.common_1.3.14/pmonmh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [TPFNF7] c:\progra~1\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE
mRun: [ASM] "c:\program files\aol\active security monitor\ASMonitor.exe" HIDEMAIN
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [TPKBDLED] c:\windows\system32\TpScrLk.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [BLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog
mRun: [TpShocks] TpShocks.exe
mRun: [TP4EX] tp4ex.exe
mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [stgclean] c:\sdwork\w32main2.exe /cleanup
mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent
mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe
mRun: [Domino.Doc Install] c:\lotus\dominodoc\domdoc.exe -install
mRun: [Isamtray] "c:\program files\c4ebreg\isamtray.exe "
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [TMRUBottedTray] "c:\program files\trend micro\rubotted\TMRUBottedTray.exe "
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRunOnce: [DLFiles] c:\progra~1\ibm\checker\dlfiles.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [Nokia.PCSync] "c:\program files\nokia\nokia pc suite 6\PcSync2.exe" /NoDialog
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\hchan\startm~1\programs\startup\secunia psi.lnk - c:\program files\secunia\psi\psi.exe
StartupFolder: c:\docume~1\hchan\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\hchan\startm~1\programs\startup\trillian.lnk - c:\program files\trillian\trillian.exe
StartupFolder: c:\docume~1\hchan\startm~1\programs\startup\worldc~1.lnk - c:\program files\boinc\boincmgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoupdate monitor.lnk - c:\program files\sophos\autoupdate\ALMon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bluetooth.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\infopr~1.lnk - c:\program files\ibm\infoprint select\ipnotify.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\lotusq~1.lnk - c:\lotus\wordpro\ltsstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pinnacle streaming server.lnk - c:\program files\pinnacle\shared files\programs\strmserver\StrmServer.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\rational portfolio manager tray.lnk - c:\windows\installer\{42232dee-49b1-4fcc-872f-6cc60eccb3cc}

\Icon3FF0EB502.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\windows search.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-explorer: NoDevMgrUpdate = 1 (0x1)
IE: Save to &Xdrive - c:\program files\xdrive\xdrive desktop\xdrive.exe/std.html
IE: Send to &Bluetooth Device... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {B7D3E479-CC68-42B5-A338-938ECE35F419} - {B7D3E479-CC68-42B5-A338-938ECE35F419} - c:\program files\ibm\smallbluetools\smallblue ie toolbar\smallblue.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
LSP: bmnet.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
DPF: {1ACECAFE-0015-0000-0000-ABCDEFFEDCBA}
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {2DAD3559-2923-4935-AD49-B673D2539944} - hxxp://www-307.ibm.com/pc/support/acpir.cab
DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B}
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
DPF: {6E4BBF28-5199-4E64-9291-94D1334CA919} - hxxps://www.snapper.co.nz/global/plugin/install/snapper.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9519B2A2-6592-4E41-8290-D0298459270C}
DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD}
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://
DPF: {CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
TCP: interfaces = 9.185.94.240,9.185.94.242
TCP: {B3E8D653-A56F-4E96-9947-74A0F47A2661} = 9.191.25.55,9.191.25.53
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\siteadvisor\McIEPlg.dll
Notify: ACNotify - ACNotify.dll
Notify: igfxcui - igfxdev.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: tpfnf2 - c:\program files\lenovo\hotkey\notifyf2.dll
Notify: tphotkey - c:\program files\lenovo\hotkey\tphklock.dll
AppInit_DLLs: c:\progra~1\google\google~2\goec62~1.dll c:\progra~1\google\google~2\GoogleDesktopNetwork3.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli ACGina

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hchan\applic~1\mozilla\firefox\profiles\ag3kwhyz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.auctioncity.co.nz/cat.asp?cat=5|http://virtualrugby.jimungo.com/members/PicksConfirm.aspx?

Round=8|http://virtualnetball.jimungo.com/members/PicksConfirm.aspx?

Round=1|http://static.tab.co.nz/content/pdf...php|http://webmail.vodafone.co.nz/vfwebmail/?

_task=mail&_mbox=INBOX&_refresh=1|http://mail.live.com/default.aspx?w...landspurg.net/index.html|http://www.afischer-

online.de/|http://www.nanika.net/Metro/|http:/...w.linz.govt.nz/topography/aerial-images/nztm-

geo/index.aspx|http://www.maps-gps-info.com/fgpfw....morse.org/jcal/latlon.php|http://www.movable-

type.co.uk/scripts/latlong.html|http://www.linz.govt.nz/geodetic/geodetic-database/search/index.aspx?

mode=&sessionid=71996644154521236753928&code=1207|http://www.geocaching.com/seek/nearest.aspx?lat=-

41.235662&lng=174.797234&f=1|http://maps.google.com/maps|http://...hl=en&client=firefox-a&rls=org.mozilla:en-US%

3Aofficial&hs=tO5&q=NZAU+runway+Waiouru&btnG=Search&meta=|http://www.photius.com/flags/horizontal_red_white_blue_stripes.html|http://www.google.co.nz/search?

hl=en&client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&hs=b6E&q=Magnetic+North+Grid+North+True+North&btnG=Search&meta=cr%

3DcountryNZ|http://geocheck.org/geo_myAccount.p...pport/site.wss/document.do?lndocid=MIGR-42487
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\hchan\application data\mozilla\firefox\profiles\ag3kwhyz.default\extensions\ibm-cck@firefox-extensions.ibm.com\platform\winnt_x86-

msvc\plugins\npaddtonab.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\ibm\java50\jre\bin\NPJava11.dll
FF - plugin: c:\program files\ibm\java50\jre\bin\NPJava12.dll
FF - plugin: c:\program files\ibm\java50\jre\bin\NPJava13.dll
FF - plugin: c:\program files\ibm\java50\jre\bin\NPJava14.dll
FF - plugin: c:\program files\ibm\java50\jre\bin\NPJava32.dll
FF - plugin: c:\program files\ibm\java50\jre\bin\NPJPI150.dll
FF - plugin: c:\program files\ibm\java50\jre\bin\NPOJI610.dll
FF - plugin: c:\program files\ibm\java50\jre\bin\npwebscl.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npcpsweb.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 Shockprf;Shockprf;c:\windows\system32\drivers\ApsX86.sys [2008-5-14 114728]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2008-5-14 19496]
R0 ZetSFD;ZetSFD;c:\windows\system32\drivers\ZetSFD.sys [2007-9-19 12800]
R1 ANC;ANC;c:\windows\system32\drivers\ANC.sys [2007-5-1 11520]
R1 IBMTPCHK;IBMTPCHK;c:\windows\system32\drivers\IBMBLDID.sys [2007-5-1 4224]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-4-24 81688]
R1 SAVOnAccessControl;SAVOnAccessControl;c:\windows\system32\drivers\savonaccesscontrol.sys [2009-4-15 104704]
R1 SAVOnAccessFilter;SAVOnAccessFilter;c:\windows\system32\drivers\savonaccessfilter.sys [2009-4-15 35584]
R1 SAVRT;SAVRT;c:\program files\symantec client security\symantec antivirus\savrt.sys [2006-9-6 337592]
R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec client security\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\TPPWRIF.SYS [2007-1-17 4442]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2007-12-5 46144]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 agnwifi;AT&T Wi-Fi Support Driver;c:\windows\system32\drivers\agnwifi.sys [2004-4-29 19328]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-7-19 192160]
R2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\ccProxy.exe [2006-7-19 202400]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-7-19 169632]
R2 DCDClient-ISSI;IBM DCD Standard Client (DCDClient-ISSI);c:\program files\ibm\tivoli\dcd\client\issi\cds\CDSWinSrv.exe [2008-9-17 53248]
R2 ISAMSvc;IBM Standard Asset Manager Service;c:\program files\c4ebreg\c4ebreg.exe [2009-3-21 417008]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-1-3 210216]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2008-8-4 53248]
R2 RUBotted;Trend Micro RUBotted Service;c:\program files\trend micro\rubotted\TMRUBotted.exe [2009-4-9 582992]
R2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files\sophos\sophos anti-virus\SAVAdminService.exe [2008-12-9 69632]
R2 SavRoam;SAVRoam;c:\program files\symantec client security\symantec antivirus\SavRoam.exe [2006-9-27 116464]
R2 SAVService;Sophos Anti-Virus;c:\program files\sophos\sophos anti-virus\SavService.exe [2008-12-9 98304]
R2 SFSZ;DataPlow SFS for Zetera Storage Devices;c:\windows\system32\drivers\sfsz.sys [2007-9-19 345984]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;c:\program files\sophos\autoupdate\ALsvc.exe [2008-6-26 172032]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec client security\symantec antivirus\Rtvscan.exe [2006-9-27 1813232]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-12-5 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\lenovo\rescue and recovery\UpdateMonitor.exe [2007-12-5 260672]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R2 WRTService;WRT Service;c:\windows\WRTService.exe [2007-9-5 122880]
R2 Z-SANService;Z-SAN Service;c:\program files\netgear\netgear storage central manager utility\Z-SANService.exe [2007-9-19 376891]
R3 agnfilt;AGN Filter Interface;c:\windows\system32\drivers\agnfilt.sys [2006-5-19 180864]
R3 e-Cert Control Manager;e-Cert Control Manager;c:\program files\hongkong post e-cert\e-cert control manager\TNCService.exe [2007-9-5 250776]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-3-19 101936]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090414.020\naveng.sys [2009-4-15 89104]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090414.020\navex15.sys [2009-4-15 876144]
R3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [2007-9-5 16384]
R3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\pelusblf.sys [2007-9-5 9216]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-3-24 7808]
R3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\TMPassthru.sys [2009-4-9 206608]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2006-9-13 37312]
R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [2007-5-1 57344]
R3 ZetBus;Zetera Virtual Bus;c:\windows\system32\drivers\ZetBus.sys [2007-9-19 15488]
R3 ZetMPD;ZetMPD;c:\windows\system32\drivers\ZetMPD.sys [2007-9-19 5120]
S2 MyHelp;My Help;c:\program files\ibm\my help\plugins\com.ibm.myhelp.installer\service\myhelpservice.exe --> c:\program files\ibm\my

help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe [?]
S3 ABVPN2K;Net Firewall Miniport Interface;c:\windows\system32\drivers\abvpn2k.sys [2007-1-17 164224]
S3 avpnnic;AGN Virtual Network Adapter;c:\windows\system32\drivers\avpnnic.sys [2007-1-17 13952]
S3 BTUSBFLT;WIDCOMM Bluetooth USB Filter Driver;\??\c:\windows\system32\drivers\btusbflt.sys --> c:\windows\system32\drivers\btusbflt.sys [?]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-9-10 30192]
S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\drivers\modrc.sys [2008-8-11 13824]
S3 RFNTR;Nexgtelecom SC Generic USB Smartcard Reader;c:\windows\system32\drivers\ntr100.sys [2008-8-9 16640]
S3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\drivers\TMPassthru.sys [2009-4-9 206608]
S4 SophosBootDriver;SophosBootDriver;c:\windows\system32\drivers\SophosBootDriver.sys [2009-4-15 14976]

=============== Created Last 30 ================

2009-04-16 16:19 <DIR> --d----- c:\docume~1\hchan\applic~1\smkits
2009-04-16 15:59 225,696 a------- c:\windows\system32\drivers\SynTP.sys
2009-04-16 15:59 147,456 a------- c:\windows\system32\SynTPAPI.dll
2009-04-16 15:59 110,592 a------- c:\windows\system32\SynTPCo4.dll
2009-04-16 15:59 200,704 a------- c:\windows\system32\SynCtrl.dll
2009-04-16 15:59 163,840 a------- c:\windows\system32\SynCOM.dll
2009-04-16 15:59 <DIR> --d----- c:\program files\Synaptics
2009-04-15 21:04 130,088 a---h--- c:\windows\system32\59012b00.stf
2009-04-15 21:04 130,088 a------- c:\windows\system32\sdccoinstaller.dll
2009-04-15 21:03 <DIR> --d----- c:\program files\common files\Cisco Systems
2009-04-15 21:03 23,552 a------- c:\windows\system32\SophosBootTasks.exe
2009-04-15 21:03 <DIR> --d----- c:\program files\Sophos
2009-04-15 21:03 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Sophos
2009-04-15 21:01 104,704 a------- c:\windows\system32\drivers\savonaccesscontrol.sys
2009-04-15 21:01 35,584 a------- c:\windows\system32\drivers\savonaccessfilter.sys
2009-04-15 21:01 14,976 a------- c:\windows\system32\drivers\SophosBootDriver.sys
2009-04-15 21:01 <DIR> --d----- C:\stdtsa
2009-04-15 17:43 284,160 -c------ c:\windows\system32\dllcache\pdh.dll
2009-04-15 17:43 729,088 -c------ c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 17:43 473,600 -c------ c:\windows\system32\dllcache\fastprox.dll
2009-04-15 17:43 453,120 -c------ c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 17:43 401,408 -c------ c:\windows\system32\dllcache\rpcss.dll
2009-04-15 17:43 227,840 -c------ c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 17:43 110,592 -c------ c:\windows\system32\dllcache\services.exe
2009-04-15 17:43 714,752 -c------ c:\windows\system32\dllcache\ntdll.dll
2009-04-15 17:43 617,472 -c------ c:\windows\system32\dllcache\advapi32.dll
2009-04-15 17:37 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-04-15 10:56 91,304 a------- c:\windows\system32\drivers\btserial.sys
2009-04-15 10:56 91,176 a------- c:\windows\system32\drivers\btwsecfl.sys
2009-04-15 10:56 57,384 a------- c:\windows\system32\drivers\btwhid.sys
2009-04-15 10:56 37,032 a------- c:\windows\system32\drivers\btwmodem.sys
2009-04-14 18:27 664 a------- c:\windows\system32\d3d9caps.dat
2009-04-14 13:51 <DIR> --d----- C:\sdwork
2009-04-09 12:51 <DIR> --d----- c:\program files\EsetOnlineScanner
2009-04-09 11:15 206,608 a------- c:\windows\system32\drivers\TMPassthru.sys
2009-04-09 11:15 <DIR> --d----- c:\program files\Trend Micro
2009-04-08 22:40 138,384 a------- c:\windows\system32\drivers\tmcomm.sys
2009-04-08 22:38 <DIR> --d----- c:\docume~1\hchan\applic~1\HouseCall 6.6
2009-04-08 15:22 <DIR> --d----- c:\documents and settings\hchan\.housecall6.6
2009-03-30 08:27 <DIR> --d----- c:\program files\Windows Installer Clean Up
2009-03-25 08:44 <DIR> --d----- c:\program files\iPod
2009-03-25 08:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-25 08:44 <DIR> --d----- c:\program files\iTunes
2009-03-25 08:02 <DIR> --d----- c:\program files\Secunia
2009-03-24 23:03 7,808 a------- c:\windows\system32\drivers\psi_mf.sys
2009-03-22 02:06 989,696 -c------ c:\windows\system32\dllcache\kernel32.dll
2009-03-18 09:42 <DIR> --d----- C:\attchtmp

==================== Find3M ====================

2009-03-21 07:26 64,752 ac------ c:\windows\isamunin.exe
2009-03-09 04:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-07 02:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-03 12:18 826,368 a------- c:\windows\system32\wininet.dll
2009-02-21 06:09 78,336 a------- c:\windows\system32\ieencode.dll
2009-02-16 10:32 1,052,716 a------- c:\windows\system32\btrez.dll
2009-02-16 10:32 156,816 a------- c:\windows\system32\drivers\btwdndis.sys
2009-02-16 10:32 47,272 a------- c:\windows\system32\drivers\btwusb.sys
2009-02-16 10:32 37,160 a------- c:\windows\system32\drivers\btport.sys
2009-02-16 10:32 991,784 a------- c:\windows\system32\drivers\btkrnl.sys
2009-02-16 10:32 534,568 a------- c:\windows\system32\drivers\btaudio.sys
2009-02-13 11:13 59,644 a---h--- c:\windows\system32\mlfcache.dat
2009-02-10 11:02 31,328 a------- c:\windows\BtwIEProxy.exe
2009-02-10 00:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-10 00:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-10 00:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-10 00:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 23:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-09 17:48 2,854,976 a------- c:\windows\system32\btwicons.dll
2009-02-09 17:47 94,273 a------- c:\windows\system32\BtMmHook.dll
2009-02-09 17:47 176,206 a------- c:\windows\system32\BtWiaExt.dll
2009-02-09 17:43 233,472 a------- c:\windows\system32\btwhidcs.dll
2009-02-09 17:42 1,802,305 a------- c:\windows\system32\BtWizard.dll
2009-02-09 17:42 991,309 a------- c:\windows\system32\BTNeighborhood.dll
2009-02-09 17:40 204,859 a------- c:\windows\system32\btsec.dll
2009-02-09 17:40 430,139 a------- c:\windows\system32\btcss.dll
2009-02-09 17:39 167,986 a------- c:\windows\system32\btsendto_ie.dll
2009-02-09 17:39 274,486 a------- c:\windows\system32\btsendto_office.dll
2009-02-09 17:39 155,699 a------- c:\windows\system32\btsendto_wab.dll
2009-02-09 17:38 139,317 a------- c:\windows\system32\btsendto_notes.dll
2009-02-09 17:38 147,456 a------- c:\windows\system32\btosif_olx.dll
2009-02-09 17:37 323,632 a------- c:\windows\system32\btosif_ol.dll
2009-02-09 17:37 311,347 a------- c:\windows\system32\btosif_notes.dll
2009-02-09 17:37 77,824 a------- c:\windows\system32\btprn2k.dll
2009-02-09 17:37 122,880 a------- c:\windows\system32\bthcrpui.dll
2009-02-09 17:36 106,496 a------- c:\windows\system32\bthcrp.dll
2009-02-09 17:36 159,791 a------- c:\windows\system32\btwpimif.dll
2009-02-09 17:36 720,944 a------- c:\windows\system32\BTChooser.dll
2009-02-09 17:36 327,727 a------- c:\windows\system32\btsendto.dll
2009-02-09 17:35 213,037 a------- c:\windows\system32\btosif.dll
2009-02-09 17:35 122,880 a------- c:\windows\system32\btbigbmp.dll
2009-02-09 17:35 106,496 a------- c:\windows\system32\BTXPPanel.dll
2009-02-09 17:35 24,576 a------- c:\windows\system32\BtXpShell.dll
2009-02-09 17:34 86,091 a------- c:\windows\system32\BtAudioHelper.dll
2009-02-09 17:31 122,945 a------- c:\windows\system32\bt2k_ins.dll
2009-02-09 17:31 49,211 a------- c:\windows\system32\btdev.dll
2009-02-09 17:30 532,539 a------- c:\windows\system32\btins.dll
2009-02-09 17:29 94,208 a------- c:\windows\system32\btrezxp.dll
2009-02-09 17:29 49,152 a------- c:\windows\system32\BTNCopy.dll
2009-02-09 17:24 278,572 a------- c:\windows\system32\btbip.dll
2009-02-09 17:24 577,536 a------- c:\windows\system32\WidcommSdk.dll
2009-02-09 17:23 512,061 a------- c:\windows\system32\wbtapi.dll
2009-02-06 23:11 110,592 a------- c:\windows\system32\services.exe
2009-02-06 23:06 2,145,280 a------- c:\windows\system32\ntoskrnl.exe
2009-02-06 22:39 35,328 a------- c:\windows\system32\sc.exe
2009-02-06 22:32 2,023,936 a------- c:\windows\system32\ntkrnlpa.exe
2009-02-04 07:59 56,832 a------- c:\windows\system32\secur32.dll
2008-04-01 15:41 389,120 ac------ c:\documents and settings\hchan\stas75_20060810.0001.dll
2007-12-14 09:08 60,680 ac------ c:\docume~1\hchan\applic~1\GDIPFONTCACHEV1.DAT
2008-05-10 20:58 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008051020080511\index.dat
2008-10-13 09:06 32,768 a--sh--- c:\windows\temp\history\history.ie5\mshist012008101020081011\index.dat
2008-11-09 20:53 32,768 a--sh--- c:\windows\temp\history\history.ie5\mshist012008110920081110\index.dat
2008-11-29 23:07 32,768 a--sh--- c:\windows\temp\history\history.ie5\mshist012008113020081201\index.dat
2008-12-27 07:40 32,768 a--sh--- c:\windows\temp\history\history.ie5\mshist012008122720081228\index.dat

============= FINISH: 22:55:21.00 ===============

[Oops ... the Attach.txt makes this post too long ... will append with a "reply" below.]

Appreciate very much your help.

 

[Now the Attach.txt scan ...]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/09/2007 08:46:39
System Uptime: 16/04/2009 16:02:14 (6 hours ago)

Motherboard: LENOVO | | 1951BT2
Processor: Intel(R) Core(TM) Duo CPU T2400 @ 1.83GHz | None | 1828/167mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 186 GiB total, 79.07 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: AGN Virtual Network Adapter
Device ID: ROOT\NET\0000
Manufacturer: AT&T
Name: AGN Virtual Network Adapter #2
PNP Device ID: ROOT\NET\0000
Service: avpnnic

==== System Restore Points ===================

RP829: 11/03/2009 18:27:06 - Software Distribution Service 3.0
RP830: 11/03/2009 19:10:48 - Software Distribution Service 3.0
RP831: 11/03/2009 19:43:41 - Software Distribution Service 3.0
RP832: 12/03/2009 20:01:02 - System Checkpoint
RP833: 13/03/2009 09:34:16 - Removed Adobe Reader 9.
RP834: 13/03/2009 09:34:51 - Installed Adobe Reader 9.1.
RP835: 14/03/2009 02:03:44 - Software Distribution Service 3.0
RP836: 15/03/2009 02:28:49 - System Checkpoint
RP837: 16/03/2009 02:44:22 - System Checkpoint
RP838: 17/03/2009 03:36:07 - System Checkpoint
RP839: 17/03/2009 10:57:21 - Software Distribution Service 3.0
RP840: 18/03/2009 10:33:01 - Installed MyAttachments
RP841: 22/03/2009 06:52:27 - System Checkpoint
RP842: 22/03/2009 08:54:29 - System Checkpoint
RP843: 22/03/2009 09:37:45 - Software Distribution Service 3.0
RP844: 23/03/2009 19:48:30 - System Checkpoint
RP845: 24/03/2009 07:56:50 - Software Distribution Service 3.0
RP846: 25/03/2009 07:58:44 - System Checkpoint
RP847: 25/03/2009 09:42:10 - Installed iTunes
RP848: 27/03/2009 00:22:08 - System Checkpoint
RP849: 27/03/2009 12:15:26 - Software Distribution Service 3.0
RP850: 28/03/2009 20:46:43 - System Checkpoint
RP851: 29/03/2009 23:03:02 - System Checkpoint
RP852: 30/03/2009 09:21:02 - Installed Java(TM) 6 Update 13
RP853: 30/03/2009 09:27:18 - Installed Windows Installer Clean Up
RP854: 30/03/2009 09:54:20 - Installed J2SE Runtime Environment 5.0 Update 17
RP855: 30/03/2009 09:57:06 - Removed J2SE Runtime Environment 5.0 Update 16
RP856: 30/03/2009 10:12:03 - Installed J2SE Runtime Environment 5.0 Update 18
RP857: 30/03/2009 10:14:40 - Removed J2SE Runtime Environment 5.0 Update 17
RP858: 31/03/2009 12:19:13 - Software Distribution Service 3.0
RP859: 1/04/2009 07:57:59 - Software Distribution Service 3.0
RP860: 1/04/2009 09:02:22 - Software Distribution Service 3.0
RP861: 2/04/2009 16:15:18 - System Checkpoint
RP862: 3/04/2009 16:11:10 - Software Distribution Service 3.0
RP863: 4/04/2009 23:01:43 - System Checkpoint
RP864: 5/04/2009 22:07:51 - System Checkpoint
RP865: 6/04/2009 23:26:46 - System Checkpoint
RP866: 7/04/2009 01:54:48 - Software Distribution Service 3.0
RP867: 8/04/2009 01:56:17 - System Checkpoint
RP868: 9/04/2009 02:17:25 - System Checkpoint
RP869: 9/04/2009 11:15:43 - Installed Trend Micro RUBotted
RP870: 10/04/2009 18:09:03 - System Checkpoint
RP871: 11/04/2009 23:26:08 - System Checkpoint
RP872: 13/04/2009 00:11:41 - System Checkpoint
RP873: 14/04/2009 01:09:03 - System Checkpoint
RP874: 14/04/2009 02:01:12 - Software Distribution Service 3.0
RP875: 14/04/2009 15:51:10 - Installed ThinkPad Power Management Driver
RP876: 14/04/2009 16:18:58 - Installed Power Manager
RP877: 15/04/2009 17:57:30 - Software Distribution Service 3.0
RP878: 15/04/2009 21:03:25 - Installed Sophos Anti-Virus
RP879: 15/04/2009 21:04:44 - Installed Sophos AutoUpdate
RP880: 16/04/2009 11:01:53 - Software Distribution Service 3.0

==== Installed Programs ======================


23_24_2500Tour
2400_2500Help
2400_2500trb
2500
7-Zip 4.57
Access Help
Access IBM
Acrobat.com
Active Security Monitor 2.0.0.18
ActivePerl 5.8.8 Build 820
Ad-Aware
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 6.0.1 Professional
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe AIR
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Interactive Forms Update SP1
Adobe Reader 9.1
Adobe Shockwave Player 11
Advanced WindowsCare Personal
AFP Workbench for Windows
AiO_Scan
AiOSoftware
Apple Mobile Device Support
Apple Software Update
AT&T Network Client
AutoUpdate
Beyond Compare Version 2.4
Blaze Media Pro
Bonjour
BufferChm
Cartes du Ciel
CCleaner (remove only)
Centra Client
Client Security - Password Manager
Compatibility Pack for the 2007 Office system
Copy
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
DAO 3.5
Destinations
Director
DivX Codec
Doc Manager Desktop Enabler
DocProc
DocumentViewer
e-Cert Control Manager
e-Cert Control Manager Add-on Pack 1
EasyEnglishAnalyzer
EasyEnglishAnalyzer Lexicons
EasyGPS 2.7.4
ePrompter
ESDlife Smart ID Card Kit
ESET Online Scanner
Fax
filehippo.com Update Checker
Garmin City Navigator New Zealand v3
Garmin MapSource
Garmin POI Loader
Gizmo5
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Updater
GPS TrackMaker
GS Risk V4.4
Handy Safe Desktop 5.07
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hot CPU Tester Pro 4.4.1
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HouseCall 6.6
HP Diagnostic Assistant
HP Image Zone 4.2
HP PSC & OfficeJet 4.2
HP Unload DLL Patch
HP Update
HPODiscovery
HPSystemDiagnostics
Hyperion Intelligence Client
IBM 32-bit Runtime Environment for Java 2, v5.0
IBM Ayudame
IBM Dynamic Content Delivery (DCDClient-ISSI)
IBM Finance Transformation Workbench V1.0
IBM Infoprint Select
IBM ISMA Peer-To-Peer
IBM LDEMan
IBM Lotus Sametime Connect 7.5.1
IBM My Help
IBM Rational Portfolio Manager
IBM Tivoli Storage Manager Client
IBM WebSphere Business Modeler Advanced Version 6.0.2.1
IBM WebSphere Everyplace Micro Environment 6.1.1 for Windows X8
ILC
InstantShare
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
InterVideo Register Manager
InterVideo WinDVD
iTunes
J2SE Runtime Environment 5.0 Update 18
Java(TM) 6 Update 13
KMLtoGPX Converter
Lenovo System Toolbox
LiveUpdate 3.0 (Symantec Corporation)
Lotus Notes 8.0.1
Lotus NotesSQL Driver 3.02
Lotus SmartSuite - English
Maintenance Manager
Map Calibrator 2.4
McAfee SiteAdvisor
Members' Handbook
MetaFrame Presentation Server Client
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Baseline Security Analyzer 2.1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Accounting 2008
Microsoft Office Accounting 2008 PayPal Addin
Microsoft Office Live Add-in 1.3
Microsoft Office Small Business Connectivity Components
Microsoft Office Standard Edition 2003
Microsoft Office Visio Professional 2003
Microsoft Office Visio Viewer 2003 (English)
Microsoft Office XP Professional with FrontPage
Microsoft Project Standard 2002
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
MobileMe Control Panel
Mobipocket Reader 6.2
Mouse Suite
Mozilla Firefox (3.0.8)
MSVC80_x86
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
NETGEAR Storage Central Manager Utility
NetLimiter 2 Monitor (remove only)
Nokia Connectivity Cable Driver
Nokia Device Status
Nokia Flashing Cable Driver
Nokia Map Loader
Nokia Multimedia Factory
Nokia PC Suite
Nokia Software Updater
NSS (remove only)
OGA Notifier 1.7.0105.35.0
On Screen Display
Overland
PC Connectivity Solution
PhotoGallery
Pinnacle DistanTV Server
Pinnacle TVCenter Pro
Practitioner Portal Toolbar
Presentation Director
PressReader
PrintScreen
ProductContext
Productivity Center Supplement for ThinkPad
QFolder
Qianhong 3.5.0
Quicken Deluxe 2000
QuickProjects
QuickTime
Readme
RecordNow Audio
RecordNow Copy
RecordNow Data
Remove Hidden Data Tool
Remove Multimedia Center
Rescue and Recovery
Scan
Scheduler Updater
Scroll Lock Indicator Utility
Secunia PSI
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950582)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Sizer (remove only)
SkinsHP1
SmallBlue Client V2.0
SmallBlue IE Toolbar
Smart Defrag 1.03
SmartSync Pro
Snapper Charge Control 3.0
Snapshot Viewer
Sonic DLA
Sonic Express Labeler
Sonic Icons for Lenovo
Sonic RecordNow!
Sonic Update Manager
Sophos Anti-Virus
Sophos AutoUpdate
SoundMAX
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
SpywareBlaster 4.2
SpywareGuard v2.2
Symantec Client Security
Symantec Technical Support Web Controls
Symbian Developer Certificate Request
SyncToy
System Migration Assistant
System Update
The Weather Channel Desktop 6
ThinkPad Bluetooth with Enhanced Data Rate Software
ThinkPad Configuration
ThinkPad EasyEject Utility
ThinkPad FullScreen Magnifier
ThinkPad Hotkey Features Setup
ThinkPad Keyboard Customizer Utility
ThinkPad Modem
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad UltraNav Driver
ThinkPad UltraNav Utility
ThinkPad UltraNav Wizard
ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g)
ThinkVantage Access Connections
ThinkVantage Active Protection System
ThinkVantage Productivity Center
TrackPoint Accessibility Features
TrayApp
Trend Micro RUBotted
Trillian
TrueCrypt
Uniblue DriverScanner 2009
Unload
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951618-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Vodafone Mobile Connect
Vodafone Mobile Connect Lite
VoiceRite Client for A/NZ
VoipStunt
Weather Services
WebEx
WebFldrs XP
WebReg
Western Australian Time Zone Update
Windows Defender
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia Modem (03/05/2008 3.7)
Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)
Windows Driver Package - Nokia Modem (05/22/2008 3.8)
Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)
Windows Driver Package - Nokia Modem (08/03/2007 3.2)
Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2)
Windows Driver Package - Nokia Modem (08/08/2007 3.3)
Windows Driver Package - Nokia Modem (10/12/2007 3.6)
Windows Driver Package - Nokia Modem (10/27/2008 3.9)
Windows Driver Package - Nokia Modem (10/27/2008 7.01.0.1)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Search 4.0
Windows XP Service Pack 3
Workstation Security Tool 2.3
World Community Grid - BOINC Agent
WWGPE Tool
WWGPE403ViewOnly
WWGPE404ViewOnly
Xdrive Desktop
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

12/04/2009 23:00:11, error: Service Control Manager [7031] - The TVT Windows Update Monitor service terminated unexpectedly. It has done this 1 time(s). The following

corrective action will be taken in 500 milliseconds: Restart the service.
11/04/2009 10:20:00, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the AcSvc service.
11/04/2009 07:51:09, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments " " in order to run the server: {204810B9-73B2-

11D4-BF42-00B0D0118B56}
11/04/2009 07:47:01, error: Service Control Manager [7000] - The My Help service failed to start due to the following error: The system cannot find the file specified.
10/04/2009 22:00:35, error: Ftdisk [31] - The fault tolerant driver could not read the on disk structures from disk 1.
10/04/2009 07:53:05, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start

or control request in a timely fashion.
10/04/2009 07:53:05, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
10/04/2009 07:53:04, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments " " in order to run the server: {03E0E6C2-363B-

11D3-B536-00902771A435}
9/04/2009 18:52:22, error: Dhcp [1002] - The IP address lease 9.191.12.67 for the Network Card with network address 001558CA5AFE has been denied by the DHCP server

10.64.4.1 (The DHCP Server sent a DHCPNACK message).
9/04/2009 17:33:43, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
9/04/2009 16:57:48, error: Service Control Manager [7034] - The Atheros Configuration Service service terminated unexpectedly. It has done this 1 time(s).
9/04/2009 07:42:28, error: Service Control Manager [7000] - The TVT Windows Update Monitor service failed to start due to the following error: The service did not respond

to the start or control request in a timely fashion.
9/04/2009 07:42:28, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TVT Windows Update Monitor service to connect.
13/04/2009 09:54:01, error: PlugPlayManager [12] - The device 'Intel(R) PRO/1000 PL Network Connection' (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0)

disappeared from the system without first being prepared for removal.
14/04/2009 08:27:22, error: Dhcp [1002] - The IP address lease 10.64.4.15 for the Network Card with network address 001558CA5AFE has been denied by the DHCP server

9.191.25.56 (The DHCP Server sent a DHCPNACK message).
14/04/2009 13:48:02, error: Service Control Manager [7034] - The ISSI EZUpdate service terminated unexpectedly. It has done this 1 time(s).
15/04/2009 17:34:38, error: Dhcp [1002] - The IP address lease 10.64.4.4 for the Network Card with network address 001C2640B358 has been denied by the DHCP server

10.64.4.1 (The DHCP Server sent a DHCPNACK message).
16/04/2009 08:03:10, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Symantec AntiVirus service.
16/04/2009 10:45:25, error: Service Control Manager [7031] - The Symantec AntiVirus service terminated unexpectedly. It has done this 1 time(s). The following corrective

action will be taken in 10000 milliseconds: Restart the service.
16/04/2009 10:45:46, error: Service Control Manager [7031] - The Symantec AntiVirus service terminated unexpectedly. It has done this 2 time(s). The following corrective

action will be taken in 10000 milliseconds: Restart the service.
16/04/2009 10:45:58, error: Service Control Manager [7034] - The Symantec AntiVirus service terminated unexpectedly. It has done this 3 time(s).
16/04/2009 18:10:54, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the TVT Backup Service service.
16/04/2009 19:26:09, error: Dhcp [1002] - The IP address lease 10.64.4.7 for the Network Card with network address 001C2640B358 has been denied by the DHCP server

10.64.4.1 (The DHCP Server sent a DHCPNACK message).
16/04/2009 20:39:42, error: Tcpip [4199] - The system detected an address conflict for IP address 10.64.4.4 with the system having network hardware address

00:21:5D:45:29:3C. Network operations on this system may be disrupted as a result.
16/04/2009 21:13:37, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{014F82D0-1FA2-473F-BD05-507318D50D7D} because another computer

on the network has the same name. The server could not start.

==== End Of File ===========================

 

Hi and welcome

Nothing malicious is seen in the logs.
Of course that doesn't mean theres nothing onboard.

What I can see is an over board of security applications on the computer
Sophos Anti-Virus
Symantec Antivirus
SpywareBlaster 4.2
SpywareGuard v2.2
Windows Defender
SpybotSD TeaTimer

(along with many unnecessary items loading at startup.)

Researching through Symantec tech support I did find links related to your error.

http://www.symantec.com/connect/forums/c-runtime-error-0
http://www.symantec.com/connect/forums/microsoft-visual-c-runtime-error-sav-client-fails-start

http://searchg.symantec.com/search?...oxystylesheet=symc_en_US&x=10&site=symc_en_US



Let's try this:

Please download ATF Cleaner by Atribune From Here and save it to your Desktop.
Follow the instructions for the browser you use.
Read the instructions about the cookies. Delete what you do not need.

Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:
Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Java Cache
The rest are optional - if you want to remove the lot, check "Select All ".
Finally click Empty Selected. When you get the "Done Cleaning " message, click OK.
If you use the Firefox or Opera browsers, you can use this program
as a quick way to tidy those up as well.
When you have finished, click on the Exit button in the Main menu.
========================


Please download Malwarebytes' Anti-Malware to your desktop

Additional Link

* Double-click mbam-setup.exe and follow the prompts to install the program.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location.
* You can also access the log by doing the following:

o Click on the Malwarebytes' Anti-Malware icon to launch the program.
o Click on the Logs tab.
o Click on the log at the bottom of those listed to highlight it.
o Click Open.

Tutorial if needed
http://thespykiller.co.uk/index.php/topic,5946.0.html

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



In your next reply post:
Malwarebytes' Anti-Malware log
New HJT log

 

Updated logs

Thanks Juliet for your help. I have now run the suggested programs, and here are the updated logs, as requested:
Malwarebytes' Anti-Malware log
New HJT log

**********

Malwarebytes' Anti-Malware 1.37
Database version: 2281
Windows 5.1.2600 Service Pack 3

15/06/2009 19:24:26
mbam-log-2009-06-15 (19-24-26).txt

Scan type: Quick Scan
Objects scanned: 119246
Time elapsed: 8 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 15
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\tbsb06727.ietoolbar (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{b45d1007-6a4b-4b05-a9be-b2af02001a93} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{095c9eae-f4b0-42c3-ba95-ba1608ff43af} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6bbb6e9a-af7b-4d5b-8279-153bb8b3e9e0} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fc699089-a075-4787-affd-43c027f2f468} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fc699089-a075-4787-affd-43c027f2f468} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc699089-a075-4787-affd-43c027f2f468} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\tbsb06727.ietoolbar.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\tbsb06727.tbsb06727 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\tbsb06727.tbsb06727.3 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\wxfw.dll (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\IBM\SmallBlueTools\SmallBlue IE Toolbar\smallblue.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
c:\RECYCLER\ADAPT_Installer.exe (Heuristics.Malware) -> Quarantined and deleted successfully.

**********

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:46, on 15/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVGLS\avgwdsvc.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\AVG\AVGLS\avgnsx.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\C4ebreg\c4ebreg.exe
c:\sdwork\issimsvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\cmd.exe
C:\notes\ntmulti.exe
C:\Program Files\AT&T Network Client\NetCfgSv.EXE
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IBM\tivoli\dcd\client\ISSI\_jvm\jre\bin\java.exe
C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe
c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\WINDOWS\WRTService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.3.14\pmonmh.exe
C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
c:\program files\lenovo\system update\suservice.exe
C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\C4ebreg\isamtray.exe
C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVGLS\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Lenovo\Client Security Solution\password_manager.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Xdrive\Xdrive Desktop\XdriveTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe
C:\Program Files\filehippo.com\UpdateChecker.exe
C:\Program Files\Gizmo5\Gizmo5.exe
C:\PROGRA~1\THEWEA~1\Desktop\DesktopWeather.exe
C:\PROGRA~1\HONGKO~1\E-CERT~1\tnctray.exe
C:\Program Files\Hongkong Post e-Cert\e-Cert Control Manager\tncservice.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\IBM\Infoprint Select\ipnotify.exe
C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BtStackServer.exe
C:\Program Files\IBM\Rational Portfolio Manager\RPMITray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\BOINC\boinc.exe
C:\Program Files\BOINC\projects\www.worldcommunitygrid.org\wcg_rice_6.17_windows_intelx86
C:\Program Files\BOINC\projects\www.worldcommunitygrid.org\wcg_rice_6.17_windows_intelx86
C:\Program Files\IBM\My Help\MyHelp.exe
C:\Program Files\IBM\My Help\jre\bin\myhelpw.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://nz.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://w3-3.ibm.com/tools/print/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = w3-501.ibm.com;w3-113.ibm.com;w3-602.ibm.com;w3-603.ibm.com;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVGLS\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVGLS\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: TBSB07827 - {F8DECFD3-B735-46DD-AFF9-D2D5F06FDC52} - C:\Program Files\IBM\Practitioner Portal Toolbar\gbsppietoolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Practitioner Portal Toolbar - {E7128DAA-707C-4552-AF47-906D4C610549} - C:\Program Files\IBM\Practitioner Portal Toolbar\gbsppietoolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVGLS\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [C4EBReg] "C:\Program Files\C4ebreg\c4ebreg.exe" /q
O4 - HKLM\..\Run: [MyHelpService] "C:\Program Files\IBM\My Help\workspace\service\delayStart.exe "
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [pmonmh] C:\Program Files\IBM\My Help\workspace\..\plugins\com.ibm.myhelp.common_1.3.14/pmonmh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [stgclean] c:\sdwork\w32main2.exe /cleanup
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [Domino.Doc Install] C:\Lotus\DominoDoc\domdoc.exe -install
O4 - HKLM\..\Run: [Isamtray] "C:\Program Files\C4ebreg\isamtray.exe "
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [TMRUBottedTray] "C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe "
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [ISSI Service] "c:\sdwork\issimsvc.exe "
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVGLS\avgtray.exe
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKCU\..\Run: [NetSP - restore settings on power failure] "C:\Program Files\AT&T Network Client\NetSP.exe" -show
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
O4 - HKCU\..\Run: [XdriveTrayIcon] "C:\Program Files\Xdrive\Xdrive Desktop\XdriveTray.exe "
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Gizmo5] "C:\Program Files\Gizmo5\Gizmo5.exe "
O4 - HKCU\..\Run: [DW6] "C:\PROGRA~1\THEWEA~1\Desktop\DesktopWeather.exe "
O4 - HKCU\..\Run: [e-Cert Control Manager 2.x] "C:\PROGRA~1\HONGKO~1\E-CERT~1\tnctray.exe "
O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Startup: World Community Grid - BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Infoprint Select Notification.lnk = C:\Program Files\IBM\Infoprint Select\ipnotify.exe
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
O4 - Global Startup: Rational Portfolio Manager Tray.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Save to &Xdrive - res://C:\Program Files\Xdrive\Xdrive Desktop\xdrive.exe/std.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} -
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {6E4BBF28-5199-4E64-9291-94D1334CA919} (KSCCTmoney Class) - https://www.snapper.co.nz/global/plugin/install/snapper.cab
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} -
O16 - DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} -
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} -
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F48B799-E15F-4F9E-88E8-9AB6EC0C9B5A}: Domain = ibm.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ibm.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ibm.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVGLS\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG LinkScanner® WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVGLS\avgwdsvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: IBM DCD Standard Client (DCDClient-ISSI) (DCDClient-ISSI) - Unknown owner - C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: e-Cert Control Manager - SecureNet Limited - C:\Program Files\Hongkong Post e-Cert\e-Cert Control Manager\tncservice.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: ISAM SMT Service (ISAMsmt) - Unknown owner - C:\Program Files\C4ebreg\isamsmt.exe (file missing)
O23 - Service: IBM Standard Asset Manager Service (ISAMSvc) - IBM Corp. - C:\Program Files\C4ebreg\c4ebreg.exe
O23 - Service: ISSI (ISSIMon) - IBM Corp. - c:\sdwork\issimsvc.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: My Help (MyHelp) - Unknown owner - C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe (file missing)
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\Program Files\AT&T Network Client\NetCfgSv.EXE
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Trend Micro RUBotted Service (RUBotted) - Trend Micro Inc. - C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe
O23 - Service: SAVRoam (SavRoam) - symantec - c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: WRT Service (WRTService) - Unknown owner - C:\WINDOWS\WRTService.exe
O23 - Service: Xdrive Service - Xdrive LLC - C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
O23 - Service: Z-SAN Service (Z-SANService) - Zetera Corporation - C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe

--
End of file - 28843 bytes

 

Welcome back

Through your add/remove programs list uninstall/delete the below
J2SE Runtime Environment 5.0 Update 18


These secutity programs on the computer are very likely to conflict and cause you problems.
Symantec AntiVirus <--Current active?
AVG8 antivirus <--if the above antivirus is your choice this needs to be uninstalled.
SpywareBlaster
SpywareGuard
Windows Defender
SpybotSD TeaTimer





In order for us to be able to do much we have several security applications that have to be disabled first so the below transactions can be completed.





While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things.
Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean.

* Open Spybot Search & Destroy.
* In the Mode menu click "Advanced mode" if not already selected.
* Choose "Yes" at the Warning prompt.
* Expand the "Tools" menu.
* Click "Resident ".
* Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
* In the File menu click "Exit" to exit Spybot Search & Destroy.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please disable SpywareGuard, as it may interfere with some of our HijackThis fixes:

Right click the SpywareGuard icon in the System Tray at the bottom-right corner of the screen and open the program.
Then go to Menu, File, Exit.
Then confirm the program is closed.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.

Open Windows Defender.
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.

After all of the fixes are complete it is very important that you enable Real-time Protection again

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Open HijackThis, Click Do a system scan only, checkmark these. Then close all other windows and browsers except HijackThis and press fix checked.

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)

The following are not necessarily spyware/malware, but we suggest you place a check mark next to the following entries, as these programs may be taking up system resources.

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
(Description: Intel hotkey applet. Unnecessary. Removing this will free up a small amount of system resources.)

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
(Not necessary)

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] \ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe\ "
(Description: Adobe reader startup - unnecessarily uses system resources.)

O4 - HKLM\..\Run: [SunJavaUpdateSched] \ "C:\Program Files\Java\jre6\bin\jusched.exe\ "
(Description: Sun Java update scheduler. Checks for updates. Not necessary. Removing this entry will free up a small amount of system resources.)

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
(Description: Microsoft Office startup assistant. Not necessary. Removing this entry will free up a significant amount of system resources.)


Now please reboot your computer to set the registry.



Please post a new HJT log and give me an update on how the computer is at the moment.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

New HJT log

Hi Juliet, thanks for your very prompt response. Yes, Symantec AntiVirus is currently active, and I don't run any other antivirus programs. The AVG8 reference is their LinkScanner program.

I have done the fixes you suggested. The computer seems to be running ok now. Here is the new HJT log. Please advise if it's clean or further fixes are required.

Thanks again.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:58, on 16/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\C4ebreg\c4ebreg.exe
c:\sdwork\issimsvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\cmd.exe
C:\notes\ntmulti.exe
C:\Program Files\AT&T Network Client\NetCfgSv.EXE
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI\_jvm\jre\bin\java.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\WINDOWS\WRTService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.3.14\pmonmh.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\C4ebreg\isamtray.exe
C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Xdrive\Xdrive Desktop\XdriveTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Lenovo\Client Security Solution\password_manager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\filehippo.com\UpdateChecker.exe
C:\Program Files\Gizmo5\Gizmo5.exe
C:\PROGRA~1\THEWEA~1\Desktop\DesktopWeather.exe
C:\PROGRA~1\HONGKO~1\E-CERT~1\tnctray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hongkong Post e-Cert\e-Cert Control Manager\tncservice.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\IBM\Infoprint Select\ipnotify.exe
C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BtStackServer.exe
C:\Program Files\IBM\Rational Portfolio Manager\RPMITray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\BOINC\boinc.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\BOINC\projects\www.worldcommunitygrid.org\wcg_rice_6.17_windows_intelx86
C:\Program Files\BOINC\projects\www.worldcommunitygrid.org\wcg_rice_6.17_windows_intelx86
C:\Program Files\IBM\My Help\MyHelp.exe
C:\Program Files\IBM\My Help\jre\bin\myhelpw.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\PROGRA~1\AVG\AVGLS\avgwdsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVG\AVGLS\avgtray.exe
C:\PROGRA~1\AVG\AVGLS\avgnsx.exe
C:\WINDOWS\system32\cmd.exe
C:\PROGRA~1\IBM\checker\checkerr.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://nz.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://w3-3.ibm.com/tools/print/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = w3-501.ibm.com;w3-113.ibm.com;w3-602.ibm.com;w3-603.ibm.com;<local>
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVGLS\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVGLS\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVGLS\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: TBSB07827 - {F8DECFD3-B735-46DD-AFF9-D2D5F06FDC52} - C:\Program Files\IBM\Practitioner Portal Toolbar\gbsppietoolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Practitioner Portal Toolbar - {E7128DAA-707C-4552-AF47-906D4C610549} - C:\Program Files\IBM\Practitioner Portal Toolbar\gbsppietoolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVGLS\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [C4EBReg] "C:\Program Files\C4ebreg\c4ebreg.exe" /q
O4 - HKLM\..\Run: [MyHelpService] "C:\Program Files\IBM\My Help\workspace\service\delayStart.exe "
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [pmonmh] C:\Program Files\IBM\My Help\workspace\..\plugins\com.ibm.myhelp.common_1.3.14/pmonmh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [stgclean] c:\sdwork\w32main2.exe /cleanup
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [Domino.Doc Install] C:\Lotus\DominoDoc\domdoc.exe -install
O4 - HKLM\..\Run: [Isamtray] "C:\Program Files\C4ebreg\isamtray.exe "
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [TMRUBottedTray] "C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe "
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [ISSI Service] "c:\sdwork\issimsvc.exe "
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVGLS\avgtray.exe
O4 - HKLM\..\RunOnce: [AVG frw] "C:\Program Files\AVG\AVGLS\avgfrw.exe" /setyahoo
O4 - HKLM\..\RunOnce: [DLFiles] C:\PROGRA~1\IBM\checker\dlfiles.exe
O4 - HKCU\..\Run: [NetSP - restore settings on power failure] "C:\Program Files\AT&T Network Client\NetSP.exe" -show
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
O4 - HKCU\..\Run: [XdriveTrayIcon] "C:\Program Files\Xdrive\Xdrive Desktop\XdriveTray.exe "
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Gizmo5] "C:\Program Files\Gizmo5\Gizmo5.exe "
O4 - HKCU\..\Run: [DW6] "C:\PROGRA~1\THEWEA~1\Desktop\DesktopWeather.exe "
O4 - HKCU\..\Run: [e-Cert Control Manager 2.x] "C:\PROGRA~1\HONGKO~1\E-CERT~1\tnctray.exe "
O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Startup: World Community Grid - BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Infoprint Select Notification.lnk = C:\Program Files\IBM\Infoprint Select\ipnotify.exe
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
O4 - Global Startup: Rational Portfolio Manager Tray.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Save to &Xdrive - res://C:\Program Files\Xdrive\Xdrive Desktop\xdrive.exe/std.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} -
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {6E4BBF28-5199-4E64-9291-94D1334CA919} (KSCCTmoney Class) - https://www.snapper.co.nz/global/plugin/install/snapper.cab
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} -
O16 - DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} -
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} -
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F48B799-E15F-4F9E-88E8-9AB6EC0C9B5A}: Domain = ibm.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ibm.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ibm.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVGLS\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG LinkScanner® WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVGLS\avgwdsvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: IBM DCD Standard Client (DCDClient-ISSI) (DCDClient-ISSI) - Unknown owner - C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: e-Cert Control Manager - SecureNet Limited - C:\Program Files\Hongkong Post e-Cert\e-Cert Control Manager\tncservice.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: ISAM SMT Service (ISAMsmt) - Unknown owner - C:\Program Files\C4ebreg\isamsmt.exe (file missing)
O23 - Service: IBM Standard Asset Manager Service (ISAMSvc) - IBM Corp. - C:\Program Files\C4ebreg\c4ebreg.exe
O23 - Service: ISSI (ISSIMon) - IBM Corp. - c:\sdwork\issimsvc.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: My Help (MyHelp) - Unknown owner - C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe (file missing)
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\Program Files\AT&T Network Client\NetCfgSv.EXE
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Trend Micro RUBotted Service (RUBotted) - Trend Micro Inc. - C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe
O23 - Service: SAVRoam (SavRoam) - symantec - c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: WRT Service (WRTService) - Unknown owner - C:\WINDOWS\WRTService.exe
O23 - Service: Xdrive Service - Xdrive LLC - C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
O23 - Service: Z-SAN Service (Z-SANService) - Zetera Corporation - C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe

--
End of file - 28692 bytes

 

Good deal, log is clean.


Your good to go, good job!



Please take the time to read over a few of my preventive tips.


Please navigate to Microsoft Windows Updates and download all the "Critical Updates " for Windows.


Firefox 3
The award-winning Web browser is now faster, more secure, and fully customizable to your online life. With Firefox 2, added powerful new features that make your online experience even better. It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
*NoScript - Addon for Firefox that stops all scripts from running on websites. Stops malicious software from invading via flash, java, javascript, and many other entry points.

WOT Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

How to prevent Malware: Created by Miekiemoes

Here are some additional utilities that will further enhance your safety.
# http://www.trillian.cc → Trillian or http://www.miranda-im.com → Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)


Please read this article 'Safe Computing Practices'.
So how did I get infected in the first place.

Secure My Computer: A Layered Approach

Strong passwords: How to create and use them

Free Antivirus-AntiSpyware-Firewall Software

Slow Computer May Not Be Malware Related, Help! My computer is slow!
http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html


PC Safety and Security--What Do I Need?
http://www.techsupportforum.com/sec...115548-pc-safety-security-what-do-i-need.html

Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!
This site offers people who have been (or are) victims of malware the opportunity to document their story.

Extra note:
Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan. http://secunia.com/software_inspector/