Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google search redirect virus/malware


  • This topic is locked This topic is locked
2 replies to this topic

#1 Rrobby137

Rrobby137

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 11 February 2010 - 08:01 PM

I have all the logs that were asked for. If someone would like to help me remove whatever has infected my computer it would be much appreciated.


Thank you,

Thomas

Hope all this helps:


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-11 17:52:17
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\ibm\LOCALS~1\Temp\pxtdapog.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xAA5D50B0]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\atapi \Device\Ide\IdePort0 [F74309F2] atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F74309F2] atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort1 [F74309F2] atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F74309F2] atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\system32\drivers\atapi.sys suspicious modification

---- EOF - GMER 1.0.15 ----






Logfile of random's system information tool 1.06 (written by random/random)
Run by ibm at 2010-02-11 17:38:39
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 125 GB (95%) free of 131 GB
Total RAM: 1014 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:38:45 PM, on 2/11/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LENOVO\HOTKEY\CAMMUTE.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Documents and Settings\ibm\Local Settings\Temporary Internet Files\Content.IE5\WHI3KDYZ\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\ibm.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\DRIVERS\WIN\Audio\SM_PANEL\SYS\SMAX4.EXE" /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1265519687968
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://systemrequirementslab.com.s3.amazon...etect_intel.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

--
End of file - 6259 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\PMTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-09 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-09 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-07 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-09 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-12-21 69568]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\DRIVERS\WIN\Audio\SM_PANEL\SYS\SMAX4.EXE [2005-05-06 716800]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-02-07 149280]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-10-06 1323008]
"PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor []
""= []
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2009-12-11 337256]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-15 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-15 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-15 131072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-06 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-01-05 2002160]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

C:\Documents and Settings\ibm\Start Menu\Programs\Startup
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-02-11 17:38:39 ----D---- C:\rsit
2010-02-11 17:06:39 ----D---- C:\32788R22FWJFW
2010-02-11 15:35:17 ----D---- C:\fixwareout
2010-02-11 15:25:07 ----D---- C:\Documents and Settings\ibm\Application Data\AVG8
2010-02-11 15:18:25 ----D---- C:\Program Files\Trend Micro
2010-02-11 15:04:40 ----D---- C:\Program Files\CleanUp!
2010-02-11 14:54:05 ----D---- C:\ie-spyad_zo
2010-02-11 14:43:43 ----D---- C:\Program Files\SpywareGuard
2010-02-11 14:39:00 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-02-11 14:38:57 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2010-02-11 14:38:56 ----D---- C:\Program Files\SpywareBlaster
2010-02-11 12:04:33 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2010-02-11 12:04:21 ----D---- C:\Program Files\SUPERAntiSpyware
2010-02-11 12:04:21 ----D---- C:\Documents and Settings\ibm\Application Data\SUPERAntiSpyware.com
2010-02-11 12:04:05 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-02-09 12:49:22 ----D---- C:\Documents and Settings\ibm\Application Data\MSN6
2010-02-09 12:49:22 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2010-02-07 21:07:04 ----D---- C:\Program Files\MSXML 4.0
2010-02-07 21:06:42 ----D---- C:\Program Files\Microsoft Games
2010-02-07 19:01:33 ----D---- C:\Documents and Settings\ibm\Application Data\Malwarebytes
2010-02-07 19:01:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-07 19:01:27 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-02-07 14:58:44 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-02-07 14:57:24 ----D---- C:\WINDOWS\system32\PreInstall
2010-02-07 14:57:22 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-02-07 14:52:52 ----A---- C:\WINDOWS\system32\wups2.dll
2010-02-07 14:52:52 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-02-07 14:52:52 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-02-07 14:52:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-02-07 14:52:51 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-02-07 14:36:16 ----D---- C:\Program Files\Lenovo Hard Drive Quick Test
2010-02-07 14:04:55 ----A---- C:\WINDOWS\system32\igfxres.dll
2010-02-07 14:03:19 ----D---- C:\Documents and Settings\ibm\Application Data\Intel
2010-02-07 14:02:20 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2010-02-07 14:01:16 ----A---- C:\WINDOWS\system32\AegisI5Installer.exe
2010-02-07 13:58:49 ----A---- C:\WINDOWS\system32\igxprd32.dll
2010-02-07 13:58:49 ----A---- C:\WINDOWS\system32\igfxtray.exe
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igxpgd32.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igxpdx32.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igxpdv32.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\iglicd32.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igldev32.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxress.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxpph.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxpers.exe
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxext.exe
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxexps.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxdo.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxdev.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxCoIn_v4926.dll
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\hkcmd.exe
2010-02-07 13:58:48 ----A---- C:\WINDOWS\system32\hccutils.dll
2010-02-07 13:58:45 ----D---- C:\WINDOWS\system32\Lang
2010-02-07 13:58:45 ----A---- C:\WINDOWS\system32\igxpun.exe
2010-02-07 13:58:45 ----A---- C:\WINDOWS\system32\difxapi.dll
2010-02-07 13:58:41 ----D---- C:\Intel
2010-02-07 13:50:24 ----D---- C:\Program Files\SystemRequirementsLab
2010-02-07 13:03:26 ----D---- C:\Program Files\PC Drivers HeadQuarters
2010-02-07 13:03:26 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2010-02-07 11:59:29 ----D---- C:\Program Files\Digital Line Detect
2010-02-07 11:58:55 ----D---- C:\Program Files\NetWaiting
2010-02-07 11:58:46 ----D---- C:\Documents and Settings\ibm\Application Data\InstallShield
2010-02-07 11:58:16 ----D---- C:\Program Files\CONEXANT
2010-02-07 11:03:20 ----A---- C:\WINDOWS\system32\wnaspi32.dll
2010-02-07 10:56:04 ----N---- C:\WINDOWS\PWMBTHLP.EXE
2010-02-07 10:56:03 ----D---- C:\Program Files\ThinkPad
2010-02-07 10:35:56 ----D---- C:\Program Files\MSBuild
2010-02-07 10:35:52 ----D---- C:\WINDOWS\system32\XPSViewer
2010-02-07 10:35:48 ----D---- C:\Program Files\Reference Assemblies
2010-02-07 10:35:22 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-02-07 10:34:45 ----RSD---- C:\WINDOWS\assembly
2010-02-07 10:34:23 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-07 10:33:39 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-07 10:33:34 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-02-07 10:33:24 ----D---- C:\Program Files\MSXML 6.0
2010-02-07 10:09:42 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2010-02-07 10:09:42 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-02-07 10:09:42 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-02-07 10:09:42 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-02-07 10:09:41 ----D---- C:\Program Files\Synaptics
2010-02-07 09:54:51 ----D---- C:\Documents and Settings\ibm\Application Data\Mozilla
2010-02-07 09:54:34 ----D---- C:\Documents and Settings\ibm\Application Data\LimeWire
2010-02-07 09:54:04 ----A---- C:\WINDOWS\system32\javaws.exe
2010-02-07 09:54:04 ----A---- C:\WINDOWS\system32\javaw.exe
2010-02-07 09:54:04 ----A---- C:\WINDOWS\system32\java.exe
2010-02-07 09:54:04 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-02-07 09:53:53 ----D---- C:\Program Files\Java
2010-02-07 09:49:36 ----D---- C:\Documents and Settings\ibm\Application Data\Sun
2010-02-07 09:49:28 ----D---- C:\Program Files\LimeWire
2010-02-07 09:23:26 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-02-07 09:23:22 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2010-02-07 09:23:22 ----N---- C:\WINDOWS\system32\SMMedia.dll
2010-02-07 09:23:21 ----N---- C:\WINDOWS\system32\CleanUp.exe
2010-02-07 09:23:21 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-07 09:23:21 ----D---- C:\Program Files\Analog Devices
2010-02-07 09:23:21 ----A---- C:\WINDOWS\system32\DSndUp.exe
2010-02-07 09:21:40 ----A---- C:\WINDOWS\SMWIZARD.INI
2010-02-07 09:19:22 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2010-02-07 09:19:10 ----A---- C:\WINDOWS\qfe4.tmp
2010-02-06 23:19:25 ----D---- C:\WINDOWS\WBEM
2010-02-06 23:19:18 ----D---- C:\Documents and Settings\ibm\Application Data\Google
2010-02-06 23:18:21 ----HDC---- C:\WINDOWS\ie8
2010-02-06 23:18:21 ----D---- C:\WINDOWS\system32\en-US
2010-02-06 23:17:29 ----HD---- C:\WINDOWS\msdownld.tmp
2010-02-06 23:17:29 ----D---- C:\Program Files\Google
2010-02-06 23:17:29 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-02-06 23:10:26 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2010-02-06 23:09:26 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-06 23:01:01 ----D---- C:\WINDOWS\Prefetch
2010-02-06 22:56:08 ----N---- C:\WINDOWS\system32\proxycfg.exe
2010-02-06 22:56:08 ----N---- C:\WINDOWS\system32\logman.exe
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\btpanui.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\bthserv.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\bthci.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\blastcln.exe
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\auditusr.exe
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-02-06 22:56:03 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\httpapi.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\fwcfg.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\fsquirt.exe
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\fltmc.exe
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\fltlib.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\extmgr.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\encdec.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\encapi.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\dsprpres.dll
2010-02-06 22:56:02 ----N---- C:\WINDOWS\system32\d3d9.dll
2010-02-06 22:56:02 ----A---- C:\WINDOWS\system32\hccoin.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\mssap.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\mspmsnsv.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\msftedit.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\msdadiag.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdukx.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdno1.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdinben.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2010-02-06 22:56:01 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\wmidx.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\wmerror.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\winshfhc.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\winhttp.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\winbrand.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\w3ssl.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\twext.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\strmfilt.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\smbinst.exe
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\slserv.exe
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\slgen.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\sbeio.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\sbe.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\powercfg.exe
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\p2psvc.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\p2p.dll
2010-02-06 22:56:00 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wshbth.dll
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wscsvc.dll
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wscntfy.exe
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wmvdmoe2.dll
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wmspdmoe.dll
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wmspdmod.dll
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wmsdmoe2.dll
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wmpasf.dll
2010-02-06 22:55:59 ----N---- C:\WINDOWS\system32\wmp.dll
2010-02-06 22:55:59 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-02-06 22:55:58 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2010-02-06 22:55:58 ----N---- C:\WINDOWS\system32\xpob2res.dll
2010-02-06 22:55:58 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2010-02-06 22:55:58 ----N---- C:\WINDOWS\system32\xmlprov.dll
2010-02-06 22:55:58 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2010-02-06 22:55:58 ----N---- C:\WINDOWS\slrundll.exe
2010-02-06 22:55:58 ----A---- C:\WINDOWS\system32\wups.dll
2010-02-06 22:55:58 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-02-06 22:55:57 ----D---- C:\WINDOWS\provisioning
2010-02-06 22:55:57 ----D---- C:\WINDOWS\peernet
2010-02-06 22:54:35 ----D---- C:\WINDOWS\ServicePackFiles
2010-02-06 22:52:26 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2010-02-06 22:51:14 ----A---- C:\WINDOWS\002122_.tmp
2010-02-06 22:51:13 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-06 22:51:04 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-02-06 22:49:11 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-02-06 22:49:09 ----D---- C:\WINDOWS\EHome
2010-02-06 21:36:21 ----D---- C:\Documents and Settings\ibm\Application Data\Macromedia
2010-02-06 21:36:08 ----D---- C:\Documents and Settings\ibm\Application Data\Adobe
2010-02-06 21:24:54 ----A---- C:\WINDOWS\system32\results.txt
2010-02-06 21:24:00 ----A---- C:\WINDOWS\system32\NETw4r32.dll
2010-02-06 21:24:00 ----A---- C:\WINDOWS\system32\NETw4c32.dll
2010-02-06 21:23:54 ----D---- C:\Program Files\Intel
2010-02-06 21:20:58 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-02-06 21:15:01 ----D---- C:\WINDOWS\SoftwareDistribution
2010-02-06 20:48:55 ----D---- C:\Program Files\Lenovo
2010-02-06 20:41:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-06 20:41:19 ----D---- C:\Program Files\Broadcom
2010-02-06 19:39:14 ----SD---- C:\WINDOWS\system32\Microsoft
2010-02-06 19:35:34 ----RHD---- C:\Documents and Settings\All Users\Application Data\Atheros
2010-02-06 19:34:55 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-06 19:34:47 ----D---- C:\DRIVERS
2010-02-06 18:02:16 ----SHD---- C:\RECYCLER
2010-02-06 17:47:55 ----SHD---- C:\WINDOWS\Installer
2010-02-06 17:47:52 ----D---- C:\Documents and Settings\ibm\Application Data\Identities
2010-02-06 17:47:48 ----HD---- C:\Program Files\Uninstall Information
2010-02-06 17:47:45 ----ASH---- C:\Documents and Settings\ibm\Application Data\desktop.ini
2010-02-06 17:47:44 ----SD---- C:\Documents and Settings\ibm\Application Data\Microsoft
2010-02-06 17:46:00 ----SHD---- C:\System Volume Information
2010-02-06 17:45:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-06 17:43:29 ----D---- C:\WINDOWS\system32\xircom
2010-02-06 17:43:29 ----D---- C:\Program Files\xerox
2010-02-06 17:43:29 ----D---- C:\Program Files\microsoft frontpage
2010-02-06 17:43:18 ----A---- C:\WINDOWS\control.ini
2010-02-06 17:43:18 ----A---- C:\AUTOEXEC.BAT
2010-02-06 17:43:11 ----A---- C:\WINDOWS\OEWABLog.txt
2010-02-06 17:43:07 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-02-06 17:42:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-06 17:42:21 ----RD---- C:\WINDOWS\Offline Web Pages
2010-02-06 17:42:21 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-02-06 17:42:15 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-02-06 17:41:56 ----D---- C:\WINDOWS\srchasst
2010-02-06 17:41:47 ----D---- C:\WINDOWS\system32\Macromed
2010-02-06 17:41:47 ----D---- C:\WINDOWS\system32\DirectX
2010-02-06 17:41:33 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-02-06 17:41:33 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-02-06 17:41:32 ----D---- C:\Program Files\Movie Maker
2010-02-06 17:41:14 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-02-06 17:41:14 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-02-06 17:41:14 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-02-06 17:41:14 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-02-06 17:41:13 ----A---- C:\WINDOWS\system32\atrace.dll
2010-02-06 17:41:08 ----A---- C:\WINDOWS\system32\desktop.ini
2010-02-06 17:41:08 ----A---- C:\WINDOWS\desktop.ini
2010-02-06 17:41:01 ----D---- C:\WINDOWS\system32\Restore
2010-02-06 17:41:01 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-02-06 17:41:01 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-02-06 17:41:01 ----A---- C:\WINDOWS\system32\srclient.dll
2010-02-06 17:41:00 ----D---- C:\Program Files\Windows Media Player
2010-02-06 17:41:00 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-02-06 17:41:00 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-02-06 17:41:00 ----A---- C:\WINDOWS\system32\ils.dll
2010-02-06 17:40:59 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-02-06 17:40:59 ----A---- C:\WINDOWS\system32\msconf.dll
2010-02-06 17:40:59 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-02-06 17:40:59 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-02-06 17:40:56 ----D---- C:\Program Files\NetMeeting
2010-02-06 17:40:55 ----D---- C:\WINDOWS\PCHEALTH
2010-02-06 17:40:55 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-02-06 17:40:55 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-02-06 17:40:55 ----A---- C:\WINDOWS\system32\acctres.dll
2010-02-06 17:40:54 ----D---- C:\Program Files\Common Files\Services
2010-02-06 17:40:53 ----A---- C:\WINDOWS\system32\inetres.dll
2010-02-06 17:40:53 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-02-06 17:40:49 ----SD---- C:\WINDOWS\Tasks
2010-02-06 17:40:49 ----D---- C:\Program Files\Outlook Express
2010-02-06 17:40:49 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-02-06 17:40:49 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-02-06 17:40:48 ----A---- C:\WINDOWS\system32\mstask.dll
2010-02-06 17:40:48 ----A---- C:\WINDOWS\system32\isign32.dll
2010-02-06 17:40:48 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-02-06 17:40:48 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-02-06 17:40:48 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-02-06 17:40:48 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-02-06 17:40:45 ----D---- C:\Program Files\Common Files\MSSoap
2010-02-06 17:40:40 ----D---- C:\Program Files\Common Files\System
2010-02-06 17:40:36 ----D---- C:\Program Files\Internet Explorer
2010-02-06 17:40:20 ----D---- C:\Program Files\ComPlus Applications
2010-02-06 17:40:19 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-06 17:40:19 ----A---- C:\WINDOWS\vb.ini
2010-02-06 17:40:13 ----D---- C:\WINDOWS\Registration
2010-02-06 17:39:49 ----HD---- C:\Program Files\WindowsUpdate
2010-02-06 17:39:49 ----D---- C:\Program Files\Online Services
2010-02-06 17:39:44 ----D---- C:\Program Files\Messenger
2010-02-06 17:39:36 ----D---- C:\Program Files\MSN
2010-02-06 17:39:32 ----D---- C:\Program Files\MSN Gaming Zone
2010-02-06 17:39:32 ----A---- C:\WINDOWS\system32\write.exe
2010-02-06 17:39:22 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-02-06 17:39:22 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-02-06 17:39:22 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-02-06 17:39:22 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-02-06 17:39:21 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-02-06 17:39:21 ----A---- C:\WINDOWS\system32\hticons.dll
2010-02-06 17:39:21 ----A---- C:\WINDOWS\system32\avwav.dll
2010-02-06 17:39:21 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-02-06 17:39:21 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-02-06 17:39:20 ----D---- C:\Program Files\Windows NT
2010-02-06 17:39:20 ----A---- C:\WINDOWS\system32\winchat.exe
2010-02-06 17:39:19 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-02-06 17:39:14 ----A---- C:\WINDOWS\system32\getuname.dll
2010-02-06 17:39:14 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-02-06 17:39:13 ----A---- C:\WINDOWS\system32\spider.exe
2010-02-06 17:39:13 ----A---- C:\WINDOWS\system32\charmap.exe
2010-02-06 17:39:13 ----A---- C:\WINDOWS\system32\calc.exe
2010-02-06 17:39:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-02-06 17:39:12 ----A---- C:\WINDOWS\system32\winmine.exe
2010-02-06 17:39:12 ----A---- C:\WINDOWS\system32\sol.exe
2010-02-06 17:39:12 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-02-06 17:39:12 ----A---- C:\WINDOWS\system32\freecell.exe
2010-02-06 17:39:11 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-02-06 17:39:11 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-02-06 17:39:11 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-02-06 17:39:11 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\tskill.exe
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\reset.exe
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-02-06 17:39:10 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\tscon.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\shadow.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\regini.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-02-06 17:39:09 ----A---- C:\WINDOWS\system32\msg.exe
2010-02-06 17:39:08 ----D---- C:\WINDOWS\system32\MsDtc
2010-02-06 17:39:08 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-02-06 17:39:08 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-02-06 17:39:08 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-02-06 17:39:08 ----A---- C:\WINDOWS\system32\logoff.exe
2010-02-06 17:39:08 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-02-06 17:39:08 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-02-06 17:39:08 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-02-06 17:39:07 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-02-06 17:39:07 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-02-06 17:39:07 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-02-06 17:39:07 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-02-06 17:39:07 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-02-06 17:39:06 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-02-06 17:39:06 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-02-06 17:39:06 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-02-06 17:39:06 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-02-06 17:39:05 ----D---- C:\WINDOWS\system32\Com
2010-02-06 17:39:05 ----A---- C:\WINDOWS\system32\stclient.dll
2010-02-06 17:39:05 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-02-06 17:39:05 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-02-06 17:39:05 ----A---- C:\WINDOWS\system32\colbact.dll
2010-02-06 17:39:05 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-02-06 17:39:05 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-02-06 17:39:05 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-02-06 17:39:04 ----A---- C:\WINDOWS\system32\comuid.dll
2010-02-06 17:39:04 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-02-06 17:39:04 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-02-06 17:39:04 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-02-06 17:39:03 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-02-06 17:38:54 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-02-06 17:38:54 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-02-06 17:38:54 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-02-06 17:38:54 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-02-06 17:38:54 ----A---- C:\WINDOWS\system32\cmprops.dll
2010-01-30 19:36:25 ----A---- C:\WINDOWS\system32\h323log.txt
2010-01-30 19:28:27 ----A---- C:\WINDOWS\system32\usbui.dll
2010-01-30 19:27:38 ----A---- C:\WINDOWS\imsins.BAK
2010-01-30 19:27:34 ----D---- C:\Program Files\Common Files\ODBC
2010-01-30 19:27:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-30 19:27:34 ----A---- C:\WINDOWS\ODBCINST.INI
2010-01-30 19:27:31 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-01-30 19:27:30 ----RD---- C:\Program Files
2010-01-30 19:27:30 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-30 19:27:30 ----D---- C:\Program Files\Common Files
2010-01-30 19:27:28 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-01-30 19:27:28 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-01-30 19:27:28 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-01-30 19:27:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-01-30 19:27:25 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-01-30 19:27:25 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-01-30 19:27:25 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-01-30 19:27:25 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-01-30 19:27:25 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-01-30 19:27:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-01-30 19:27:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-01-30 19:27:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-01-30 19:27:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-01-30 19:27:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-01-30 19:27:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-01-30 19:27:24 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-01-30 19:27:22 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-01-30 19:27:20 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-01-30 19:27:20 ----A---- C:\WINDOWS\system32\irclass.dll
2010-01-30 19:27:20 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-01-30 19:27:20 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-01-30 19:27:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-01-30 19:27:20 ----A---- C:\WINDOWS\system32\batt.dll
2010-01-30 19:27:18 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-01-30 19:27:18 ----A---- C:\WINDOWS\notepad.exe
2010-01-30 19:27:17 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-01-30 19:27:17 ----A---- C:\WINDOWS\system32\storprop.dll
2010-01-30 19:27:10 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-01-30 19:27:08 ----RA---- C:\WINDOWS\SET7.tmp
2010-01-30 19:27:05 ----RA---- C:\WINDOWS\SET3.tmp
2010-01-30 19:27:00 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-30 19:27:00 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-30 19:26:54 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-01-30 19:26:42 ----A---- C:\WINDOWS\setuplog.txt
2010-01-30 19:26:38 ----D---- C:\Documents and Settings
2010-01-30 19:25:51 ----RASH---- C:\boot.ini
2010-01-30 19:22:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-30 19:22:01 ----RSD---- C:\WINDOWS\Fonts
2010-01-30 19:22:01 ----RD---- C:\WINDOWS\Web
2010-01-30 19:22:01 ----HD---- C:\WINDOWS\inf
2010-01-30 19:22:01 ----D---- C:\WINDOWS\WinSxS
2010-01-30 19:22:01 ----D---- C:\WINDOWS\twain_32
2010-01-30 19:22:01 ----D---- C:\WINDOWS\Temp
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\wins
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\wbem
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\usmt
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\spool
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\ShellExt
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\Setup
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\ras
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\oobe
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\npp
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\mui
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\inetsrv
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\IME
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\icsxml
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\ias
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\export
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\drivers
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\dhcp
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\config
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\3com_dmi
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\3076
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\2052
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\1054
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\1042
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\1041
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\1037
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\1033
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\1031
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\1028
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32\1025
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system32
2010-01-30 19:22:01 ----D---- C:\WINDOWS\system
2010-01-30 19:22:01 ----D---- C:\WINDOWS\security
2010-01-30 19:22:01 ----D---- C:\WINDOWS\Resources
2010-01-30 19:22:01 ----D---- C:\WINDOWS\repair
2010-01-30 19:22:01 ----D---- C:\WINDOWS\mui
2010-01-30 19:22:01 ----D---- C:\WINDOWS\msapps
2010-01-30 19:22:01 ----D---- C:\WINDOWS\msagent
2010-01-30 19:22:01 ----D---- C:\WINDOWS\Media
2010-01-30 19:22:01 ----D---- C:\WINDOWS\java
2010-01-30 19:22:01 ----D---- C:\WINDOWS\ime
2010-01-30 19:22:01 ----D---- C:\WINDOWS\Help
2010-01-30 19:22:01 ----D---- C:\WINDOWS\Driver Cache
2010-01-30 19:22:01 ----D---- C:\WINDOWS\Debug
2010-01-30 19:22:01 ----D---- C:\WINDOWS\Cursors
2010-01-30 19:22:01 ----D---- C:\WINDOWS\Connection Wizard
2010-01-30 19:22:01 ----D---- C:\WINDOWS\Config
2010-01-30 19:22:01 ----D---- C:\WINDOWS\AppPatch
2010-01-30 19:22:01 ----D---- C:\WINDOWS\addins
2010-01-30 19:22:01 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2010-02-06 22:56:41 ----A---- C:\WINDOWS\win.ini
2010-02-06 22:52:13 ----RASH---- C:\NTDETECT.COM
2010-01-30 19:27:30 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\System32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\System32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2010-01-06 4442]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-20 178688]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\System32\DRIVERS\b57xp32.sys [2007-05-02 161792]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 NETw4x32;Intel® Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2007-11-26 2236544]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-10-06 225696]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys []
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys []
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys []
S3 NETw5x32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2010-01-06 132456]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-07 153376]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\LENOVO\HOTKEY\CAMMUTE.exe [2009-11-09 54632]
R2 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-06 53248]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-11-17 44984]
S2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-01-18 63928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-06 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.exe [2009-10-09 39976]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------





info.txt logfile of random's system information tool 1.06 2010-02-11 17:38:48

======Uninstall list======

-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}
CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
Digital Line Detect-->C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Java™ 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Lenovo Hard Drive Quick Test-->C:\Program Files\Lenovo Hard Drive Quick Test\uninst.exe
Lenovo System Interface Driver-->RunDll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NTx86 130 C:\Program Files\Lenovo\SMIIF\lnvsmi.inf
LimeWire 5.4.6-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Halo Trial-->"C:\Program Files\Microsoft Games\Halo Trial\UNINSTAL.EXE" /runtemp /addremove
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
On Screen Display-->rundll32.exe "C:\Program Files\Lenovo\HOTKEY\cleanup.dll",InfUninstall DefaultUninstall.XP 132 C:\Program Files\Lenovo\HOTKEY\tphk_tp.inf
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
SpywareBlaster 4.2-->"C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2-->"C:\Program Files\SpywareGuard\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
System Requirements Lab for Intel-->MsiExec.exe /I{84DDA651-FA15-4DF2-8AE8-E98FA329B1CD}
ThinkPad FullScreen Magnifier-->rundll32.exe "C:\Program Files\Lenovo\ZOOM\cleanup.dll",InfUninstall DefaultUninstall 132 C:\Program Files\Lenovo\Zoom\TpScrex.inf
ThinkPad Power Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}\SETUP.EXE" -l0x9 -AddRemove
ThinkPad UltraNav Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ThinkPad UltraNav Utility-->"C:\Program Files\InstallShield Installation Information\{17CBC505-D1AE-459D-B445-3D2000A85842}\setup.exe" -runfromtemp -l0x0009 /zUNINSTALL -removeonly
ThinkVantage Active Protection System-->MsiExec.exe /X{46A84694-59EC-48F0-964C-7E76E9F8A2ED}
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe

======Hosts File======

127.0.0.1 localhost

======System event log======

Computer Name: LENOVO
Event Code: 4
Message: Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

Record Number: 134
Source Name: b57w2k
Time Written: 20100206204134.000000-480
Event Type: warning
User:

Computer Name: LENOVO
Event Code: 1073
Message: The attempt to reboot LENOVO failed

Record Number: 61
Source Name: USER32
Time Written: 20100206193831.000000-480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: LENOVO
Event Code: 20169
Message: Unable to contact a DHCP server. The Automatic Private IP Address 169.254.31.66 will be
assigned to dial-in clients. Clients may be unable to access resources on
the network.

Record Number: 33
Source Name: RemoteAccess
Time Written: 20100206182635.000000-480
Event Type: warning
User:

Computer Name: LENOVO
Event Code: 20106
Message: Unable to add the interface {0532C668-39A3-4E74-8E4B-E84C20EB0B8C} with the Router Manager for the IP protocol. The
following error occurred: Cannot complete this function.


Record Number: 32
Source Name: RemoteAccess
Time Written: 20100206182635.000000-480
Event Type: error
User:

Computer Name: LENOVO
Event Code: 60055
Message: Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information.
Record Number: 4
Source Name: Setup
Time Written: 20100206174506.000000-480
Event Type: error
User:

=====Application event log=====

Computer Name: LENOVO
Event Code: 40
Message: WMI ADAP was unable to create the object Win32_PerfRawData_ASPNET_ASPNETApplications for Performance Library ASP.NET because error 0x80041001 was returned

Record Number: 215
Source Name: WinMgmt
Time Written: 20100207103739.000000-480
Event Type: warning
User:

Computer Name: LENOVO
Event Code: 35
Message: WMI ADAP was unable to load the ASP.NET performance library because it returned invalid data: 0x0

Record Number: 214
Source Name: WinMgmt
Time Written: 20100207103739.000000-480
Event Type: warning
User:

Computer Name: LENOVO
Event Code: 0
Message: HTTP namespace reservations are not installed.

Record Number: 194
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20100207103607.000000-480
Event Type: warning
User:

Computer Name: LENOVO
Event Code: 0
Message: HttpModules node ServiceModel does not exist in System.Web section group.

Record Number: 192
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20100207103603.000000-480
Event Type: warning
User:

Computer Name: LENOVO
Event Code: 0
Message: HttpHandlers node *.svc does not exist in System.Web section group.

Record Number: 191
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20100207103603.000000-480
Event Type: warning
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------




dds & attachment:

(Attached file also)


DDS (Ver_09-12-01.01) - NTFSx86
Run by ibm at 16:20:58.70 on Thu 02/11/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1014.520 [GMT -8:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LENOVO\HOTKEY\CAMMUTE.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ibm\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.com/
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] "c:\drivers\win\audio\sm_panel\sys\SMAX4.EXE" /tray
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [<NO NAME>]
mRun: [TpShocks] TpShocks.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\docume~1\ibm\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\docume~1\ibm\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265519687968
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://systemrequirementslab.com.s3.amazonaws.com/iduu/bin/srldetect_intel.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll

============= SERVICES / DRIVERS ===============

R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2010-2-7 24304]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-10-9 20520]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2010-2-6 13480]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-1-5 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-1-5 74480]
R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2010-2-7 132456]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\lenovo\hotkey\cammute.exe [2010-2-6 54632]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-2-7 53248]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-1-5 7408]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-9 135664]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2010-2-6 44984]
S2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2010-2-6 63928]

=============== Created Last 30 ================

2010-02-12 00:19:33 0 ----a-w- c:\documents and settings\ibm\defogger_reenable
2010-02-11 23:35:17 0 d-----w- C:\fixwareout
2010-02-11 23:25:07 0 d-----w- c:\docume~1\ibm\applic~1\AVG8
2010-02-11 23:18:25 0 d-----w- c:\program files\Trend Micro
2010-02-11 23:04:40 0 d-----w- c:\program files\CleanUp!
2010-02-11 22:54:05 0 d-----w- C:\ie-spyad_zo
2010-02-11 22:43:43 0 d-----w- c:\program files\SpywareGuard
2010-02-11 22:38:57 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2010-02-11 22:38:57 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-02-11 22:38:56 0 d-----w- c:\program files\SpywareBlaster
2010-02-11 20:04:33 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-02-11 20:04:21 0 d-----w- c:\program files\SUPERAntiSpyware
2010-02-11 20:04:21 0 d-----w- c:\docume~1\ibm\applic~1\SUPERAntiSpyware.com
2010-02-11 20:04:05 0 d-----w- c:\program files\common files\Wise Installation Wizard
2010-02-08 05:07:04 0 d-----w- c:\program files\MSXML 4.0
2010-02-08 05:06:42 0 d-----w- c:\program files\Microsoft Games
2010-02-08 03:01:33 0 d-----w- c:\docume~1\ibm\applic~1\Malwarebytes
2010-02-08 03:01:29 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-08 03:01:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-08 03:01:27 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-08 03:01:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-02-07 22:57:24 0 d-----w- c:\windows\system32\PreInstall
2010-02-07 22:52:52 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2010-02-07 22:52:52 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2010-02-07 22:52:51 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2010-02-07 22:52:51 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2010-02-07 22:52:51 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-02-07 22:36:16 0 d-----w- c:\program files\Lenovo Hard Drive Quick Test
2010-02-07 22:04:55 172032 ----a-w- c:\windows\system32\igfxres.dll
2010-02-07 22:03:19 0 d-----w- c:\docume~1\ibm\applic~1\Intel
2010-02-07 22:01:16 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe
2010-02-07 21:50:30 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-07 21:50:24 0 d-----w- c:\program files\SystemRequirementsLab
2010-02-07 21:03:26 0 d-----w- c:\program files\PC Drivers HeadQuarters
2010-02-07 21:03:26 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2010-02-07 20:01:12 14474 ------w- c:\windows\TKP0588Z.CAT
2010-02-07 19:59:29 0 d-----w- c:\program files\Digital Line Detect
2010-02-07 19:58:55 0 d-----w- c:\program files\NetWaiting
2010-02-07 19:58:16 0 d-----w- c:\program files\CONEXANT
2010-02-07 19:03:20 5600 ----a-w- c:\windows\system\winaspi.dll
2010-02-07 19:03:20 4672 ----a-w- c:\windows\system\wowpost.exe
2010-02-07 19:03:20 45056 ----a-w- c:\windows\system32\wnaspi32.dll
2010-02-07 19:03:20 25244 ----a-w- c:\windows\system32\drivers\aspi32.sys
2010-02-07 18:56:04 196608 ------w- c:\windows\PWMBTHLP.EXE
2010-02-07 18:56:03 4442 ------w- c:\windows\system32\drivers\TPPWRIF.SYS
2010-02-07 18:56:03 251240 ------w- c:\windows\system32\PWMCPl.cpl
2010-02-07 18:56:03 24304 ------w- c:\windows\system32\drivers\DOZEHDD.SYS
2010-02-07 18:56:03 0 d-----w- c:\program files\ThinkPad
2010-02-07 18:35:52 0 d-----w- c:\windows\system32\XPSViewer
2010-02-07 18:35:22 14048 ------w- c:\windows\system32\spmsg2.dll
2010-02-07 18:33:24 0 d-----w- c:\program files\MSXML 6.0
2010-02-07 18:09:42 225696 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-02-07 18:09:42 200704 ----a-w- c:\windows\system32\SynCtrl.dll
2010-02-07 18:09:42 163840 ----a-w- c:\windows\system32\SynCOM.dll
2010-02-07 18:09:42 147456 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-02-07 18:09:42 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2010-02-07 18:09:41 0 d-----w- c:\program files\Synaptics
2010-02-07 17:54:34 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 17:54:34 0 d-----w- c:\docume~1\ibm\applic~1\LimeWire
2010-02-07 17:54:04 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-02-07 17:54:04 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-07 17:49:28 0 d-----w- c:\program files\LimeWire
2010-02-07 17:23:21 0 d-----w- c:\program files\Analog Devices
2010-02-07 17:21:40 44 ----a-w- c:\windows\SMWIZARD.INI
2010-02-07 17:19:10 720088 ----a-w- c:\windows\qfe4.tmp
2010-02-07 07:21:48 0 d-sh--w- c:\documents and settings\ibm\IECompatCache
2010-02-07 07:20:49 0 d-sh--w- c:\documents and settings\ibm\PrivacIE
2010-02-07 07:20:34 0 d-sh--w- c:\documents and settings\ibm\IETldCache
2010-02-07 07:18:21 0 dc-h--w- c:\windows\ie8
2010-02-07 07:17:29 0 d--h--w- c:\windows\msdownld.tmp
2010-02-07 07:09:26 0 d--h--w- c:\windows\$hf_mig$
2010-02-07 07:09:24 294912 -c----w- c:\windows\system32\dllcache\msctf.dll
2010-02-07 07:01:15 0 d-----w- c:\windows\system32\wbem\AutoRecover
2010-02-07 06:55:59 896512 ------w- c:\windows\system32\wmspdmoe.dll
2010-02-07 06:54:35 0 d-----w- c:\windows\ServicePackFiles
2010-02-07 06:52:26 2897920 ------w- c:\windows\system32\xpsp2res.dll
2010-02-07 06:51:14 19528 ----a-w- c:\windows\002122_.tmp
2010-02-07 06:51:13 0 d-----w- c:\windows\system32\ReinstallBackups
2010-02-07 06:51:04 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-07 06:49:09 0 d-----w- c:\windows\EHome
2010-02-07 05:24:00 749568 ----a-w- c:\windows\system32\NETw4c32.dll
2010-02-07 05:24:00 2777088 ----a-w- c:\windows\system32\NETw4r32.dll
2010-02-07 05:24:00 2236544 ----a-w- c:\windows\system32\drivers\NETw4x32.sys
2010-02-07 05:14:40 0 d-sh--w- c:\documents and settings\ibm\UserData
2010-02-07 04:54:51 13480 ----a-w- c:\windows\system32\drivers\smiif32.sys
2010-02-07 04:54:50 17844 ----a-w- c:\windows\system32\drivers\TPHKDRV.sys
2010-02-07 04:48:55 0 d-----w- c:\program files\Lenovo
2010-02-07 04:41:20 161792 -c--a-w- c:\windows\system32\dllcache\b57xp32.sys
2010-02-07 04:41:20 161792 ----a-w- c:\windows\system32\drivers\b57xp32.sys
2010-02-07 04:41:19 0 d-----w- c:\program files\Broadcom
2010-02-07 03:39:14 0 d-s---w- c:\windows\system32\Microsoft
2010-02-07 03:35:34 0 d--h--r- c:\docume~1\alluse~1\applic~1\Atheros
2010-02-07 03:34:47 0 d-----w- C:\DRIVERS
2010-02-07 01:42:30 0 d-sh--w- c:\documents and settings\all users\DRM
2010-02-07 01:40:45 0 d-----w- c:\program files\common files\MSSoap
2010-02-07 01:39:49 0 d--h--w- c:\program files\WindowsUpdate
2010-02-07 01:39:49 0 d-----w- c:\program files\Online Services
2010-02-07 01:39:44 0 d-----w- c:\program files\Messenger
2010-02-07 01:39:32 0 d-----w- c:\program files\MSN Gaming Zone
2010-02-07 01:39:20 0 d-----w- c:\program files\Windows NT
2010-01-31 03:27:34 0 d-----w- c:\program files\common files\ODBC
2010-01-31 03:27:31 0 d-----w- c:\program files\common files\SpeechEngines
2010-01-31 03:27:10 0 d-----r- c:\documents and settings\all users\Documents

==================== Find3M ====================

2010-02-07 01:40:32 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-11 20:19:02 337256 ----a-w- c:\windows\system32\TpShocks.exe
2009-12-11 20:19:00 279912 ----a-w- c:\windows\system32\TpShEvUI.exe
2009-12-11 20:18:58 492904 ----a-w- c:\windows\system32\TpShCPL.dll

============= FINISH: 16:21:25.42 ===============


HOPE ALL THIS HELPS

Attached Files


Edited by Rrobby137, 11 February 2010 - 09:03 PM.


BC AdBot (Login to Remove)

 


#2 DocSatan

DocSatan

    Bleepin' Wanna-Be


  • Members
  • 2,156 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Ma.
  • Local time:02:37 AM

Posted 17 February 2010 - 02:05 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


#3 DocSatan

DocSatan

    Bleepin' Wanna-Be


  • Members
  • 2,156 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Ma.
  • Local time:02:37 AM

Posted 23 February 2010 - 09:31 AM

Due to inactivity, this Topic is now Closed.

If you are the Original Poster of this topic and would like it re-opened, please contact a Staff Member or Send Me A PM.

All others please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users