Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unknown Malware leads to broken links

Started by Steve Friel , May 09 2009 02:50 PM

  • Please log in to reply

#1
Steve Friel
Posted 09 May 2009 - 02:50 PM

Steve Friel

    New Member

  • Member
  • Pip
  • 1 posts
Malware is stopping me accessing certain websites. Originally when I tried to do a google search or log on to Facebook I got redirected to a website that told me my computer was infected and invited me to buy some removal software (unfortunately I can't remember the name of the site or software). I tried AVG and Spybot to clear it but neither could find an infection. Now instead of redirecting to that site I get a window open up that tells me Oops There Is A Broken Link and I cannot access the site in question. LIVESEARCH works and I have been using that instead of Google.
I have tried Malwarebytes and also something called Regcure but again with no success. You are my last hope.
I think I have carried out your site instructions correctly. Below are the logfiles I have created.

Malwarebytes' Anti-Malware 1.36
Database version: 2101
Windows 5.1.2600 Service Pack 3

09/05/2009 21:14:44
mbam-log-2009-05-09 (21-14-44).txt

Scan type: Full Scan (C:\|)
Objects scanned: 190353
Time elapsed: 43 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Microsoft Windows XP Professional (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:38146 Mo/Free:1688 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

09/05/2009|21:20

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\System32\ibmpmsvc.exe
---------- C:\WINDOWS\System32\Ati2evxx.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\S24EvMon.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\System32\RegSrvc.exe
---------- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
---------- C:\WINDOWS\System32\TPHDEXLG.EXE
---------- C:\WINDOWS\system32\TpKmpSVC.exe
---------- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\acs.exe
---------- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\system32\wscntfy.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
---------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
---------- C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
---------- C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
---------- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
---------- C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
---------- C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
---------- C:\Program Files\Support.com\bin\tgcmd.exe
---------- C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
---------- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
---------- C:\WINDOWS\system32\RunDll32.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
---------- C:\WINDOWS\AGRSMMSG.exe
---------- C:\WINDOWS\System32\TpScrLk.exe
---------- C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
---------- C:\WINDOWS\system32\TpShocks.exe
---------- C:\WINDOWS\system32\ICO.EXE
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
---------- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
---------- C:\Program Files\Digital Line Detect\DLG.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - 09/05/2009|21:20

----------------------\\ Scan completed at 21:20

OTListIt logfile created on: 09/05/2009 21:35:23 - Run 2
OTListIt2 by OldTimer - Version 2.0.15.5 Folder = C:\Documents and Settings\IBM USER\Local Settings\Temporary Internet Files\Content.IE5\K1VCCN46
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.92 Mb Total Physical Memory | 377.67 Mb Available Physical Memory | 36.92% Memory free
2.41 Gb Paging File | 1.92 Gb Available in Paging File | 79.93% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 21.65 Gb Free Space | 58.11% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: IBM-C25AFBDEC71
Current User Name: IBM USER
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\System32\ibmpmsvc.exe ()
PRC - C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\System32\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe ()
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\System32\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\System32\TPHDEXLG.EXE (Lenovo.)
PRC - C:\WINDOWS\system32\TpKmpSVC.exe ()
PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
PRC - C:\WINDOWS\system32\acs.exe ()
PRC - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe ()
PRC - C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe ()
PRC - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Limited)
PRC - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe ()
PRC - C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe (Lenovo Group Limited)
PRC - C:\Program Files\Support.com\bin\tgcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
PRC - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
PRC - C:\WINDOWS\System32\TpScrLk.exe ()
PRC - C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe (Intel® Corporation)
PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo, Ltd. and IBM Corporation.)
PRC - C:\WINDOWS\system32\ICO.EXE (Primax Electronics Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Documents and Settings\IBM USER\Local Settings\Temporary Internet Files\Content.IE5\K1VCCN46\OTListIt2[1].exe (OldTimer Tools)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (AcPrfMgrSvc [Auto | Running]) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe ()
SRV - (ACS [On_Demand | Running]) -- C:\WINDOWS\system32\acs.exe ()
SRV - (AcSvc [Auto | Running]) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IBMPMSVC [Auto | Running]) -- C:\WINDOWS\System32\ibmpmsvc.exe ()
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Irmon [Auto | Running]) -- C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (RegSrvc [Auto | Running]) -- C:\WINDOWS\System32\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\WINDOWS\System32\S24EvMon.exe (Intel Corporation )
SRV - (SoundMAX Agent Service (default) [Auto | Running]) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
SRV - (TPHDEXLGSVC [Auto | Running]) -- C:\WINDOWS\System32\TPHDEXLG.EXE (Lenovo.)
SRV - (TpKmpSVC [Auto | Running]) -- C:\WINDOWS\system32\TpKmpSVC.exe ()
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (ac97intc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (AgereSoftModem [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (ANC [System | Running]) -- C:\WINDOWS\System32\drivers\ANC.SYS (IBM Corp.)
DRV - (AR5211 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ar5211.sys (Atheros Communications, Inc.)
DRV - (asc [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (CmdIde [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (E1000 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e1000325.sys (Intel Corporation)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (EGATHDRV [Auto | Running]) -- C:\WINDOWS\System32\EGATHDRV.SYS (IBM Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (gv3 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\gv3.sys (Microsoft Corporation)
DRV - (HSFHWICH [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (IBMPMDRV [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ibmpmdrv.sys (Lenovo.)
DRV - (IBMTPCHK [System | Running]) -- C:\WINDOWS\System32\Drivers\IBMBLDID.sys ()
DRV - (ltmodem5 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys (LT)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mraid35x [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (NAL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\iqvw32.sys (Intel Corporation )
DRV - (NSCIRDA [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nscirda.sys (National Semiconductor Corporation)
DRV - (PcdrNt [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\PcdrNt.sys (PC-Doctor Inc.)
DRV - (PMEM [Auto | Running]) -- C:\WINDOWS\system32\drivers\PMEMNT.SYS (Microsoft Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ql1080 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (S3SSavage [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3ssavm.sys (S3 Graphics, Inc.)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (ShockMgr [System | Running]) -- C:\WINDOWS\System32\drivers\ShockMgr.sys (Lenovo.)
DRV - (Shockprf [Boot | Running]) -- C:\WINDOWS\System32\drivers\shockprf.sys (Lenovo)
DRV - (sisagp [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Smapint [System | Running]) -- C:\WINDOWS\System32\drivers\Smapint.sys (Microsoft Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (symc810 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (TDSMAPI [System | Running]) -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS ()
DRV - (TPHKDRV [System | Running]) -- C:\WINDOWS\System32\drivers\TPHKDRV.sys (IBM Corporation)
DRV - (TPPWR [System | Running]) -- C:\WINDOWS\System32\drivers\Tppwr.sys (IBM Corp.)
DRV - (TSMAPIP [System | Running]) -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS ()
DRV - (TwoTrack [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\TwoTrack.sys (IBM Corporation)
DRV - (ultra [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (w70n51 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\w70n51.sys (Intel® Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nickjr.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: (292728 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 61.157.217.210 www.yahoo.com
O1 - Hosts: 61.157.217.210 www.google.com
O1 - Hosts: 61.157.217.210 www.google.co.uk
O1 - Hosts: 61.157.217.210 www.myspace.com
O1 - Hosts: 61.157.217.210 www.youtube.com
O1 - Hosts: 61.157.217.210 www.facebook.com
O1 - Hosts: 61.157.217.210 www.antispy.com
O1 - Hosts: 61.157.217.210 www.yahoo.com
O1 - Hosts: 61.157.217.210 www.yahoo.co.uk
O1 - Hosts: 61.157.217.210 www.antispyware.com
O1 - Hosts: 61.157.217.210 antispyware.com
O1 - Hosts: 61.157.217.210 antispy.com
O1 - Hosts: 61.157.217.210 www.msn.com
O1 - Hosts: 123.251.143.110 www.asdfasdfd.com
O1 - Hosts: 123.251.143.110 www.gg.com
O1 - Hosts: 123.251.143.110 www.ghfhj.com
O1 - Hosts: 123.251.143.110 www.cvnbcvnb.com
O1 - Hosts: 123.251.143.110 www.1.com
O1 - Hosts: 123.251.143.110 www.3.com
O1 - Hosts: 123.251.143.110 www.asdf4asdfd.com
O1 - Hosts: 123.251.143.110 www.asdfawsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfatsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfd.com
O1 - Hosts: 123.251.143.110 www.asdfadsdfd.com
O1 - Hosts: 123.251.143.110 www.asdfasdfd.com
O1 - Hosts: 10087 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
O4 - HKLM..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor (IBM Corp.)
O4 - HKLM..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE ()
O4 - HKLM..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor ()
O4 - HKLM..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe (Lenovo Group Limited)
O4 - HKLM..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe (Intel® Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [S3TRAY2] S3Tray2.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server (SupportSoft, Inc.)
O4 - HKLM..\Run: [TP4EX] tp4ex.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe ()
O4 - HKLM..\Run: [TPKBDLED] C:\WINDOWS\System32\TpScrLk.exe ()
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper (Lenovo)
O4 - HKLM..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe ()
O4 - HKLM..\Run: [TpShocks] TpShocks.exe (Lenovo, Ltd. and IBM Corporation.)
O4 - HKCU..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan (ParetoLogic)
O4 - HKCU..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\ThinkPad\PkgMgr\PkgMgr.exe (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1160964812199 (WUWebControl Class)
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} http://www-307.ibm.c...rt/IbmEgath.cab (IBM Access Support)
O16 - DPF: {775879E2-7309-4619-BB02-AADE41F4B690} http://skyonline.obe...web.1.0.0.9.cab (CPlayFirstdreamControl Object)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Groove Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://skyonline.obe...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\tpfnf2: DllName - notifyf2.dll - C:\WINDOWS\system32\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - tphklock.dll - C:\WINDOWS\system32\tphklock.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/16 00:49:39 | 00,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{06ae4071-5ca1-11db-82b7-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{06ae4071-5ca1-11db-82b7-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{77424dd0-2516-11dc-a7d1-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{77424dd0-2516-11dc-a7d1-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/05/09 21:20:19 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/09 19:08:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/05/09 19:04:30 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/05/09 19:00:47 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/05/09 18:55:27 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ALLUSE~1\Documents\Downloads
[2009/05/09 18:46:53 | 00,000,448 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/05/09 18:46:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\IBM USER\Application Data\DriverCure
[2009/05/09 18:46:51 | 00,000,386 | ---- | C] () -- C:\WINDOWS\tasks\DriverCure.job
[2009/05/09 18:46:49 | 00,000,422 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2009/05/09 18:46:47 | 00,000,875 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\ParetoLogic DriverCure.lnk
[2009/05/09 18:46:47 | 00,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2009/05/09 18:46:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2009/05/09 18:46:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/05/09 18:46:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/05/09 18:30:06 | 01,826,438 | ---- | C] () -- C:\WINDOWS\System32\ms98.cab
[2009/05/09 18:30:06 | 00,046,798 | ---- | C] () -- C:\WINDOWS\System32\pmouse.inf
[2009/05/09 18:30:06 | 00,042,753 | ---- | C] () -- C:\WINDOWS\System32\phidmou.inf
[2009/05/09 18:30:06 | 00,014,055 | ---- | C] () -- C:\WINDOWS\System32\ms99.cat
[2009/05/09 18:30:06 | 00,005,887 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2009/05/09 18:30:06 | 00,000,302 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2009/05/09 18:30:04 | 00,462,275 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELBDO1.DLL
[2009/05/09 18:30:04 | 00,439,003 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMBDO.DLL
[2009/05/09 18:30:04 | 00,075,776 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMMILG.DLL
[2009/05/09 18:30:04 | 00,065,536 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMLenovo1.DLL
[2009/05/09 18:30:04 | 00,065,536 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMLenovo.DLL
[2009/05/09 18:30:04 | 00,061,952 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMRESHP.DLL
[2009/05/09 18:30:04 | 00,049,152 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\ICONSPY.EXE
[2009/05/09 18:30:04 | 00,049,152 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\ico.exe
[2009/05/09 18:30:04 | 00,045,056 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELRESS.DLL
[2009/05/09 18:30:04 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\HKMouse.dll
[2009/05/09 18:30:04 | 00,024,576 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELSETUP.DLL
[2009/05/09 18:30:04 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\FSRremoC.DLL
[2009/05/09 18:30:04 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\FSRremoS.EXE
[2009/05/09 18:30:04 | 00,019,456 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMMO32R1.DLL
[2009/05/09 18:30:04 | 00,019,456 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMMO32R.DLL
[2009/05/09 18:30:04 | 00,009,216 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\drivers\PELUSBLF.SYS
[2009/05/09 18:30:03 | 00,480,656 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELBDO.DLL
[2009/05/09 18:30:03 | 00,282,624 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELWHEEL.DLL
[2009/05/09 18:30:03 | 00,217,088 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELUTIL.DLL
[2009/05/09 18:30:03 | 00,217,088 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELPPM.DLL
[2009/05/09 18:30:03 | 00,208,896 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMUNINST.EXE
[2009/05/09 18:30:03 | 00,122,880 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELMICED.EXE
[2009/05/09 18:30:03 | 00,090,112 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELZOOM.DLL
[2009/05/09 18:30:03 | 00,081,920 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELSCRLL.DLL
[2009/05/09 18:30:03 | 00,073,728 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELHOOKS.DLL
[2009/05/09 18:30:03 | 00,049,152 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELCOMM.DLL
[2009/05/09 18:30:03 | 00,036,864 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMUNINNT.EXE
[2009/05/09 18:30:03 | 00,018,048 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\drivers\PELPS2M.SYS
[2009/05/09 18:30:03 | 00,016,384 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\drivers\PELMOUSE.SYS
[2009/05/09 17:51:43 | 00,000,000 | ---D | C] -- C:\SWTOOLS
[2009/05/09 17:31:31 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/05/09 17:19:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/05/09 11:31:15 | 00,000,444 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/05/09 11:31:13 | 00,000,378 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job
[2009/05/09 11:31:09 | 00,000,441 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\RegCure.lnk
[2009/05/09 11:31:09 | 00,000,000 | ---D | C] -- C:\Program Files\RegCure
[2009/05/02 11:32:38 | 00,000,000 | ---D | C] -- C:\DOCUME~1\IBMUSE~1\My Documents\callum's
[2009/04/27 19:28:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\IBM USER\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2009/04/27 19:28:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/04/27 19:28:38 | 00,000,751 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\BBC iPlayer Desktop.lnk
[2009/04/27 19:28:38 | 00,000,000 | ---D | C] -- C:\Program Files\BBC iPlayer Desktop
[2009/04/27 19:28:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/04/15 10:59:55 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/15 10:59:55 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/15 10:59:55 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/15 10:59:55 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/15 10:59:55 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/15 10:59:55 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/15 10:59:49 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/15 10:59:49 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/15 10:59:49 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/15 08:05:19 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/15 08:05:19 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/15 08:05:19 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/03/13 19:58:35 | 00,000,037 | ---- | C] () -- C:\WINDOWS\Qtw.ini
[2008/12/27 17:27:29 | 00,000,240 | ---- | C] () -- C:\WINDOWS\compedia.ini
[2008/12/04 04:23:47 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2008/05/26 21:33:08 | 03,607,040 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/05/26 21:33:08 | 00,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2008/05/26 21:33:08 | 00,692,224 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/05/26 21:33:08 | 00,455,680 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/05/26 21:33:08 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2008/05/26 21:33:08 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2008/05/26 21:33:08 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2008/05/26 21:33:08 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/05/26 21:33:08 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2008/05/26 21:33:08 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2008/05/26 21:33:08 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008/05/26 21:33:08 | 00,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2008/05/26 21:33:08 | 00,041,984 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2008/05/26 21:33:08 | 00,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2008/05/26 21:33:08 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/05/26 21:33:08 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/05/26 21:33:08 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/03/29 16:42:22 | 00,245,248 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2008/03/29 16:42:20 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/03/29 16:42:14 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2008/03/29 16:42:08 | 00,148,992 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2008/03/29 16:42:04 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2008/03/29 16:42:04 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2008/03/29 16:42:02 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2008/03/29 16:42:00 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2008/03/29 16:41:54 | 00,097,280 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2008/03/29 16:41:52 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2008/03/29 16:41:52 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2007/10/13 10:30:20 | 00,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2006/10/16 03:24:47 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/10/15 23:57:48 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/15 23:51:52 | 00,000,222 | ---- | C] () -- C:\WINDOWS\Welcome.ini
[2006/10/15 23:46:41 | 00,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2006/10/15 23:46:18 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2006/10/15 23:46:01 | 00,006,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2006/10/15 23:45:33 | 00,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2006/10/15 23:36:38 | 00,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/06/17 00:09:52 | 00,045,124 | ---- | C] () -- C:\WINDOWS\System32\LsaWrApi.dll
[2006/06/16 23:57:32 | 00,528,453 | ---- | C] () -- C:\WINDOWS\System32\C1XStngs.dll
[2006/06/16 23:56:10 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\D8021Xps.dll
[2006/06/12 20:27:00 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2005/12/01 04:16:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2005/07/06 07:45:08 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2005/01/13 11:00:14 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/01/13 11:00:10 | 00,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2002/11/15 09:14:28 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\AIBMRUNL.dll
[2002/09/27 01:26:59 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[1980/01/01 08:00:00 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[1980/01/01 08:00:00 | 00,000,581 | ---- | C] () -- C:\WINDOWS\win.ini
[1980/01/01 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[2 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/05/09 19:11:24 | 00,000,444 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/05/09 19:11:17 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/09 19:11:16 | 00,000,079 | -HS- | M] () -- C:\DOCUME~1\IBMUSE~1\My Documents\desktop.ini
[2009/05/09 19:11:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/09 19:11:03 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\IBM USER\Local Settings\desktop.ini
[2009/05/09 19:11:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/09 19:10:59 | 10,726,80960 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/09 19:07:13 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/09 18:46:54 | 00,000,448 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/05/09 18:46:51 | 00,000,386 | ---- | M] () -- C:\WINDOWS\tasks\DriverCure.job
[2009/05/09 18:46:50 | 00,000,422 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2009/05/09 18:46:47 | 00,000,875 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\ParetoLogic DriverCure.lnk
[2009/05/09 16:57:28 | 00,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/05/09 16:56:56 | 00,001,781 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\RollerCoaster Tycoon 3.lnk
[2009/05/09 11:31:16 | 00,000,378 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2009/05/09 11:31:09 | 00,000,441 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\RegCure.lnk
[2009/04/27 19:28:38 | 00,000,751 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\BBC iPlayer Desktop.lnk
[2009/04/25 06:30:39 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/04/17 20:37:02 | 00,401,632 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 20:37:02 | 00,062,746 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/17 20:37:00 | 00,471,150 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/13 12:09:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

========== Alternate Data Streams ==========

@Alternate Data Stream - 764 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:680DD2F1
@Alternate Data Stream - 462 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4220A65C
@Alternate Data Stream - 273 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB44C2A7
@Alternate Data Stream - 264 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4A2F483A
@Alternate Data Stream - 258 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:756C8543
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F7862839
@Alternate Data Stream - 180 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AB6C1D7
@Alternate Data Stream - 177 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:193426B4
@Alternate Data Stream - 166 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8750DCE4
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BB7EE465
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:96F344DB
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5344D76C
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3214A283
< End of report >

OTListIt Extras logfile created on: 09/05/2009 21:35:23 - Run 2
OTListIt2 by OldTimer - Version 2.0.15.5 Folder = C:\Documents and Settings\IBM USER\Local Settings\Temporary Internet Files\Content.IE5\K1VCCN46
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.92 Mb Total Physical Memory | 377.67 Mb Available Physical Memory | 36.92% Memory free
2.41 Gb Paging File | 1.92 Gb Available in Paging File | 79.93% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 21.65 Gb Free Space | 58.11% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: IBM-C25AFBDEC71
Current User Name: IBM USER
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Support.com\Bin\tgcmd.exe:*:Enabled:Support.com Scheduler and Command Dispatcher (SupportSoft, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{16906D21-0656-4F8B-9A01-C3D24B5401FC}" = Intel® PROSet for Wired Connections
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}" = ParetoLogic DriverCure
"{1E34AB5C-B893-4EE9-82F3-F195978D009D}" = IBM Access Support - Local Content Pack
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = IBM ThinkPad Keyboard Customizer Utility
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B7B3B4A-AF8C-4671-A92E-3E7E9ABCB22B}" = IBM Rapid Restore PC Setup
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{40CA4977-7132-11D5-9C48-00105AE19B66}" = The Quest for the Unfinished Movie
"{67D7BC74-E8DF-4811-9B41-6023A8C9BB3F}" = Intel® Sebring API
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6CE96A14-61E2-48CC-837E-22710A953ADE}" = IBM Themes
"{710C0BB2-FE39-484E-BB23-C9B96835A14A}" = Access IBM Message Center
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{72806716-7088-41B2-8FA6-717A2A164DAB}" = ThinkVantage Active Protection System
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = ThinkPad UltraNav Wizard
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11052313}" = Magic Match
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111094837}" = Fairies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111125700}" = Rainbow Web
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111209113}" = Jewel of Atlantis
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11144640}" = Glyph
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111551630}" = Hidden Expedition Titanic
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112548397}" = The Rise of Atlantis
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114627450}" = Around the World in 80 Days
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD
"{9EA84FDD-CCC0-47FD-A993-923165BEA47A}" = System Migration Assistant
"{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g)
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AA080212-A1D2-9FE2-978A-F5E8DAAB61FE}" = BBC iPlayer Desktop
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5599ECB-DA72-43EE-8A30-2C80396FF8BB}" = Access IBM
"{BF6E5723-FA6A-4724-9295-3801005FBA1B}" = The Treasures of Mystery Island
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CF44C7A5-5705-41E4-BE84-A9A42977AB05}" = alm
"{D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5}" = Software Installer
"{DB4C2E4D-F2F8-4B14-A299-6A54B29B45FF}" = Eyewitness History of the World 2.1
"{E5145D2D-793B-4A16-BA42-3F13EEAA7D5E}" = iTunes
"{EA664480-3844-11D5-8C25-444553540000}" = IBM TrackPoint Accessibility Features
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F1F721BF-040C-4096-988A-1DB01EB73B0C}" = TPNala Wallpaper
"{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = ThinkPad Configuration
"3DGroove" = 3D Groove Playback Engine
"Access IBM Tools" = Access IBM Tools
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Catz" = Catz (remove only)
"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014" = ThinkPad Integrated 56K Modem
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Standard) 7.1.0
"Crayon Physics Deluxe_is1" = Crayon Physics Deluxe - release 51
"Dogz" = Dogz (remove only)
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"king.com" = king.com (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MouseSuite98" = Lenovo Mouse Suite
"Power Features" = IBM ThinkPad Battery MaxiMiser and Power Management Features
"Power Management Driver" = ThinkPad Power Management Driver
"Presentation Director" = IBM ThinkPad Presentation Director
"PROSet" = Intel® PRO Network Connections Drivers
"RegCure" = RegCure 1.5.2.7
"SynTPDeinstKey" = IBM ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"TPKBDLED" = Scroll Lock Indicator Utility
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05/05/2009 14:32:56 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 08/05/2009 06:59:08 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 08/05/2009 07:58:23 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 08/05/2009 07:59:13 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 08/05/2009 08:00:19 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2009 06:28:15 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2009 06:51:03 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2009 11:39:49 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2009 11:40:53 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16827, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2009 14:15:48 | Computer Name = IBM-C25AFBDEC71 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 09/05/2009 12:19:34 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\PC Drivers
HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.DirectX.dll. Reference
error message: The operation completed successfully. .

Error - 09/05/2009 12:19:34 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 09/05/2009 12:19:34 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 09/05/2009 12:19:34 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\PC Drivers
HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.DirectX.dll. Reference
error message: The operation completed successfully. .

Error - 09/05/2009 12:19:34 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 09/05/2009 12:19:34 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 09/05/2009 12:19:34 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\PC Drivers
HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.DirectX.dll. Reference
error message: The operation completed successfully. .

Error - 09/05/2009 12:19:36 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 09/05/2009 12:19:36 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 09/05/2009 12:19:36 | Computer Name = IBM-C25AFBDEC71 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\PC Drivers
HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.DirectX.dll. Reference
error message: The operation completed successfully. .


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP