zamanigg

Hi, I keep running malwarebytes and spybot and they find stuff but things keep coming back. Also I get redirected to yahoo when I open up ie. Also is there anything I can do to speed up my startup? Thank you for your help. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.19437 BrowserJavaVersion: 10.21.2 Run by zamanmm at 16:53:31 on 2013-06-17 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3061.1396 [GMT -4:00] . AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\ibmpmsvc.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Windows\system32\SLsvc.exe C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe C:\Windows\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe C:\Windows\system32\AEADISRV.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\atashost.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\QUBEE WCM\GPCommonService.exe C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\lxddcoms.exe C:\Program Files\Norton 360 Premier Edition\Engine\20.3.1.22\ccSvcHst.exe C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe C:\Program Files\Panasonic\TrapMonitor\Trapmnnt.exe C:\Windows\system32\ptumlcmsvc.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\Windows\System32\TPHDEXLG.exe C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe C:\Program Files\Common Files\Lenovo\Logger\logmon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Lenovo\System Update\SUService.exe c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Norton 360 Premier Edition\Engine\20.3.1.22\ccSvcHst.exe C:\Windows\system32\DllHost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Users\zamanmm\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\zamanmm\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelper.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IELowutil.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Bar = Preserve uDefault_Page_URL = hxxp://lenovo.live.com mStart Page = hxxp://search.coupons.com/ uProxyOverride = localhost;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uWinlogon: Shell = explorer.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360 premier edition\engine\20.3.1.22\coieplg.dll BHO: ShopAtHome.com Cash Back Helper: {66516A07-F617-488A-90CF-4E690CFB3C5F} - c:\users\zamanmm\appdata\roaming\shopathome\shopathometoolbar\tbcore3U.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360 premier edition\engine\20.3.1.22\ips\ipsbho.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.2.0.5\AVG Secure Search_toolbar.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: CPwmIEBrowserHelper Object: {F040E541-A427-4CF7-85D8-75E3E0F476C5} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file> TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - c:\users\zamanmm\appdata\roaming\shopathome\shopathometoolbar\tbcore3U.dll TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.2.0.5\AVG Secure Search_toolbar.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360 premier edition\engine\20.3.1.22\coieplg.dll TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - c:\users\zamanmm\appdata\roaming\shopathome\shopathometoolbar\tbcore3U.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_bho.dll uRun: [Google Update] "c:\users\zamanmm\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [shopAtHomeWatcher] c:\users\zamanmm\appdata\roaming\shopathome\shopathomehelper\ShopAtHomeWatcher.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\jobsta~1.lnk - c:\program files\panasonic\panasonic-dms\lrecvtrap\LRecvTrap.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {0045D4BC-5189-4b67-969C-83BB1906C421} - {0FE81B52-73FA-425F-8F06-3F32451AC73F} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{803FC278-F797-4213-9E4F-829AE9D9FD55} : DHCPNameServer = 180.234.0.193 180.234.0.197 TCP: Interfaces\{C9697EE0-222B-4F23-A61D-0A5C7B10426B} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{CFFA5286-0D07-40C6-BABC-811702F106B0} : DHCPNameServer = 180.234.0.193 180.234.0.197 TCP: Interfaces\{D3510E5F-6489-45C4-9374-CA9B3DDA2BC9} : DHCPNameServer = 180.234.0.193 180.234.0.197 TCP: Interfaces\{DB3C85D0-8D16-468C-8E13-33AFE808BDA4} : DHCPNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.2.0\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: GoToAssist Express Customer - c:\program files\citrix\gotoassist express customer\240\g2ax_winlogon.dll Notify: igfxcui - igfxdev.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1403010.016\symds.sys [2013-4-15 367704] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1403010.016\symefa.sys [2013-4-15 934488] R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-3-2 19760] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-10-31 37664] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.2.0.19\definitions\bashdefs\20130531.001\BHDrvx86.sys [2013-5-31 1002072] R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\1403010.016\ccsetx86.sys [2013-4-15 134304] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-4-5 242240] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.2.0.19\definitions\ipsdefs\20130614.001\IDSvix86.sys [2013-6-14 386720] R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2012-7-23 13680] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1403010.016\ironx86.sys [2013-4-15 175264] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\1403010.016\symtdiv.sys [2013-4-15 350368] R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-8-25 43912] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-8 21504] R2 GPCommonService;GPCommonService;c:\program files\qubee wcm\GPCommonService.exe [2012-2-29 90112] R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\lenovo\virtscrl\lvvsst.exe [2012-7-23 127336] R2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?] R2 MTKWMPROT;MediaTek WiMAX Modem Protocol Driver;c:\windows\system32\drivers\mtkwmptv.sys [2012-2-29 15360] R2 N360;Norton 360;c:\program files\norton 360 premier edition\engine\20.3.1.22\ccsvchst.exe [2013-4-15 144520] R2 ptumlcmsvc;PTUML290 Connection Manager Service;c:\windows\system32\ptumlcmsvc.exe [2011-9-14 113168] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-7-3 1153368] R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-5-14 3289208] R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\lenovo\hotkey\tphkload.exe [2012-7-23 131432] R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2012-7-23 142696] R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-1-8 569344] R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\cisco\cisco anyconnect secure mobility client\vpnagent.exe [2012-6-7 478712] R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.2.0\ToolbarUpdater.exe [2013-5-21 1015984] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-1-22 106656] R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2006-9-13 35264] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2012-7-23 101736] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384] S3 acsint;acsint;c:\windows\system32\drivers\acsint.sys [2012-6-28 38440] S3 acsmux;acsmux;c:\windows\system32\drivers\acsmux.sys [2012-6-7 57256] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936] S3 GoToAssist Express Customer;GoToAssist Express Customer;c:\program files\citrix\gotoassist express customer\240\g2ax_service.exe [2010-10-12 161144] S3 MT7118VU;MediaTek MT7118 WiMAX USB Card Driver for VISTA;c:\windows\system32\drivers\mt7118vu.sys [2012-2-29 131072] S3 PTUMLBUS;PTUML USB Composite Device Driver;c:\windows\system32\drivers\PTUMLBUS.sys [2011-9-14 59664] S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;c:\windows\system32\drivers\PTUMLCVsp.sys [2011-9-14 168208] S3 PTUMLMdm;PANTECH UML290;c:\windows\system32\drivers\PTUMLMdm.sys [2011-9-14 168208] S3 PTUMLNVsp;PANTECH UML290 NMEA Port;c:\windows\system32\drivers\PTUMLNVsp.sys [2011-9-14 168848] S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;c:\windows\system32\drivers\PTUMLVsp.sys [2011-9-14 168208] S3 ssmirrdr;ssmirrdr;c:\windows\system32\drivers\ssmirrdr.sys [2011-10-3 10112] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-06-17 20:43:26 688992 ------r- c:\users\zamanmm\dds.scr 2013-06-12 14:39:37 24576 ----a-w- c:\windows\system32\cryptdlg.dll 2013-06-11 12:40:32 352344 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symtdiv.sys 2013-06-11 12:40:31 339544 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symnets.sys 2013-06-11 12:40:31 21400 ----a-r- c:\windows\system32\drivers\n360\1404000.028\symelam.sys 2013-06-11 12:40:30 934488 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symefa.sys 2013-06-11 12:40:30 603224 ----a-w- c:\windows\system32\drivers\n360\1404000.028\srtsp.sys 2013-06-11 12:40:30 367704 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symds.sys 2013-06-11 12:40:30 32344 ----a-w- c:\windows\system32\drivers\n360\1404000.028\srtspx.sys 2013-06-11 12:40:30 175264 ----a-w- c:\windows\system32\drivers\n360\1404000.028\ironx86.sys 2013-06-11 12:40:29 134744 ----a-w- c:\windows\system32\drivers\n360\1404000.028\ccsetx86.sys 2013-06-11 12:39:52 14818 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symvtcer.dat 2013-06-11 12:39:52 -------- d-----w- c:\windows\system32\drivers\n360\1404000.028 2013-06-08 22:17:49 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . ==================== Find3M ==================== . 2013-06-11 18:47:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-11 18:47:35 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-21 14:48:49 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-05-17 03:50:49 916480 ----a-w- c:\windows\system32\wininet.dll 2013-05-17 03:45:15 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-17 03:44:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-17 03:44:39 109056 ----a-w- c:\windows\system32\iesysprep.dll 2013-05-17 03:44:38 71680 ----a-w- c:\windows\system32\iesetup.dll 2013-05-17 02:06:08 385024 ----a-w- c:\windows\system32\html.iec 2013-05-17 00:20:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2013-05-17 00:18:12 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2013-05-08 04:37:21 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-05-02 22:03:36 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-02 22:03:36 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-02 04:04:25 443904 ----a-w- c:\windows\system32\win32spl.dll 2013-05-02 04:03:42 37376 ----a-w- c:\windows\system32\printcom.dll 2013-04-24 04:00:30 985600 ----a-w- c:\windows\system32\crypt32.dll 2013-04-24 04:00:30 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-04-24 04:00:30 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-04-24 04:00:24 41984 ----a-w- c:\windows\system32\certenc.dll 2013-04-24 01:46:29 812544 ----a-w- c:\windows\system32\certutil.exe 2013-04-15 14:20:04 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-04-13 10:56:44 37376 ----a-w- c:\windows\system32\cdd.dll 2013-04-09 01:36:18 2049024 ----a-w- c:\windows\system32\win32k.sys 2013-04-05 23:06:52 861088 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-04-05 23:06:52 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-04-05 22:18:43 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 16:53:48.56 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Business Boot Device: \Device\HarddiskVolume2 Install Date: 7/18/2008 3:45:52 PM System Uptime: 6/17/2013 4:24:02 PM (0 hours ago) . Motherboard: LENOVO | | 76591PU Processor: Intel® Core2 Duo CPU T7300 @ 2.00GHz | None | 2001/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 68 GiB total, 7.165 GiB free. D: is CDROM () E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Tun Miniport Adapter Device ID: ROOT\*TUNMP\0001 Manufacturer: Microsoft Name: Teredo Tunneling Pseudo-Interface PNP Device ID: ROOT\*TUNMP\0001 Service: tunmp . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&00010008_PID&B003\7&F3B558D&0&D03761A07A84_C00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&00010008_PID&B003\7&F3B558D&0&D03761A07A84_C00000000 Service: . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&00010008_PID&B003\7&F3B558D&0&D03761A07A84_C00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&00010008_PID&B003\7&F3B558D&0&D03761A07A84_C00000000 Service: . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&00010008_PID&B003\7&F3B558D&0&D03761A07A84_C00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&00010008_PID&B003\7&F3B558D&0&D03761A07A84_C00000000 Service: . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows PNP Device ID: ROOT\NET\0000 Service: vpnva . ==== System Restore Points =================== . RP1732: 6/15/2013 10:00:10 AM - Windows Update RP1733: 6/16/2013 9:51:46 AM - Scheduled Checkpoint RP1734: 6/16/2013 10:00:12 AM - Windows Update RP1735: 6/17/2013 10:00:37 AM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 32 Bit HP CIO Components Installer 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min 7-Zip 9.22beta Access Help Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.5 Apple Application Support Apple Mobile Device Support Apple Software Update AVG Security Toolbar Bonjour Brother P-touch Address Book 1.1 Brother P-touch Editor 5.0 Brother P-touch Software Brother QL-570 User's Guide BufferChm Business Contact Manager for Outlook 2007 SP2 Canon MP Navigator 2.2 Canon MP530 Canon MP530 User Registration Canon Utilities Easy-PhotoPrint Cisco AnyConnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client Client Security Solution Coupon Printer for Windows D3DX10 DAEMON Tools Lite Destinations DeviceDiscovery DocMgr DocProc Download Updater (AOL LLC) EPSON Printer Software EPSON Scan Fax getPlus® for Adobe Google Chrome Google Earth Google Talk (remove only) Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Google Updater GoToAssist Customer 1.5.0.240 GPBaseService2 Help Center Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 13.0 HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP LaserJet P2030 Series HP Officejet 4500 G510n-z HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Update HPProductAssistant hppusgP2030 HPSSupply Hyper Electronics Mappers Utilities Intel® Graphics Media Accelerator Driver Intel® PRO Network Connections Drivers iTunes Java 7 Update 21 Java Auto Updater Java 6 Update 29 Java 6 Update 7 Java SE Runtime Environment 6 JavaFX 2.1.1 Junk Mail filter update Lenovo Auto Scroll Utility Lenovo Patch Utility Lenovo Power Management Driver Lenovo Registration Lenovo System Interface Driver Lenovo ThinkVantage Toolbox Livestation Logitech Desktop Messenger Logitech Print Service Logitech QuickCam Logitech Updater Logitech Webcam Software Logitech® Camera Driver Maintenance Manager Malwarebytes Anti-Malware version 1.75.0.1300 MarketResearch Message Center Plus Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Accounting 2008 Microsoft Office Accounting 2008 Equifax Addin Microsoft Office Accounting 2008 Fixed Asset Manager Microsoft Office Accounting 2008 PayPal Addin Microsoft Office Accounting ADP Payroll Addin Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Live Add-in 1.5 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Move Media Player MrvlUsgTracking MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MVision Network Norton 360 Premier Edition OCR Software by I.R.I.S. 13.0 Octoshape add-in for Adobe Flash Player On Screen Display Panasonic Job Status Utility Panasonic Printer Drivers Panasonic Printing System Panasonic RPT Network Printer Port Panasonic Windows Firewall Setting Tool PANTECH UML290 Picasa 3 Presentation Director Productivity Center Supplement for ThinkPad QUBEE WiMAX Connection Manager Quick Logo Designer 5.0 RealPlayer Registry patch for Windows Vista USB S3 PM Enablement Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista Rescue and Recovery Rhapsody Player Engine RSA SecurID Software Token 1.0.1 for Web SDK Scan Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Segoe UI Shop for HP Supplies ShopAtHome.com Helper ShopAtHome.com Toolbar Skype Click to Call Skype™ 6.3 SmartWebPrinting SolutionCenter SoundMAX Spotify Spybot - Search & Destroy Status System Migration Assistant System Update TeleTracker Online ThinkPad Bluetooth with Enhanced Data Rate Software 6.0.1.4900 ThinkPad EasyEject Utility ThinkPad FullScreen Magnifier ThinkPad Mobility Center Customization ThinkPad Modem ThinkPad Power Manager ThinkPad UltraNav Driver ThinkPad UltraNav Utility Thinkpad Wireless LAN Adapters Software (11a/b/g/n) ThinkVantage Access Connections ThinkVantage Active Protection System ThinkVantage Productivity Center ThinkVantage Technologies Welcome Message Toolbox TrayApp Ultimate Media Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VerizonWireless VideoPerformer VZAccess Manager Wallpapers WebCam for MSN Messenger WebEx WebReg Windows Driver Package - Intel (e1express) Net (02/27/2007 9.7.37.0) Windows Driver Package - Intel (iaStor) hdc (02/12/2007 7.0.0.1020) Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011) Windows Driver Package - Intel hdc (12/06/2006 6.8.0.3002) Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) Windows Driver Package - Intel System (09/15/2006 8.0.0.1008) Windows Driver Package - Intel System (09/15/2006 8.0.0.1010) Windows Driver Package - Intel System (09/15/2006 8.2.0.1000) Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008) Windows Driver Package - Lenovo (IBMPMDRV) System (02/27/2007 1.42) Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) Windows Driver Package - Ricoh Company (rismxdp) hdc (11/18/2006 6.00.01.05) Windows Driver Package - Ricoh Company MMC Host Controller (11/14/2006 6.00.01.04) Windows Firewall Setting Tool Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Worthware - CellSell H.A.C.I. Thin-Client (162) . ==== Event Viewer Messages From Past Week ======== . 6/17/2013 4:37:35 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer MAHAMMED-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C9697EE0-222B-4F23-A61D-0A5C7B. The master browser is stopping or an election is being forced. 6/17/2013 4:31:55 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. 6/17/2013 4:31:25 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service. 6/17/2013 4:30:21 PM, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting. 6/17/2013 4:25:49 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 6/17/2013 4:25:11 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer WebEx Document Loader with shared resource name WebEx Document Loader. Error 2114. The printer cannot be used by others on the network. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccSet_N360 CSC DfsC eeCtrl IDSVix86 lenovo.smi NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr SRTSP SRTSPX SymIRON SYMTDIv tdx TPPWRIF Wanarpv6 ws2ifsl 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2013 4:22:54 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2013 4:22:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 6/17/2013 4:22:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 6/17/2013 4:22:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/17/2013 4:21:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 6/17/2013 2:08:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2742597). 6/17/2013 2:05:42 PM, Error: TPM [13] - The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer. 6/17/2013 2:05:42 PM, Error: Microsoft-Windows-TBS [516] - An error occurred while communicating with the TPM. The driver returned 0x8007045d. 6/14/2013 9:19:38 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect. 6/14/2013 9:19:08 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect. 6/14/2013 9:19:08 AM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 6/14/2013 9:19:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} 6/14/2013 9:18:34 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect. 6/14/2013 9:18:34 AM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 6/14/2013 9:16:25 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vpnagent service. 6/13/2013 10:26:36 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 6/11/2013 7:32:10 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer MAHAMMED-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{DB3C85D0-8D16-468C-8E13-33AFE8. The master browser is stopping or an election is being forced. 6/11/2013 7:26:00 PM, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting. 6/11/2013 7:19:06 PM, Error: EventLog [6008] - The previous system shutdown at 7:15:45 PM on 6/11/2013 was unexpected. 6/11/2013 7:14:44 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. 6/11/2013 4:57:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 6/11/2013 4:50:14 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer HP Deskjet F4500 series with shared resource name HP Deskjet F4500 series. Error 2114. The printer cannot be used by others on the network. 6/11/2013 4:50:14 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer HP Deskjet 4500 with shared resource name HP Deskjet 4500. Error 2114. The printer cannot be used by others on the network. . ==== End Of File ===========================

Ran ESET Online Scanner and it removed 5 things, 2 worms, 2 trojans and something else. Couldn't finish the scan and ran it fully today. It found no threats. I cannot find any log file associated with this program.

ComboFix 12-08-14.05 - zamanmm 08/14/2012 16:57:39.2.2 - x86 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3061.1477 [GMT -4:00] Running from: c:\users\zamanmm\Downloads\ComboFix.exe Command switches used :: c:\users\zamanmm\Downloads\CFScript.txt AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Coupons.com CouponBar c:\program files\Coupons.com CouponBar\arrow_refresh.png c:\program files\Coupons.com CouponBar\basis.xml c:\program files\Coupons.com CouponBar\chrome\coupons.com.crx\coupons.com.crx c:\program files\Coupons.com CouponBar\cog.png c:\program files\Coupons.com CouponBar\computer_delete.png c:\program files\Coupons.com CouponBar\coupons.com.dll c:\program files\Coupons.com CouponBar\dataLoader.js c:\program files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\coupons.com.xpi c:\program files\Coupons.com CouponBar\icons3.bmp c:\program files\Coupons.com CouponBar\info.txt c:\program files\Coupons.com CouponBar\login.png c:\program files\Coupons.com CouponBar\logo.png c:\program files\Coupons.com CouponBar\lua5.1.dll c:\program files\Coupons.com CouponBar\search.png c:\program files\Coupons.com CouponBar\TbCommonUtils.dll c:\program files\Coupons.com CouponBar\tbcore3.dll c:\program files\Coupons.com CouponBar\tbhelper.dll c:\program files\Coupons.com CouponBar\TbHelper2.exe c:\program files\Coupons.com CouponBar\todays_deals.png c:\program files\Coupons.com CouponBar\uninstall.exe c:\program files\Coupons.com CouponBar\Uninstall\IRIMG1.BMP c:\program files\Coupons.com CouponBar\Uninstall\IRIMG1.JPG c:\program files\Coupons.com CouponBar\Uninstall\IRIMG2.BMP c:\program files\Coupons.com CouponBar\Uninstall\IRIMG2.JPG c:\program files\Coupons.com CouponBar\Uninstall\IRIMG3.BMP c:\program files\Coupons.com CouponBar\Uninstall\IRIMG3.JPG c:\program files\Coupons.com CouponBar\Uninstall\IRIMG4.BMP c:\program files\Coupons.com CouponBar\Uninstall\IRIMG4.JPG c:\program files\Coupons.com CouponBar\Uninstall\IRIMG5.BMP c:\program files\Coupons.com CouponBar\Uninstall\IRIMG5.JPG c:\program files\Coupons.com CouponBar\Uninstall\IRIMG6.BMP c:\program files\Coupons.com CouponBar\Uninstall\IRIMG7.BMP c:\program files\Coupons.com CouponBar\Uninstall\IRIMG8.BMP c:\program files\Coupons.com CouponBar\Uninstall\IRIMG9.BMP c:\program files\Coupons.com CouponBar\Uninstall\uninstall.dat c:\program files\Coupons.com CouponBar\Uninstall\uninstall.xml c:\program files\Coupons.com CouponBar\update.exe c:\program files\Coupons.com CouponBar\version.txt c:\windows\system32\TPAPSLOG.LOG c:\windows\system32\TPHDLOG0.LOG c:\windows\system32\wmm_cur.log . . ((((((((((((((((((((((((( Files Created from 2012-07-14 to 2012-08-14 ))))))))))))))))))))))))))))))) . . 2012-08-14 21:10 . 2012-08-14 21:10 -------- d-----w- C:\A 2012-08-14 21:06 . 2012-08-14 21:06 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2012-08-14 21:06 . 2012-08-14 21:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-09 22:48 . 2012-08-09 22:48 -------- d-----w- c:\program files\Oracle 2012-08-09 22:42 . 2012-08-09 22:42 -------- d-----w- c:\programdata\McAfee 2012-08-06 14:38 . 2007-02-27 04:16 103936 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\lxdddrpp.dll 2012-07-28 21:23 . 2012-07-29 16:56 -------- d-----w- c:\windows\system32\drivers\NIS\1307010.005 2012-07-25 22:02 . 2012-07-25 22:02 -------- d-----w- c:\windows\hpoj4500g510g-m 2012-07-23 23:57 . 2010-09-07 18:09 13680 ----a-w- c:\windows\system32\drivers\smiif32.sys 2012-07-23 23:57 . 2012-07-23 23:57 -------- d-----w- C:\DRIVERS 2012-07-23 23:54 . 2012-07-23 23:54 -------- d-----w- c:\users\zamanmm\AppData\Local\ApplicationHistory 2012-07-22 17:19 . 2012-07-22 17:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-22 17:19 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-02 23:47 . 2012-04-05 14:12 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-02 23:47 . 2011-06-08 15:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-28 21:28 . 2009-05-23 19:21 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2012-07-06 02:06 . 2012-08-09 22:47 772544 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-07-06 02:06 . 2010-05-02 03:21 687544 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-13 13:40 . 2012-07-11 16:22 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-06-07 15:35 . 2012-06-07 15:35 10744 ----a-w- c:\windows\system32\vpncategories.dll 2012-06-07 15:35 . 2012-06-07 15:35 33272 ----a-w- c:\windows\system32\vpnevents.dll 2012-06-07 15:25 . 2012-06-07 15:25 23976 ----a-w- c:\windows\system32\drivers\vpnva.sys 2012-06-07 15:24 . 2012-06-28 18:19 38440 ----a-r- c:\windows\system32\drivers\acsint.sys 2012-06-07 15:24 . 2012-06-07 15:24 57256 ----a-r- c:\windows\system32\drivers\acsmux.sys 2012-06-05 16:47 . 2012-07-11 16:13 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 16:47 . 2012-07-11 16:13 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 15:26 . 2012-07-11 16:13 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 22:19 . 2012-06-24 16:02 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-24 16:02 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-24 16:01 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-24 16:01 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-24 16:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-24 16:02 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-24 16:01 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 19:19 . 2012-06-24 16:01 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:12 . 2012-06-24 16:01 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 00:04 . 2012-07-11 16:13 278528 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 00:03 . 2012-07-11 16:13 204288 ----a-w- c:\windows\system32\ncrypt.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "QUBEE WCM"="c:\program files\QUBEE WCM\QUBEE WCM.exe" [2010-06-25 798720] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-04 39408] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-08-14 820520] "PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2007-04-10 321072] "LenovoOobeOffers"="c:\swtools\LenovoWelcome\LenovoOobeOffers.exe" [2006-12-29 28672] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-07-10 1282048] "RPT Msgsrv"="c:\program files\Panasonic\Panasonic-DMS\RPT Network Printer Port\Msgsrv.exe" [2007-04-11 57344] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792] "Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-06-07 522744] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2007-3-29 719664] HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768] Job Status Utility.lnk - c:\program files\Panasonic\Panasonic-DMS\LRecvTrap\LRecvTrap.exe [2008-6-24 147456] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-7-18 50688] Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-9-23 169472] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist Express Customer] 2010-10-12 16:08 147832 ----a-w- c:\program files\Citrix\GoToAssist Express Customer\240\g2ax_winlogon.dll . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Google Update"="c:\users\zamanmm\AppData\Local\Google\Update\GoogleUpdate.exe" /c . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R3 acsint;acsint;c:\windows\system32\DRIVERS\acsint.sys [x] R3 acsmux;acsmux;c:\windows\system32\DRIVERS\acsmux.sys [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 23:47] . 2012-08-03 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-18 23:54] . 2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc7aec95b5ec60.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 21:16] . 2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 21:16] . 2010-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894235439-4067020577-3388496322-1000Core1cab612236fd982.job - c:\users\zamanmm\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 19:50] . 2012-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894235439-4067020577-3388496322-1000Core1cc8dc88cb16ea1.job - c:\users\zamanmm\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 19:50] . 2012-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894235439-4067020577-3388496322-1000UA.job - c:\users\zamanmm\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 19:50] . 2009-11-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\PC-Doctor\pcdlauncher.exe [2009-11-20 10:12] . 2009-11-23 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\PC-Doctor\pcdr5cuiw32.exe [2010-02-18 00:15] . 2012-08-14 c:\windows\Tasks\User_Feed_Synchronization-{DB1F06DB-C5AA-402C-8CD5-553AAD0E9856}.job - c:\windows\system32\msfeedssync.exe [2012-06-14 03:24] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = localhost;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TCP: DhcpNameServer = 192.168.1.1 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab . - - - - ORPHANS REMOVED - - - - . AddRemove-CouponBar5.0.0.5 - c:\program files\Coupons.com CouponBar\uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-08-14 17:10 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.7.1.5\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a2,c5,db,61,b5,50,2f,44,95,81,5b,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a2,c5,db,61,b5,50,2f,44,95,81,5b,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(10484) c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll c:\windows\system32\btncopy.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ibmpmsvc.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe c:\program files\LENOVO\HOTKEY\TPHKSVC.exe c:\windows\system32\IPSSVC.EXE c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe c:\program files\LENOVO\HOTKEY\tposdsvc.exe c:\windows\system32\AEADISRV.EXE c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\atashost.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\QUBEE WCM\GPCommonService.exe c:\program files\LENOVO\VIRTSCRL\lvvsst.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\windows\system32\lxddcoms.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe c:\progra~1\LENOVO\VIRTSCRL\virtscrl.exe c:\program files\Lenovo\HOTKEY\TPONSCR.exe c:\program files\Panasonic\TrapMonitor\Trapmnnt.exe c:\program files\Lenovo\Zoom\TpScrex.exe c:\program files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe c:\windows\system32\ptumlcmsvc.exe c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe c:\windows\System32\TPHDEXLG.exe c:\program files\Lenovo\Client Security Solution\tvttcsd.exe c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe c:\program files\Lenovo\Rescue and Recovery\rrservice.exe c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe c:\program files\Lenovo\Rescue and Recovery\ADM\IUService.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\DRIVERS\xaudio.exe c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe c:\program files\Spybot - Search & Destroy\SDWinSec.exe c:\program files\Lenovo\System Update\SUService.exe c:\program files\Common Files\Lenovo\Logger\logmon.exe c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe c:\windows\system32\wbem\unsecapp.exe . ************************************************************************** . Completion time: 2012-08-14 17:26:26 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-14 21:24 ComboFix2.txt 2012-08-13 19:35 . Pre-Run: 7,050,407,936 bytes free Post-Run: 6,835,748,864 bytes free . - - End Of File - - C9DF207C9CC9C4C60F32A3597F3F6CFF

Hi, I'm back. Just got done moving into a new place. I have run the combofix program successfully. Also, after running the program, I got a redirect from a google search. I am not sure if combofix was supposed to prevent it or not but here is the log. ComboFix 12-08-13.01 - zamanmm 08/13/2012 15:09:32.1.2 - x86 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3061.1244 [GMT -4:00] Running from: c:\users\zamanmm\Downloads\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\a c:\programdata\SPL5618.tmp c:\users\zamanmm\Documents\~WRL0003.tmp c:\users\zamanmm\Documents\~WRL0005.tmp c:\users\zamanmm\Documents\~WRL0009.tmp c:\users\zamanmm\Documents\~WRL2320.tmp c:\users\zamanmm\Documents\~WRL3132.tmp c:\users\zamanmm\Documents\~WRL4064.tmp c:\users\zamanmm\g2ax_customer_downloadhelper_win32_x86.exe c:\windows\system32\~GLH0086.TMP c:\windows\system32\~GLH0092.TMP c:\windows\system32\~GLH0093.TMP c:\windows\system32\~GLH0099.TMP c:\windows\system32\~GLH009a.TMP c:\windows\system32\~GLH009b.TMP c:\windows\system32\TPAPSLOG.LOG c:\windows\system32\TPHDLOG0.LOG c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe c:\windows\system32\wmm_cur.log . . ((((((((((((((((((((((((( Files Created from 2012-07-13 to 2012-08-13 ))))))))))))))))))))))))))))))) . . 2012-08-13 19:18 . 2012-08-13 19:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-09 22:48 . 2012-08-09 22:48 -------- d-----w- c:\program files\Oracle 2012-08-09 22:47 . 2012-07-06 02:06 772544 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-09 22:42 . 2012-08-09 22:42 -------- d-----w- c:\programdata\McAfee 2012-08-06 14:38 . 2007-02-27 04:16 103936 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\lxdddrpp.dll 2012-07-28 21:23 . 2012-07-29 16:56 -------- d-----w- c:\windows\system32\drivers\NIS\1307010.005 2012-07-25 22:02 . 2012-07-25 22:02 -------- d-----w- c:\windows\hpoj4500g510g-m 2012-07-23 23:57 . 2010-09-07 18:09 13680 ----a-w- c:\windows\system32\drivers\smiif32.sys 2012-07-23 23:57 . 2012-07-23 23:57 -------- d-----w- C:\DRIVERS 2012-07-23 23:54 . 2012-07-23 23:54 -------- d-----w- c:\users\zamanmm\AppData\Local\ApplicationHistory 2012-07-22 17:19 . 2012-07-22 17:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-22 17:19 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-02 23:47 . 2012-04-05 14:12 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-02 23:47 . 2011-06-08 15:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-28 21:28 . 2009-05-23 19:21 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2012-07-06 02:06 . 2010-05-02 03:21 687544 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-13 13:40 . 2012-07-11 16:22 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-06-07 15:35 . 2012-06-07 15:35 10744 ----a-w- c:\windows\system32\vpncategories.dll 2012-06-07 15:35 . 2012-06-07 15:35 33272 ----a-w- c:\windows\system32\vpnevents.dll 2012-06-07 15:25 . 2012-06-07 15:25 23976 ----a-w- c:\windows\system32\drivers\vpnva.sys 2012-06-07 15:24 . 2012-06-28 18:19 38440 ----a-r- c:\windows\system32\drivers\acsint.sys 2012-06-07 15:24 . 2012-06-07 15:24 57256 ----a-r- c:\windows\system32\drivers\acsmux.sys 2012-06-05 16:47 . 2012-07-11 16:13 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 16:47 . 2012-07-11 16:13 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 15:26 . 2012-07-11 16:13 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 22:19 . 2012-06-24 16:02 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-24 16:02 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-24 16:01 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-24 16:01 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-24 16:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-24 16:02 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-24 16:01 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 19:19 . 2012-06-24 16:01 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:12 . 2012-06-24 16:01 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 00:04 . 2012-07-11 16:13 278528 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 00:03 . 2012-07-11 16:13 204288 ----a-w- c:\windows\system32\ncrypt.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{8660E5B3-6C41-44DE-8503-98D99BBECD41}"= "c:\program files\Coupons.com CouponBar\tbcore3.dll" [2012-02-06 2664864] . [HKEY_CLASSES_ROOT\clsid\{8660e5b3-6c41-44de-8503-98d99bbecd41}] [HKEY_CLASSES_ROOT\TBSB07898.TBSB07898.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\TBSB07898.TBSB07898] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{8660E5B3-6C41-44DE-8503-98D99BBECD41}"= "c:\program files\Coupons.com CouponBar\tbcore3.dll" [2012-02-06 2664864] . [HKEY_CLASSES_ROOT\clsid\{8660e5b3-6c41-44de-8503-98d99bbecd41}] [HKEY_CLASSES_ROOT\TBSB07898.TBSB07898.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\TBSB07898.TBSB07898] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "QUBEE WCM"="c:\program files\QUBEE WCM\QUBEE WCM.exe" [2010-06-25 798720] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-04 39408] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-08-14 820520] "PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2007-04-10 321072] "LenovoOobeOffers"="c:\swtools\LenovoWelcome\LenovoOobeOffers.exe" [2006-12-29 28672] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-07-10 1282048] "RPT Msgsrv"="c:\program files\Panasonic\Panasonic-DMS\RPT Network Printer Port\Msgsrv.exe" [2007-04-11 57344] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792] "Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-06-07 522744] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2007-3-29 719664] HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768] Job Status Utility.lnk - c:\program files\Panasonic\Panasonic-DMS\LRecvTrap\LRecvTrap.exe [2008-6-24 147456] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-7-18 50688] Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-9-23 169472] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist Express Customer] 2010-10-12 16:08 147832 ----a-w- c:\program files\Citrix\GoToAssist Express Customer\240\g2ax_winlogon.dll . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Google Update"="c:\users\zamanmm\AppData\Local\Google\Update\GoogleUpdate.exe" /c . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R3 acsint;acsint;c:\windows\system32\DRIVERS\acsint.sys [x] R3 acsmux;acsmux;c:\windows\system32\DRIVERS\acsmux.sys [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 23:47] . 2012-08-03 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-18 23:54] . 2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc7aec95b5ec60.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 21:16] . 2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 21:16] . 2010-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894235439-4067020577-3388496322-1000Core1cab612236fd982.job - c:\users\zamanmm\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 19:50] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894235439-4067020577-3388496322-1000Core1cc8dc88cb16ea1.job - c:\users\zamanmm\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 19:50] . 2012-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894235439-4067020577-3388496322-1000UA.job - c:\users\zamanmm\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 19:50] . 2009-11-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\PC-Doctor\pcdlauncher.exe [2009-11-20 10:12] . 2009-11-23 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\PC-Doctor\pcdr5cuiw32.exe [2010-02-18 00:15] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = localhost;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TCP: DhcpNameServer = 192.168.1.1 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab . - - - - ORPHANS REMOVED - - - - . HKCU-Run-InstallIQUpdater - c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-08-13 15:24 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . . c:\windows\system32\TPAPSLOG.LOG 128 bytes . scan completed successfully hidden files: 1 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.7.1.5\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a2,c5,db,61,b5,50,2f,44,95,81,5b,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a2,c5,db,61,b5,50,2f,44,95,81,5b,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(13092) c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll c:\windows\system32\btncopy.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ibmpmsvc.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe c:\program files\LENOVO\HOTKEY\TPHKSVC.exe c:\windows\system32\IPSSVC.EXE c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe c:\program files\LENOVO\HOTKEY\tposdsvc.exe c:\windows\system32\AEADISRV.EXE c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\atashost.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\QUBEE WCM\GPCommonService.exe c:\program files\LENOVO\VIRTSCRL\lvvsst.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\progra~1\LENOVO\VIRTSCRL\virtscrl.exe c:\windows\system32\lxddcoms.exe c:\program files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Panasonic\TrapMonitor\Trapmnnt.exe c:\windows\system32\ptumlcmsvc.exe c:\program files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe c:\windows\System32\TPHDEXLG.exe c:\program files\Lenovo\Client Security Solution\tvttcsd.exe c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe c:\program files\Lenovo\HOTKEY\TPONSCR.exe c:\program files\Lenovo\Zoom\TpScrex.exe c:\program files\Lenovo\Rescue and Recovery\rrservice.exe c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe c:\program files\Lenovo\Rescue and Recovery\ADM\IUService.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\DRIVERS\xaudio.exe c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe c:\program files\Spybot - Search & Destroy\SDWinSec.exe c:\program files\Lenovo\System Update\SUService.exe c:\program files\Common Files\Lenovo\Logger\logmon.exe c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\wbem\unsecapp.exe . ************************************************************************** . Completion time: 2012-08-13 15:35:55 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-13 19:35 . Pre-Run: 6,719,647,744 bytes free Post-Run: 6,859,485,184 bytes free . - - End Of File - - 03A0EC6B869C04FD226F0C27DD5E107A

I still crash

Hi Maniac, I was unable to run aswMBR.exe. It gave me a BSOD twice. Just tried to go to IBM's website through google and got redirected to monster.com Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.23.11 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19272 zamanmm :: ZAMANS-PC [administrator] 7/23/2012 6:31:38 PM mbam-log-2012-07-23 (18-31-38).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 205545 Time elapsed: 10 minute(s), 3 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.19272 Run by zamanmm at 19:25:58 on 2012-07-23 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3061.1317 [GMT -4:00] . AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\ibmpmsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\Windows\system32\AEADISRV.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\atashost.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\QUBEE WCM\GPCommonService.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\lxddserv.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Panasonic\TrapMonitor\Trapmnnt.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\ptumlcmsvc.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\Windows\System32\TPHDEXLG.exe C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Lenovo\System Update\SUService.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Common Files\Lenovo\Logger\logmon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\DllHost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Panasonic\Panasonic-DMS\RPT Network Printer Port\Msgsrv.exe C:\Program Files\Hewlett-Packard\HP Software Update\hpwuschd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\QUBEE WCM\QUBEE WCM.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Panasonic\Panasonic-DMS\LRecvTrap\LRecvTrap.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe C:\Program Files\QUBEE WCM\wimax\WmMMgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://www.google.com/ uSearch Bar = Preserve uInternet Settings,ProxyOverride = localhost;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: H - No File uURLSearchHooks: H - No File BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\18.7.2.3\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\18.7.2.3\ips\IPSBHO.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: CPwmIEBrowserHelper Object: {f040e541-a427-4cf7-85d8-75e3e0f476c5} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll BHO: TBSB07898 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\coupons.com couponbar\tbcore3.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\18.7.2.3\coIEPlg.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll TB: Coupons.com CouponBar: {8660e5b3-6c41-44de-8503-98d99bbecd41} - c:\program files\coupons.com couponbar\tbcore3.dll TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_bho.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [QUBEE WCM] "c:\program files\qubee wcm\QUBEE WCM.exe" minimized uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [installIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "c:\users\zamanmm\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor mRun: [<NO NAME>] mRun: [LenovoOobeOffers] c:\swtools\lenovowelcome\lenovooobeoffers.exe /filepath="c:\swshare\firstrun.txt" mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [RPT Msgsrv] "c:\program files\panasonic\panasonic-dms\rpt network printer port\Msgsrv.exe" /NRPT Network Printer /S mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe" mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "c:\program files\cisco\cisco anyconnect secure mobility client\vpnui.exe" -minimized StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\jobsta~1.lnk - c:\program files\panasonic\panasonic-dms\lrecvtrap\LRecvTrap.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm IE: {0045D4BC-5189-4b67-969C-83BB1906C421} - {0FE81B52-73FA-425F-8F06-3F32451AC73F} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{803FC278-F797-4213-9E4F-829AE9D9FD55} : DhcpNameServer = 180.234.0.193 180.234.0.197 TCP: Interfaces\{C9697EE0-222B-4F23-A61D-0A5C7B10426B} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{CFFA5286-0D07-40C6-BABC-811702F106B0} : DhcpNameServer = 180.234.0.193 180.234.0.197 TCP: Interfaces\{D3510E5F-6489-45C4-9374-CA9B3DDA2BC9} : DhcpNameServer = 180.234.0.193 180.234.0.197 TCP: Interfaces\{DB3C85D0-8D16-468C-8E13-33AFE808BDA4} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: GoToAssist Express Customer - c:\program files\citrix\gotoassist express customer\240\g2ax_winlogon.dll Notify: igfxcui - igfxdev.dll LSA: Notification Packages = scecli ACGina Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1207020.003\symds.sys [2012-6-14 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1207020.003\symefa.sys [2012-6-14 744568] R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-3-2 19760] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\bashdefs\20120711.002\BHDrvx86.sys [2012-7-12 821920] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\ipsdefs\20120720.001\IDSvix86.sys [2012-7-20 382624] R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2007-2-19 13744] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1207020.003\ironx86.sys [2012-6-14 136312] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1207020.003\symtdiv.sys [2012-6-14 331384] R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-8-25 43912] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-8 21504] R2 GPCommonService;GPCommonService;c:\program files\qubee wcm\GPCommonService.exe [2012-2-29 90112] R2 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxddserv.exe [2007-5-25 99248] R2 MTKWMPROT;MediaTek WiMAX Modem Protocol Driver;c:\windows\system32\drivers\mtkwmptv.sys [2012-2-29 15360] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\18.7.2.3\ccsvchst.exe [2012-6-14 130008] R2 ptumlcmsvc;PTUML290 Connection Manager Service;c:\windows\system32\ptumlcmsvc.exe [2011-9-14 113168] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-7-3 1153368] R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-7-5 3048136] R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-1-8 569344] R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\cisco\cisco anyconnect secure mobility client\vpnagent.exe [2012-6-7 478712] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-6-15 106656] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-7-23 40776] R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2006-9-13 35264] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-2 135664] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-5 160944] S3 acsint;acsint;c:\windows\system32\drivers\acsint.sys [2012-6-28 38440] S3 acsmux;acsmux;c:\windows\system32\drivers\acsmux.sys [2012-6-7 57256] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-5 250056] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936] S3 GoToAssist Express Customer;GoToAssist Express Customer;c:\program files\citrix\gotoassist express customer\240\g2ax_service.exe [2010-10-12 161144] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-2 135664] S3 MT7118VU;MediaTek MT7118 WiMAX USB Card Driver for VISTA;c:\windows\system32\drivers\mt7118vu.sys [2012-2-29 131072] S3 PTUMLBUS;PTUML USB Composite Device Driver;c:\windows\system32\drivers\PTUMLBUS.sys [2011-9-14 59664] S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;c:\windows\system32\drivers\PTUMLCVsp.sys [2011-9-14 168208] S3 PTUMLMdm;PANTECH UML290;c:\windows\system32\drivers\PTUMLMdm.sys [2011-9-14 168208] S3 PTUMLNVsp;PANTECH UML290 NMEA Port;c:\windows\system32\drivers\PTUMLNVsp.sys [2011-9-14 168848] S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;c:\windows\system32\drivers\PTUMLVsp.sys [2011-9-14 168208] S3 ssmirrdr;ssmirrdr;c:\windows\system32\drivers\ssmirrdr.sys [2011-10-3 10112] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?] S4 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2007-3-30 55936] . =============== Created Last 30 ================ . 2012-07-23 22:31:03 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-07-22 17:19:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-22 17:19:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-11 16:22:25 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 16:16:17 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-07-11 16:13:22 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2012-07-11 16:13:14 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 16:13:14 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 16:13:12 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 16:13:12 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 16:13:12 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-03 18:44:11 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-07-03 18:44:11 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-07-03 18:40:14 -------- d-----w- c:\users\zamanmm\appdata\roaming\Ad-Aware Antivirus 2012-06-28 18:19:36 38440 ----a-r- c:\windows\system32\drivers\acsint.sys 2012-06-24 16:02:09 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-24 16:01:46 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-24 16:01:31 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-24 16:01:31 171904 ----a-w- c:\windows\system32\wuwebv.dll . ==================== Find3M ==================== . 2012-07-11 23:47:15 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-11 23:47:15 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-07 15:35:31 10744 ----a-w- c:\windows\system32\vpncategories.dll 2012-06-07 15:35:26 33272 ----a-w- c:\windows\system32\vpnevents.dll 2012-06-07 15:25:20 23976 ----a-w- c:\windows\system32\drivers\vpnva.sys 2012-06-07 15:24:23 57256 ----a-r- c:\windows\system32\drivers\acsmux.sys 2012-05-15 06:37:49 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 06:32:25 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-15 06:32:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-15 06:31:44 109056 ----a-w- c:\windows\system32\iesysprep.dll 2012-05-15 06:31:43 71680 ----a-w- c:\windows\system32\iesetup.dll 2012-05-15 05:01:56 385024 ----a-w- c:\windows\system32\html.iec 2012-05-15 03:26:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2012-05-15 03:23:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2012-05-01 14:03:49 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys . ============= FINISH: 19:27:20.85 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Business Boot Device: \Device\HarddiskVolume2 Install Date: 7/18/2008 3:45:52 PM System Uptime: 7/23/2012 7:10:52 PM (0 hours ago) . Motherboard: LENOVO | | 76591PU Processor: Intel® Core2 Duo CPU T7300 @ 2.00GHz | None | 2001/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 68 GiB total, 6.832 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Tun Miniport Adapter Device ID: ROOT\*TUNMP\0001 Manufacturer: Microsoft Name: Teredo Tunneling Pseudo-Interface PNP Device ID: ROOT\*TUNMP\0001 Service: tunmp . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows PNP Device ID: ROOT\NET\0000 Service: vpnva . ==== System Restore Points =================== . RP1319: 7/23/2012 2:02:29 PM - Windows Update RP1320: 7/23/2012 5:39:01 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 32 Bit HP CIO Components Installer 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min 7-Zip 9.22beta Access Help Acrobat.com Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader 9.5.1 Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour Brother P-touch Address Book 1.1 Brother P-touch Editor 5.0 Brother P-touch Software Brother QL-570 User's Guide BufferChm Business Contact Manager for Outlook 2007 SP2 Canon MP Navigator 2.2 Canon MP530 Canon MP530 User Registration Canon Utilities Easy-PhotoPrint Cisco AnyConnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client Client Security Solution Coupon Printer for Windows CouponBar Destinations DeviceDiscovery DocMgr DocProc Download Updater (AOL LLC) EPSON Printer Software EPSON Scan Fax getPlus® for Adobe Google Chrome Google Earth Google Update Helper Google Updater GoToAssist Customer 1.5.0.240 GPBaseService2 Help Center Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 13.0 HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP LaserJet P2030 Series HP Officejet 4500 G510n-z HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Update HPProductAssistant hppusgP2030 HPSSupply Hyper Electronics Mappers Utilities Intel® Graphics Media Accelerator Driver Intel® PRO Network Connections Drivers iTunes Java 6 Update 29 Java 6 Update 7 Java SE Runtime Environment 6 Junk Mail filter update Lenovo Registration Lenovo System Interface Driver Lenovo ThinkVantage Toolbox Lexmark 2500 Series Livestation Logitech Desktop Messenger Logitech Print Service Logitech QuickCam Logitech Updater Logitech Webcam Software Logitech® Camera Driver Maintenance Manager Malwarebytes Anti-Malware version 1.62.0.1300 MarketResearch Message Center Plus Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Accounting 2008 Microsoft Office Accounting 2008 Equifax Addin Microsoft Office Accounting 2008 Fixed Asset Manager Microsoft Office Accounting 2008 PayPal Addin Microsoft Office Accounting ADP Payroll Addin Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Live Add-in 1.5 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Move Media Player MrvlUsgTracking MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MVision Network Norton Internet Security OCR Software by I.R.I.S. 13.0 Octoshape add-in for Adobe Flash Player On Screen Display Panasonic Job Status Utility Panasonic Printer Drivers Panasonic Printing System Panasonic RPT Network Printer Port Panasonic Windows Firewall Setting Tool PANTECH UML290 Picasa 3 Presentation Director Productivity Center Supplement for ThinkPad QUBEE WiMAX Connection Manager RealPlayer Registry patch for Windows Vista USB S3 PM Enablement Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista Rescue and Recovery Rhapsody Player Engine RSA SecurID Software Token 1.0.1 for Web SDK Scan Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Shop for HP Supplies Skype Click to Call Skype™ 5.9 SmartWebPrinting SolutionCenter SoundMAX Spybot - Search & Destroy Status System Migration Assistant System Update TeleTracker Online ThinkPad Bluetooth with Enhanced Data Rate Software 6.0.1.4900 ThinkPad EasyEject Utility ThinkPad FullScreen Magnifier ThinkPad Hotkey Features Setup ThinkPad Mobility Center Customization ThinkPad Modem ThinkPad Power Management Driver ThinkPad Power Manager ThinkPad UltraNav Driver ThinkPad UltraNav Utility Thinkpad Wireless LAN Adapters Software (11a/b/g/n) ThinkVantage Access Connections ThinkVantage Active Protection System ThinkVantage Productivity Center ThinkVantage Technologies Welcome Message Toolbox TrayApp Ultimate Media Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VerizonWireless VZAccess Manager Wallpapers WebCam for MSN Messenger WebEx WebReg Windows Driver Package - Intel (e1express) Net (02/27/2007 9.7.37.0) Windows Driver Package - Intel (iaStor) hdc (02/12/2007 7.0.0.1020) Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011) Windows Driver Package - Intel hdc (12/06/2006 6.8.0.3002) Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) Windows Driver Package - Intel System (09/15/2006 8.0.0.1008) Windows Driver Package - Intel System (09/15/2006 8.0.0.1010) Windows Driver Package - Intel System (09/15/2006 8.2.0.1000) Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008) Windows Driver Package - Lenovo (IBMPMDRV) System (02/27/2007 1.42) Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) Windows Driver Package - Ricoh Company (rismxdp) hdc (11/18/2006 6.00.01.05) Windows Driver Package - Ricoh Company MMC Host Controller (11/14/2006 6.00.01.04) Windows Firewall Setting Tool Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Toolbar Windows Live Upload Tool Windows Live Writer Worthware - CellSell H.A.C.I. Thin-Client (162) . ==== Event Viewer Messages From Past Week ======== . 7/23/2012 8:06:21 AM, Error: Microsoft-Windows-TBS [516] - An error occurred while communicating with the TPM. The driver returned 0x8007045d. 7/23/2012 7:20:17 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 7/23/2012 7:19:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service. 7/23/2012 7:19:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. 7/23/2012 7:19:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 7/23/2012 7:12:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vpnagent service. 7/23/2012 7:12:44 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 7/23/2012 7:12:36 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer WebEx Document Loader with shared resource name WebEx Document Loader. Error 1722. The printer cannot be used by others on the network. 7/23/2012 7:11:43 PM, Error: EventLog [6008] - The previous system shutdown at 7:09:44 PM on 7/23/2012 was unexpected. 7/23/2012 6:56:49 PM, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting. 7/23/2012 6:50:50 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer WebEx Document Loader with shared resource name WebEx Document Loader. Error 2114. The printer cannot be used by others on the network. 7/23/2012 6:50:03 PM, Error: EventLog [6008] - The previous system shutdown at 6:47:57 PM on 7/23/2012 was unexpected. 7/23/2012 5:43:00 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353). 7/23/2012 5:41:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370). 7/23/2012 2:03:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect. 7/23/2012 2:03:51 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/23/2012 2:03:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 7/22/2012 6:56:42 PM, Error: netbt [4321] - The name "ZAMANS-PC :0" could not be registered on the interface with IP address 192.168.1.5. The computer with the IP address 192.168.1.3 did not allow the name to be claimed by this computer. 7/22/2012 3:59:23 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/22/2012 3:59:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. 7/22/2012 3:55:54 PM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance. 7/21/2012 1:12:20 PM, Error: netbt [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.24. The computer with the IP address 192.168.1.36 did not allow the name to be claimed by this computer. 7/19/2012 8:09:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 7/18/2012 4:34:34 PM, Error: TPM [13] - The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer. 7/18/2012 10:10:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect. 7/18/2012 10:10:48 AM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/18/2012 1:50:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Zamans-PC\zamanmm SID (S-1-5-21-3894235439-4067020577-3388496322-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 7/17/2012 11:24:42 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. . ==== End Of File ===========================

Hi, I have run Malwarebytes as well as Spybot - Search and Destroy and I still get redirects from google as well as ads on pages that should not have ads. Thanks for helping me out. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.19272 Run by zamanmm at 16:08:45 on 2012-07-22 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3061.1294 [GMT -4:00] . AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\ibmpmsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\Windows\system32\AEADISRV.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\atashost.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\QUBEE WCM\GPCommonService.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\lxddserv.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Panasonic\TrapMonitor\Trapmnnt.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\ptumlcmsvc.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\Windows\System32\TPHDEXLG.exe C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Common Files\Lenovo\Logger\logmon.exe C:\Program Files\Lenovo\System Update\SUService.exe c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\DllHost.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Panasonic\Panasonic-DMS\RPT Network Printer Port\Msgsrv.exe C:\Program Files\Hewlett-Packard\HP Software Update\hpwuschd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\QUBEE WCM\QUBEE WCM.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Panasonic\Panasonic-DMS\LRecvTrap\LRecvTrap.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe C:\Program Files\QUBEE WCM\wimax\WmMMgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\rundll32.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\zamanmm\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe C:\Windows\system32\wuauclt.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\WerCon.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://www.google.com/ uSearch Bar = Preserve uInternet Settings,ProxyOverride = localhost;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: FCToolbarURLSearchHook Class: {c1b8770b-7d91-c494-31e0-e62db08b9414} - c:\program files\bucksbee loyalty plugin - w3i\Helper.dll uURLSearchHooks: H - No File uURLSearchHooks: H - No File BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\18.7.2.3\coIEPlg.dll BHO: Bucksbee Loyalty Plugin - W3i: {626a9bf6-a6f4-18f4-159b-52a7a586c40b} - c:\program files\bucksbee loyalty plugin - w3i\BucksBee Loyalty Plugin.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\18.7.2.3\ips\IPSBHO.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: RewardsArcadeSuite: {b6ef6c45-5e8d-4c3b-b580-a5073261a381} - c:\program files\rewardsarcadesuite\RewardsArcadeSuite.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: CPwmIEBrowserHelper Object: {f040e541-a427-4cf7-85d8-75e3e0f476c5} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll BHO: TBSB07898 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\coupons.com couponbar\tbcore3.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\18.7.2.3\coIEPlg.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll TB: Coupons.com CouponBar: {8660e5b3-6c41-44de-8503-98d99bbecd41} - c:\program files\coupons.com couponbar\tbcore3.dll TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_bho.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [QUBEE WCM] "c:\program files\qubee wcm\QUBEE WCM.exe" minimized uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [installIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "c:\users\zamanmm\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor mRun: [<NO NAME>] mRun: [LenovoOobeOffers] c:\swtools\lenovowelcome\lenovooobeoffers.exe /filepath="c:\swshare\firstrun.txt" mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [RPT Msgsrv] "c:\program files\panasonic\panasonic-dms\rpt network printer port\Msgsrv.exe" /NRPT Network Printer /S mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe" mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "c:\program files\cisco\cisco anyconnect secure mobility client\vpnui.exe" -minimized StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\jobsta~1.lnk - c:\program files\panasonic\panasonic-dms\lrecvtrap\LRecvTrap.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm IE: {0045D4BC-5189-4b67-969C-83BB1906C421} - {0FE81B52-73FA-425F-8F06-3F32451AC73F} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{803FC278-F797-4213-9E4F-829AE9D9FD55} : DhcpNameServer = 180.234.0.193 180.234.0.197 TCP: Interfaces\{C9697EE0-222B-4F23-A61D-0A5C7B10426B} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{CFFA5286-0D07-40C6-BABC-811702F106B0} : DhcpNameServer = 180.234.0.193 180.234.0.197 TCP: Interfaces\{D3510E5F-6489-45C4-9374-CA9B3DDA2BC9} : DhcpNameServer = 180.234.0.193 180.234.0.197 TCP: Interfaces\{DB3C85D0-8D16-468C-8E13-33AFE808BDA4} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: GoToAssist Express Customer - c:\program files\citrix\gotoassist express customer\240\g2ax_winlogon.dll Notify: igfxcui - igfxdev.dll LSA: Notification Packages = scecli ACGina Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1207020.003\symds.sys [2012-6-14 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1207020.003\symefa.sys [2012-6-14 744568] R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-3-2 19760] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\bashdefs\20120711.002\BHDrvx86.sys [2012-7-12 821920] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\ipsdefs\20120720.001\IDSvix86.sys [2012-7-20 382624] R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2007-2-19 13744] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1207020.003\ironx86.sys [2012-6-14 136312] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1207020.003\symtdiv.sys [2012-6-14 331384] R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-8-25 43912] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-8 21504] R2 GPCommonService;GPCommonService;c:\program files\qubee wcm\GPCommonService.exe [2012-2-29 90112] R2 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxddserv.exe [2007-5-25 99248] R2 MTKWMPROT;MediaTek WiMAX Modem Protocol Driver;c:\windows\system32\drivers\mtkwmptv.sys [2012-2-29 15360] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\18.7.2.3\ccsvchst.exe [2012-6-14 130008] R2 ptumlcmsvc;PTUML290 Connection Manager Service;c:\windows\system32\ptumlcmsvc.exe [2011-9-14 113168] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-7-3 1153368] R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-7-5 3048136] R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-1-8 569344] R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\cisco\cisco anyconnect secure mobility client\vpnagent.exe [2012-6-7 478712] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-6-15 106656] R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2006-9-13 35264] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-2 135664] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-5 160944] S3 acsint;acsint;c:\windows\system32\drivers\acsint.sys [2012-6-28 38440] S3 acsmux;acsmux;c:\windows\system32\drivers\acsmux.sys [2012-6-7 57256] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-5 250056] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936] S3 GoToAssist Express Customer;GoToAssist Express Customer;c:\program files\citrix\gotoassist express customer\240\g2ax_service.exe [2010-10-12 161144] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-2 135664] S3 MT7118VU;MediaTek MT7118 WiMAX USB Card Driver for VISTA;c:\windows\system32\drivers\mt7118vu.sys [2012-2-29 131072] S3 PTUMLBUS;PTUML USB Composite Device Driver;c:\windows\system32\drivers\PTUMLBUS.sys [2011-9-14 59664] S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;c:\windows\system32\drivers\PTUMLCVsp.sys [2011-9-14 168208] S3 PTUMLMdm;PANTECH UML290;c:\windows\system32\drivers\PTUMLMdm.sys [2011-9-14 168208] S3 PTUMLNVsp;PANTECH UML290 NMEA Port;c:\windows\system32\drivers\PTUMLNVsp.sys [2011-9-14 168848] S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;c:\windows\system32\drivers\PTUMLVsp.sys [2011-9-14 168208] S3 ssmirrdr;ssmirrdr;c:\windows\system32\drivers\ssmirrdr.sys [2011-10-3 10112] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?] S4 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2007-3-30 55936] . =============== Created Last 30 ================ . 2012-07-22 17:19:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-22 17:19:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-11 16:22:25 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 16:16:17 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-07-11 16:13:22 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2012-07-11 16:13:14 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 16:13:14 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 16:13:12 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 16:13:12 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 16:13:12 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-03 18:44:11 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-07-03 18:44:11 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-07-03 18:40:14 -------- d-----w- c:\users\zamanmm\appdata\roaming\Ad-Aware Antivirus 2012-06-28 18:19:36 38440 ----a-r- c:\windows\system32\drivers\acsint.sys 2012-06-24 16:02:09 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-24 16:01:46 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-24 16:01:31 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-24 16:01:31 171904 ----a-w- c:\windows\system32\wuwebv.dll . ==================== Find3M ==================== . 2012-07-11 23:47:15 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-11 23:47:15 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-07 15:35:31 10744 ----a-w- c:\windows\system32\vpncategories.dll 2012-06-07 15:35:26 33272 ----a-w- c:\windows\system32\vpnevents.dll 2012-06-07 15:25:20 23976 ----a-w- c:\windows\system32\drivers\vpnva.sys 2012-06-07 15:24:23 57256 ----a-r- c:\windows\system32\drivers\acsmux.sys 2012-05-15 06:37:49 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 06:32:25 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-15 06:32:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-15 06:31:44 109056 ----a-w- c:\windows\system32\iesysprep.dll 2012-05-15 06:31:43 71680 ----a-w- c:\windows\system32\iesetup.dll 2012-05-15 05:01:56 385024 ----a-w- c:\windows\system32\html.iec 2012-05-15 03:26:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2012-05-15 03:23:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2012-05-01 14:03:49 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys . ============= FINISH: 16:12:17.88 =============== DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Business Boot Device: \Device\HarddiskVolume2 Install Date: 7/18/2008 3:45:52 PM System Uptime: 7/22/2012 3:54:32 PM (1 hours ago) . Motherboard: LENOVO | | 76591PU Processor: Intel® Core™2 Duo CPU T7300 @ 2.00GHz | None | 2001/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 68 GiB total, 7.109 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Tun Miniport Adapter Device ID: ROOT\*TUNMP\0001 Manufacturer: Microsoft Name: Teredo Tunneling Pseudo-Interface PNP Device ID: ROOT\*TUNMP\0001 Service: tunmp . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows PNP Device ID: ROOT\NET\0000 Service: vpnva . ==== System Restore Points =================== . RP1316: 7/21/2012 1:12:38 PM - Windows Update RP1317: 7/21/2012 6:43:00 PM - Removed WinZip 15.0 RP1318: 7/22/2012 12:15:20 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 32 Bit HP CIO Components Installer 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min 7-Zip 9.22beta Access Help Acrobat.com Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader 9.5.1 Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour Brother P-touch Address Book 1.1 Brother P-touch Editor 5.0 Brother P-touch Software Brother QL-570 User's Guide Bucksbee Loyalty Plugin - W3i BufferChm Business Contact Manager for Outlook 2007 SP2 Canon MP Navigator 2.2 Canon MP530 Canon MP530 User Registration Canon Utilities Easy-PhotoPrint Cisco AnyConnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client Client Security Solution Coupon Printer for Windows CouponBar Destinations DeviceDiscovery DocMgr DocProc Download Updater (AOL LLC) EPSON Printer Software EPSON Scan Fax getPlus® for Adobe Google Chrome Google Earth Google Update Helper Google Updater GoToAssist Customer 1.5.0.240 GPBaseService2 Help Center Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 13.0 HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP LaserJet P2030 Series HP Officejet 4500 G510n-z HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Update HPProductAssistant hppusgP2030 HPSSupply Hyper Electronics Mappers Utilities Intel® Graphics Media Accelerator Driver Intel® PRO Network Connections Drivers iTunes Java™ 6 Update 29 Java™ 6 Update 7 Java™ SE Runtime Environment 6 Junk Mail filter update Lenovo Registration Lenovo System Interface Driver Lenovo ThinkVantage Toolbox Lexmark 2500 Series Livestation Logitech Desktop Messenger Logitech Print Service Logitech QuickCam Logitech Updater Logitech Webcam Software Logitech® Camera Driver Maintenance Manager Malwarebytes Anti-Malware version 1.62.0.1300 MarketResearch Message Center Plus Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Accounting 2008 Microsoft Office Accounting 2008 Equifax Addin Microsoft Office Accounting 2008 Fixed Asset Manager Microsoft Office Accounting 2008 PayPal Addin Microsoft Office Accounting ADP Payroll Addin Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Live Add-in 1.5 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Move Media Player MrvlUsgTracking MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MVision Network Norton Internet Security OCR Software by I.R.I.S. 13.0 Octoshape add-in for Adobe Flash Player On Screen Display Panasonic Job Status Utility Panasonic Printer Drivers Panasonic Printing System Panasonic RPT Network Printer Port Panasonic Windows Firewall Setting Tool PANTECH UML290 Picasa 3 Presentation Director Productivity Center Supplement for ThinkPad QUBEE WiMAX Connection Manager RealPlayer Registry patch for Windows Vista USB S3 PM Enablement Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista Rescue and Recovery RewardsArcadeSuite Rhapsody Player Engine RSA SecurID Software Token 1.0.1 for Web SDK Scan Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Shop for HP Supplies Skype Click to Call Skype™ 5.9 SmartWebPrinting SolutionCenter SoundMAX Spybot - Search & Destroy Status System Migration Assistant System Update TeleTracker Online ThinkPad Bluetooth with Enhanced Data Rate Software 6.0.1.4900 ThinkPad EasyEject Utility ThinkPad FullScreen Magnifier ThinkPad Hotkey Features Setup ThinkPad Mobility Center Customization ThinkPad Modem ThinkPad Power Management Driver ThinkPad Power Manager ThinkPad UltraNav Driver ThinkPad UltraNav Utility Thinkpad Wireless LAN Adapters Software (11a/b/g/n) ThinkVantage Access Connections ThinkVantage Active Protection System ThinkVantage Productivity Center ThinkVantage Technologies Welcome Message Toolbox TrayApp Ultimate Media Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VerizonWireless VZAccess Manager Wallpapers WebCam for MSN Messenger WebEx WebReg Windows Driver Package - Intel (e1express) Net (02/27/2007 9.7.37.0) Windows Driver Package - Intel (iaStor) hdc (02/12/2007 7.0.0.1020) Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011) Windows Driver Package - Intel hdc (12/06/2006 6.8.0.3002) Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) Windows Driver Package - Intel System (09/15/2006 8.0.0.1008) Windows Driver Package - Intel System (09/15/2006 8.0.0.1010) Windows Driver Package - Intel System (09/15/2006 8.2.0.1000) Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008) Windows Driver Package - Lenovo (IBMPMDRV) System (02/27/2007 1.42) Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) Windows Driver Package - Ricoh Company (rismxdp) hdc (11/18/2006 6.00.01.05) Windows Driver Package - Ricoh Company MMC Host Controller (11/14/2006 6.00.01.04) Windows Firewall Setting Tool Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Toolbar Windows Live Upload Tool Windows Live Writer Worthware - CellSell H.A.C.I. Thin-Client (162) . ==== Event Viewer Messages From Past Week ======== . 7/22/2012 4:04:09 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. 7/22/2012 4:03:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service. 7/22/2012 4:02:06 PM, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting. 7/22/2012 3:59:23 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/22/2012 3:59:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. 7/22/2012 3:56:01 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 7/22/2012 3:55:54 PM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance. 7/22/2012 12:24:35 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353). 7/22/2012 12:20:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370). 7/21/2012 1:52:15 PM, Error: Microsoft-Windows-TBS [516] - An error occurred while communicating with the TPM. The driver returned 0x8007045d. 7/21/2012 1:12:20 PM, Error: netbt [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.24. The computer with the IP address 192.168.1.36 did not allow the name to be claimed by this computer. 7/19/2012 8:09:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 7/18/2012 4:34:34 PM, Error: TPM [13] - The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer. 7/18/2012 10:10:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect. 7/18/2012 10:10:48 AM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/18/2012 1:50:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Zamans-PC\zamanmm SID (S-1-5-21-3894235439-4067020577-3388496322-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 7/17/2012 11:24:42 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. 7/15/2012 7:39:42 AM, Error: netbt [4321] - The name "ZAMANS-PC :0" could not be registered on the interface with IP address 192.168.1.5. The computer with the IP address 192.168.1.3 did not allow the name to be claimed by this computer. . ==== End Of File ===========================