Jump to content

Recommended Posts

I did not want to hijack the other thread pertaining to AV protection 2011. My work PC was infected with this virus on Monday 11/20/11 @ that time I ran Malwarebytes and the scan found 8 different issues. I fix the selected issues and thought the problem was resolved (I was badly mistaken). This particular CPU is an IBM Think Pad Lennov T61 with Think advantage. After removing the infections when I would log onto the system my CPU would be at 100% so I opened process explorer and found 2 exes that appear to be part of Think Advantage hogging all the resources. The name of the assoicated exe's are SUService.exe and SUGIserivce.exe. I suspended each of those process and the computer seems to run well with one major exception I cannot connect to the internet using my air card or a land connection. After some investigation it appears as though this virus or an inadvertent deletion on my part has stopped the TCP/IP Protocol Driver and it will not stat up the error message I recieve is "The system encountered the following error while attempting to start the service. The dependency service does not exist or has been marked for deletion."

I also noticed the IP network address Translator fails to start to the error message I recieve is "The dependency service or group failed to start"

This is the Malwarebytes Log.

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7622

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

11/24/2011 6:39:42 PM

mbam-log-2011-11-24 (18-39-42).txt

Scan type: Quick scan

Objects scanned: 187274

Time elapsed: 3 minute(s), 11 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

_______________________________________________________

This is a log from DDS

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by seatonsupport at 18:45:54 on 2011-11-24

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1510.819 [GMT -5:00]

.

AV: Symantec AntiVirus Corporate Edition *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Druva\inSync\inSyncCPHwxp.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\KACE\KBOX\KBOXSMMPService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\pnusbvirtualhubwssrv.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe

C:\Program Files\RealVNC\VNC4\WinVNC4.exe

C:\Program Files\Common Files\Lenovo\Logger\logmon.exe

C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE

c:\program files\lenovo\system update\suservice.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe

C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

C:\WINDOWS\system32\TpShocks.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe

C:\Program Files\Lenovo\Zoom\TpScrex.exe

C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\Program Files\OpenVPN\bin\openvpn-gui.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Druva\inSync\inSyncGUI.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Canon\MyPrinter\BJMyPrt.exe

C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE

C:\Documents and Settings\seatonsupport\Application Data\U3\07741213E6505AA2\LaunchPad.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.askseaton.com/

uWindow Title = Microsoft Internet Explorer provided by Symposium Phone System (v.050625

mDefault_Page_URL = https://askseaton.com/default.cfm

mStart Page = https://askseaton.com/default.cfm

uInternet Settings,ProxyOverride = mail.seatoncorp.com;mail.peoplescout.com;mail.staffmanagement.com;askseaton.com;mypeoplescout.com;www.askseaton.com;www.copyscout.com;<local>;192.168.*.*

mWinlogon: Userinit=c:\windows\system32\KUsrInit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy 2\SDHelper.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: WebEx Productivity Tools: {90e2ba2e-dd1b-4cde-9134-7a8b86d33ca7} - c:\program files\webex\productivity tools\ptonecli.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll

BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: WebEx Productivity Tools: {90e2ba2e-dd1b-4cde-9134-7a8b86d33ca7} - c:\program files\webex\productivity tools\ptonecli.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

mRun: [bLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog

mRun: [TPFNF7] c:\progra~1\lenovo\npdirect\TPFNF7SP.exe /r

mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe

mRun: [TpShocks] TpShocks.exe

mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe

mRun: [soundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray

mRun: [LPManager] c:\progra~1\thinkv~2\prdctr\LPMGR.exe

mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe

mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

mRun: [openvpn-gui] c:\program files\openvpn\bin\openvpn-gui.exe

mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [LENOVO.TPFNF6R] c:\program files\lenovo\hotkey\TPFNF6R.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Druva inSync] c:\program files\druva\insync\inSyncGUI.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"

mRun: [spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Send to &Bluetooth Device... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm

IE: Send To Bluetooth - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll

IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll

Trusted Zone: seasccsweb

Trusted Zone: seasccsweb

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236866395723

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1236866317551

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://staffmanagement.webex.com/client/T27LC/webex/ieatgpc.cab

TCP: Interfaces\{96FF22E7-20DA-4D87-8275-5CE905F51C6C} : DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100

Notify: ACNotify - ACNotify.dll

Notify: igfxcui - igfxdev.dll

Notify: kwinhook - kwinhook.dll

Notify: NavLogon - c:\windows\system32\NavLogon.dll

Notify: psfus - c:\program files\thinkvantage fingerprint software\psqlpwd.dll

Notify: SDWinLogon - SDWinLogon.dll

Notify: tpfnf2 - c:\program files\lenovo\hotkey\notifyf2.dll

LSA: Notification Packages = scecli ACGina psqlpwd ACGina c:\program files\thinkvantage fingerprint software\psqlpwd.dll ACGina

.

============= SERVICES / DRIVERS ===============

.

R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-6-29 20520]

R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2007-12-5 46656]

R2 inSyncCPHService;Druva inSync Client Service;c:\program files\druva\insync\inSyncCPHwxp.exe [2010-11-2 171008]

R2 KBOXSMMP;KBOX SMMP Management Service;c:\program files\kace\kbox\KBOXSMMPService.exe [2008-4-4 1718784]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-7 366152]

R2 pnpnptool;Quest RDP PnP Driver;c:\windows\system32\drivers\pnpnptool.sys [2009-11-9 33488]

R2 pnusbvirtualhubwssrv;Quest USB Hub Client Service;c:\windows\system32\pnusbvirtualhubwssrv.exe [2009-11-9 398832]

R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2008-8-19 53248]

R2 smihlp;SMI Helper Driver (smihlp);c:\program files\common files\thinkvantage fingerprint software\drivers\smihlp.sys [2008-11-21 12560]

R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2007-3-30 62320]

R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-12-5 520192]

R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\lenovo\rescue and recovery\UpdateMonitor.exe [2007-12-5 360448]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-7 22216]

R3 PTDCWWAN;PANTECH PC Card WWAN Controller device driver;c:\windows\system32\drivers\PTDCWWAN.sys [2011-1-21 114704]

R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [2004-6-23 23552]

R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2006-9-13 37312]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-13 136176]

S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2009-11-6 45424]

S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys --> c:\windows\system32\drivers\motfilt.sys [?]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-4-13 136176]

S3 INOLW;INOLW;c:\temp\INOLW.exe [2011-11-23 342912]

S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys --> c:\windows\system32\drivers\motccgp.sys [?]

S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys --> c:\windows\system32\drivers\motccgpfl.sys [?]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys --> c:\windows\system32\drivers\motodrv.sys [?]

S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\motousbnet.sys --> c:\windows\system32\drivers\Motousbnet.sys [?]

S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys --> c:\windows\system32\drivers\motusbdevice.sys [?]

S3 pnusbd;Quest RDP USB Driver;c:\windows\system32\drivers\pnusbd.sys [2009-11-9 19920]

S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2010-4-14 32408]

S4 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshim.sys --> c:\windows\system32\drivers\AVGIDSShim.Sys [?]

S4 SDHookService;Spybot S&D 2 Live Protection Service;c:\program files\spybot - search & destroy 2\SDHookSvc.exe [2011-11-22 130976]

S4 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2011-11-22 892336]

S4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2011-11-22 955816]

.

=============== Created Last 30 ================

.

2011-11-24 21:21:32 -------- d-----w- c:\documents and settings\seatonsupport\local settings\application data\Google

2011-11-24 21:08:59 -------- d-----w- C:\sh4ldr

2011-11-24 21:08:59 -------- d-----w- c:\program files\Enigma Software Group

2011-11-24 21:08:25 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP

2011-11-24 21:08:14 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2011-11-24 16:57:58 -------- d-s---w- C:\ComboFix

2011-11-22 14:32:37 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

2011-11-22 14:31:24 15224 ----a-w- c:\windows\system32\sdnclean.exe

2011-11-22 14:31:20 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2011-11-21 19:24:27 -------- d-----w- c:\program files\Symantec

2011-11-21 19:24:00 -------- d-----w- c:\documents and settings\all users\application data\Norton

2011-11-21 19:22:28 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller

2011-11-21 01:30:37 -------- d--h--w- c:\documents and settings\all users\application data\Common Files

2011-11-18 15:27:35 -------- d-----w- c:\program files\AA4FE

2011-11-18 15:26:58 -------- d-----w- c:\program files\LP

.

==================== Find3M ====================

.

2011-11-23 01:07:13 33536 ----a-w- c:\windows\system32\drivers\tvtfilter.sys

2011-11-21 19:24:27 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL

2011-11-21 19:24:27 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2011-09-07 15:21:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-08-31 22:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

.

============= FINISH: 18:46:20.20 ===============

___________________________________________________________________

finally this is a HJthis log

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 6:25:34 PM, on 11/24/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Druva\inSync\inSyncCPHwxp.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\KACE\KBOX\KBOXSMMPService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\pnusbvirtualhubwssrv.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe

C:\Program Files\RealVNC\VNC4\WinVNC4.exe

C:\Program Files\Common Files\Lenovo\Logger\logmon.exe

C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE

c:\program files\lenovo\system update\suservice.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe

C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

C:\WINDOWS\system32\TpShocks.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe

C:\Program Files\Lenovo\Zoom\TpScrex.exe

C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\Program Files\OpenVPN\bin\openvpn-gui.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Druva\inSync\inSyncGUI.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Canon\MyPrinter\BJMyPrt.exe

C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE

C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpCtr.exe

F:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.askseaton.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://askseaton.com/default.cfm

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://askseaton.com/default.cfm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Symposium Phone System (v.050625

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = mail.seatoncorp.com;mail.peoplescout.com;mail.staffmanagement.com;askseaton.com;mypeoplescout.com;www.askseaton.com;www.copyscout.com;<local>;192.168.*.*

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\KUsrInit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\Program Files\WebEx\Productivity Tools\ptonecli.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll

O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\Program Files\WebEx\Productivity Tools\ptonecli.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [bLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog

O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r

O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

O4 - HKLM\..\Run: [TpShocks] TpShocks.exe

O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe

O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe

O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\OpenVPN\bin\openvpn-gui.exe

O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Druva inSync] C:\Program Files\Druva\inSync\inSyncGUI.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"

O4 - HKLM\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Bluetooth.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - c:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O14 - IERESET.INF: START_PAGE_URL=http://askseaton.com

O15 - Trusted Zone: *.seasccsweb

O15 - Trusted Zone: *.seasccsweb (HKLM)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236866395723

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1236866317551

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://staffmanagement.webex.com/client/T27LC/webex/ieatgpc.cab

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: kwinhook - kwinhook.dll (file missing)

O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: INOLW - Sysinternals - www.sysinternals.com - c:\Temp\INOLW.exe

O23 - Service: Druva inSync Client Service (inSyncCPHService) - Unknown owner - C:\Program Files\Druva\inSync\inSyncCPHwxp.exe

O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: KBOX SMMP Management Service (KBOXSMMP) - KACE Networks, Inc. - C:\Program Files\KACE\KBOX\KBOXSMMPService.exe

O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe

O23 - Service: Quest USB Hub Client Service (pnusbvirtualhubwssrv) - Quest Software - C:\WINDOWS\system32\pnusbvirtualhubwssrv.exe

O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe

O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe

O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe

O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--

End of file - 15468 bytes

Thank You for the help!!!

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 9/25/2007 3:40:34 AM

System Uptime: 11/24/2011 5:16:05 PM (1 hours ago)

.

Motherboard: LENOVO | | 646563U

Processor: Intel® Core2 Duo CPU T7500 @ 2.20GHz | None | 1579/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 145 GiB total, 120.912 GiB free.

D: is CDROM ()

E: is CDROM (CDFS)

F: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP271: 8/27/2011 1:07:14 PM - System Checkpoint

RP272: 8/28/2011 2:04:33 PM - System Checkpoint

RP273: 8/29/2011 2:47:45 PM - System Checkpoint

RP274: 8/31/2011 9:48:44 AM - System Checkpoint

RP275: 9/1/2011 11:17:20 AM - System Checkpoint

RP276: 9/1/2011 5:09:44 PM - Installed Windows XP KB2536276-v2.

RP277: 9/1/2011 5:10:13 PM - Installed Windows XP KB2566454.

RP278: 9/1/2011 5:10:31 PM - Installed Windows XP KB2567680.

RP279: 9/1/2011 5:10:48 PM - Installed Windows XP KB2570222.

RP280: 9/4/2011 10:37:01 AM - System Checkpoint

RP281: 9/6/2011 10:04:26 AM - System Checkpoint

RP282: 9/7/2011 12:25:19 PM - System Checkpoint

RP283: 9/8/2011 12:47:32 PM - System Checkpoint

RP284: 9/11/2011 6:49:51 AM - System Checkpoint

RP285: 9/12/2011 7:26:15 AM - System Checkpoint

RP286: 9/14/2011 10:38:34 AM - System Checkpoint

RP287: 9/15/2011 11:06:34 PM - System Checkpoint

RP288: 9/16/2011 11:43:09 PM - System Checkpoint

RP289: 9/18/2011 11:16:39 AM - System Checkpoint

RP290: 9/19/2011 12:46:02 PM - System Checkpoint

RP291: 9/21/2011 9:47:41 AM - System Checkpoint

RP292: 9/22/2011 11:51:47 AM - System Checkpoint

RP293: 9/23/2011 3:01:20 PM - System Checkpoint

RP294: 9/24/2011 3:54:09 PM - System Checkpoint

RP295: 9/25/2011 4:54:08 PM - System Checkpoint

RP296: 9/26/2011 6:06:08 PM - System Checkpoint

RP297: 9/27/2011 6:54:08 PM - System Checkpoint

RP298: 9/28/2011 7:04:40 PM - System Checkpoint

RP299: 9/29/2011 8:20:52 PM - System Checkpoint

RP300: 9/30/2011 8:25:20 PM - System Checkpoint

RP301: 10/1/2011 8:40:24 PM - System Checkpoint

RP302: 10/2/2011 9:22:37 PM - System Checkpoint

RP303: 10/4/2011 8:57:05 AM - Installed Windows XP KB2555917.

RP304: 10/4/2011 8:57:47 AM - Installed Windows XP KB2507938.

RP305: 10/4/2011 11:50:16 AM - Restore Operation

RP306: 10/4/2011 12:05:18 PM - Installed Windows XP KB2555917.

RP307: 10/4/2011 12:05:46 PM - Installed Windows XP KB2507938.

RP308: 10/5/2011 2:51:37 PM - System Checkpoint

RP309: 10/5/2011 7:14:23 PM - Restore Operation

RP310: 10/6/2011 11:36:29 AM - Restore Operation

RP311: 10/7/2011 12:57:31 PM - System Checkpoint

RP312: 10/8/2011 1:06:22 PM - System Checkpoint

RP313: 10/9/2011 2:06:22 PM - System Checkpoint

RP314: 10/10/2011 2:50:39 PM - System Checkpoint

RP315: 10/11/2011 3:00:57 PM - System Checkpoint

RP316: 10/12/2011 3:24:49 PM - System Checkpoint

RP317: 10/13/2011 3:45:58 PM - System Checkpoint

RP318: 10/17/2011 7:54:11 AM - System Checkpoint

RP319: 10/18/2011 8:03:57 AM - System Checkpoint

RP320: 10/18/2011 11:40:50 AM - Installed Windows Media Player 10

RP321: 10/19/2011 2:24:10 PM - System Checkpoint

RP322: 10/20/2011 3:40:49 PM - System Checkpoint

RP323: 10/21/2011 3:50:56 PM - System Checkpoint

RP324: 10/22/2011 4:16:24 PM - System Checkpoint

RP325: 10/23/2011 4:34:09 PM - System Checkpoint

RP326: 10/24/2011 5:35:04 PM - System Checkpoint

RP327: 10/26/2011 7:59:46 AM - System Checkpoint

RP328: 10/27/2011 10:35:25 AM - System Checkpoint

RP329: 10/28/2011 10:39:15 AM - System Checkpoint

RP330: 10/30/2011 11:01:47 AM - System Checkpoint

RP331: 10/31/2011 11:16:34 AM - System Checkpoint

RP332: 11/1/2011 12:00:46 PM - System Checkpoint

RP333: 11/2/2011 1:00:30 PM - System Checkpoint

RP334: 11/3/2011 1:39:56 PM - System Checkpoint

RP335: 11/4/2011 1:59:48 PM - System Checkpoint

RP336: 11/5/2011 2:41:16 PM - System Checkpoint

RP337: 11/6/2011 2:41:16 PM - System Checkpoint

RP338: 11/8/2011 10:54:48 AM - System Checkpoint

RP339: 11/10/2011 7:52:41 AM - System Checkpoint

RP340: 11/11/2011 12:49:16 PM - System Checkpoint

RP341: 11/12/2011 1:14:10 PM - System Checkpoint

RP342: 11/13/2011 1:51:07 PM - System Checkpoint

RP343: 11/14/2011 2:09:16 PM - System Checkpoint

RP344: 11/16/2011 1:02:06 PM - System Checkpoint

RP345: 11/17/2011 2:00:20 PM - System Checkpoint

RP346: 11/20/2011 3:19:37 PM - Restore Operation

RP347: 11/20/2011 7:59:43 PM - Restore Operation

RP348: 11/20/2011 8:08:37 PM - Restore Operation

RP349: 11/20/2011 8:17:51 PM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

RP350: 11/20/2011 8:19:35 PM - Installed AVG 2011

RP351: 11/20/2011 8:23:05 PM - Installed AVG 2011

RP352: 11/20/2011 9:03:26 PM - Removed AVG 2011

RP353: 11/20/2011 11:11:59 PM - Removed AVG 2011

RP354: 11/21/2011 9:53:34 PM - Restore Operation

RP355: 11/22/2011 3:53:52 PM - Installed ThinkVantage Access Connections

RP356: 11/24/2011 12:20:49 PM - Restore Operation

RP357: 11/24/2011 4:08:57 PM - Installed SpyHunter

RP358: 11/24/2011 4:21:39 PM - Removed SpyHunter

.

==== Installed Programs ======================

.

.

Access Help

ActivePerl 5.8.8 Build 819

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player Plugin

Adobe Reader 9.4.2

Apple Application Support

Apple Software Update

Canon Easy-PhotoPrint EX

Canon MP Navigator EX 4.0

Canon MP495 series MP Drivers

Canon My Printer

CCleaner (remove only)

Client Security - Password Manager

Compatibility Pack for the 2007 Office system

CutePDF Writer 2.6

Druva inSync 4.0.1

Google Toolbar for Firefox

Google Toolbar for Internet Explorer

Google Update Helper

Help Center

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB954550-v5)

Intel® Graphics Media Accelerator Driver

Intel® Network Connections Drivers

Intel® PROSet/Wireless Software

InterVideo Register Manager

InterVideo WinDVD

InterVideo WinDVD Creator 3

J2SE Runtime Environment 5.0 Update 6

Java 6 Update 15

Java 6 Update 5

Java 6 Update 7

KBOX

Lenovo System Toolbox

Maintenance Manager

Malwarebytes' Anti-Malware version 1.51.2.1300

mCore

mDriver

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB953297)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Office Standard Edition 2003

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Web Publishing Wizard 1.52

mMHouse

MotoHelper MergeModules

mPfMgr

mProSafe

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 6.0 Parser (KB933579)

mWlsSafe

NVIDIA Drivers

OGA Notifier 2.0.0048.0

On Screen Display

OpenVPN 2.0.5-gui-1.0.3

PANTECH PC Card Software

PC5750 Firmware Updates

Presentation Director

Productivity Center Supplement for ThinkPad

QuickTime

RecordNow Audio

RecordNow Copy

RecordNow Data

Remove Multimedia Center

Rescue and Recovery

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02

SeatonCorp CGP MAPI

SeatonCorp VAS

Security Update for CAPICOM (KB931906)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB982132)

Sonic DLA

Sonic Express Labeler

Sonic Icons for Lenovo

Sonic Update Manager

SoundMAX

Spybot - Search & Destroy 2

System Migration Assistant

System Update

ThinkPad Bluetooth with Enhanced Data Rate Software

ThinkPad EasyEject Utility

ThinkPad FullScreen Magnifier

ThinkPad Hotkey Features Setup

ThinkPad Keyboard Customizer Utility

ThinkPad Modem

ThinkPad PC Card Power Policy

ThinkPad Power Management Driver

ThinkPad Power Manager

ThinkPad UltraNav Driver

ThinkPad UltraNav Utility

ThinkVantage Access Connections

ThinkVantage Active Protection System

ThinkVantage Fingerprint Software 5.8

ThinkVantage Productivity Center

ThinkVantage Technologies Welcome Message

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

VLC media player 1.1.11

VNC Free Edition 4.1.3

vWorkspace Client

VZAccess Manager

Wallpapers

WebEx

WebEx Productivity Tools

WebEx Recorder and Player

WebFldrs XP

Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format Runtime

Windows Media Player 10

WinRAR archiver

WinZip

XP Themes

.

==== Event Viewer Messages From Past Week ========

.

11/24/2011 5:32:11 PM, error: Service Control Manager [7001] - The IP Network Address Translator service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.

11/24/2011 4:55:38 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.

11/23/2011 9:15:27 AM, error: Service Control Manager [7034] - The INOLW service terminated unexpectedly. It has done this 1 time(s).

11/22/2011 9:28:22 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

11/22/2011 9:14:31 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ANC Fips IBMTPCHK intelppm MRxSmb NetBIOS NetBT RasAcd Rdbss SPBBCDrv Tcpip TPHKDRV TPPWRIF TSMAPIP tvtumon

11/22/2011 3:53:48 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the service.

11/22/2011 3:53:18 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the AcSvc service.

11/22/2011 3:39:11 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Software Updater service to connect.

11/22/2011 3:38:51 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gusvc with arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}

11/22/2011 10:13:17 AM, error: Service Control Manager [7022] - The Spybot-S&D 2 Updating Service service hung on starting.

11/22/2011 1:16:48 PM, error: Service Control Manager [7034] - The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s).

11/22/2011 1:03:56 PM, error: Service Control Manager [7034] - The Spybot S&D 2 Live Protection Service service terminated unexpectedly. It has done this 1 time(s).

11/22/2011 1:03:01 PM, error: Service Control Manager [7034] - The Spybot-S&D 2 Scanner Service service terminated unexpectedly. It has done this 1 time(s).

11/22/2011 1:02:30 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

11/21/2011 7:16:56 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ANC eeCtrl Fips IBMTPCHK intelppm MRxSmb NetBIOS NetBT RasAcd Rdbss SPBBCDrv Tcpip TPHKDRV TPPWRIF TSMAPIP tvtumon

11/21/2011 7:13:01 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

11/21/2011 7:00:55 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ANC BHDrvx86 ccSet_NAV eeCtrl Fips IBMTPCHK intelppm MRxSmb NetBIOS NetBT RasAcd Rdbss SPBBCDrv SRTSPX SymIRON SYMTDI Tcpip TPHKDRV TPPWRIF TSMAPIP tvtumon

11/21/2011 7:00:55 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

11/21/2011 7:00:55 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

11/21/2011 6:18:36 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 Tcpip

11/21/2011 3:12:12 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgrkx86 BHDrvx86 Tcpip

11/21/2011 2:30:14 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgrkx86 Tcpip

11/21/2011 2:11:34 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ANC Avgldx86 Avgmfx86 Fips IBMTPCHK intelppm SPBBCDrv Tcpip TPHKDRV TPPWRIF TSMAPIP tvtumon

11/21/2011 1:58:21 PM, error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/20/2011 9:52:29 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

11/20/2011 9:52:29 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/20/2011 9:52:25 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

11/20/2011 9:46:56 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the AudioSrv service.

11/20/2011 9:46:47 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ANC eeCtrl Fips IBMTPCHK intelppm SAVRT SAVRTPEL SPBBCDrv Tcpip TPHKDRV TPPWRIF TSMAPIP tvtumon

11/20/2011 8:29:14 PM, error: Service Control Manager [7000] - The AVG TDI Driver service failed to start due to the following error: The system cannot find the file specified.

11/20/2011 6:53:17 PM, error: Service Control Manager [7024] - The SPBBCSvc service terminated with service-specific error 4294967295 (0xFFFFFFFF).

11/20/2011 5:20:18 PM, error: Service Control Manager [7024] - The Symantec SPBBCSvc service terminated with service-specific error 4294967295 (0xFFFFFFFF).

11/20/2011 3:37:32 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

11/20/2011 11:23:46 AM, error: Service Control Manager [7034] - The On Screen Display service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 11:21:14 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

11/20/2011 11:20:30 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 11:19:34 AM, error: Service Control Manager [7034] - The IPS Core Service service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 11:19:29 AM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Service service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 11:19:13 AM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 11:18:42 AM, error: Service Control Manager [7034] - The TSS Core Service service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 11:18:42 AM, error: Service Control Manager [7034] - The IBM KCU Service service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 11:18:30 AM, error: Service Control Manager [7034] - The TVT Scheduler service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 11:01:09 AM, error: Service Control Manager [7034] - The TVT Backup Service service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 11:01:05 AM, error: Service Control Manager [7034] - The TVT Backup Protection Service service terminated unexpectedly. It has done this 1 time(s).

11/20/2011 10:56:54 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.

11/20/2011 10:51:19 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/20/2011 10:51:17 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

11/20/2011 10:48:51 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MotoHelper service.

11/20/2011 10:46:12 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Tcpip

11/20/2011 10:46:09 AM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: The system cannot find the file specified.

11/20/2011 10:46:09 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the KBOXSMMP service.

11/20/2011 10:46:09 AM, error: Service Control Manager [7003] - The IPSEC Services service depends on the following nonexistent service: IPSec

11/20/2011 10:46:09 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/20/2011 10:46:09 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/20/2011 10:45:17 AM, error: NETLOGON [5719] - No Domain Controller is available for domain SEATONCORP due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

11/20/2011 10:43:05 AM, error: NetBT [4311] - Initialization failed because the driver device could not be created.

11/20/2011 10:40:58 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/20/2011 10:40:39 AM, error: Service Control Manager [7003] - The TCP/IP Protocol Driver service depends on the following nonexistent service: IPSec

11/20/2011 10:40:39 AM, error: Service Control Manager [7001] - The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.

11/20/2011 10:39:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

11/18/2011 2:03:47 PM, error: Service Control Manager [7031] - The MotoHelper Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

11/18/2011 2:01:09 PM, error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The system cannot find the file specified.

11/18/2011 12:24:01 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the TPHKSVC service.

11/18/2011 11:09:00 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

11/18/2011 10:34:51 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ANC eeCtrl Fips IBMTPCHK intelppm SAVRT SAVRTPEL SPBBCDrv TPHKDRV TPPWRIF TSMAPIP tvtumon

11/18/2011 1:59:54 PM, error: Service Control Manager [7031] - The Access Connections Main Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/18/2011 1:02:12 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Installer service to connect.

11/18/2011 1:02:12 PM, error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/18/2011 1:01:56 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.