Smart Fortress 2012

[dolldrums]

Hi,

I stupidly opened myself up to Smart Fortress 2012. I realised immediately, and was able to get back to using my computer by 'uninstalling' from the control panel (I don't actually believe that it's gone, but I was able to do stuff after this).

I've tried running a Malwarebytes and a few others following instructions to others but I'm not confident I've fixed it. Here are my dds logs:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.5.0_12

Run by Sarah at 16:28:59 on 2012-04-05

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.4007.1852 [GMT -4:00]

.

AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\ibmpmsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe

C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

C:\Windows\system32\CxAudMsg64.exe

C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe

C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\SASHome\SASTextAnalyticsDocumentConversion\1.2\file-converter-service.exe

C:\Windows\SysWOW64\SAsrv.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\rundll32.exe

C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE

C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\TpShocks.exe

C:\Program Files\CONEXANT\ForteConfig\fmapp.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe

C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe

C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\rundll32.exe

C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Lenovo\Lenovo Mouse Suite\Pelmiced.exe

C:\Program Files\Lenovo\Lenovo Mouse Suite\PelElvDm.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Lenovo\System Update\SUService.exe

C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe

C:\Windows\sysWOW64\wbem\wmiprvse.exe

C:\Windows\system32\msiexec.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - C:\ProgramData\Partner\Partner.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO: Symantec VIP Access Add-On: {c63cd127-a1cb-4d49-a4f7-d6f88a917be6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [LTT] C:\Program Files\PC-Doctor\EnableToolbarW32.exe

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot

mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\ThinkPad\Bluetooth Software\BTTray.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {A6616B31-4860-41E2-98E3-CA7649AF172F} - file:///D:/launch.ocx

DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 10.137.118.26 10.137.113.26

TCP: Interfaces\{6AF77D2A-86D6-4F64-9D62-2E2DA7324A5E} : DhcpNameServer = 10.137.118.26 10.137.113.26

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO-X64: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll

BHO-X64: IEPlugin - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun-x64: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

mRun-x64: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot

mRun-x64: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\gkdlt9o5.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\Sarah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Sarah\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 TPDIGIMN;TPDIGIMN;C:\Windows\system32\DRIVERS\ApsHM64.sys --> C:\Windows\system32\DRIVERS\ApsHM64.sys [?]

R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\system32\DRIVERS\smiifx64.sys --> C:\Windows\system32\DRIVERS\smiifx64.sys [?]

R1 pelmoubt;Mouse Suite Bluetooth Driver;C:\Windows\system32\DRIVERS\pelmoubt.sys --> C:\Windows\system32\DRIVERS\pelmoubt.sys [?]

R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2011-7-8 32104]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\system32\CxAudMsg64.exe --> C:\Windows\system32\CxAudMsg64.exe [?]

R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]

R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2012-2-8 41320]

R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2011-9-16 101736]

R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-2-8 59240]

R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2011-9-16 133992]

R2 PelService;Session Launcher Service;C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [2012-3-27 177152]

R2 risdxc;risdxc;C:\Windows\system32\DRIVERS\risdxc64.sys --> C:\Windows\system32\DRIVERS\risdxc64.sys [?]

R2 SAS Document Conversion;SAS Document Conversion;C:\Program Files\SASHome\SASTextAnalyticsDocumentConversion\1.2\file-converter-service.exe [2011-4-11 61440]

R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SASrv.exe [2012-2-8 446592]

R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-7-1 1832072]

R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2011-9-16 145256]

R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2011-9-16 142696]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-2-8 2656280]

R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-6-30 82544]

R3 5U877;USB Video Device;C:\Windows\system32\DRIVERS\5U877.sys --> C:\Windows\system32\DRIVERS\5U877.sys [?]

R3 BTWAMPFL;BTWAMPFL;C:\Windows\system32\DRIVERS\btwampfl.sys --> C:\Windows\system32\DRIVERS\btwampfl.sys [?]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-3-5 138360]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

R3 pelbtm;Bluetooth Mouse Filter Driver;C:\Windows\system32\DRIVERS\pelbtm.sys --> C:\Windows\system32\DRIVERS\pelbtm.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-8 136176]

S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-7-8 144232]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-28 158856]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-8 136176]

S3 IERA;IERA;C:\Program Files (x86)\Sierra Wireless Inc\IERA\IERA64.exe [2010-9-9 183664]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-11 31125880]

S3 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2012-2-8 332272]

S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2012-2-8 87400]

S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2012-2-8 173416]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-04-05 20:20:05 -------- d-sh--w- C:\$RECYCLE.BIN

2012-04-05 20:18:32 -------- d-----w- C:\Program Files (x86)\Trend Micro

2012-04-05 20:07:15 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 19:18:08 98816 ----a-w- C:\Windows\sed.exe

2012-04-05 19:18:08 518144 ----a-w- C:\Windows\SWREG.exe

2012-04-05 19:18:08 256000 ----a-w- C:\Windows\PEV.exe

2012-04-05 19:18:08 208896 ----a-w- C:\Windows\MBR.exe

2012-04-05 19:11:16 -------- d-----w- C:\Users\Sarah\AppData\Roaming\SUPERAntiSpyware.com

2012-04-05 19:11:07 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2012-04-05 19:11:07 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2012-04-05 18:44:56 -------- d-----w- C:\Users\Sarah\AppData\Roaming\Malwarebytes

2012-04-05 18:44:51 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-04-05 18:44:51 -------- d-----w- C:\ProgramData\Malwarebytes

2012-04-05 18:44:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-04-05 18:41:00 -------- d-----w- C:\ProgramData\B7E858A700017A63013D66F4B4EB2367

2012-04-04 14:36:21 -------- d-----w- C:\Users\Sarah\AppData\Roaming\Scribus

2012-04-01 19:51:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-04-01 19:51:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-04-01 19:51:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-04-01 19:51:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-04-01 19:51:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-04-01 19:51:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-04-01 19:51:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-03-27 13:53:51 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL

2012-03-27 12:46:33 33280 ------w- C:\Windows\System32\drivers\PELUSBLF.SYS

2012-03-27 12:46:33 23040 ------w- C:\Windows\System32\drivers\PELMOUSE.SYS

2012-03-27 12:46:33 22016 ----a-w- C:\Windows\System32\drivers\PELMOUBT.SYS

2012-03-27 12:46:33 16384 ----a-w- C:\Windows\System32\drivers\PELBTM.SYS

2012-03-27 12:46:33 14336 ------w- C:\Windows\System32\drivers\PELPS2M.SYS

2012-03-27 12:45:42 -------- d-----w- C:\Windows\Metadata

2012-03-27 12:45:41 414632 ------w- C:\Windows\difxapi.dll

2012-03-27 12:44:37 -------- d-----w- C:\Windows\X64

2012-03-27 12:44:00 -------- d-----w- C:\temp

2012-03-26 21:13:27 -------- d-----w- C:\Users\Sarah\AppData\Local\assembly

2012-03-26 14:58:41 -------- d-----w- C:\Users\Sarah\AppData\Local\{052217EB-DF0A-406B-8602-59027238A765}

2012-03-26 14:58:28 -------- d-----w- C:\Users\Sarah\AppData\Local\{FC07D578-0A4F-48B4-ACA7-0BAB03BE082F}

2012-03-26 00:21:10 -------- d-----w- C:\Users\Sarah\AppData\Local\ElevatedDiagnostics

2012-03-25 22:15:08 -------- d-----w- C:\Users\Sarah\AppData\Local\{A6AC7230-2B06-4981-94BC-817B83C9827A}

2012-03-25 22:15:08 -------- d-----w- C:\Users\Sarah\AppData\Local\{0B198112-501E-49D2-9BB0-DFCC5F9C328D}

2012-03-25 19:34:49 -------- d-----w- C:\Users\Sarah\AppData\Local\Apple Computer

2012-03-25 19:34:32 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-03-25 19:34:32 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-03-25 19:34:32 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-03-25 19:34:19 -------- d-----w- C:\Program Files\iPod

2012-03-25 19:34:18 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-03-25 19:34:18 -------- d-----w- C:\Program Files\iTunes

2012-03-25 19:34:18 -------- d-----w- C:\Program Files (x86)\iTunes

2012-03-25 19:32:08 -------- d-----w- C:\Users\Sarah\AppData\Local\Apple

2012-03-25 19:31:27 -------- d-----w- C:\Program Files\Bonjour

2012-03-25 19:31:27 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-03-18 06:49:44 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll

2012-03-18 06:49:44 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll

2012-03-17 09:53:26 -------- d-----w- C:\Program Files\PeerBlock

2012-03-17 09:48:16 -------- d-----w- C:\Users\Sarah\.swt

2012-03-17 09:48:12 -------- d-----w- C:\Users\Sarah\AppData\Roaming\Azureus

2012-03-17 09:47:45 -------- d-----w- C:\Program Files (x86)\Vuze

2012-03-16 02:55:42 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-16 02:55:39 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-16 02:55:37 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-16 02:53:38 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-03-16 02:53:33 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-16 02:53:32 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-14 21:23:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-14 21:23:22 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-03-14 21:23:21 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-03-14 21:23:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-14 21:23:20 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-14 21:23:19 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-14 21:23:19 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-14 06:36:34 -------- d-----w- C:\Program Files (x86)\Sierra Wireless Inc

2012-03-14 06:36:33 -------- d-----w- C:\Users\Sarah\AppData\Roaming\Sierra Wireless

2012-03-14 06:36:33 -------- d-----w- C:\ProgramData\Sierra Wireless

2012-03-08 08:31:50 -------- d-----w- C:\Users\Sarah\AppData\Local\Windows Live

2012-03-08 08:31:50 -------- d-----w- C:\Users\Sarah\AppData\Local\{1E9E09CF-F267-45B5-A1D4-7B05CFD90B9A}

2012-03-08 08:31:19 -------- d-----w- C:\Users\Sarah\AppData\Local\{F8A867EA-C68A-4AF5-88FE-374E1FD28AF5}

2012-03-08 06:51:43 -------- d-----w- C:\Program Files (x86)\VideoLAN

2012-03-08 06:42:39 -------- d-----w- C:\Users\Sarah\AppData\Local\Broadcom

2012-03-08 06:42:16 -------- d-----r- C:\Program Files (x86)\Skype

2012-03-08 06:36:06 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-03-08 06:22:12 -------- d-----w- C:\Users\Sarah\AppData\Roaming\EndNote

2012-03-08 04:04:04 -------- d-----w- C:\Users\Sarah\AppData\Roaming\SAS

2012-03-08 04:03:59 98304 ----a-w- C:\Windows\SysWow64\sasperf.dll

2012-03-08 03:52:48 90112 ----a-w- C:\Windows\SysWow64\atl71.dll

2012-03-08 03:52:38 -------- d-----w- C:\Program Files (x86)\Microsoft WSE

2012-03-07 23:48:45 -------- d-----w- C:\Program Files\SASHome

2012-03-07 23:32:00 -------- d-----w- C:\ProgramData\SAS

2012-03-06 23:46:36 -------- d-----w- C:\Program Files (x86)\Common Files\Risxtd

2012-03-06 23:46:33 -------- d-----w- C:\Program Files (x86)\Common Files\ResearchSoft

2012-03-06 23:46:00 -------- d-----w- C:\Program Files (x86)\EndNote X5

2012-03-06 23:45:33 -------- d-----w- C:\ProgramData\Thomson.ResearchSoft.Installers

2012-03-06 23:44:32 -------- d-----w- C:\Program Files\New folder

2012-03-06 23:43:45 -------- d-----w- C:\Users\Sarah\Endnote

2012-03-06 21:35:51 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

==================== Find3M ====================

.

2012-03-05 22:12:22 1025 ----a-w- C:\Windows\SysWow64\sysprs7.dll

2012-03-05 21:30:57 173616 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2012-02-09 00:35:16 40248 ----a-w- C:\Windows\System32\drivers\psadd.sys

2012-02-09 00:06:46 96768 ----a-w- C:\Windows\System32\fsutil.exe

2012-02-09 00:05:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-02-09 00:04:27 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll

2012-02-09 00:03:51 246784 ----a-w- C:\Windows\System32\input.dll

2012-02-09 00:03:51 202240 ----a-w- C:\Windows\SysWow64\input.dll

2012-02-09 00:03:38 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2012-02-09 00:03:38 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2012-02-09 00:03:29 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2012-02-09 00:03:21 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2012-02-09 00:03:21 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2012-02-09 00:03:21 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2012-02-09 00:03:12 467456 ----a-w- C:\Windows\System32\drivers\srv.sys

2012-02-09 00:03:12 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys

2012-02-09 00:03:12 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2012-02-09 00:01:59 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll

2012-02-09 00:00:37 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-02-09 00:00:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-02-09 00:00:24 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe

2012-02-09 00:00:02 951680 ----a-w- C:\Windows\System32\drivers\ndis.sys

2012-02-08 23:59:52 961024 ----a-w- C:\Windows\System32\CPFilters.dll

2012-02-08 23:59:52 850944 ----a-w- C:\Windows\SysWow64\sbe.dll

2012-02-08 23:59:52 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll

2012-02-08 23:59:52 259072 ----a-w- C:\Windows\System32\mpg2splt.ax

2012-02-08 23:59:52 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax

2012-02-08 23:59:52 1118720 ----a-w- C:\Windows\System32\sbe.dll

2012-02-08 23:59:40 715776 ----a-w- C:\Windows\System32\kerberos.dll

2012-02-08 23:59:40 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll

2012-02-08 23:57:23 1131 ----a-w- C:\Windows\MFGCLEAN.CMD

.

============= FINISH: 16:29:23.38 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 20/02/2012 1:12:14 AM

System Uptime: 5/04/2012 3:44:12 PM (1 hours ago)

.

Motherboard: LENOVO | | 1143CTO

Processor: Intel® Core i5-2450M CPU @ 2.50GHz | CPU | 2501/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 449 GiB total, 389.157 GiB free.

D: is CDROM ()

Q: is FIXED (NTFS) - 16 GiB total, 6.481 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco Systems VPN Adapter for 64-bit Windows

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco Systems VPN Adapter for 64-bit Windows

PNP Device ID: ROOT\NET\0000

Service: CVirtA

.

==== System Restore Points ===================

.

RP29: 25/03/2012 10:35:47 AM - Scheduled Checkpoint

RP30: 25/03/2012 3:32:11 PM - Installed iTunes

RP31: 25/03/2012 8:23:45 PM - Windows Update

RP32: 2/04/2012 6:54:51 PM - Scheduled Checkpoint

RP33: 4/04/2012 10:38:43 AM - Configured Corel DVD MovieFactory 7

RP34: 5/04/2012 4:18:01 PM - Installed HiJackThis

RP35: 5/04/2012 4:19:29 PM - Removed HiJackThis

.

==== Installed Programs ======================

.

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe Flash Player 10 ActiveX

Adobe Reader 9.4.0

Apple Application Support

Apple Software Update

BisonCam Twain Pro

Burn.Now 4.5

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Corel Burn.Now Lenovo Edition

Corel WinDVD

Create Recovery Media

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

EndNote X5

Evernote v. 4.2.3

Google Chrome

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

Integrated Camera Driver Installer Package Ver.1.1.0.1147

Intel® Control Center

Intel® Identity Protection Technology 1.1.2.0

Intel® Management Engine Components

Intel® Processor Graphics

J2SE Runtime Environment 5.0 Update 12

Java Auto Updater

Java 6 Update 24

Java 6 Update 31

Junk Mail filter update

Lenovo Patch Utility

Lenovo Registration

Lenovo User Guide

Lenovo Warranty Information

Lenovo Welcome

LiveUpdate 3.3 (Symantec Corporation)

Malwarebytes Anti-Malware version 1.60.1.1000

Mesh Runtime

Message Center Plus

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual Studio 2005 Tools for Office Runtime

Microsoft WSE 3.0 Runtime

Mozilla Firefox 11.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

QuickTime

Realtek Ethernet Controller Driver

ResearchSoft Direct Export Helper

RICOH_Media_Driver_v2.14.18.01

SAS 9.3

SAS Document Conversion

SAS VJR

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition

Skype™ 5.8

System Update

ThinkPad Power Manager

ThinkPad Wireless LAN Adapter Software

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

VIP Access

Visual Studio 2005 Tools for Office Second Edition Runtime

Visual Studio Tools for the Office system 3.0 Runtime

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)

VLC media player 2.0.0

Vuze

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

.

==== Event Viewer Messages From Past Week ========

.

5/04/2012 3:59:48 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

5/04/2012 3:46:19 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

5/04/2012 3:24:06 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

31/03/2012 5:44:47 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

.

==== End Of File ===========================

Assistance is much appreciated!

thanks,

Dolldrums

[LDTate]

Looks like you've ran every tool we use and didn't find anything.

Your DDS scan looks good as well.

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!