DeeGee7 Posted May 3, 2012 ID:548569 Share Posted May 3, 2012 Hello,PC has been very slow for days. I tried to run MBAM, but "check for updates" button is greyed out, even after installing latest version via a USB stick.I went to http://data-cdn.mbamupdates.com/v0/database/version.check & the number shown is 912050306.Here is DDS.txt----------------------.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31Run by Steve at 21:31:57 on 2012-05-03Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2006.1009 [GMT 1:00].AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\PROGRA~1\AVG\AVG2012\avgrsx.exeC:\Program Files\AVG\AVG2012\avgcsrvx.exeC:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\ibmpmsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\WUDFHost.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k WbioSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exeC:\Program Files\LENOVO\HOTKEY\TPHKSVC.exeC:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exeC:\Windows\system32\AEADISRV.EXEC:\Program Files\AVG\AVG2012\avgwdsvc.exeC:\Program Files\COMODO\COMMON\COSService.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exeC:\Program Files\LENOVO\VIRTSCRL\lvvsst.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\COMODO\COMMON\SynchronizationService.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Lenovo\Access Connections\AcSvc.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\AVG\AVG2012\AVGIDSAgent.exeC:\Program Files\AVG\AVG2012\avgnsx.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\AVG\AVG2012\avgemcx.exeC:\Windows\system32\taskhost.exeC:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exeC:\Program Files\LENOVO\HOTKEY\tposdsvc.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Lenovo\HOTKEY\TPONSCR.exeC:\Program Files\Lenovo\Zoom\TpScrex.exeC:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\AVG\AVG2012\avgtray.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\System32\rundll32.exeC:\Windows\System32\TpShocks.exeC:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\BillP Studios\WinPatrol\WinPatrol.exeC:\Program Files\AVG Secure Search\vprot.exeC:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXEC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\system32\igfxext.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\DllHost.exeC:\Windows\system32\svchost.exe -k WindowsMobileC:\Program Files\ProcessExplorer\procexp.exeC:\Program Files\Lenovo\System Update\SUService.exeC:\Program Files\Microsoft Office\Office12\OUTLOOK.EXEC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\Evernote\Evernote\Evernote.exeC:\Program Files\Evernote\Evernote\EvernoteTray.exeC:\Program Files\Evernote\Evernote\EvernoteClipper.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\conhost.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uSearch Page = hxxp://www.google.co.ukuStart Page = hxxp://www.google.co.uk/uSearch Bar = hxxp://www.google.com/ieuDefault_Search_URL = hxxp://www.google.com/ieuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%suURLSearchHooks: H - No FilemURLSearchHooks: H - No FileBHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dllBHO: Google Analytics Opt-out Browser Add-on: {75ef13ce-b59e-41ba-8a5a-a944031bd8b4} - c:\program files\google\google analytics opt-out\gaoptout.dllBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dllBHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllTB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileTB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dllTB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dll{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dllmRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exemRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitormRun: [TpShocks] TpShocks.exemRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exemRun: [AcWin7Hlpr] c:\program files\lenovo\access connections\AcTBenabler.exemRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressbootmRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"dRunOnce: [sPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601StartupFolder: c:\users\steve\appdata\roaming\microsoft\windows\start menu\programs\startup\DKOSD.exeStartupFolder: c:\users\steve\appdata\roaming\microsoft\windows\start menu\programs\startup\scr.posStartupFolder: c:\users\steve\appdata\roaming\microsoft\windows\start menu\programs\startup\snd.valmPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)mPolicies-system: DisableCAD = 1 (0x1)IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\evernote\evernote\EvernoteIE.dll/204IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dllIE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabTCP: DhcpNameServer = 192.168.0.1TCP: Interfaces\{4DC3085B-663B-40FF-8F08-6810CC6DA994} : DhcpNameServer = 192.168.0.1TCP: Interfaces\{4DC3085B-663B-40FF-8F08-6810CC6DA994}\26C616A796E67646F6E6B6569713 : DhcpNameServer = 10.0.0.1 192.168.2.1 192.168.0.1TCP: Interfaces\{4DC3085B-663B-40FF-8F08-6810CC6DA994}\26C616A796E67646F6E6B6569723 : DhcpNameServer = 192.168.2.1 192.168.0.1TCP: Interfaces\{4DC3085B-663B-40FF-8F08-6810CC6DA994}\7796C6C6F677 : DhcpNameServer = 192.168.0.1TCP: Interfaces\{4DC3085B-663B-40FF-8F08-6810CC6DA994}\F42716E67656548354439363 : DhcpNameServer = 192.168.1.1TCP: Interfaces\{64E4014A-09DB-4ED4-8B9E-8F29AB5924C7} : DhcpNameServer = 192.168.0.1Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLLHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\10.2.0\ViProtocol.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dllNotify: igfxcui - igfxdev.dllNotify: psfus - c:\program files\thinkvantage fingerprint software\psqlpwd.dllLSA: Notification Packages = scecli c:\program files\thinkvantage fingerprint software\psqlpwd.dll ACGinaHosts: 127.0.0.1 www.spywareinfo.com.================= FIREFOX ===================.FF - ProfilePath - c:\users\steve\appdata\roaming\mozilla\firefox\profiles\yeq9qwmd.default\FF - prefs.js: browser.search.selectedEngine - AVG Secure SearchFF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dc07216&v=7.008.031.001&i=23&tp=ab&iy=&ychte=uk&lng=en-US&q=FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLLFF - plugin: c:\program files\google\picasa3\npPicasa3.dllFF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dllFF - plugin: c:\program files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dllFF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll.============= SERVICES / DRIVERS ===============.R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]R0 bdisk;COMODO Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys [2011-10-5 76208]R0 CBUfs;CBUfs;c:\windows\system32\drivers\cbufs.sys [2011-10-5 182304]R0 cbvd;Comodo Encrypted Virtual Disk;c:\windows\system32\drivers\CBVD.sys [2011-10-5 454248]R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2011-3-27 25968]R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2011-3-29 20592]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2010-9-13 13680]R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]R2 COSService.exe;Comodo Online Storage Service;c:\program files\comodo\common\COSService.exe [2011-10-5 1926448]R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\lenovo\virtscrl\lvvsst.exe [2012-1-10 127336]R2 smihlp2;SMI Helper Driver (smihlp2);c:\program files\thinkvantage fingerprint software\smihlp.sys [2009-3-13 12560]R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2011-6-29 5120]R2 SynchronizationService.exe;Comodo BackUp Service;c:\program files\comodo\common\SynchronizationService.exe [2011-10-5 1619760]R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]R3 vdbus;Virtual Disk Bus Enumerator;c:\windows\system32\drivers\vdbus.sys [2011-6-2 570584]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-11 136176]S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2012-1-10 101736]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 253088]S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2012-2-1 32408]S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-5-3 947528]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]S3 btmhsf;btmhsf;c:\windows\system32\drivers\btmhsf.sys [2011-7-19 225280]S3 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2012-1-10 292200]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-4-11 136176]S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\drivers\iBtFltCoex.sys [2011-7-20 47104]S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2012-2-1 15896]S3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\drivers\ONDAusbmdm6k.sys [2011-1-24 107776]S3 PCDSRVC{3037D694-FD904ACA-06020200}_0;PCDSRVC{3037D694-FD904ACA-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2011-3-31 22640]S3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2011-3-27 89152]S3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\thinkpad\utilities\PWMEWSVC.exe [2011-6-3 175168]S3 reparse;reparse;c:\windows\system32\drivers\cbreparse.sys [2011-10-5 441328]S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-25 52224]S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-14 17920]S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-7-14 20480]S3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\drivers\zghsmdm.sys [2012-2-1 113688]S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856].=============== Created Last 30 ================.2012-04-19 16:31:26 -------- d-----w- c:\program files\1-Wire Drivers x862012-04-12 08:21:29 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-04-12 07:38:24 5120 ----a-w- c:\windows\system32\wmi.dll2012-04-12 07:38:24 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys2012-04-12 07:38:24 172544 ----a-w- c:\windows\system32\wintrust.dll2012-04-12 07:38:24 159232 ----a-w- c:\windows\system32\imagehlp.dll2012-04-12 07:36:20 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-04-12 07:36:19 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe.==================== Find3M ====================.2012-04-19 16:26:26 472808 ----a-w- c:\windows\system32\deployJava1.dll2012-04-14 19:50:19 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-03-22 19:12:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-02-17 05:34:22 826880 ----a-w- c:\windows\system32\rdpcore.dll2012-02-17 04:14:08 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-02-17 04:13:22 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys2012-02-10 05:38:43 1077248 ----a-w- c:\windows\system32\DWrite.dll2012-02-07 10:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX.============= FINISH: 21:41:07.61 ===============and Attach.txt---------.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 20/02/2011 17:07:25System Uptime: 03/05/2012 20:27:37 (1 hours ago).Motherboard: LENOVO | | 7659W23Processor: Intel® Core2 Duo CPU T7500 @ 2.20GHz | None | 2201/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 93 GiB total, 32.521 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e978-e325-11ce-bfc1-08002be10318}Description: Printer PortDevice ID: ACPI\PNP0400\1Manufacturer: (Standard port types)Name: Printer Port (LPT1)PNP Device ID: ACPI\PNP0400\1Service: Parport.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: DgiVecpDevice ID: ROOT\LEGACY_DGIVECP\0000Manufacturer:Name: DgiVecpPNP Device ID: ROOT\LEGACY_DGIVECP\0000Service: DgiVecp.==== System Restore Points ===================.RP174: 12/04/2012 08:34:27 - Windows UpdateRP175: 19/04/2012 10:39:30 - Installed 1-Wire Drivers Version 4.03RP176: 19/04/2012 17:07:17 - Removed Java 6 Update 29RP177: 19/04/2012 17:11:16 - Removed 1-Wire Drivers Version 4.03RP178: 19/04/2012 17:25:47 - Installed Java 6 Update 31RP179: 19/04/2012 17:31:04 - Installed 1-Wire Drivers Version 4.03RP180: 24/04/2012 10:59:28 - Removed Nokia Connectivity Cable DriverRP181: 24/04/2012 11:01:31 - Removed PC Connectivity SolutionRP182: 01/05/2012 23:03:28 - Scheduled Checkpoint.==== Installed Programs ======================..Update for Microsoft Office 2007 (KB2508958)1-Wire Drivers Version 4.037-Zip 9.20Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAgent Ransack 2010Amazon MP3 Downloader 1.0.9Apple Application SupportApple Software UpdateAudibleManagerAVG 2012BitTorrentBullzip PDF Printer 7.2.0.1304Canon Easy-WebPrint EXCanon IJ Network Scan UtilityCanon IJ Network ToolCanon MP Navigator EX 3.1Canon MX350 series MP DriversCanon MX350 series User RegistrationCanon Speed Dial UtilityCanon Utilities Easy-PhotoPrint EXCanon Utilities My PrinterCanon Utilities Solution MenuCCleanerCore FTP LED3DX10Evernote v. 4.4Free ISO Creator version 2.8Google Analytics Opt-out Browser Add-onGoogle EarthGoogle Update HelperGPL Ghostscript Lite 8.70GPSU version 5.09htV-m Download Software 1.0.0.20ImgBurnIntel® Graphics Media Accelerator DriverIntel® TV WizardJava Auto UpdaterJava 6 Update 31Lenovo Auto Scroll UtilityLenovo Patch UtilityLenovo System Interface DriverLenovo ThinkVantage ToolboxMalwarebytes Anti-Malware version 1.60.1.1000Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Standard 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Mozilla Firefox 9.0.1 (x86 en-US)MSVC90_x86MSVCRTMyPhoneExplorerOn Screen DisplayPanda USB Vaccine 1.0.1.4PC Connectivity SolutionPDF-ViewerPicasa 3QuickTimeSamsung ML-4500 SeriesSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSkype Click to CallSkype™ 5.8SoundMAXSpotifySpybot - Search & DestroySpywareBlaster 4.5SUPERAntiSpywareSystem UpdateSysTools PSTUPGRADEThinkPad FullScreen MagnifierThinkPad Hotkey Features Integration SetupThinkPad Power Management DriverThinkPad Power ManagerThinkPad UltraNav DriverThinkPad UltraNav UtilityThinkVantage Access ConnectionsThinkVantage Active Protection SystemThinkVantage Fingerprint SoftwareU232 P9/P25 10.2.98Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596651) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596789) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2598306) 32-Bit EditionUpdate for Microsoft Office Excel 2007 (KB2596596) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Mobile Device CenterWindows Mobile Device Center Driver UpdateWinDust ProWinPatrolZTE Handset USB Driver.==== Event Viewer Messages From Past Week ========.30/04/2012 19:51:46, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.29/04/2012 11:17:27, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.27/04/2012 08:58:09, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{64E4014A-09DB-4ED4-8B9E-8F29AB5924C7} because another computer on the network has the same name. The server could not start.03/05/2012 20:28:34, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.03/05/2012 10:23:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AcSvc service.03/05/2012 10:22:48, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.03/05/2012 09:16:48, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.2 with the system having network hardware address 00-1E-C9-75-11-96. Network operations on this system may be disrupted as a result..==== End Of File ===========================I'd be very grateful for any help..UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 20/02/2011 17:07:25System Uptime: 03/05/2012 20:27:37 (1 hours ago).Motherboard: LENOVO | | 7659W23Processor: Intel® Core2 Duo CPU T7500 @ 2.20GHz | None | 2201/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 93 GiB total, 32.521 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e978-e325-11ce-bfc1-08002be10318}Description: Printer PortDevice ID: ACPI\PNP0400\1Manufacturer: (Standard port types)Name: Printer Port (LPT1)PNP Device ID: ACPI\PNP0400\1Service: Parport.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: DgiVecpDevice ID: ROOT\LEGACY_DGIVECP\0000Manufacturer:Name: DgiVecpPNP Device ID: ROOT\LEGACY_DGIVECP\0000Service: DgiVecp.==== System Restore Points ===================.RP174: 12/04/2012 08:34:27 - Windows UpdateRP175: 19/04/2012 10:39:30 - Installed 1-Wire Drivers Version 4.03RP176: 19/04/2012 17:07:17 - Removed Java 6 Update 29RP177: 19/04/2012 17:11:16 - Removed 1-Wire Drivers Version 4.03RP178: 19/04/2012 17:25:47 - Installed Java 6 Update 31RP179: 19/04/2012 17:31:04 - Installed 1-Wire Drivers Version 4.03RP180: 24/04/2012 10:59:28 - Removed Nokia Connectivity Cable DriverRP181: 24/04/2012 11:01:31 - Removed PC Connectivity SolutionRP182: 01/05/2012 23:03:28 - Scheduled Checkpoint.==== Installed Programs ======================..Update for Microsoft Office 2007 (KB2508958)1-Wire Drivers Version 4.037-Zip 9.20Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAgent Ransack 2010Amazon MP3 Downloader 1.0.9Apple Application SupportApple Software UpdateAudibleManagerAVG 2012BitTorrentBullzip PDF Printer 7.2.0.1304Canon Easy-WebPrint EXCanon IJ Network Scan UtilityCanon IJ Network ToolCanon MP Navigator EX 3.1Canon MX350 series MP DriversCanon MX350 series User RegistrationCanon Speed Dial UtilityCanon Utilities Easy-PhotoPrint EXCanon Utilities My PrinterCanon Utilities Solution MenuCCleanerCore FTP LED3DX10Evernote v. 4.4Free ISO Creator version 2.8Google Analytics Opt-out Browser Add-onGoogle EarthGoogle Update HelperGPL Ghostscript Lite 8.70GPSU version 5.09htV-m Download Software 1.0.0.20ImgBurnIntel® Graphics Media Accelerator DriverIntel® TV WizardJava Auto UpdaterJava 6 Update 31Lenovo Auto Scroll UtilityLenovo Patch UtilityLenovo System Interface DriverLenovo ThinkVantage ToolboxMalwarebytes Anti-Malware version 1.60.1.1000Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Standard 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Mozilla Firefox 9.0.1 (x86 en-US)MSVC90_x86MSVCRTMyPhoneExplorerOn Screen DisplayPanda USB Vaccine 1.0.1.4PC Connectivity SolutionPDF-ViewerPicasa 3QuickTimeSamsung ML-4500 SeriesSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSkype Click to CallSkype™ 5.8SoundMAXSpotifySpybot - Search & DestroySpywareBlaster 4.5SUPERAntiSpywareSystem UpdateSysTools PSTUPGRADEThinkPad FullScreen MagnifierThinkPad Hotkey Features Integration SetupThinkPad Power Management DriverThinkPad Power ManagerThinkPad UltraNav DriverThinkPad UltraNav UtilityThinkVantage Access ConnectionsThinkVantage Active Protection SystemThinkVantage Fingerprint SoftwareU232 P9/P25 10.2.98Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596651) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596789) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2598306) 32-Bit EditionUpdate for Microsoft Office Excel 2007 (KB2596596) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Mobile Device CenterWindows Mobile Device Center Driver UpdateWinDust ProWinPatrolZTE Handset USB Driver.==== Event Viewer Messages From Past Week ========.30/04/2012 19:51:46, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.29/04/2012 11:17:27, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.27/04/2012 08:58:09, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{64E4014A-09DB-4ED4-8B9E-8F29AB5924C7} because another computer on the network has the same name. The server could not start.03/05/2012 20:28:34, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.03/05/2012 10:23:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AcSvc service.03/05/2012 10:22:48, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.03/05/2012 09:16:48, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.2 with the system having network hardware address 00-1E-C9-75-11-96. Network operations on this system may be disrupted as a result..==== End Of File ===========================.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 20/02/2011 17:07:25System Uptime: 03/05/2012 20:27:37 (1 hours ago).Motherboard: LENOVO | | 7659W23Processor: Intel® Core2 Duo CPU T7500 @ 2.20GHz | None | 2201/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 93 GiB total, 32.521 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e978-e325-11ce-bfc1-08002be10318}Description: Printer PortDevice ID: ACPI\PNP0400\1Manufacturer: (Standard port types)Name: Printer Port (LPT1)PNP Device ID: ACPI\PNP0400\1Service: Parport.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: DgiVecpDevice ID: ROOT\LEGACY_DGIVECP\0000Manufacturer:Name: DgiVecpPNP Device ID: ROOT\LEGACY_DGIVECP\0000Service: DgiVecp.==== System Restore Points ===================.RP174: 12/04/2012 08:34:27 - Windows UpdateRP175: 19/04/2012 10:39:30 - Installed 1-Wire Drivers Version 4.03RP176: 19/04/2012 17:07:17 - Removed Java 6 Update 29RP177: 19/04/2012 17:11:16 - Removed 1-Wire Drivers Version 4.03RP178: 19/04/2012 17:25:47 - Installed Java 6 Update 31RP179: 19/04/2012 17:31:04 - Installed 1-Wire Drivers Version 4.03RP180: 24/04/2012 10:59:28 - Removed Nokia Connectivity Cable DriverRP181: 24/04/2012 11:01:31 - Removed PC Connectivity SolutionRP182: 01/05/2012 23:03:28 - Scheduled Checkpoint.==== Installed Programs ======================..Update for Microsoft Office 2007 (KB2508958)1-Wire Drivers Version 4.037-Zip 9.20Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAgent Ransack 2010Amazon MP3 Downloader 1.0.9Apple Application SupportApple Software UpdateAudibleManagerAVG 2012BitTorrentBullzip PDF Printer 7.2.0.1304Canon Easy-WebPrint EXCanon IJ Network Scan UtilityCanon IJ Network ToolCanon MP Navigator EX 3.1Canon MX350 series MP DriversCanon MX350 series User RegistrationCanon Speed Dial UtilityCanon Utilities Easy-PhotoPrint EXCanon Utilities My PrinterCanon Utilities Solution MenuCCleanerCore FTP LED3DX10Evernote v. 4.4Free ISO Creator version 2.8Google Analytics Opt-out Browser Add-onGoogle EarthGoogle Update HelperGPL Ghostscript Lite 8.70GPSU version 5.09htV-m Download Software 1.0.0.20ImgBurnIntel® Graphics Media Accelerator DriverIntel® TV WizardJava Auto UpdaterJava 6 Update 31Lenovo Auto Scroll UtilityLenovo Patch UtilityLenovo System Interface DriverLenovo ThinkVantage ToolboxMalwarebytes Anti-Malware version 1.60.1.1000Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Standard 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Mozilla Firefox 9.0.1 (x86 en-US)MSVC90_x86MSVCRTMyPhoneExplorerOn Screen DisplayPanda USB Vaccine 1.0.1.4PC Connectivity SolutionPDF-ViewerPicasa 3QuickTimeSamsung ML-4500 SeriesSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSkype Click to CallSkype™ 5.8SoundMAXSpotifySpybot - Search & DestroySpywareBlaster 4.5SUPERAntiSpywareSystem UpdateSysTools PSTUPGRADEThinkPad FullScreen MagnifierThinkPad Hotkey Features Integration SetupThinkPad Power Management DriverThinkPad Power ManagerThinkPad UltraNav DriverThinkPad UltraNav UtilityThinkVantage Access ConnectionsThinkVantage Active Protection SystemThinkVantage Fingerprint SoftwareU232 P9/P25 10.2.98Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596651) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596789) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2598306) 32-Bit EditionUpdate for Microsoft Office Excel 2007 (KB2596596) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Mobile Device CenterWindows Mobile Device Center Driver UpdateWinDust ProWinPatrolZTE Handset USB Driver.==== Event Viewer Messages From Past Week ========.30/04/2012 19:51:46, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.29/04/2012 11:17:27, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.27/04/2012 08:58:09, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{64E4014A-09DB-4ED4-8B9E-8F29AB5924C7} because another computer on the network has the same name. The server could not start.03/05/2012 20:28:34, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.03/05/2012 10:23:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AcSvc service.03/05/2012 10:22:48, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.03/05/2012 09:16:48, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.2 with the system having network hardware address 00-1E-C9-75-11-96. Network operations on this system may be disrupted as a result..==== End Of File ===========================.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 20/02/2011 17:07:25System Uptime: 03/05/2012 20:27:37 (1 hours ago).Motherboard: LENOVO | | 7659W23Processor: Intel® Core2 Duo CPU T7500 @ 2.20GHz | None | 2201/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 93 GiB total, 32.521 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e978-e325-11ce-bfc1-08002be10318}Description: Printer PortDevice ID: ACPI\PNP0400\1Manufacturer: (Standard port types)Name: Printer Port (LPT1)PNP Device ID: ACPI\PNP0400\1Service: Parport.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: DgiVecpDevice ID: ROOT\LEGACY_DGIVECP\0000Manufacturer:Name: DgiVecpPNP Device ID: ROOT\LEGACY_DGIVECP\0000Service: DgiVecp.==== System Restore Points ===================.RP174: 12/04/2012 08:34:27 - Windows UpdateRP175: 19/04/2012 10:39:30 - Installed 1-Wire Drivers Version 4.03RP176: 19/04/2012 17:07:17 - Removed Java 6 Update 29RP177: 19/04/2012 17:11:16 - Removed 1-Wire Drivers Version 4.03RP178: 19/04/2012 17:25:47 - Installed Java 6 Update 31RP179: 19/04/2012 17:31:04 - Installed 1-Wire Drivers Version 4.03RP180: 24/04/2012 10:59:28 - Removed Nokia Connectivity Cable DriverRP181: 24/04/2012 11:01:31 - Removed PC Connectivity SolutionRP182: 01/05/2012 23:03:28 - Scheduled Checkpoint.==== Installed Programs ======================..Update for Microsoft Office 2007 (KB2508958)1-Wire Drivers Version 4.037-Zip 9.20Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAgent Ransack 2010Amazon MP3 Downloader 1.0.9Apple Application SupportApple Software UpdateAudibleManagerAVG 2012BitTorrentBullzip PDF Printer 7.2.0.1304Canon Easy-WebPrint EXCanon IJ Network Scan UtilityCanon IJ Network ToolCanon MP Navigator EX 3.1Canon MX350 series MP DriversCanon MX350 series User RegistrationCanon Speed Dial UtilityCanon Utilities Easy-PhotoPrint EXCanon Utilities My PrinterCanon Utilities Solution MenuCCleanerCore FTP LED3DX10Evernote v. 4.4Free ISO Creator version 2.8Google Analytics Opt-out Browser Add-onGoogle EarthGoogle Update HelperGPL Ghostscript Lite 8.70GPSU version 5.09htV-m Download Software 1.0.0.20ImgBurnIntel® Graphics Media Accelerator DriverIntel® TV WizardJava Auto UpdaterJava 6 Update 31Lenovo Auto Scroll UtilityLenovo Patch UtilityLenovo System Interface DriverLenovo ThinkVantage ToolboxMalwarebytes Anti-Malware version 1.60.1.1000Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Standard 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Mozilla Firefox 9.0.1 (x86 en-US)MSVC90_x86MSVCRTMyPhoneExplorerOn Screen DisplayPanda USB Vaccine 1.0.1.4PC Connectivity SolutionPDF-ViewerPicasa 3QuickTimeSamsung ML-4500 SeriesSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSkype Click to CallSkype™ 5.8SoundMAXSpotifySpybot - Search & DestroySpywareBlaster 4.5SUPERAntiSpywareSystem UpdateSysTools PSTUPGRADEThinkPad FullScreen MagnifierThinkPad Hotkey Features Integration SetupThinkPad Power Management DriverThinkPad Power ManagerThinkPad UltraNav DriverThinkPad UltraNav UtilityThinkVantage Access ConnectionsThinkVantage Active Protection SystemThinkVantage Fingerprint SoftwareU232 P9/P25 10.2.98Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596651) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596789) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2598306) 32-Bit EditionUpdate for Microsoft Office Excel 2007 (KB2596596) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Mobile Device CenterWindows Mobile Device Center Driver UpdateWinDust ProWinPatrolZTE Handset USB Driver.==== Event Viewer Messages From Past Week ========.30/04/2012 19:51:46, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.29/04/2012 11:17:27, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.27/04/2012 08:58:09, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{64E4014A-09DB-4ED4-8B9E-8F29AB5924C7} because another computer on the network has the same name. The server could not start.03/05/2012 20:28:34, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.03/05/2012 10:23:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AcSvc service.03/05/2012 10:22:48, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.03/05/2012 09:16:48, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.2 with the system having network hardware address 00-1E-C9-75-11-96. Network operations on this system may be disrupted as a result..==== End Of File =========================== Link to post Share on other sites More sharing options...
MrCharlie Posted May 4, 2012 ID:548719 Share Posted May 4, 2012 Welcome to the forum...see if this worksIf you have the pro version of MB....make sure you have your license key-----------------------Vista and Windows 7 users:1. These tools MUST be run from the executable. (.exe) every time you run them2. With Admin Rights (Right click, choose "Run as Administrator")Go to your control panels add/remove programs and uninstall MalwareBytes Anti-Malware > rebootDownload and run this cleaner:http://www.malwarebytes.org/mbam-clean.exeReboot <---very importantNow download and see if you can install the latest version of MB from here: (disable any malware/anti-virus programs running first)http://www.malwareby...am-download.phpLet me know, MrC Link to post Share on other sites More sharing options...
DeeGee7 Posted May 4, 2012 Author ID:548791 Share Posted May 4, 2012 Thanks for your help.I've followed your instructions & have run a quick scan (incidentally your link to the cleaner wasn't right. it should be http://www.malwarebytes.org/mbam-clean.exe )The download and update worked. I ran a quick scan and it found zero malicious items. Here's the log----------Malwarebytes Anti-Malware 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.05.04.03Windows 7 Service Pack 1 x86 NTFSInternet Explorer 9.0.8112.16421Steve :: T61 [administrator]04/05/2012 17:48:07mbam-log-2012-05-04 (17-48-07).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 256463Time elapsed: 10 minute(s), 11 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
MrCharlie Posted May 4, 2012 ID:548794 Share Posted May 4, 2012 OK, sorry about that...I didn't check it...but it's fixed now.So you're OK now or do you want to check for malware?MrC Link to post Share on other sites More sharing options...
DeeGee7 Posted May 4, 2012 Author ID:548832 Share Posted May 4, 2012 I'm surprised that nothing was found, because the reason I ran MB is that the PC has been running so slowly - taking ages to settle down after booting up.So, yes, I would like to check further for malware. Should I run a full scan? Link to post Share on other sites More sharing options...
MrCharlie Posted May 4, 2012 ID:548834 Share Posted May 4, 2012 Yes run a Full Scan and post the report if something is found.Then......Please remove any usb or external drives from the computer before you run this scan!Please download and run RogueKiller.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.Click Scan to scan the system (don't run any other options, they're not all bad!)Post back the report.MrC Link to post Share on other sites More sharing options...
DeeGee7 Posted May 5, 2012 Author ID:548930 Share Posted May 5, 2012 I've run a full scan - nothing found.I downloaded and ran Rogue Killer. After it showed "loading driver" I got a BSOD.So I logged on as administrator. BSOD again.I think this is the ist time I've had a BSOD since I got the PC over a year ago. Strange. Link to post Share on other sites More sharing options...
MrCharlie Posted May 5, 2012 ID:548964 Share Posted May 5, 2012 Don't worry about it, run this next......Please make sure system restore is running and create a new restore point before continuing.Instructions hereXP users > please back up the registry using ERUNT.-----------------------------------------Please download and run TDSSKiller to your desktop as outlined below:Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.-------------------------Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.------------------------Click the Start Scan button.-----------------------If a suspicious object is detected, the default action will be Skip, click on ContinueIf you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on ContinueAny entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.----------------------If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.--------------------A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.-------------------Here's a summary of what to do if you would like to print it out:If a suspicious object is detected, the default action will be Skip, click on ContinueIf you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on ContinueAny entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.MrC Link to post Share on other sites More sharing options...
DeeGee7 Posted May 5, 2012 Author ID:549023 Share Posted May 5, 2012 TDSS Killer6 unsigned objects found. There were 3 options: skip, copy to quarantine, delete. I chose skip.I couldn't copy and paste the log because I got the error message "post too long". So I've attached the txt file. I'm now rebooting. Link to post Share on other sites More sharing options...
MrCharlie Posted May 5, 2012 ID:549025 Share Posted May 5, 2012 There's no attachment......try again...MrC Link to post Share on other sites More sharing options...
DeeGee7 Posted May 6, 2012 Author ID:549096 Share Posted May 6, 2012 TDSSKiller.2.7.34.0_05.05.2012_21.21.50_log.txtSorry. Here's the attachment. Link to post Share on other sites More sharing options...
MrCharlie Posted May 6, 2012 ID:549118 Share Posted May 6, 2012 That scan was clean.....Please download and run ComboFix.The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.Please visit this webpage for download links, and instructions for running ComboFixhttp://www.bleepingc...to-use-combofixEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Information on disabling your malware programs can be found Here.Make sure you run ComboFix from your desktop. Please include the C:\ComboFix.txt in your next reply for further review.Note:If you get the message Illegal operation attempted on registry key that has been marked for deletion. after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrC Link to post Share on other sites More sharing options...
DeeGee7 Posted May 6, 2012 Author ID:549232 Share Posted May 6, 2012 Here's comboFix.txt---------------ComboFix 12-05-06.03 - Steve 06/05/2012 19:03:18.1.2 - x86Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2006.1085 [GMT 1:00]Running from: c:\users\Danny\Desktop\ComboFix.exeAV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2012-04-06 to 2012-05-06 )))))))))))))))))))))))))))))))..2012-05-06 18:12 . 2012-05-06 18:12 -------- d-----w- c:\users\Default\AppData\Local\temp2012-05-06 18:12 . 2012-05-06 18:12 -------- d-----w- c:\users\Visitor\AppData\Local\temp2012-05-06 18:12 . 2012-05-06 18:12 -------- d-----w- c:\users\Guest\AppData\Local\temp2012-05-04 22:55 . 2012-05-04 23:00 14080 ----a-w- c:\windows\system32\drivers\TrueSight.sys2012-05-04 16:47 . 2012-05-04 16:47 -------- d-----w- c:\users\Steve\AppData\Roaming\Malwarebytes2012-05-04 16:47 . 2012-05-04 16:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-05-04 16:47 . 2012-05-04 16:47 -------- d-----w- c:\programdata\Malwarebytes2012-05-04 16:47 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-04-20 14:16 . 2012-04-20 14:16 -------- d-----w- c:\users\Danny\AppData\Local\DeliciousWidget2012-04-19 16:31 . 2012-04-19 16:31 -------- d-----w- c:\program files\1-Wire Drivers x862012-04-19 16:27 . 2012-04-19 16:27 -------- d-----w- c:\program files\Common Files\Java2012-04-19 15:38 . 2012-04-19 15:38 -------- d-----w- c:\users\Danny\.OneWireViewer2012-04-19 13:14 . 2012-04-19 13:46 -------- d-----r- c:\users\Danny\Dropbox2012-04-19 13:06 . 2012-04-19 13:46 -------- d-----w- c:\users\Danny\AppData\Roaming\Dropbox2012-04-12 08:21 . 2012-05-05 20:38 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-04-12 07:38 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys2012-04-12 07:38 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll2012-04-12 07:38 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll2012-04-12 07:38 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll2012-04-12 07:36 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-04-12 07:36 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-05-05 20:38 . 2011-08-23 18:03 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-04-19 16:26 . 2011-05-26 14:36 472808 ----a-w- c:\windows\system32\deployJava1.dll2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr2012-02-17 05:34 . 2012-03-14 08:27 826880 ----a-w- c:\windows\system32\rdpcore.dll2012-02-17 04:14 . 2012-03-14 08:27 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-02-17 04:13 . 2012-03-14 08:27 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys2012-02-14 23:50 . 2012-02-14 23:50 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe2012-02-14 23:50 . 2012-02-14 23:50 161792 ----a-w- c:\windows\system32\msls31.dll2012-02-14 23:50 . 2012-02-14 23:50 110592 ----a-w- c:\windows\system32\IEAdvpack.dll2012-02-14 23:50 . 2012-02-14 23:50 86528 ----a-w- c:\windows\system32\iesysprep.dll2012-02-14 23:50 . 2012-02-14 23:50 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe2012-02-14 23:50 . 2012-02-14 23:50 63488 ----a-w- c:\windows\system32\tdc.ocx2012-02-14 23:50 . 2012-02-14 23:50 48640 ----a-w- c:\windows\system32\mshtmler.dll2012-02-14 23:50 . 2012-02-14 23:50 367104 ----a-w- c:\windows\system32\html.iec2012-02-14 23:50 . 2012-02-14 23:50 74752 ----a-w- c:\windows\system32\iesetup.dll2012-02-14 23:50 . 2012-02-14 23:50 23552 ----a-w- c:\windows\system32\licmgr10.dll2012-02-14 23:50 . 2012-02-14 23:50 152064 ----a-w- c:\windows\system32\wextract.exe2012-02-14 23:50 . 2012-02-14 23:50 420864 ----a-w- c:\windows\system32\vbscript.dll2012-02-14 23:50 . 2012-02-14 23:50 150528 ----a-w- c:\windows\system32\iexpress.exe2012-02-14 23:50 . 2012-02-14 23:50 142848 ----a-w- c:\windows\system32\ieUnatt.exe2012-02-14 23:50 . 2012-02-14 23:50 11776 ----a-w- c:\windows\system32\mshta.exe2012-02-14 23:50 . 2012-02-14 23:50 101888 ----a-w- c:\windows\system32\admparse.dll2012-02-14 23:50 . 2012-02-14 23:50 35840 ----a-w- c:\windows\system32\imgutil.dll2012-02-10 05:38 . 2012-03-14 08:30 1077248 ----a-w- c:\windows\system32\DWrite.dll2012-02-07 10:02 . 2012-02-07 10:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX2012-01-30 18:31 . 2011-04-29 17:52 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]2012-03-12 13:58 1869152 ----a-w- c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-03-12 1869152].[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveIconOverlay]@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}".[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveOverlayIcon]@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"[HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]2011-10-05 20:04 3312944 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveIconOverlay]@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}".[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveOverlayIcon]@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"[HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]2011-10-05 20:04 3312944 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemInSyncIconOverlay]@="{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}"[HKEY_CLASSES_ROOT\CLSID\{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}]2011-10-05 20:04 3312944 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemModifiedIconOverlay]@="{AE67D273-7253-4236-B55E-D40055B305D6}"[HKEY_CLASSES_ROOT\CLSID\{AE67D273-7253-4236-B55E-D40055B305D6}]2011-10-05 20:04 3312944 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemNewIconOverlay]@="{022F23E9-DA0F-4A86-A728-CAF6150C0B63}"[HKEY_CLASSES_ROOT\CLSID\{022F23E9-DA0F-4A86-A728-CAF6150C0B63}]2011-10-05 20:04 3312944 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-09-30 2295080]"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2011-10-04 1322048]"TpShocks"="TpShocks.exe" [2011-03-29 337256]"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]"AcWin7Hlpr"="c:\program files\Lenovo\Access Connections\AcTBenabler.exe" [2011-10-20 33344]"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2010-11-13 329096]"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-03-12 982880]"ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-19 928096]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2011-04-25 280576].c:\users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DKOSD.exe [2011-3-20 100864]scr.pos [2012-2-5 5]snd.val [2012-2-5 9].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0)"DisableCAD"= 1 (0x1).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]2010-04-02 15:46 100104 ----a-w- c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"aux"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dllSecurity Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp.[HKLM\~\startupfolder\C:^Users^Steve^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^scr.pos]path=c:\users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scr.posbackup=c:\windows\pss\scr.pos.StartupbackupExtension=.Startup.[HKLM\~\startupfolder\C:^Users^Steve^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^snd.val]path=c:\users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\snd.valbackup=c:\windows\pss\snd.val.StartupbackupExtension=.Startup.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]2007-05-31 08:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe.R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 136176]R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2011-08-15 32408]R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528]R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 225280]R3 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2011-10-04 292200]R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 136176]R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-20 47104]R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2011-08-15 15896]R3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [2011-01-24 107776]R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2011-10-04 89152]R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\ThinkPad\Utilities\PWMEWSVC.EXE [2011-10-04 175168]R3 reparse;reparse;c:\windows\system32\DRIVERS\cbreparse.sys [2011-10-05 441328]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-20 1343400]R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2011-08-15 113688]R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]S0 bdisk;COMODO Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys [2011-10-05 76208]S0 CBUfs;CBUfs;c:\windows\system32\drivers\CBUFS.sys [2011-10-05 182304]S0 cbvd;Comodo Encrypted Virtual Disk;c:\windows\system32\DRIVERS\cbvd.sys [2011-10-05 454248]S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2011-10-04 25968]S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2011-03-29 20592]S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2010-09-07 13680]S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]S2 COSService.exe;Comodo Online Storage Service;c:\program files\COMODO\COMMON\COSService.exe [2011-10-05 1926448]S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 127336]S2 smihlp2;SMI Helper Driver (smihlp2);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 12560]S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-03-02 5120]S2 SynchronizationService.exe;Comodo BackUp Service;c:\program files\COMODO\COMMON\SynchronizationService.exe [2011-10-05 1619760]S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 131432]S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]S2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-03-12 918880]S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]S3 vdbus;Virtual Disk Bus Enumerator;c:\windows\system32\DRIVERS\vdbus.sys [2011-06-02 570584]..--- Other Services/Drivers In Memory ---.*Deregistered* - PCDSRVC{3037D694-FD904ACA-06020200}_0.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvcWindowsMobile REG_MULTI_SZ wcescomm rapimgrLocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr.Contents of the 'Scheduled Tasks' folder.2012-05-06 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 20:38].2012-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 20:55].2012-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 20:55].2012-02-05 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:54].2012-05-06 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:54].2012-05-06 c:\windows\Tasks\SystemToolsDailyTest.job- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:54]..------- Supplementary Scan -------.uStart Page = hxxp://www.google.co.uk/uDefault_Search_URL = hxxp://www.google.com/ieuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 192.168.0.1Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dllFF - ProfilePath - c:\users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\yeq9qwmd.default\FF - prefs.js: browser.search.selectedEngine - AVG Secure SearchFF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dc07216&v=7.008.031.001&i=23&tp=ab&iy=&ychte=uk&lng=en-US&q=.- - - - ORPHANS REMOVED - - - -.URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'lsass.exe'(908)c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dllc:\program files\ThinkVantage Fingerprint Software\homefus2.dllc:\program files\ThinkVantage Fingerprint Software\infql2.dll.- - - - - - - > 'Explorer.exe'(5696)c:\program files\COMODO\COMMON\ShellExtension.dllc:\program files\ThinkPad\Utilities\PWMTR32V.DLLc:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLLc:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL.------------------------ Other Running Processes ------------------------.c:\progra~1\AVG\AVG2012\avgrsx.exec:\program files\AVG\AVG2012\avgcsrvx.exec:\windows\system32\ibmpmsvc.exec:\windows\system32\WUDFHost.exec:\program files\ThinkVantage Fingerprint Software\upeksvr.exec:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exec:\windows\system32\AEADISRV.EXEc:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exec:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEc:\program files\Lenovo\Access Connections\AcSvc.exec:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exec:\program files\AVG\AVG2012\avgnsx.exec:\program files\AVG\AVG2012\avgemcx.exec:\progra~1\LENOVO\VIRTSCRL\virtscrl.exec:\windows\system32\taskhost.exec:\program files\LENOVO\HOTKEY\tposdsvc.exec:\program files\Lenovo\HOTKEY\TPONSCR.exec:\windows\system32\conhost.exec:\program files\Lenovo\Zoom\TpScrex.exec:\windows\system32\DllHost.exec:\windows\system32\sppsvc.exec:\program files\Lenovo\System Update\SUService.exe.**************************************************************************.Completion time: 2012-05-06 19:37:38 - machine was rebootedComboFix-quarantined-files.txt 2012-05-06 18:37.Pre-Run: 33,314,025,472 bytes freePost-Run: 45,137,408,000 bytes free.- - End Of File - - 2E8414DC7162561D4B3542BDB1F77C2C Link to post Share on other sites More sharing options...
MrCharlie Posted May 6, 2012 ID:549234 Share Posted May 6, 2012 Looks Good! How's it running?? MrC Link to post Share on other sites More sharing options...
DeeGee7 Posted May 6, 2012 Author ID:549240 Share Posted May 6, 2012 Hard to tell how it's running. I've deliberately not been using it much.The ComboFix was awkward. It rebooted after running, and then its window appeared on the desktop, continually flashing and jumping about the screen, with CPU usage 100% . So after about 15 minutes of this, I shut down using task manager and rebooted as administrator.Does "Looks Good" mean that the PC appears to be clean? Link to post Share on other sites More sharing options...
MrCharlie Posted May 6, 2012 ID:549241 Share Posted May 6, 2012 I don't see any malware on the system, please do thIS:Download TFC to your desktopClose any open windows.Double click the TFC icon to run the programTFC will close all open programs itself in order to run,Click the Start button to begin the process.Allow TFC to run uninterrupted.The program should not take long to finish it's jobOnce its finished it should automatically reboot your machine,if it doesn't, manually reboot to ensure a complete clean-------------------------I can give you some links to help you with slow computers.MrC Link to post Share on other sites More sharing options...
DeeGee7 Posted May 7, 2012 Author ID:549368 Share Posted May 7, 2012 MrC,I've run TFC. Things do appear to be a bit snappier now.I would appreciate some links to help with speed.Pardon my ignorance, but what exactly does "slopw OPs" mean?Thanks for all your help. It's been very reassuring. Link to post Share on other sites More sharing options...
DeeGee7 Posted May 7, 2012 Author ID:549371 Share Posted May 7, 2012 I forgot to ask. Should I now uninstall ComboFix? And anything else that I've run? Link to post Share on other sites More sharing options...
MrCharlie Posted May 7, 2012 ID:549374 Share Posted May 7, 2012 OK, that's good.Pardon my ignorance, but what exactly does "slopw OPs" mean?I guess I meant operating systems, anyway here's the links:http://forums.malwar...showtopic=81990http://users.telenet...owcomputer.htmlhttp://www.malwarere...nningslowly.php----------------------------------A little clean up to do.......Please Uninstall ComboFix:Press the Windows logo key + R to bring up the "run box"Copy and paste next command in the field:ComboFix /uninstallMake sure there's a space between Combofix and /Then hit enter.This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point---------------------------------Please download OTL from one of the links below:http://oldtimer.geekstogo.com/OTL.exehttp://oldtimer.geekstogo.com/OTL.comSave it to your desktop.Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)Any other programs or logs you can manually delete.-------------------------------You have out date Java on the system, older versions are vulnerable to malware.Java™ 6 Update 31<---should be 32Please go to your control panel > Java > Update Tab > Update NowHere's the Java Update info:-----------------------------------Any questions...please post back.If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.Take a look at My Preventive Maintenance to avoid being infected again.Good Luck and Thanks for using the forum, MrC Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 8, 2012 ID:549759 Share Posted May 8, 2012 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts