Jump to content

Loaded with bugs


Recommended Posts

Hello, My computer has caught a number of nasty bugs. First, when started tons of popups come up with some bogus errors and the computer shuts down.

Through the use of MBAM I got the popups to stop but many of my desktop icons were missing, and most my programs were missing from the start menu.

Using unhide and combofix from bleeping computer I was able to get the icons back on my desktop and in the start menu

However the some of my google search results link to random websites and internet explorer pops up with strange websites.

Any ideas? Below, as per normally requested are the current up-to-date outputs from MBAM and ComboFix and DDS

thanks

####MBAM quick scan report######

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8165

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18813

11/14/2011 9:40:43 PM

mbam-log-2011-11-14 (21-40-43).txt

Scan type: Quick scan

Objects scanned: 167630

Time elapsed: 7 minute(s), 54 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

#####3Combofix report#######

ComboFix 11-11-12.04 - **11/12/2011 17:41:23.1.2 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2014.1067 [GMT -8:00]

Running from: C:\Users\***\Desktop\malware\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

### DDS REPORT ##############

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_29

Run by Renee at 21:27:12 on 2011-11-14

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2014.877 [GMT -8:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\ibmpmsvc.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\rundll32.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

C:\Windows\system32\IPSSVC.EXE

C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\AEADISRV.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\TpShocks.exe

C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe

C:\Program Files\Lenovo\Zoom\TpScrex.exe

C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE

C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program Files\Lenovo\AwayTask\AwaySch.EXE

C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE

C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE

C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Windows\System32\rundll32.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\Windows\System32\TPHDEXLG.exe

C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe

c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Lenovo\Logger\logmon.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

c:\program files\lenovo\system update\suservice.exe

C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\System32\notepad.exe

C:\Program Files\Hamster Soft\Free VideoConverter\HamsterVideoConverter.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\REGSVR32.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10w_Plugin.exe -update plugin

mRun: [TPFNF7] c:\progra~1\lenovo\npdirect\TPFNF7SP.exe /r

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe

mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor

mRun: [bLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BTVLogEx.DLL,StartBattLog

mRun: [TpShocks] TpShocks.exe

mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe

mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe

mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"

mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE

mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe

mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe

mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe

mRun: [LenovoOobeOffers] c:\swtools\lenovowelcome\lenovooobeoffers.exe /filepath="c:\swshare\firstrun.txt"

mRun: [gemstrmw] c:\windows\system32\gemstrmw.exe /r

mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe

mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe

mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent

mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"

mRun: [Message Center Plus] c:\program files\lenovo\message center plus\MCPLaunch.exe /start

mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe

StartupFolder: c:\users\renee\appdata\roaming\micros~1\windows\startm~1\programs\startup\lenovo~1.lnk - c:\swtools\lenovowelcome\LenovoWelcome.cmd

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\imagem~1.lnk - c:\program files\pixela\imagemixer 3 se ver.6\transfer utility\CameraMonitor.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: MasterCook: Select Image - c:\program files\mastercook 9\web\MCIEContext.hta

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {E6EF5071-7647-4E85-9785-87B6CF5CB561} - {C92041C1-6D22-4069-BA0E-66246AA752B0} - c:\windows\system32\shdocvw.dll

IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.200.1

TCP: Interfaces\{B0287FBF-A349-468B-A3AC-9CAEF7A47773} : DhcpNameServer = 192.168.200.1

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\renee\appdata\roaming\mozilla\firefox\profiles\h7tic5hf.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\users\renee\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\users\renee\appdata\roaming\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\users\renee\appdata\roaming\move networks\plugins\npqmp071505000011.dll

FF - plugin: c:\users\renee\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\renee\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

============= SERVICES / DRIVERS ===============

.

R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2010-11-5 24304]

R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-10-16 19504]

R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2010-11-5 13480]

R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2010-11-5 132456]

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736]

R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\lenovo\virtscrl\lvvsst.exe [2010-11-5 93032]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-12 366152]

R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-11-5 75112]

R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2007-7-8 63928]

R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-1-8 569344]

R3 LenovoRd;LenovoRd;c:\windows\system32\drivers\LenovoRd.sys [2007-11-3 81280]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-12 22216]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-3-4 4232704]

R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2007-5-22 30336]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-9 133104]

S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2010-11-5 45496]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-9 133104]

.

=============== Created Last 30 ================

.

2011-11-13 04:36:12 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{de70b03a-e02b-408b-b053-d142f5a28f71}\offreg.dll

2011-11-13 02:36:42 -------- d-----w- c:\program files\ESET

2011-11-13 02:21:37 -------- d-sh--w- C:\$RECYCLE.BIN

2011-11-13 01:32:44 98816 ----a-w- c:\windows\sed.exe

2011-11-13 01:32:44 518144 ----a-w- c:\windows\SWREG.exe

2011-11-13 01:32:44 256000 ----a-w- c:\windows\PEV.exe

2011-11-13 01:32:44 208896 ----a-w- c:\windows\MBR.exe

2011-11-13 01:31:30 -------- d-----w- C:\ComboFix

2011-11-12 20:50:27 -------- d-----w- c:\users\renee\appdata\roaming\Malwarebytes

2011-11-12 20:50:14 -------- d-----w- c:\programdata\Malwarebytes

2011-11-12 20:50:10 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-12 20:50:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-11-10 02:50:36 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{de70b03a-e02b-408b-b053-d142f5a28f71}\mpengine.dll

.

==================== Find3M ====================

.

2011-10-03 13:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-09-04 20:23:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

============= FINISH: 21:33:24.67 ===============

Link to post
Share on other sites

### minitoolbox result ####

MiniToolBox by Farbar

Ran by Renee (administrator) on 14-11-2011 at 21:59:43

Windows Vista Home Basic Service Pack 2 (X86)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global icmpredirects=enabled

add address name="Local Area Connection" address=192.168.200.4

popd

# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : ***-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : westell.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : westell.com

Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection

Physical Address. . . . . . . . . : 00-1C-BF-25-6C-7C

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::4544:14ff:756b:8b89%9(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.200.45(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Monday, November 14, 2011 9:10:05 PM

Lease Expires . . . . . . . . . . : Tuesday, November 15, 2011 9:10:00 PM

Default Gateway . . . . . . . . . : 192.168.200.1

DHCP Server . . . . . . . . . . . : 192.168.200.1

DHCPv6 IAID . . . . . . . . . . . : 151002303

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-BE-05-F8-00-1E-37-1A-51-6B

DNS Servers . . . . . . . . . . . : 192.168.200.1

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® 82566MM Gigabit Network Connection

Physical Address. . . . . . . . . : 00-1E-37-1A-51-6B

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : westell.com

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : 6TO4 Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : isatap.{365FA7CA-2256-493E-96FA-D0782C5D95FE}

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 02-00-54-55-4E-01

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c91:1316:9cdd:ec80(Preferred)

Link-local IPv6 Address . . . . . : fe80::c91:1316:9cdd:ec80%13(Preferred)

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: hubrouter.westell.com

Address: 192.168.200.1

Name: google.com

Addresses: 74.125.224.49

74.125.224.51

74.125.224.50

74.125.224.48

74.125.224.52

Pinging google.com [74.125.224.52] with 32 bytes of data:

Reply from 74.125.224.52: bytes=32 time=26ms TTL=52

Reply from 74.125.224.52: bytes=32 time=25ms TTL=52

Ping statistics for 74.125.224.52:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 25ms, Maximum = 26ms, Average = 25ms

Server: hubrouter.westell.com

Address: 192.168.200.1

Name: yahoo.com

Addresses: 98.139.180.149

209.191.122.70

67.195.160.76

72.30.2.43

98.137.149.56

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=61ms TTL=54

Reply from 209.191.122.70: bytes=32 time=63ms TTL=54

Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 61ms, Maximum = 63ms, Average = 62ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 1ms, Maximum = 1ms, Average = 1ms

===========================================================================

Interface List

9 ...00 1c bf 25 6c 7c ...... Intel® PRO/Wireless 3945ABG Network Connection

8 ...00 1e 37 1a 51 6b ...... Intel® 82566MM Gigabit Network Connection

1 ........................... Software Loopback Interface 1

17 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

12 ...00 00 00 00 00 00 00 e0 6TO4 Adapter

16 ...00 00 00 00 00 00 00 e0 isatap.{365FA7CA-2256-493E-96FA-D0782C5D95FE}

13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.200.1 192.168.200.45 25

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

192.168.200.0 255.255.255.0 On-link 192.168.200.45 281

192.168.200.45 255.255.255.255 On-link 192.168.200.45 281

192.168.200.255 255.255.255.255 On-link 192.168.200.45 281

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.200.45 281

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.200.45 281

===========================================================================

Persistent Routes:

None

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

13 18 ::/0 On-link

1 306 ::1/128 On-link

13 18 2001::/32 On-link

13 266 2001:0:4137:9e76:c91:1316:9cdd:ec80/128

On-link

9 281 fe80::/64 On-link

13 266 fe80::/64 On-link

13 266 fe80::c91:1316:9cdd:ec80/128

On-link

9 281 fe80::4544:14ff:756b:8b89/128

On-link

1 306 ff00::/8 On-link

13 266 ff00::/8 On-link

9 281 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)

Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)

Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)

Catalog5 05 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)

Catalog5 06 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)

Catalog5 07 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)

Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)

Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (11/14/2011 09:56:30 PM) (Source: Perflib) (User: )

Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (11/14/2011 09:56:30 PM) (Source: Perflib) (User: )

Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (11/14/2011 09:49:18 PM) (Source: Application Error) (User: )

Description: Faulting application iexplore.exe, version 8.0.6001.18813, time stamp 0x4a6621ae, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000065,

process id 0x938, application start time 0xiexplore.exe0.

Error: (11/14/2011 09:14:48 PM) (Source: Application Error) (User: )

Description: Faulting application iexplore.exe, version 8.0.6001.18813, time stamp 0x4a6621ae, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x8b51e44d,

process id 0x16fc, application start time 0xiexplore.exe0.

Error: (11/13/2011 01:00:37 PM) (Source: Perflib) (User: )

Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (11/13/2011 01:00:37 PM) (Source: Perflib) (User: )

Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (11/13/2011 07:54:48 AM) (Source: Application Error) (User: )

Description: Faulting application iexplore.exe, version 8.0.6001.18813, time stamp 0x4a6621ae, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0xb4758bff,

process id 0x150c, application start time 0xiexplore.exe0.

Error: (11/12/2011 10:35:47 PM) (Source: VSS) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.

This is often caused by incorrect security settings in either the writer or requestor process.

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {93684a62-9371-44ac-9a6e-bfe487aef3d6}

Error: (11/12/2011 09:54:16 PM) (Source: Application Error) (User: )

Description: Faulting application iexplore.exe, version 8.0.6001.18813, time stamp 0x4a6621ae, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x13f068e9,

process id 0x1438, application start time 0xiexplore.exe0.

Error: (11/12/2011 09:13:38 PM) (Source: Application Error) (User: )

Description: Faulting application iexplore.exe, version 8.0.6001.18813, time stamp 0x4a6621ae, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0xb44589ff,

process id 0xd50, application start time 0xiexplore.exe0.

System errors:

=============

Error: (11/14/2011 09:10:05 PM) (Source: Microsoft-Windows-TBS) (User: LOCAL SERVICE)

Description: 0x8007045d

Error: (11/13/2011 00:59:35 PM) (Source: TPM) (User: )

Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (11/13/2011 00:59:35 PM) (Source: Microsoft-Windows-TBS) (User: LOCAL SERVICE)

Description: 0x8007045d

Error: (11/13/2011 07:50:08 AM) (Source: TPM) (User: )

Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (11/13/2011 07:50:08 AM) (Source: Microsoft-Windows-TBS) (User: LOCAL SERVICE)

Description: 0x8007045d

Error: (11/12/2011 08:37:02 PM) (Source: Service Control Manager) (User: )

Description: UPnP Device HostSSDP Discovery%%1058

Error: (11/12/2011 08:37:02 PM) (Source: Service Control Manager) (User: )

Description: Parallel port driver%%1058

Error: (11/12/2011 08:11:00 PM) (Source: Service Control Manager) (User: )

Description: Windows Search%%1053

Error: (11/12/2011 08:11:00 PM) (Source: Service Control Manager) (User: )

Description: 30000Windows Search

Error: (11/12/2011 08:11:00 PM) (Source: DCOM) (User: )

Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Microsoft Office Sessions:

=========================

Error: (11/14/2011 09:56:30 PM) (Source: Perflib)(User: )

Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (11/14/2011 09:56:30 PM) (Source: Perflib)(User: )

Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (11/14/2011 09:49:18 PM) (Source: Application Error)(User: )

Description: iexplore.exe8.0.6001.188134a6621aeunknown0.0.0.000000000c00000050000006593801cca359f9c76950

Error: (11/14/2011 09:14:48 PM) (Source: Application Error)(User: )

Description: iexplore.exe8.0.6001.188134a6621aeunknown0.0.0.000000000c00000058b51e44d16fc01cca354e69923f0

Error: (11/13/2011 01:00:37 PM) (Source: Perflib)(User: )

Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (11/13/2011 01:00:37 PM) (Source: Perflib)(User: )

Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (11/13/2011 07:54:48 AM) (Source: Application Error)(User: )

Description: iexplore.exe8.0.6001.188134a6621aeunknown0.0.0.000000000c0000005b4758bff150c01cca21bf4792ae0

Error: (11/12/2011 10:35:47 PM) (Source: VSS)(User: )

Description: 0x80070005

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {93684a62-9371-44ac-9a6e-bfe487aef3d6}

Error: (11/12/2011 09:54:16 PM) (Source: Application Error)(User: )

Description: iexplore.exe8.0.6001.188134a6621aeunknown0.0.0.000000000c000000513f068e9143801cca1c78c18c5b4

Error: (11/12/2011 09:13:38 PM) (Source: Application Error)(User: )

Description: iexplore.exe8.0.6001.188134a6621aeunknown0.0.0.000000000c0000005b44589ffd5001cca1c2a919a534

========================= Memory info: ===================================

Percentage of memory in use: 52%

Total physical RAM: 2013.53 MB

Available physical RAM: 949.95 MB

Total Pagefile: 4264.34 MB

Available Pagefile: 2827.75 MB

Total Virtual: 2047.88 MB

Available Virtual: 1952.21 MB

========================= Partitions: =====================================

1 Drive c: (SW_Preload) (Fixed) (Total:105.66 GB) (Free:8.48 GB) NTFS

========================= Users: ========================================

User accounts for \\**-PC

Administrator ASPNET Guest

****

**** End of log ****

Link to post
Share on other sites

ALSO DDS ATTACH

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume2

Install Date: 11/3/2007 3:38:11 AM

System Uptime: 11/14/2011 6:48:45 PM (3 hours ago)

.

Motherboard: LENOVO | | 7662CTO

Processor: Intel® Core2 Duo CPU T7250 @ 2.00GHz | None | 2001/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 106 GiB total, 8.476 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

.

Access Help

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 10 Plugin

Adobe Flash Player ActiveX

Adobe Photoshop CS

Adobe Reader 8.3.1

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AutoUpdate

Bonjour

Canon RAW Image Task for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

Canon Utilities Digital Photo Professional 3.4

Canon Utilities EOS Utility

Canon Utilities MyCamera

Canon Utilities Original Data Security Tools

Canon Utilities PhotoStitch

Canon Utilities Picture Style Editor

Canon Utilities RemoteCapture Task for ZoomBrowser EX

Canon Utilities WFT-E1/E2/E3 Utility

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Client Security - Password Manager

Compatibility Pack for the 2007 Office system

Curl RTE 6.0.2

Diskeeper Home

DivX Codec

DivX Converter

DivX Player

DivX Web Player

Drag-to-Disc

DVD Decrypter (Remove Only)

DVD Shrink 3.2

DVDFab 6.0.4.0 (28/07/2009)

EOS USB WIA Driver

ESET Online Scanner v3

Facebook Plug-In

ffdshow [rev 1723] [2007-12-24]

Free Video Converter 1.0

Gemplus Smart Card Reader Tools

Google Earth Plug-in

Google Talk Plugin

Google Update Helper

Hamster Free Video Convertor

HamsterFreeVideoConverter

Handbrake 0.9.4

Help Center

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

ImageMixer 3 SE Ver.6 Transfer Utility

ImageMixer 3 SE Ver.6 Video Tools

Intel PROSet Wireless

Intel® PRO Network Connections Drivers

Intel® PROSet/Wireless WiFi Software

InterVideo Register Manager

InterVideo WinDVD

iTunes

Java Auto Updater

Java 6 Update 29

Lenovo Auto Scroll Utility

Lenovo Registration

Lenovo System Interface Driver

LiveUpdate 3.2 (Symantec Corporation)

LiveUpdate Notice (Symantec Corporation)

Maintenance Manager

Malwarebytes' Anti-Malware version 1.51.2.1300

MasterCook Deluxe 9.1

Message Center

Message Center Plus

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB929729)

Microsoft .NET Framework 3.5 SP1

Microsoft Office 2003 Web Components

Microsoft Office Professional Edition 2003

Microsoft Office Small Business Connectivity Components

Microsoft Silverlight

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox 7.0.1 (x86 en-US)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

Multimedia Center For Think Offerings

Netflix Movie Viewer

NVIDIA Drivers

On Screen Display

Picasa 3

Presentation Director

Productivity Center Supplement for ThinkPad

QuickTime

Registry patch for Windows Vista USB S3 PM Enablement

Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista

Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista

Registry patch to improve USB device detection on resume from sleep for Windows Vista

Rescue and Recovery

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02

Seagate Manager Installer

Skype™ 5.5

Sonic Icons for Lenovo

SoundMAX

Spelling Dictionaries Support For Adobe Reader 8

System Migration Assistant

System Requirements Lab

System Update

ThinkPad Bluetooth with Enhanced Data Rate Software 6.0.1.4900

ThinkPad EasyEject Utility

ThinkPad FullScreen Magnifier

ThinkPad Hotkey Features Integration Setup

ThinkPad Hotkey Features Setup

ThinkPad Keyboard Customizer Utility

ThinkPad Mobility Center Customization

ThinkPad Modem

ThinkPad Power Management Driver

ThinkPad Power Manager

ThinkPad UltraNav Driver

ThinkPad UltraNav Utility

ThinkVantage Access Connections

ThinkVantage Active Protection System

ThinkVantage Productivity Center

ThinkVantage Technologies Welcome Message

Trivial Pursuit Digital Choice v1.3.0 for Windows XP/Vista

TVersity Codec Pack 1.2

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

VideoLAN VLC media player 0.8.6i

Wallpapers

WD Discovery Software

Windows Driver Package - Intel (e1express) Net (02/27/2007 9.7.37.0)

Windows Driver Package - Intel (iaStor) hdc (02/12/2007 7.0.0.1020)

Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)

Windows Driver Package - Intel hdc (12/06/2006 6.8.0.3002)

Windows Driver Package - Intel System (09/15/2006 7.0.0.1011)

Windows Driver Package - Intel System (09/15/2006 8.0.0.1008)

Windows Driver Package - Intel System (09/15/2006 8.0.0.1010)

Windows Driver Package - Intel System (09/15/2006 8.2.0.1000)

Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008)

Windows Driver Package - Lenovo (IBMPMDRV) System (05/31/2007 1.43)

Windows Live Toolbar

Xvid 1.1.3 final uninstall

.

==== Event Viewer Messages From Past Week ========

.

11/14/2011 9:10:05 PM, Error: Microsoft-Windows-TBS [516] - An error occurred while communicating with the TPM. The driver returned 0x8007045d.

11/13/2011 12:59:35 PM, Error: TPM [13] - The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

11/12/2011 8:37:02 PM, Error: Service Control Manager [7001] - The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/12/2011 8:37:02 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/12/2011 8:11:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

11/12/2011 8:11:00 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/12/2011 8:11:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/12/2011 6:21:20 PM, Error: EventLog [6008] - The previous system shutdown at 6:17:38 PM on 11/12/2011 was unexpected.

11/12/2011 6:14:07 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

11/12/2011 5:40:02 PM, Error: Service Control Manager [7034] - The tvtnetwk service terminated unexpectedly. It has done this 1 time(s).

11/12/2011 5:37:15 PM, Error: Service Control Manager [7034] - The XAudioService service terminated unexpectedly. It has done this 1 time(s).

11/12/2011 4:25:13 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.

11/12/2011 4:24:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

11/12/2011 12:40:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}

11/12/2011 12:39:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: lenovo.smi spldr TPPWRIF Wanarpv6

11/12/2011 12:39:44 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

11/12/2011 12:39:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/12/2011 12:39:06 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21

11/12/2011 12:39:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/12/2011 12:38:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

11/12/2011 12:38:38 PM, Error: EventLog [6008] - The previous system shutdown at 12:36:31 PM on 11/12/2011 was unexpected.

11/12/2011 1:15:04 PM, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the UPnP Device Host service which failed to start because of the following error: The dependency service or group failed to start.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebyes.

Bumping your topic makes it seem like you are already being helped, and as you've noticed, you were overlooked because of it.

Please update MBAM, run a Quick Scan, and post its log.

Next, delete your copy of ComboFix.

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

  • 3 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.