Jump to content

mandynath

Honorary Members
  • Posts

    23
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I am in no mans land..: After installing the restore software software from Lenovo I still have problems but not the same as before They now suspect either my installations disk are faulty or my hard drive has problem F***************Hell. OMG Tomorrow I take it for a hardware check up ana hopefully install to original software. This has been two of the worst week in my life! Lots of things have gone wrong and it's still not right... It's like my installation is messed up ans may need to do another install or change hard drive ..,.. Lesson learnt. BUY the malware software DONt use a trial I have bought the full version of avast Internet and malware. But too late. The virus got in ana messed up in windows installation ... How or why is too late to say I will update you As and when I know what has happened
  2. This has taken too long. I suspect and agree with others and my laptop dealer that windows has become corrupted. All virus check cant find this threat or they crash There is no way out but restore to factory settings. I have backed up and now in the process of recovery. Will let u know
  3. I have been unsuccessful in backing up. Crashes usually first 1% or last 25%. In avast scan in safe and normal quxik scan ok by long scan Crashes Even now Defrag. Did but nothing was defrag. Did it twice Doing a chkdsk scan for bad sectors now Will attempt restart to do a fix file system I am getting really pissed at the laptop. Nothing seems to be able to complete its cycle. Plus when it crashes the laptops heats up really hot on the underside and the fan cuts out. Black screen or just freezes screen This all started when malwarebytes trial ended. What can I do now? I am at my wits end and have so much work to do but don't know if I can risk doing my banking or work stuff.
  4. Before I do a defrag I wanted to back up my files. Failed a few times. Think I got one back up but want to do it one more time Will update u and I'm hoping to do a virus scan too with avast overnight
  5. Ok so after a few attempts. I have managed to do chdisk. I tried to do a back up wh
  6. So after a night of waiting chkdsk I decided to switch off. After a few more attempts I decided to do the checks separately The fix file systems error test successfully done Half way through the recovery of bad sectors scan. Which is very very slow But is scanning Will update you after this scan. I think another 2 hours...
  7. Update Safe mode Avast quick scan. Ok Long scan. Crashed. Had it running for nearly 3 hours when I decided to switch it off Malwarebytes. Crashes during scan. Had to switch it off too There is defiantly something wrong. What can I do ? Mandy
  8. Ok. Will do and will do quick scan first in both ans if ok then will do full scan. Will report back within a day or two Mandy
  9. ... blank grey screen I mean... pops up during my recent avast scan that i cancelled today
  10. its ok but no virus support. avast and defender are still off. I really like avast to do a complete scan without crashing. I also like to get malwarebytes to be able to scan without crashing too. I still think something is wrong... I never get black grey screens EVER and since friday night they pop up during virus scans and then the whole computer....
  11. Hi again I attempted an avast scan but was able to cancel it as it had stopped working. A grey screen kept coming up when i tried top cancel the scan Also when I did the eset scan - 2 times - a windows message popped up saying eset scan had stopped working see below the log what should i try next? mandy ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=53251
  12. here you go... MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: LENOVO BIOS Manufacturer: LENOVO System Manufacturer: LENOVO System Product Name: 44016PB Logical Drives Mask: 0x0003000c Kernel Drivers (total 227): 0x0305F000 \SystemRoot\system32\ntoskrnl.exe 0x03016000 \SystemRoot\system32\hal.dll 0x00BAF000 \SystemRoot\system32\kdcom.dll 0x00CA4000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00CF3000 \SystemRoot\system32\PSHED.dll 0x00D07000 \SystemRoot\system32\CLFS.SYS 0x00EF2000 \SystemRoot\system32\CI.dll 0x00E00000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00EA4000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00D65000 \SystemRoot\system32\drivers\ACPI.sys 0x00EB3000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00EBC000 \SystemRoot\system32\drivers\msisadrv.sys 0x00FB2000 \SystemRoot\system32\drivers\pci.sys 0x00FE5000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00EC6000 \SystemRoot\System32\drivers\partmgr.sys 0x00EDB000 \SystemRoot\system32\drivers\compbatt.sys 0x00EE4000 \SystemRoot\system32\drivers\BATTC.SYS 0x00DBC000 \SystemRoot\system32\drivers\volmgr.sys 0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys 0x00C5C000 \SystemRoot\System32\drivers\mountmgr.sys 0x01048000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x0119C000 \SystemRoot\system32\drivers\atapi.sys 0x011A5000 \SystemRoot\system32\drivers\ataport.SYS 0x011CF000 \SystemRoot\system32\drivers\msahci.sys 0x011DA000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x011EA000 \SystemRoot\system32\drivers\amdxata.sys 0x0125F000 \SystemRoot\system32\drivers\fltmgr.sys 0x012AB000 \SystemRoot\system32\drivers\fileinfo.sys 0x0143B000 \SystemRoot\System32\Drivers\Ntfs.sys 0x012BF000 \SystemRoot\System32\Drivers\msrpc.sys 0x015DE000 \SystemRoot\System32\Drivers\ksecdd.sys 0x0131D000 \SystemRoot\System32\Drivers\cng.sys 0x01400000 \SystemRoot\System32\drivers\pcw.sys 0x01411000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01628000 \SystemRoot\system32\drivers\ndis.sys 0x0171B000 \SystemRoot\system32\drivers\NETIO.SYS 0x0177B000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x01835000 \SystemRoot\System32\drivers\tcpip.sys 0x01A38000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01A82000 \SystemRoot\system32\drivers\volsnap.sys 0x01ACE000 \SystemRoot\System32\DRIVERS\ApsHM64.sys 0x01AD8000 \SystemRoot\System32\Drivers\spldr.sys 0x01AE0000 \SystemRoot\System32\drivers\rdyboost.sys 0x01B1A000 \SystemRoot\System32\DRIVERS\Apsx64.sys 0x01B40000 \SystemRoot\System32\Drivers\mup.sys 0x01B52000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01B5B000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x01B95000 \SystemRoot\system32\drivers\disk.sys 0x01BAB000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x0417C000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x02E8E000 \SystemRoot\System32\Drivers\aswSnx.SYS 0x02F7C000 \SystemRoot\System32\Drivers\Null.SYS 0x02F85000 \SystemRoot\System32\Drivers\Beep.SYS 0x0F243000 \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS 0x103E8000 \SystemRoot\System32\drivers\vga.sys 0x0F200000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x0F225000 \SystemRoot\System32\drivers\watchdog.sys 0x0F235000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x103F6000 \SystemRoot\system32\drivers\rdpencdd.sys 0x02F8C000 \SystemRoot\system32\drivers\rdprefmp.sys 0x02F95000 \SystemRoot\System32\Drivers\Msfs.SYS 0x02FA0000 \SystemRoot\System32\Drivers\Npfs.SYS 0x02FB1000 \SystemRoot\system32\DRIVERS\tdx.sys 0x02FD3000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x02FE0000 \SystemRoot\System32\Drivers\aswTdi.SYS 0x02E00000 \SystemRoot\system32\drivers\afd.sys 0x041A6000 \SystemRoot\System32\Drivers\aswrdr2.sys 0x041B6000 \SystemRoot\System32\DRIVERS\netbt.sys 0x02FF2000 \SystemRoot\system32\drivers\ws2ifsl.sys 0x04000000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x01800000 \SystemRoot\system32\DRIVERS\pacer.sys 0x01BE9000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x01826000 \SystemRoot\system32\DRIVERS\netbios.sys 0x017A5000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x04009000 \SystemRoot\System32\drivers\Tppwr64v.sys 0x017C0000 \SystemRoot\system32\DRIVERS\termdd.sys 0x0138F000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x017D4000 \SystemRoot\system32\drivers\nsiproxy.sys 0x017E0000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x017EB000 \SystemRoot\system32\DRIVERS\smiifx64.sys 0x01600000 \SystemRoot\System32\drivers\discache.sys 0x0141B000 \SystemRoot\System32\Drivers\dfsc.sys 0x0160F000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x01200000 \SystemRoot\System32\Drivers\aswSP.SYS 0x01000000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x0421F000 \SystemRoot\system32\DRIVERS\atikmpag.sys 0x04A37000 \SystemRoot\system32\DRIVERS\atikmdag.sys 0x05834000 \SystemRoot\system32\DRIVERS\igdpmd64.sys 0x0426E000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x0536C000 \SystemRoot\System32\drivers\dxgmms1.sys 0x063ED000 \SystemRoot\system32\DRIVERS\HECIx64.sys 0x05800000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x04362000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x053B2000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x066D0000 \SystemRoot\system32\DRIVERS\NETwNs64.sys 0x06F56000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x06F63000 \SystemRoot\system32\DRIVERS\jmcr.sys 0x06F91000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0x06600000 \SystemRoot\system32\DRIVERS\Rt64win7.sys 0x06685000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x05405000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x0546B000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x0546D000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x0547C000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys 0x05489000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x05492000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x05497000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x054A6000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x054B3000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x054C9000 \SystemRoot\system32\DRIVERS\CompositeBus.sys 0x054D9000 \SystemRoot\system32\DRIVERS\serscan.sys 0x054E1000 \SystemRoot\system32\drivers\ksthunk.sys 0x054E7000 \SystemRoot\system32\drivers\ks.sys 0x0552A000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x05540000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x05564000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x05570000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x0559F000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x055BA000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x055DB000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x066A3000 \SystemRoot\system32\DRIVERS\psadd.sys 0x055F5000 \SystemRoot\system32\DRIVERS\swenum.sys 0x066B1000 \SystemRoot\system32\DRIVERS\iwdbus.sys 0x066BD000 \SystemRoot\system32\DRIVERS\umbus.sys 0x07434000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x0748E000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x09063000 \SystemRoot\system32\drivers\CHDRT64.sys 0x09000000 \SystemRoot\system32\drivers\portcls.sys 0x0903D000 \SystemRoot\system32\drivers\drmk.sys 0x074A3000 \SystemRoot\system32\DRIVERS\IntcDAud.sys 0x000A0000 \SystemRoot\System32\win32k.sys 0x091F1000 \SystemRoot\System32\drivers\Dxapi.sys 0x074F6000 \SystemRoot\System32\Drivers\crashdmp.sys 0x04010000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x07504000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x07517000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x0260C000 \SystemRoot\System32\Drivers\SPUVCbv_x64.sys 0x028DB000 \SystemRoot\System32\Drivers\STREAM.SYS 0x02ABB000 \SystemRoot\system32\DRIVERS\btwampfl.sys 0x02DAB000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x02DB4000 \SystemRoot\System32\Drivers\BTHUSB.sys 0x02A00000 \SystemRoot\System32\Drivers\bthport.sys 0x02A8C000 \SystemRoot\system32\DRIVERS\rfcomm.sys 0x02DCC000 \SystemRoot\system32\DRIVERS\BthEnum.sys 0x02DDC000 \SystemRoot\system32\DRIVERS\bthpan.sys 0x0292E000 \SystemRoot\system32\DRIVERS\bthmodem.sys 0x02945000 \SystemRoot\system32\DRIVERS\hidbth.sys 0x02963000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x0297C000 \SystemRoot\system32\DRIVERS\btwavdt.sys 0x07534000 \SystemRoot\system32\drivers\btwaudio.sys 0x028EC000 \SystemRoot\system32\DRIVERS\btwl2cap.sys 0x02DFC000 \SystemRoot\system32\DRIVERS\btwrchid.sys 0x028FA000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x02907000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00430000 \SystemRoot\System32\TSDDD.dll 0x006A0000 \SystemRoot\System32\cdd.dll 0x075C8000 \SystemRoot\system32\drivers\luafv.sys 0x07400000 \??\C:\Windows\system32\drivers\aswMonFlt.sys 0x02915000 \SystemRoot\System32\Drivers\aswFsBlk.SYS 0x0291E000 \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys 0x06FC0000 \SystemRoot\system32\drivers\WudfPf.sys 0x07421000 \SystemRoot\system32\DRIVERS\WinUSB.sys 0x04A00000 \SystemRoot\system32\DRIVERS\WUDFRd.sys 0x075EB000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x03C72000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x03CC5000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x03CD8000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x03CF0000 \SystemRoot\system32\drivers\HTTP.sys 0x03DB9000 \SystemRoot\system32\DRIVERS\bowser.sys 0x03DD7000 \SystemRoot\System32\drivers\mpsdrv.sys 0x03C00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x064B9000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x06507000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x0652B000 \SystemRoot\system32\DRIVERS\vwifimp.sys 0x06535000 \SystemRoot\system32\drivers\peauth.sys 0x065DB000 \SystemRoot\System32\Drivers\secdrv.SYS 0x06400000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x06431000 \SystemRoot\System32\drivers\tcpipreg.sys 0x06443000 \SystemRoot\System32\DRIVERS\srv2.sys 0x0C0BD000 \SystemRoot\System32\DRIVERS\srv.sys 0x0C155000 \SystemRoot\System32\drivers\ipnat.sys 0x0C184000 \??\C:\Windows\system32\drivers\mbam.sys 0x0C18E000 \SystemRoot\system32\DRIVERS\Sftvollh.sys 0x20A1F000 \SystemRoot\system32\DRIVERS\Sftfslh.sys 0x20AE0000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys 0x20B2D000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys 0x20B38000 \SystemRoot\system32\drivers\spsys.sys 0x772E0000 \Windows\System32\ntdll.dll 0x47EA0000 \Windows\System32\smss.exe 0xFF600000 \Windows\System32\apisetschema.dll 0xFF360000 \Windows\System32\autochk.exe 0xFF5E0000 \Windows\System32\lpk.dll 0x77190000 \Windows\System32\urlmon.dll 0xFF580000 \Windows\System32\Wldap32.dll 0xFF550000 \Windows\System32\imm32.dll 0xFF540000 \Windows\System32\nsi.dll 0xFF4A0000 \Windows\System32\clbcatq.dll 0xFF420000 \Windows\System32\shlwapi.dll 0x774B0000 \Windows\System32\normaliz.dll 0xFF2F0000 \Windows\System32\rpcrt4.dll 0xFF2A0000 \Windows\System32\ws2_32.dll 0xFE510000 \Windows\System32\shell32.dll 0xFE4F0000 \Windows\System32\imagehlp.dll 0xFE450000 \Windows\System32\msvcrt.dll 0xFE370000 \Windows\System32\oleaut32.dll 0xFE160000 \Windows\System32\ole32.dll 0xFE0F0000 \Windows\System32\gdi32.dll 0x77090000 \Windows\System32\user32.dll 0x774A0000 \Windows\System32\psapi.dll 0x76F30000 \Windows\System32\wininet.dll 0xFE050000 \Windows\System32\comdlg32.dll 0xFDF80000 \Windows\System32\usp10.dll 0x76D20000 \Windows\System32\iertutil.dll 0xFDE70000 \Windows\System32\msctf.dll 0xFDD90000 \Windows\System32\advapi32.dll 0xFDD70000 \Windows\System32\sechost.dll 0xFDCF0000 \Windows\System32\difxapi.dll 0x76C00000 \Windows\System32\kernel32.dll 0xFDB10000 \Windows\System32\setupapi.dll 0xFDAD0000 \Windows\System32\wintrust.dll 0xFDA60000 \Windows\System32\KernelBase.dll 0xFD8F0000 \Windows\System32\crypt32.dll 0xFD8D0000 \Windows\System32\devobj.dll 0xFD890000 \Windows\System32\cfgmgr32.dll 0xFD7F0000 \Windows\System32\comctl32.dll 0xFD7E0000 \Windows\System32\msasn1.dll 0x75260000 \Windows\SysWOW64\normaliz.dll Processes (total 143): 0 System Idle Process 4 System 416 C:\Windows\System32\smss.exe 532 csrss.exe 640 C:\Windows\System32\wininit.exe 664 csrss.exe 700 C:\Windows\System32\services.exe 720 C:\Windows\System32\lsass.exe 728 C:\Windows\System32\lsm.exe 812 C:\Windows\System32\winlogon.exe 872 C:\Windows\System32\svchost.exe 1004 C:\Windows\System32\ibmpmsvc.exe 444 C:\Windows\System32\svchost.exe 604 C:\Windows\System32\atiesrxx.exe 544 C:\Windows\System32\svchost.exe 1060 C:\Windows\System32\svchost.exe 1092 C:\Windows\System32\svchost.exe 1164 C:\Windows\System32\audiodg.exe 1212 C:\Windows\System32\svchost.exe 1292 WUDFHost.exe 1352 C:\Windows\System32\svchost.exe 1468 C:\Program Files\AVAST Software\Avast\AvastSvc.exe 1476 C:\Windows\System32\wlanext.exe 1484 C:\Windows\System32\conhost.exe 1700 C:\Windows\System32\spoolsv.exe 1732 C:\Windows\System32\svchost.exe 1828 C:\Windows\System32\svchost.exe 1924 C:\Program Files\Lenovo\HOTKEY\tphkload.exe 1960 C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe 2004 C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe 1376 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1616 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2056 C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe 2092 C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe 2260 C:\Program Files\Bonjour\mDNSResponder.exe 2304 C:\Windows\System32\CxAudMsg64.exe 2352 C:\Program Files\Intel\WiFi\bin\EvtEng.exe 2384 C:\Windows\SysWOW64\svchost.exe 2820 C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 2844 C:\Program Files\Lenovo\Communications Utility\CamMute.exe 2880 C:\Program Files\Lenovo\HOTKEY\micmute.exe 2912 C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 2940 C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe 2964 C:\Windows\System32\svchost.exe 3036 C:\Windows\System32\svchost.exe 3064 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 2152 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 2204 C:\Windows\SysWOW64\SASrv.exe 1676 C:\Windows\System32\svchost.exe 2520 C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 2764 C:\Windows\System32\svchost.exe 2992 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 3084 C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe 3484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 3516 C:\Windows\System32\atieclxx.exe 3748 C:\Windows\System32\alg.exe 3800 C:\Windows\System32\svchost.exe 3840 C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe 4080 WmiPrvSE.exe 3228 unsecapp.exe 4180 C:\Windows\System32\svchost.exe 4212 C:\Windows\System32\svchost.exe 4792 C:\Windows\System32\dwm.exe 4820 C:\Windows\System32\taskhost.exe 4136 C:\PROGRA~1\Lenovo\VIRTSCRL\virtscrl.exe 4244 C:\Windows\System32\rundll32.exe 4360 C:\Windows\System32\taskeng.exe 2948 C:\PROGRA~1\Lenovo\HOTKEY\mkrmsg.exe 4348 C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.exe 4436 C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe 3620 C:\Windows\System32\taskeng.exe 1012 C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe 5012 C:\Windows\System32\wbem\unsecapp.exe 4376 C:\Windows\explorer.exe 4880 C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe 1556 C:\Windows\System32\SearchIndexer.exe 2140 C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe 4456 C:\Windows\System32\igfxext.exe 5080 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 5092 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe 904 C:\Windows\System32\TpShocks.exe 4356 C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 5128 C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe 5144 C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe 5168 C:\Windows\System32\hkcmd.exe 5188 C:\Windows\System32\igfxpers.exe 5224 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 5272 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe 5312 C:\Users\m nathali\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe 5504 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe 5568 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe 5576 C:\Windows\System32\conhost.exe 5640 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe 5680 C:\Users\m nathali\AppData\Roaming\Dropbox\bin\Dropbox.exe 5848 C:\Program Files (x86)\ODD Eject\ODDEject.exe 5856 C:\Program Files (x86)\Integrated Camera\Monitor.exe 5880 C:\Windows\SysWOW64\rundll32.exe 5932 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 5952 C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe 6004 C:\Windows\System32\rundll32.exe 3472 C:\Program Files\Windows Media Player\wmpnetwk.exe 3224 C:\Program Files\AVAST Software\Avast\AvastUI.exe 6040 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe 5972 C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe 3740 C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe 3912 C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 3948 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 1084 C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.EXE 1640 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 3968 C:\Program Files (x86)\iTunes\iTunesHelper.exe 6684 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 6740 C:\Windows\System32\svchost.exe 6852 C:\Program Files\iPod\bin\iPodService.exe 3880 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 7032 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe 6516 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe 7392 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe 7624 dllhost.exe 7892 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 8088 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 8120 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 7604 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 3612 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 7820 C:\Windows\System32\sppsvc.exe 5808 C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe 4424 unsecapp.exe 7292 C:\Program Files (x86)\Lenovo\System Update\SUService.exe 7776 C:\Program Files (x86)\Mozilla Firefox\firefox.exe 7960 taskhost.exe 8008 C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe 1968 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 4528 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE 4648 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe 5212 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe 7020 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe 8384 WmiPrvSE.exe 8680 C:\Windows\System32\svchost.exe 8872 C:\Windows\System32\wbem\WMIADAP.exe 8752 C:\Windows\System32\igfxsrvc.exe 9028 dllhost.exe 3572 dllhost.exe 8868 C:\Users\m nathali\Downloads\MBRCheck.exe 7660 C:\Windows\System32\conhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS) \\.\Q: --> \\.\PhysicalDrive0 at offset 0x00000070`88b00000 (NTFS) \\.\R: --> error 5 PhysicalDrive0 Model Number: HITACHIHTS545050A7E380, Rev: GG2ZB600 Size Device Name MBR Status -------------------------------------------- 465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 Done!
  13. see below the log... what next? aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-08-04 22:45:45 ----------------------------- 22:45:45.052 OS Version: Windows x64 6.1.7601 Service Pack 1 22:45:45.052 Number of processors: 4 586 0x2A07 22:45:45.052 ComputerName: MNATHALI-THINK UserName: m nathali 22:45:46.519 Initialize success 22:45:46.675 AVAST engine defs: 12080400 22:45:53.180 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 22:45:53.196 Disk 0 Vendor: HITACHI_ GG2Z Size: 476940MB BusType: 3 22:45:53.289 Disk 0 MBR read successfully 22:45:53.289 Disk 0 MBR scan 22:45:53.289 Disk 0 unknown MBR code 22:45:53.289 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 2048 22:45:53.305 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459438 MB offset 3074048 22:45:53.336 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16000 MB offset 944003072 22:45:53.367 Disk 0 scanning C:\Windows\system32\drivers 22:46:00.278 Service scanning 22:46:29.887 Modules scanning 22:46:29.887 Disk 0 trace - called modules: 22:46:29.902 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 22:46:29.902 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800972a060] 22:46:29.918 3 CLASSPNP.SYS[fffff88001b8943f] -> nt!IofCallDriver -> [0xfffffa8008483550] 22:46:29.918 5 ACPI.sys[fffff88000f437a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8008487050] 22:46:31.072 AVAST engine scan C:\Windows 22:46:33.896 AVAST engine scan C:\Windows\system32 22:48:31.006 AVAST engine scan C:\Windows\system32\drivers 22:48:39.883 AVAST engine scan C:\Users\m nathali 23:01:57.869 Disk 0 MBR has been saved successfully to "C:\Users\m nathali\Desktop\MBR.dat" 23:01:57.869 The log file has been saved successfully to "C:\Users\m nathali\Desktop\aswMBR.txt" aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-08-05 00:43:27 ----------------------------- 00:43:27.482 OS Version: Windows x64 6.1.7601 Service Pack 1 00:43:27.482 Number of processors: 4 586 0x2A07 00:43:27.482 ComputerName: MNATHALI-THINK UserName: m nathali 00:43:28.824 Initialize success 00:43:29.006 AVAST engine defs: 12080400 00:43:41.508 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 00:43:41.508 Disk 0 Vendor: HITACHI_ GG2Z Size: 476940MB BusType: 3 00:43:41.523 Disk 0 MBR read successfully 00:43:41.539 Disk 0 MBR scan 00:43:41.539 Disk 0 unknown MBR code 00:43:41.539 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 2048 00:43:41.554 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459438 MB offset 3074048 00:43:41.586 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16000 MB offset 944003072 00:43:41.617 Disk 0 scanning C:\Windows\system32\drivers 00:43:48.701 Service scanning 00:44:18.367 Modules scanning 00:44:18.367 Disk 0 trace - called modules: 00:44:18.367 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 00:44:18.882 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800972c060] 00:44:18.882 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa80078173a0] 00:44:18.882 5 ACPI.sys[fffff88000f437a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007840050] 00:44:19.943 AVAST engine scan C:\Windows 00:44:23.390 AVAST engine scan C:\Windows\system32 00:46:20.133 AVAST engine scan C:\Windows\system32\drivers 00:46:28.978 AVAST engine scan C:\Users\m nathali 01:05:09.450 AVAST engine scan C:\ProgramData 01:08:17.540 Scan finished successfully 01:09:04.554 Verifying 01:09:14.632 Disk 0 Windows 601 MBR fixed successfully 01:09:20.981 Disk 0 MBR has been saved successfully to "C:\Users\m nathali\Desktop\MBR.dat" 01:09:20.981 The log file has been saved successfully to "C:\Users\m nathali\Desktop\aswMBR.txt"
  14. After a reboot I was able tyo get online again. see the combo log below plewase let me know what i should do next kind regard mandy ComboFix 12-08-04.02 - m nathali 04-Aug-12 23:13:55.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8103.5570 [GMT 8:00] Running from: c:\users\m nathali\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\windows\SysWow64\SET590D.tmp c:\windows\SysWow64\SET6453.tmp c:\windows\SysWow64\SET7193.tmp Q:\Autorun.inf . . ((((((((((((((((((((((((( Files Created from 2012-07-04 to 2012-08-04 ))))))))))))))))))))))))))))))) . . 2012-08-04 15:39 . 2012-08-04 15:39 -------- d-----w- c:\users\Seonah\AppData\Local\temp 2012-08-04 15:39 . 2012-08-04 15:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-04 15:39 . 2012-08-04 15:39 -------- d-----w- c:\users\Dan\AppData\Local\temp 2012-08-03 15:35 . 2012-08-03 15:35 -------- d-----w- c:\users\m nathali\AppData\Roaming\Malwarebytes 2012-08-03 15:35 . 2012-08-03 15:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-03 15:35 . 2012-08-03 15:35 -------- d-----w- c:\programdata\Malwarebytes 2012-08-03 15:35 . 2012-07-03 05:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-03 15:01 . 2012-08-03 15:01 -------- d-----w- c:\users\m nathali\AppData\Roaming\QuickScan 2012-08-03 12:45 . 2012-08-03 12:45 -------- d-----w- c:\users\m nathali\AppData\Local\Apple 2012-08-03 12:44 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2ABD556A-8D9E-4D41-B38B-F564015BF49B}\mpengine.dll 2012-08-01 01:55 . 2012-08-01 01:55 -------- d-----w- c:\users\m nathali\AppData\Local\Adobe 2012-07-31 13:39 . 2012-07-31 13:39 -------- d-----w- c:\program files (x86)\Microsoft 2012-07-31 13:39 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-07-31 13:39 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-07-25 02:11 . 2012-07-25 02:11 -------- d-----w- C:\found.000 2012-07-11 07:06 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 06:02 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 06:02 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 06:02 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-07-11 06:02 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-07-11 06:02 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll 2012-07-11 06:02 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-03 14:25 . 2012-04-03 05:29 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-03 14:25 . 2012-01-04 13:58 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 07:02 . 2012-01-09 12:16 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-03 16:21 . 2012-02-26 04:56 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-07-03 16:21 . 2011-12-22 05:26 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2011-12-22 05:26 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2011-12-22 05:26 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2011-12-22 05:26 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-07-03 16:21 . 2011-12-22 05:26 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2011-12-22 05:25 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2011-12-22 05:25 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-07-03 16:21 . 2011-12-22 05:26 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-02 22:19 . 2012-06-24 15:16 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-24 15:17 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-24 15:17 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-24 15:17 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-24 15:16 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-24 15:17 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-24 15:16 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 07:19 . 2012-06-24 15:16 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 07:15 . 2012-06-24 15:16 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-31 04:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2012-07-20 12:04 220624 ----a-w- c:\users\m nathali\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2012-07-20 12:04 220624 ----a-w- c:\users\m nathali\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2012-07-20 12:04 220624 ----a-w- c:\users\m nathali\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\m nathali\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\m nathali\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\m nathali\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-11-02 39408] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "SkyDrive"="c:\users\m nathali\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2012-07-20 238544] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ODDEject"="c:\program files (x86)\ODD Eject\ODDEject.exe" [2010-11-02 267632] "Integrated Camera_Monitor"="c:\program files (x86)\Integrated Camera\monitor.exe" [2011-04-29 275320] "PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2011-11-30 1631808] "Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-02-03 506712] "Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-14 4351712] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] "ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 343168] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-09 49208] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "ACWLIcon"="c:\program files (x86)\Lenovo\Access Connections\ACWLIcon.exe" [2011-10-20 195648] "ACTray"="c:\program files (x86)\Lenovo\Access Connections\ACTray.exe" [2011-10-20 433216] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] "BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2012-03-30 1858152] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . c:\users\m nathali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\m nathali\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-25 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-12-28 113664] Bluetooth.lnk - c:\program files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe [N/A] HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 136176] R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-07-09 144232] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056] R3 ASNDIS4;ASNDIS4 Protocol Driver;c:\windows\system32\ASNDIS4.SYS [x] R3 btusb64h;BUFFALO TurboUSB for HD Filter;c:\windows\system32\drivers\btusb64h.sys [2009-06-24 28728] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 136176] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-06-21 34200] R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys [2010-09-15 60288] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-28 340240] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528] R3 netr7364;ASUS USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 PCDSRVC{127174DC-C366ED8B-06020200}_0;PCDSRVC{127174DC-C366ED8B-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms [2011-06-27 25584] R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2011-11-30 89152] R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2011-11-30 175168] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-09 1255736] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2011-03-29 23664] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472] S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [2011-07-09 32104] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-09-08 203264] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064] S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-03-30 151656] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-16 198784] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944] S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2011-05-31 41320] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736] S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-05-31 59240] S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 smihlp2;SMI Helper Driver (smihlp2);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128] S2 SROSVC;Screen Reading Optimizer Service Program;c:\program files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [2011-09-01 446800] S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256] S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-28 2656280] S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-06-30 82544] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-09-08 9319424] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-09-08 304128] S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-10-17 437288] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-10-17 39976] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440] S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-08-08 12289472] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-06-21 25496] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-12-13 174168] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-08-04 8604672] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-09 539240] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [2011-06-22 2949112] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 14:25] . 2012-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 01:35] . 2012-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 01:35] . 2012-08-04 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\PC-Doctor\uaclauncher.exe [2011-06-27 15:06] . 2012-08-04 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\PC-Doctor\uaclauncher.exe [2011-06-27 15:06] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2012-07-20 12:04 244688 ----a-w- c:\users\m nathali\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2012-07-20 12:04 244688 ----a-w- c:\users\m nathali\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2012-07-20 12:04 244688 ----a-w- c:\users\m nathali\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\m nathali\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\m nathali\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\m nathali\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\m nathali\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120] "TpShocks"="TpShocks.exe" [2011-03-29 380776] "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-03-24 310912] "ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056] "LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2011-05-31 40808] "ALCKRESI.EXE"="c:\program files\Lenovo\AutoLock\ALCKRESI.EXE" [2011-05-25 281960] "AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2011-10-20 33344] "PSQLLauncher"="c:\program files\ThinkVantage Fingerprint Software\launcher.exe" [2011-07-14 85832] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-09 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-09 416024] "combofix"="c:\combofix\CF1715.3XE" [2010-11-21 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm Trusted Zone: microsoft.com\*.update Trusted Zone: windowsupdate.com\download TCP: DhcpNameServer = 192.168.8.1 TCP: Interfaces\{9D811D26-7626-4837-953C-B93EB2B1B403}: NameServer = 203.198.23.208 218.102.32.208 TCP: Interfaces\{BD135B90-16EA-4D8B-BF62-CFB29B00474B}: NameServer = 0.0.0.0 FF - ProfilePath - c:\users\m nathali\AppData\Roaming\Mozilla\Firefox\Profiles\46oq1nja.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - www.google.com . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020200}_0] "ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\windows\SysWOW64\SAsrv.exe c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE c:\program files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Lenovo\System Update\SUService.exe c:\program files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe . ************************************************************************** . Completion time: 2012-08-05 00:11:49 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-04 16:11 . Pre-Run: 303,989,612,544 bytes free Post-Run: 303,846,912,000 bytes free . - - End Of File - - 6C9481FEBB49D1A320B07E20876EB893
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.