Jump to content

bjk595

Members
  • Posts

    8
  • Joined

  • Last visited

Everything posted by bjk595

  1. Consider this topic cured! Everything is back to normal. Thank you so much MrCharlie!!
  2. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2013 01 Ran by Brad at 2013-11-11 16:18:19 Running from D:\Users\Brad.Brad-PC\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 4500_G510af_Help_Web (x32 Version: 000.0.440.000) 4500_G510nz_Help_Web (x32 Version: 000.0.440.000) 4500G510af_Software_Min (x32 Version: 000.0.423.000) 4500G510af_web (x32 Version: 000.0.425.000) 4500G510nz_Software_Min (x32 Version: 000.0.423.000) 4500G510nz_web (x32 Version: 000.0.439.000) 64 Bit HP CIO Components Installer (Version: 7.2.4) 64 Bit HP CIO Components Installer (Version: 7.2.8) 7-Zip 9.22 (x64 edition) (Version: 9.22.00.0) abgx360 v1.0.6 (x32) Adobe AIR (x32 Version: 3.8.0.870) Adobe Community Help (x32 Version: 3.0.0) Adobe Community Help (x32 Version: 3.0.0.400) Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224) Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224) Adobe Media Player (x32 Version: 1.8) Adobe Photoshop CS5 (x32 Version: 12.0) Adobe Reader X (10.1.8) (x32 Version: 10.1.8) AgDataViewer (x32 Version: 5.9.1) Akamai NetSession Interface (HKCU) Avanquest update (x32 Version: 1.31) avast! Free Antivirus (x32 Version: 8.0.1497.0) BufferChm (x32 Version: 130.0.331.000) Client Security - Password Manager (Version: 8.30.0054.00) CloneCD (x32) Conexant 20672 SmartAudio HD (Version: 8.32.23.5) ConvertXtoDVD 4.0.9.322 (x32 Version: 4.0.9.322) CustomerResearchQFolder (x32 Version: 1.00.0000) D3DX10 (x32 Version: 15.4.2368.0902) Define Ext (HKCU Version: 8) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) DeviceDiscovery (x32 Version: 100.0.190.000) DeviceManagementQFolder (x32 Version: 1.00.0000) DHTML Editing Component (x32 Version: 6.02.0001) EPSON XP-200 Series Printer Uninstall Google Chrome (x32 Version: 30.0.1599.101) Google Earth Plug-in (x32 Version: 7.1.1.1888) Google Update Helper (x32 Version: 1.3.21.165) Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000) HijackThis 1.99.1 (x32 Version: 1.99.1) HP Color LaserJet CM1312 MFP Series 5.1 (Version: 5.1) HP Customer Participation Program 10.0 (Version: 10.0) HP FWUpdateEDO3 (x32 Version: 1.0.0.0) HP Imaging Device Functions 10.0 (Version: 10.0) HP LaserJet Professional CM1410 Series (x32) HP LJ CM1410 MFP Series HP Scan (x32 Version: 1.0.302.0) HP Officejet 4500 G510a-f (Version: 13.0) HP Officejet 4500 G510n-z (Version: 13.0) HP Product Detection (x32 Version: 11.14.0001) HP Update (x32 Version: 5.005.000.002) HPDiagnosticAlert (x32 Version: 1.00.0000) HPLaserJetHelp_LearnCenter (x32 Version: 1.03.0000) HPLJUT (x32 Version: 1.00.0012) hppCLJCM1312 (x32 Version: 005.001.00142) hppCM1410LaserJetService (x32 Version: 001.008.00477) hppFaxDrvCM1312 (x32 Version: 005.000.00001) hppFaxDrvCM1410 (x32 Version: 003.000.00001) hppFaxUtilityCM1312 (x32 Version: 005.001.00137) hppFaxUtilityCM1410 (x32 Version: 000.002.00001) hppFonts (x32 Version: 001.001.00061) hppLaserJetService (x32 Version: 002.015.00599) hppManualsCM1312 (x32 Version: 005.001.00145) hppQFolderCM1312 (x32 Version: 1.00.0000) hppScanToCM1312 (x32 Version: 005.001.00140) hppSendFaxCM1312 (x32 Version: 005.000.00001) hppSendFaxCM1410 (x32 Version: 003.000.00001) hppTLBXFXCM1410 (x32 Version: 001.012.00948) hppusgCM1312 (x32 Version: 1.1.0.1) hpzTLBXFX (x32 Version: 006.015.01163) I.R.I.S. OCR (x32 Version: 12.3.4.0) Integrated Camera Driver Installer Package Ver.1.1.0.1147 (x32 Version: 1.1.0.1147) Integrated Camera TWAIN (x32 Version: 1.0.11.1223) Intel PROSet Wireless Intel® Control Center (x32 Version: 1.2.1.1007) Intel® Identity Protection Technology 1.0.74.0 (x32 Version: 1.0.74.0) Intel® Management Engine Components (x32 Version: 7.0.0.1144) Intel® Network Connections Drivers (Version: 16.8) Intel® OpenCL CPU Runtime (x32) Intel® Processor Graphics (x32 Version: 8.15.10.2761) Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.1.0170) Intel® WiDi (x32 Version: 3.0.13.0) Intel® Wireless Display Intel® PROSet/Wireless WiFi Software (Version: 15.01.1500.1034) Intel® PROSet/Wireless WiMAX Software (Version: 6.05.0000) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) JavaFX 2.1.1 (x32 Version: 2.1.1) Junk Mail filter update (x32 Version: 16.4.3505.0912) Lenovo Auto Scroll Utility (Version: 1.11) Lenovo Patch Utility (x32 Version: 1.3.0.9) Lenovo Patch Utility 64 bit (Version: 1.3.0.9) Lenovo Power Management Driver (Version: 1.65.05.21) Lenovo Screen Reading Optimizer (x32 Version: 1.16) Lenovo SimpleTap (Version: 3.0.0010.00) Lenovo Solution Center (Version: 2.1.003.00) Lenovo System Interface Driver (Version: 1.05) Lenovo System Update (x32 Version: 5.03.0005) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) MarketResearch (x32 Version: 100.0.170.000) Marketsplash Shortcuts (x32 Version: 1.0.0.9) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000) Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000) Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000) Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SkyDrive (HKCU Version: 16.4.6013.0910) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053) Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000) Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000) Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000) Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000) Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000) Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000) MotoCast (x32 Version: 2.0.31) MotoHelper MergeModules (x32 Version: 1.2.0) Motorola Device Manager (x32 Version: 2.3.9) Motorola Device Software Update (x32 Version: 13.02.1402) MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0) Motorola Mobile Drivers Installation 6.0.0 (Version: 6.0.0) Movie Maker (x32 Version: 16.4.3505.0912) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110_amd64 (Version: 16.4.1109.0912) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) Network64 (Version: 130.0.550.000) Network64 (Version: 140.0.221.000) NVIDIA 3D Vision Driver 296.20 (Version: 296.20) NVIDIA Control Panel 296.20 (Version: 296.20) NVIDIA Graphics Driver 296.20 (Version: 296.20) NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0) NVIDIA Install Application (Version: 2.1002.62.312) NVIDIA nView 135.64 (Version: 135.64) NVIDIA nView Desktop Manager (Version: 6.14.10.13564) NVIDIA Optimus 1.3.12 (Version: 1.3.12) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.9620) NVIDIA Update Components (Version: 1.3.12) On Screen Display (Version: 6.60.03) PANTONE Color Calibrator 1.0 (x32) PDF Settings CS5 (x32 Version: 10.0) Photo Gallery (x32 Version: 16.4.3505.0912) Pogoplug Backup (Version: 5.2.4) Power Manager (x32 Version: 6.32) RapidBoot Shield (Version: 1.23) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0) RICOH_Media_Driver_v2.14.18.01 (x32 Version: 2.14.18.01) Scan (x32 Version: 13.0.0.0) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32) Skype Click to Call (x32 Version: 6.13.13771) Skype™ 5.10 (x32 Version: 5.10.116) SmartFTP Client (Version: 4.1.1316.0) Snagit 10 (x32 Version: 10.0.0) Spybot - Search & Destroy (x32 Version: 1.6.2) System Requirements Lab for Intel (x32 Version: 4.5.5.0) ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.2900) ThinkPad FullScreen Magnifier (Version: 2.40) ThinkPad UltraNav Driver (Version: 16.2.5.0) ThinkPad UltraNav Utility (x32 Version: 2.13.0) ThinkVantage Access Connections (x32 Version: 5.85) ThinkVantage Access Connections (x32 Version: 5.92) ThinkVantage Access Connections (x32 Version: 5.95) ThinkVantage Active Protection System (Version: 1.77.0.5) ThinkVantage AutoLock (Version: 1.05) ThinkVantage Communications Utility (Version: 2.09) ThinkVantage Fingerprint Software (Version: 5.9.6.7084) Toolbox (x32 Version: 130.0.648.000) TrayApp (x32 Version: 100.0.170.000) TrueCrypt (x32 Version: 7.1a) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32) VLC media player 2.0.5 (x32 Version: 2.0.5)h Web Easy Professional (x32 Version: 8.0.0) Web Easy Professional 8 (x32 Version: 8) WebReg (x32 Version: 130.0.132.017) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live Family Safety (Version: 16.4.3505.0912) Windows Live Family Safety (x32 Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Mail (x32 Version: 16.4.3505.0912) Windows Live Messenger (x32 Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live Upload Tool (x32 Version: 14.0.8014.1029) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) Windows Live Writer (x32 Version: 16.4.3505.0912) Windows Live Writer Resources (x32 Version: 16.4.3505.0912) Windows Mobile Device Center (Version: 6.1.6965.0) Windows Mobile Device Center Driver Update (Version: 6.1.6965.0) X-Rite Device Services Manager (x32 Version: 1.0.115) ==================== Restore Points ========================= 01-10-2013 20:11:49 Windows Update 07-10-2013 00:24:18 Windows Update 10-10-2013 02:07:58 Windows Update 11-10-2013 02:52:29 Windows Update 15-10-2013 14:20:36 Windows Update 18-10-2013 23:14:17 Windows Update 22-10-2013 23:54:02 Windows Update 30-10-2013 00:23:17 Windows Update 02-11-2013 01:02:27 Windows Update 02-11-2013 01:10:03 Windows Defender Checkpoint 06-11-2013 00:45:22 Windows Update 09-11-2013 04:07:42 Windows Update ==================== Hosts content: ========================== 2009-07-13 20:34 - 2013-05-15 19:59 - 00000877 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 tools.bvrp.com 192.168.1.154 NPI1D10E9 ==================== Scheduled Tasks (whitelisted) ============= Task: {00AA6ACF-B913-4D50-915B-581977224868} - \AdobeFlashPlayerUpdate No Task File Task: {0AB2B598-E8A3-4E06-9B2B-E3D82721AD08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-18] (Google Inc.) Task: {0E5DE7E4-4DE9-445F-871F-94AB2E1543D8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: {0F01954E-9112-43A8-8504-EACC3691983A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {13848304-22DF-49AE-BA1D-E94183D0D7B1} - System32\Tasks\Lenovo\SROptimizer => %TRPATH%\SRORest.exe Task: {13EB8D5A-0DD2-44AD-A3A3-FB16F4A71780} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] () Task: {23BB54C3-6CA1-46FB-BD65-88E7BDADA024} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-05-16] (Lenovo Group Limited) Task: {351F187D-4945-4721-BDD3-08CBF1C6C2CF} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo) Task: {4C5B0670-1C3D-4941-B4E0-AB19EE646510} - System32\Tasks\{7B369616-B22C-4DBF-9834-FEF8B68F76ED} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsBing Task: {513D22B5-C625-40DB-BEF2-B35643B3D3AC} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard) Task: {56B386CB-0F04-4D2F-A453-11303DCFCC43} - \AdobeFlashPlayerUpdate 2 No Task File Task: {5752621C-ECB9-4968-887B-ADCF98FB79AF} - System32\Tasks\At4 => C:\Windows\system32\ddpapimig.exe Task: {5878BC0B-720B-4CF3-8515-B265041FD871} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] () Task: {5BFEA7C9-434C-4E5C-98F0-682684C9FCE5} - System32\Tasks\{56206222-6FAB-4F1C-B777-22B0A314BFC7} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe Task: {626967EB-94D9-4CCD-823B-A0616CB3A05A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] () Task: {75C09166-53C1-4711-80CA-F44B98D8D617} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-18] (Google Inc.) Task: {7D719CD9-01EA-4C00-8154-F0157302506F} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] () Task: {8CE60BE3-447D-4459-AF38-A0A6CEA4B214} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo) Task: {8E79C0EC-CE32-4239-9DD1-B48BA25F5D54} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] () Task: {B37DEF2F-E42F-4B3D-9C87-916B72691221} - System32\Tasks\At2 => C:\Windows\system32\ddpapimig.exe Task: {B4F4D4EA-1CD6-4AEF-ABF0-F808B0F9BB99} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] () Task: {BCB9FBBE-8DBA-44CB-B1B1-57CC20DFED98} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Brad-PC.Brad => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2011-12-21] (Lenovo) Task: {E1AB17D9-E1A2-4EBA-A31A-8186D406E011} - System32\Tasks\At1 => C:\Windows\system32\ddpapimig.exe Task: {E8C90853-97A3-4B6A-8E7F-41E0B4EC86AB} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-09-17] () Task: {FDEDA9C8-8052-4EFA-97F4-CEF201319B8B} - System32\Tasks\At3 => C:\Windows\system32\ddpapimig.exe Task: C:\Windows\Tasks\At1.job => C:\Windows\system32\ddpapimig.exe Task: C:\Windows\Tasks\At2.job => C:\Windows\system32\ddpapimig.exe Task: C:\Windows\Tasks\At3.job => C:\Windows\system32\ddpapimig.exe Task: C:\Windows\Tasks\At4.job => C:\Windows\system32\ddpapimig.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-04 00:09 - 2013-04-04 00:09 - 04300432 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2012-04-27 13:44 - 2012-05-16 05:32 - 00093696 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL 2012-03-19 21:09 - 2012-03-19 21:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-09-07 21:35 - 2012-09-07 21:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll 2012-09-07 21:35 - 2012-09-07 21:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll 2012-09-07 21:37 - 2012-09-07 21:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll 2012-09-07 21:36 - 2012-09-07 21:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll 2012-09-07 21:36 - 2012-09-07 21:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll 2013-03-25 13:44 - 2013-03-25 13:44 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll 2011-03-10 19:08 - 2011-03-10 19:08 - 01588560 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll 2011-03-10 19:08 - 2011-03-10 19:08 - 00902992 _____ () C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Fun.dll 2011-03-10 19:08 - 2011-03-10 19:08 - 02639696 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll 2012-04-27 17:05 - 2011-03-24 09:41 - 00898560 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\libxml2.dll 2012-04-27 17:05 - 2011-03-24 09:41 - 00073728 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\zlib1.dll 2012-04-27 17:05 - 2011-03-24 09:41 - 03449344 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\CxF2_VC90MD_2.1.dll 2012-04-27 17:05 - 2011-03-24 09:41 - 07390720 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\QtGui4.dll 2012-04-27 17:05 - 2011-03-24 09:41 - 02012160 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\QtCore4.dll 2012-05-30 16:32 - 2012-05-30 16:32 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll 2013-11-11 14:59 - 2013-11-11 12:55 - 02233344 _____ () C:\Program Files\AVAST Software\Avast\defs\13111101\algo.dll 2013-04-04 00:09 - 2013-04-04 00:09 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2013-10-15 13:30 - 2013-10-08 18:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll 2013-10-15 13:30 - 2013-10-08 18:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll 2013-10-15 13:30 - 2013-10-08 18:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll 2013-10-15 13:30 - 2013-10-08 18:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll 2013-10-15 13:30 - 2013-10-08 18:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll 2013-10-15 13:30 - 2013-10-08 18:02 - 13584336 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows:A50A429FCBB12853 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Officejet 4500 G510n-z Description: Officejet 4500 G510n-z Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: HP Color LaserJet CM1312nfi MFP Description: HP Color LaserJet CM1312nfi MFP Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: HP LaserJet CM1415fnw Description: HP LaserJet CM1415fnw Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: HP LaserJet CM1415fnw Description: HP LaserJet CM1415fnw Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: VPN Client Adapter - SuperAwesome Description: VPN Client Adapter - SuperAwesome Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: SoftEther Corporation Service: Neo_SuperAwesome Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (11/11/2013 01:34:21 PM) (Source: Application Error) (User: ) Description: Faulting application name: AcSvc.exe, version: 5.9.5.81, time stamp: 0x4fc5df30 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000326f1 Faulting process id: 0xc28 Faulting application start time: 0xAcSvc.exe0 Faulting application path: AcSvc.exe1 Faulting module path: AcSvc.exe2 Report Id: AcSvc.exe3 Error: (11/11/2013 10:44:32 AM) (Source: Application Hang) (User: ) Description: The program ppbrowser.exe version 5.2.4.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 20f4 Start Time: 01cedefd22237fff Termination Time: 2 Application Path: C:\Program Files (x86)\PogoplugBackup\ppbrowser.exe Report Id: 873732ac-4af0-11e3-8816-f0def1e6e54e Error: (11/09/2013 09:46:34 AM) (Source: Application Error) (User: ) Description: Faulting application name: AcSvc.exe, version: 5.9.5.81, time stamp: 0x4fc5df30 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000326f1 Faulting process id: 0x6a4 Faulting application start time: 0xAcSvc.exe0 Faulting application path: AcSvc.exe1 Faulting module path: AcSvc.exe2 Report Id: AcSvc.exe3 Error: (11/08/2013 10:04:52 PM) (Source: Application Error) (User: ) Description: Faulting application name: hsscp.exe, version: 3.9.0.17960, time stamp: 0x51c3a2bb Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00ff4e52 Faulting process id: 0x6d0 Faulting application start time: 0xhsscp.exe0 Faulting application path: hsscp.exe1 Faulting module path: hsscp.exe2 Report Id: hsscp.exe3 Error: (11/07/2013 07:08:41 PM) (Source: Application Hang) (User: ) Description: The program chrome.exe version 30.0.1599.101 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1f40 Start Time: 01cedc1ea78d19ba Termination Time: 11 Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Report Id: 4872a7e0-4812-11e3-9025-f0def1e6e54e Error: (11/01/2013 07:10:03 PM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {c67cbffb-b293-455e-8571-72cae2c16481} Error: (11/01/2013 06:05:42 PM) (Source: Application Error) (User: ) Description: Faulting application name: AcSvc.exe, version: 5.9.5.81, time stamp: 0x4fc5df30 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000326f1 Faulting process id: 0x17f4 Faulting application start time: 0xAcSvc.exe0 Faulting application path: AcSvc.exe1 Faulting module path: AcSvc.exe2 Report Id: AcSvc.exe3 Error: (10/30/2013 01:51:38 PM) (Source: Application Error) (User: ) Description: Faulting application name: AcSvc.exe, version: 5.9.5.81, time stamp: 0x4fc5df30 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000326f1 Faulting process id: 0x12e4 Faulting application start time: 0xAcSvc.exe0 Faulting application path: AcSvc.exe1 Faulting module path: AcSvc.exe2 Report Id: AcSvc.exe3 Error: (10/26/2013 06:10:18 PM) (Source: Application Error) (User: ) Description: Faulting application name: AcSvc.exe, version: 5.9.5.81, time stamp: 0x4fc5df30 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000326f1 Faulting process id: 0x1b44 Faulting application start time: 0xAcSvc.exe0 Faulting application path: AcSvc.exe1 Faulting module path: AcSvc.exe2 Report Id: AcSvc.exe3 Error: (10/24/2013 01:56:26 PM) (Source: Application Error) (User: ) Description: Faulting application name: AcSvc.exe, version: 5.9.5.81, time stamp: 0x4fc5df30 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000326f1 Faulting process id: 0x121c Faulting application start time: 0xAcSvc.exe0 Faulting application path: AcSvc.exe1 Faulting module path: AcSvc.exe2 Report Id: AcSvc.exe3 System errors: ============= Error: (11/11/2013 03:00:23 PM) (Source: Service Control Manager) (User: ) Description: The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (11/11/2013 03:00:21 PM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (11/11/2013 03:00:19 PM) (Source: Service Control Manager) (User: ) Description: The HP CUE DeviceDiscovery Service service hung on starting. Error: (11/11/2013 02:59:30 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (11/11/2013 02:59:29 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (11/11/2013 01:58:49 PM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (11/11/2013 01:58:49 PM) (Source: Service Control Manager) (User: ) Description: The HP CUE DeviceDiscovery Service service hung on starting. Error: (11/11/2013 01:57:58 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (11/11/2013 01:57:56 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (11/11/2013 01:57:28 PM) (Source: Service Control Manager) (User: ) Description: The X-Rite Device Services Manager service failed to start due to the following error: %%1053 Microsoft Office Sessions: ========================= Error: (11/11/2013 01:34:21 PM) (Source: Application Error)(User: ) Description: AcSvc.exe5.9.5.814fc5df30ntdll.dll6.1.7601.18247521ea8e7c0000005000326f1c2801cedf022915715dC:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Windows\SysWOW64\ntdll.dll42fccc8c-4b08-11e3-93d1-f0def1e6e54e Error: (11/11/2013 10:44:32 AM) (Source: Application Hang)(User: ) Description: ppbrowser.exe5.2.4.020f401cedefd22237fff2C:\Program Files (x86)\PogoplugBackup\ppbrowser.exe873732ac-4af0-11e3-8816-f0def1e6e54e Error: (11/09/2013 09:46:34 AM) (Source: Application Error)(User: ) Description: AcSvc.exe5.9.5.814fc5df30ntdll.dll6.1.7601.18247521ea8e7c0000005000326f16a401cedd0088cdbe31C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Windows\SysWOW64\ntdll.dll1bc27f25-4956-11e3-9c6c-f0def1e6e54e Error: (11/08/2013 10:04:52 PM) (Source: Application Error)(User: ) Description: hsscp.exe3.9.0.1796051c3a2bbunknown0.0.0.000000000c000000500ff4e526d001cedd00b9d3bf99C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exeunknown152b6418-48f4-11e3-9c6c-f0def1e6e54e Error: (11/07/2013 07:08:41 PM) (Source: Application Hang)(User: ) Description: chrome.exe30.0.1599.1011f4001cedc1ea78d19ba11C:\Program Files (x86)\Google\Chrome\Application\chrome.exe4872a7e0-4812-11e3-9025-f0def1e6e54e Error: (11/01/2013 07:10:03 PM) (Source: VSS)(User: ) Description: 0x80070005, Access is denied. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {c67cbffb-b293-455e-8571-72cae2c16481} Error: (11/01/2013 06:05:42 PM) (Source: Application Error)(User: ) Description: AcSvc.exe5.9.5.814fc5df30ntdll.dll6.1.7601.18247521ea8e7c0000005000326f117f401ced6b0f3684e1cC:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Windows\SysWOW64\ntdll.dll82d3a02b-4352-11e3-8d36-f0def1e6e54e Error: (10/30/2013 01:51:38 PM) (Source: Application Error)(User: ) Description: AcSvc.exe5.9.5.814fc5df30ntdll.dll6.1.7601.18247521ea8e7c0000005000326f112e401ced5a955baa1a2C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Windows\SysWOW64\ntdll.dllafb9cc05-419c-11e3-9b6b-6480995e83ec Error: (10/26/2013 06:10:18 PM) (Source: Application Error)(User: ) Description: AcSvc.exe5.9.5.814fc5df30ntdll.dll6.1.7601.18247521ea8e7c0000005000326f11b4401ced1aace7128c9C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Windows\SysWOW64\ntdll.dll28e881bc-3e9c-11e3-846f-f0def1e6e54e Error: (10/24/2013 01:56:26 PM) (Source: Application Error)(User: ) Description: AcSvc.exe5.9.5.814fc5df30ntdll.dll6.1.7601.18247521ea8e7c0000005000326f1121c01ced0f3008505bfC:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Windows\SysWOW64\ntdll.dll5d563c3a-3ce6-11e3-8dc4-6480995e83ec CodeIntegrity Errors: =================================== Date: 2012-08-21 21:44:30.729 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-21 21:44:30.667 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-21 21:15:26.204 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-21 21:15:26.188 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-20 19:43:35.969 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-20 19:43:35.932 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-16 16:21:19.303 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-16 16:21:19.256 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-15 03:20:06.622 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-08-15 03:20:06.591 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Lenovo\RapidBoot\PHCORE64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 37% Total physical RAM: 8075.23 MB Available physical RAM: 5061.32 MB Total Pagefile: 16148.65 MB Available Pagefile: 12764.21 MB Total Virtual: 8192 MB Available Virtual: 8191.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:223.47 GB) (Free:153.52 GB) NTFS Drive d: () (Fixed) (Total:654.69 GB) (Free:12.21 GB) NTFS Drive e: (LENOVO) (Fixed) (Total:29 GB) (Free:24.61 GB) NTFS Drive h: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 224 GB) (Disk ID: 36944CC7) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: D5111E31) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=655 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=15 GB) - (Type=12) ==================== End Of Log ============================
  3. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01 Ran by Brad (administrator) on BRAD-PC on 11-11-2013 16:17:55 Running from D:\Users\Brad.Brad-PC\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Lenovo.) C:\Windows\system32\ibmpmsvc.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe (Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe (Cloud Engines) C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SAsrv.exe (Skype Technologies S.A.) d:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe () C:\Program Files (x86)\Tor\tor.exe (Lenovo) C:\Program Files (x86)\Lenovo\Client Security Solution\tvttcsd.exe (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo.) C:\Windows\System32\TpShocks.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Akamai Technologies, Inc.) d:\Users\Brad.Brad-PC\AppData\Local\Akamai\netsession_win.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\Color Calibrator Tray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Lenovo Group Limited) C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe (Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Lenovo Group Limited) C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE (Akamai Technologies, Inc.) d:\Users\Brad.Brad-PC\AppData\Local\Akamai\netsession_win.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcWmaxSvr.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () D:\Users\Brad.Brad-PC\Downloads\RogueKillerX64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe [44096 2012-01-16] (Lenovo Group Limited) HKLM\...\Run: [TpShocks] - C:\Windows\System32\TpShocks.exe [222720 2012-06-21] (Lenovo.) HKLM\...\Run: [ForteConfig] - C:\Program Files\CONEXANT\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [ResetACGauge] - C:\Program Files (x86)\Lenovo\Access Connections\SMBHlpr.exe [154720 2012-05-30] (Lenovo) HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [64608 2012-05-30] (Lenovo) HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [cssauth] - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [5957432 2012-04-11] (Lenovo Group Limited) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-09-16] (Adobe Systems Incorporated) HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] - C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company) HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2907448 2012-07-05] (Synaptics Incorporated) HKLM\...\Run: [smartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.) HKCU\...\Run: [Akamai NetSession Interface] - D:\Users\Brad.Brad-PC\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKCU\...\Run: [Pogoplug Backup] - C:\Program Files (x86)\PogoplugBackup\ppbrowser.exe [23791104 2013-05-07] (Cloud Engines, Inc.) HKCU\...\Run: [MotoCast] - C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2055 2012-11-07] () HKCU\...\Run: [spybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKCU\...\Run: [50265A9F747688C7E62B536A7279C3FB2A9815E4._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-08] (Google Inc.) MountPoints2: {7fa0b565-75ef-11e2-9f8b-f0def1e6e54e} - G:\MotoCastSetup.exe -a MountPoints2: {b4d88257-e98e-11e2-b084-806e6f6e6963} - F:\MotoCastSetup.exe -a HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.) HKLM-x32\...\Run: [PWMTRV] - C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [5941344 2012-05-16] (Lenovo Group Limited) HKLM-x32\...\Run: [iMSS] - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation) HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HPUsageTracking] - C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company) HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation) HKLM-x32\...\Run: [CloneCDTray] - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [autoauto] - C:\Windows\\SysWOW64\c.bat [65 2012-10-05] () HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKU\Default\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo) HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo) AppInit_DLLs: C:\Windows\system32\nvinitx.dll [260928 2012-03-07] (NVIDIA Corporation) Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF5F1C7BA8E42CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US SearchScopes: HKCU - {C03512F3-90C2-4F15-BF93-0DD7BE29CC4E} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms} BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation) BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll No File BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File DPF: HKLM-x32 {7CF3E7C4-6112-4D72-A0CD-D0AD7EEB5467} http://www.packetix.net/en/special/files/vpn2_5350_en/vpnweb.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0CD7C75E-1619-458B-8019-63503B43140F}: [NameServer]208.72.145.133,208.72.145.129 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\umylsm@sqhjcpzmeselzlp.org Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File CHR Extension: (Google Translate) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0 CHR Extension: (YouTube) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Gmelius - Ad Blocker and Better UI for Gmail\u2122) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl\5.7.5.9_0 CHR Extension: (Uploading.com Download Manager) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fleecfcggellpkecmpeahieebiinjebd\0.0.0.2_0 CHR Extension: (AdBlock) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0 CHR Extension: (Define Ext) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0 CHR Extension: (live player) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnoocjdgpaeliplnkbhbpccighjkeef\3.2_1 CHR Extension: (Skype Click to Call) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0 CHR Extension: (Google Wallet) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - d:\Users\BRAD~1.BRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [hcnoocjdgpaeliplnkbhbpccighjkeef] - d:\Users\Brad.Brad-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lp.crx CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 DokanCEMounter; C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe [116000 2013-05-07] (Cloud Engines) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-16] (Lenovo.) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited) R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [121144 2013-03-25] (Motorola Mobility LLC) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-04-17] () R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 Skype C2C Service; d:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.) R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22888 2013-09-17] () R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-30] () R2 TSSCoreService; C:\Program Files (x86)\Lenovo\Client Security Solution\tvttcsd.exe [988472 2012-04-11] (Lenovo) R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203088 2011-03-10] (X-Rite Inc.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2671376 2012-04-17] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2012-07-20] (Google Inc) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R2 DokanCEDriver; C:\Program Files (x86)\PogoplugBackup\dokance.sys [71608 2013-05-07] (Cloud Engines) S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.) S3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.) S3 Neo_SuperAwesome; C:\Windows\System32\DRIVERS\Neo_0041.sys [29808 2012-05-11] (SoftEther Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [249152 2012-03-07] (NVIDIA Corporation) R1 PHCORE; C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [33344 2012-03-26] (Lenovo Group Limited) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27960 2012-07-05] (Synaptics Incorporated) R2 smihlp2; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.) R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.) S3 motmodem; system32\DRIVERS\motmodem.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-11 16:17 - 2013-11-11 16:17 - 01957590 _____ (Farbar) d:\Users\Brad.Brad-PC\Downloads\FRST64.exe 2013-11-11 16:17 - 2013-11-11 16:17 - 00000000 ____D C:\FRST 2013-11-11 15:54 - 2013-11-11 15:54 - 00005551 _____ d:\Users\Brad.Brad-PC\Desktop\RKreport[0]_S_11112013_155412.txt 2013-11-11 13:53 - 2013-11-11 13:53 - 01085542 _____ d:\Users\Brad.Brad-PC\Downloads\adwcleaner.exe 2013-11-11 13:45 - 2013-11-11 13:45 - 00005534 _____ d:\Users\Brad.Brad-PC\Desktop\RKreport[0]_D_11112013_134501.txt 2013-11-11 13:44 - 2013-11-11 13:44 - 00005992 _____ d:\Users\Brad.Brad-PC\Desktop\RKreport[0]_S_11112013_134436.txt 2013-11-11 12:14 - 2013-11-11 12:14 - 00005959 _____ d:\Users\Brad.Brad-PC\Desktop\RKreport[0]_S_11112013_121424.txt 2013-11-11 12:10 - 2013-11-11 12:14 - 00000000 ____D d:\Users\Brad.Brad-PC\Desktop\RK_Quarantine 2013-11-11 12:09 - 2013-11-11 12:10 - 04118528 _____ d:\Users\Brad.Brad-PC\Downloads\RogueKillerX64.exe 2013-11-11 11:24 - 2013-11-11 11:24 - 00033916 _____ d:\Users\Brad.Brad-PC\Desktop\dds.txt 2013-11-11 11:24 - 2013-11-11 11:24 - 00015388 _____ d:\Users\Brad.Brad-PC\Desktop\attach.txt 2013-11-11 10:49 - 2013-11-11 10:49 - 00688992 ____R (Swearware) d:\Users\Brad.Brad-PC\Downloads\dds.com 2013-11-11 09:58 - 2013-11-11 09:59 - 00000000 ____D d:\Users\Brad.Brad-PC\Desktop\Work 2013-10-26 18:12 - 2013-10-26 18:12 - 00000000 ____D C:\ProgramData\Lenovo 2013-10-21 09:26 - 2013-10-21 09:26 - 00000101 _____ d:\Users\Brad.Brad-PC\Downloads\pop.php ==================== One Month Modified Files and Folders ======= 2013-11-11 16:17 - 2013-11-11 16:17 - 01957590 _____ (Farbar) d:\Users\Brad.Brad-PC\Downloads\FRST64.exe 2013-11-11 16:17 - 2013-11-11 16:17 - 00000000 ____D C:\FRST 2013-11-11 15:54 - 2013-11-11 15:54 - 00005551 _____ d:\Users\Brad.Brad-PC\Desktop\RKreport[0]_S_11112013_155412.txt 2013-11-11 15:28 - 2013-04-18 09:26 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-11 15:07 - 2009-07-13 22:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-11 15:07 - 2009-07-13 22:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-11 15:04 - 2009-07-13 23:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-11 15:03 - 2012-04-27 11:19 - 01202218 _____ C:\Windows\WindowsUpdate.log 2013-11-11 15:01 - 2013-09-16 21:03 - 00000000 ____D C:\a 2013-11-11 14:59 - 2013-04-18 09:26 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-11 14:59 - 2012-05-08 11:22 - 00000000 ____D d:\Users\Brad.Brad-PC\.gstreamer-0.10 2013-11-11 14:58 - 2012-05-19 22:42 - 00000000 ____D C:\ProgramData\NVIDIA 2013-11-11 14:58 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-11 14:58 - 2009-07-13 22:51 - 00228398 _____ C:\Windows\setupact.log 2013-11-11 13:56 - 2013-09-29 10:15 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-11-11 13:56 - 2012-04-27 11:34 - 00605834 _____ C:\Windows\PFRO.log 2013-11-11 13:53 - 2013-11-11 13:53 - 01085542 _____ d:\Users\Brad.Brad-PC\Downloads\adwcleaner.exe 2013-11-11 13:45 - 2013-11-11 13:45 - 00005534 _____ d:\Users\Brad.Brad-PC\Desktop\RKreport[0]_D_11112013_134501.txt 2013-11-11 13:44 - 2013-11-11 13:44 - 00005992 _____ d:\Users\Brad.Brad-PC\Desktop\RKreport[0]_S_11112013_134436.txt 2013-11-11 13:34 - 2012-05-17 12:26 - 00000352 _____ C:\Windows\Tasks\At4.job 2013-11-11 12:14 - 2013-11-11 12:14 - 00005959 _____ d:\Users\Brad.Brad-PC\Desktop\RKreport[0]_S_11112013_121424.txt 2013-11-11 12:14 - 2013-11-11 12:10 - 00000000 ____D d:\Users\Brad.Brad-PC\Desktop\RK_Quarantine 2013-11-11 12:10 - 2013-11-11 12:09 - 04118528 _____ d:\Users\Brad.Brad-PC\Downloads\RogueKillerX64.exe 2013-11-11 11:24 - 2013-11-11 11:24 - 00033916 _____ d:\Users\Brad.Brad-PC\Desktop\dds.txt 2013-11-11 11:24 - 2013-11-11 11:24 - 00015388 _____ d:\Users\Brad.Brad-PC\Desktop\attach.txt 2013-11-11 10:49 - 2013-11-11 10:49 - 00688992 ____R (Swearware) d:\Users\Brad.Brad-PC\Downloads\dds.com 2013-11-11 09:59 - 2013-11-11 09:58 - 00000000 ____D d:\Users\Brad.Brad-PC\Desktop\Work 2013-11-11 08:09 - 2012-05-17 12:26 - 00000352 _____ C:\Windows\Tasks\At2.job 2013-11-11 08:09 - 2012-05-17 12:26 - 00000352 _____ C:\Windows\Tasks\At1.job 2013-11-10 19:04 - 2012-05-17 12:26 - 00000352 _____ C:\Windows\Tasks\At3.job 2013-11-10 11:37 - 2013-09-27 19:01 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-10-29 18:25 - 2009-07-13 20:34 - 00000513 _____ C:\Windows\win.ini 2013-10-26 18:12 - 2013-10-26 18:12 - 00000000 ____D C:\ProgramData\Lenovo 2013-10-26 18:12 - 2012-04-27 09:27 - 00000000 ____D C:\Windows\System32\Tasks\TVT 2013-10-26 18:12 - 2012-04-27 09:26 - 00000000 ____D C:\Program Files (x86)\Lenovo 2013-10-21 09:26 - 2013-10-21 09:26 - 00000101 _____ d:\Users\Brad.Brad-PC\Downloads\pop.php 2013-10-19 11:25 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache 2013-10-18 17:11 - 2012-06-08 19:25 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-12 14:48 - 2013-03-14 07:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-12 14:48 - 2013-03-14 07:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-12 14:48 - 2009-07-13 22:45 - 05030272 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-12 10:23 - 2013-04-18 09:26 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-12 10:23 - 2013-04-18 09:26 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore Files to move or delete: ==================== C:\Windows\Tasks\At1.job C:\Windows\Tasks\At2.job C:\Windows\Tasks\At3.job C:\Windows\Tasks\At4.job ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-10 11:37 ==================== End Of Log ============================
  4. RogueKiller V8.7.7 _x64_ [Nov 11 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Brad [Admin rights] Mode : Scan -- Date : 11/11/2013 15:54:12 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 9 ¤¤¤ [DNS][PUM] HKLM\[...]\CCSet\[...]\{0CD7C75E-1619-458B-8019-63503B43140F} : NameServer (208.72.145.133,208.72.145.129 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND [DNS][PUM] HKLM\[...]\CS001\[...]\{0CD7C75E-1619-458B-8019-63503B43140F} : NameServer (208.72.145.133,208.72.145.129 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND [DNS][PUM] HKLM\[...]\CS002\[...]\{0CD7C75E-1619-458B-8019-63503B43140F} : NameServer (208.72.145.133,208.72.145.129 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ -> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Users\Brad\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Users\Brad.Brad-PC\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Users\Christen\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Users\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Users\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Documents and Settings\Brad\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Documents and Settings\Brad.Brad-PC\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Documents and Settings\Christen\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Documents and Settings\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Documents and Settings\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 tools.bvrp.com 192.168.1.154 NPI1D10E9 ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) INTEL SSDSC2CW240A3 +++++ --- User --- [MBR] 57944a7e5514bdb8a4fb9594f5ac1c6f [bSP] b1e7521c1dd9677d7b68f481d73bfbdf : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 228834 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD7500BPVT-24HXZT3 +++++ --- User --- [MBR] b7b9e60d9890a62ee92f42aae58996de [bSP] 00441e9f94861d3b390e1016dfb61c48 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 670402 Mo 2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1373394944 | Size: 29693 Mo 3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1434206208 | Size: 15108 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_11112013_155412.txt >> RKreport[0]_D_11112013_134501.txt;RKreport[0]_S_11112013_121424.txt;RKreport[0]_S_11112013_134436.txt
  5. # AdwCleaner v3.012 - Report created 11/11/2013 at 13:56:08 # Updated 11/11/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Brad - BRAD-PC # Running from : D:\Users\Brad.Brad-PC\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : d:\hotspot shield Folder Deleted : d:\ProgramData\Partner Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Windows\SysWOW64\hotspot shield File Deleted : d:\END ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKCU\Software\86d6dab66de546 Key Deleted : HKLM\SOFTWARE\86d6dab66de546 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vlc-media-player_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vlc-media-player_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_webeasy_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_webeasy_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-7-service-pack-1[1]_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-7-service-pack-1[1]_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05478A66-EDB6-4A22-A870-A5987F80A7DA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05478A66-EDB6-4A22-A870-A5987F80A7DA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05478A66-EDB6-4A22-A870-A5987F80A7DA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05478A66-EDB6-4A22-A870-A5987F80A7DA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4828E856-B0A2-443A-8217-371CF78B1498} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3924710-3F7D-4342-92FB-C23029B7C64F} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{05478A66-EDB6-4A22-A870-A5987F80A7DA}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{05478A66-EDB6-4A22-A870-A5987F80A7DA}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\filescout Key Deleted : HKCU\Software\Search Settings Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings Key Deleted : HKCU\Software\AppDataLow\Software\smartbar Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Search Settings Key Deleted : HKLM\Software\Vuze_Remote Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 -\\ Mozilla Firefox v -\\ Google Chrome v30.0.1599.101 ************************* AdwCleaner[R0].txt - [8946 octets] - [11/11/2013 13:54:03] AdwCleaner[s0].txt - [7868 octets] - [11/11/2013 13:56:08] ########## EOF - d:\AdwCleaner\AdwCleaner[s0].txt - [7928 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.11.11.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 Brad :: BRAD-PC [administrator] 11/11/2013 2:07:16 PM mbam-log-2013-11-11 (14-07-16).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 819585 Time elapsed: 22 minute(s), 49 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) My browser is running much faster now. Most popups have stopped happening. The only thing that happens now is when the home screen first opens up after restarting, there's a DOS screen that opens up, and then an installer package named umediaplayer asks for permission to install something, and when I deny that permission, it opens up a website in my browser under the umediaplayer name.
  6. MrCharlie thank you so much for the help RogueKiller V8.7.7 _x64_ [Nov 11 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Brad [Admin rights]Mode : Scan -- Date : 11/11/2013 12:14:24| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 9 ¤¤¤[DNS][PUM] HKLM\[...]\CCSet\[...]\{0CD7C75E-1619-458B-8019-63503B43140F} : NameServer (208.72.145.133,208.72.145.129 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND[DNS][PUM] HKLM\[...]\CS001\[...]\{0CD7C75E-1619-458B-8019-63503B43140F} : NameServer (208.72.145.133,208.72.145.129 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND[DNS][PUM] HKLM\[...]\CS002\[...]\{0CD7C75E-1619-458B-8019-63503B43140F} : NameServer (208.72.145.133,208.72.145.129 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 2 ¤¤¤[V2][sUSP PATH] EPUpdater : d:\Users\BRAD~1.BRA\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> FOUND[V2][sUSP PATH] TidyNetwork Update : d:\Users\Brad.Brad-PC\AppData\Local\TidyNetwork.com\tidy2update.exe [x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Users\Brad\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Users\Brad.Brad-PC\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Users\Christen\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Users\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Users\fbwuser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Users\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Documents and Settings\Brad\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Documents and Settings\Brad.Brad-PC\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Documents and Settings\Christen\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Documents and Settings\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Documents and Settings\fbwuser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Documents and Settings\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 tools.bvrp.com192.168.1.154 NPI1D10E9 ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) INTEL SSDSC2CW240A3 +++++--- User ---[MBR] 57944a7e5514bdb8a4fb9594f5ac1c6f[bSP] b1e7521c1dd9677d7b68f481d73bfbdf : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 228834 MoUser = LL1 ... OK!User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD7500BPVT-24HXZT3 +++++--- User ---[MBR] b7b9e60d9890a62ee92f42aae58996de[bSP] 00441e9f94861d3b390e1016dfb61c48 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 670402 Mo2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1373394944 | Size: 29693 Mo3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1434206208 | Size: 15108 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_11112013_121424.txt >>
  7. I also wanted to add that I deleted the Vuze remote toolbar you see in the report
  8. Just ran Malwarebytes and DDS, here are the logs from DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.25.2Run by Brad at 11:22:16 on 2013-11-11Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8075.5177 [GMT -6:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\ibmpmsvc.exeC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\System32\WUDFHost.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k WbioSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exeC:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exeC:\Program Files\LENOVO\HOTKEY\TPHKSVC.exeC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\ThinkPad\Bluetooth Software\btwdins.exeC:\Windows\system32\CxAudMsg64.exeC:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exeC:\Program Files (x86)\PogoplugBackup\dokanmnt.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exeC:\Program Files (x86)\Hotspot Shield\bin\hsswd.exeC:\Program Files (x86)\Intel\Services\IPT\jhi_service.exeC:\Program Files\Lenovo\Communications Utility\CAMMUTE.exeC:\Program Files\LENOVO\HOTKEY\MICMUTE.exeC:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exeC:\Program Files\LENOVO\VIRTSCRL\lvvsst.exeC:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Windows\SysWOW64\SAsrv.exed:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Tor\tor.exeC:\Program Files (x86)\Lenovo\Client Security Solution\tvttcsd.exeC:\Program Files\Intel\WiMAX\Bin\AppSrv.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\taskhost.exeC:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\rundll32.exeC:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXEC:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXEC:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exeC:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exeC:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\rundll32.exeC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Intel\WiMAX\Bin\DMAgent.exeC:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files (x86)\Lenovo\Access Connections\AcWmaxSvr.exeC:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Hotspot Shield\bin\hsscp.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\rundll32.exeC:\Windows\system32\igfxext.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\Lenovo\Communications Utility\TpKnrres.exeC:\Windows\System32\TpShocks.exeC:\Program Files\CONEXANT\ForteConfig\fmapp.exeC:\Windows\WindowsMobile\wmdc.exeC:\Windows\system32\svchost.exe -k WindowsMobileC:\Program Files\Lenovo\Client Security Solution\cssauth.exeC:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXEd:\Users\Brad.Brad-PC\AppData\Local\Akamai\netsession_win.exed:\Users\Brad.Brad-PC\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\PogoplugBackup\ppbrowser.exeC:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exeC:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files\ThinkPad\Bluetooth Software\BTTray.exeC:\Windows\system32\rundll32.exeC:\Program Files (x86)\HP\HP UT\bin\hppusg.exeC:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\Color Calibrator Tray.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeC:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\splwow64.exeC:\Program Files (x86)\PogoplugBackup\ppfs.exeC:\Windows\SysWOW64\RunDll32.exeC:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exeC:\Windows\sysWOW64\wbem\wmiprvse.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uProxyOverride = <local>;192.168.*.*uURLSearchHooks: Vuze Remote Toolbar: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\7.0\vuzeToolbarIE.dlluURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllmURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllmWinlogon: Userinit = userinit.exe,BHO: Vuze Remote Toolbar: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\7.0\vuzeToolbarIE.dllBHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllBHO: IePasswordManagerHelper Class: {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dllTB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllTB: Vuze Remote Toolbar: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\7.0\vuzeToolbarIE.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [Akamai NetSession Interface] "d:\Users\Brad.Brad-PC\AppData\Local\Akamai\netsession_win.exe"uRun: [Pogoplug Backup] "C:\Program Files (x86)\PogoplugBackup\ppbrowser.exe" --starthiddenuRun: [MotoCast] "C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk"uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exeuRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeuRun: [50265A9F747688C7E62B536A7279C3FB2A9815E4._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=servicemRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exemRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitormRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbyloginmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"mRun: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /smRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [autoauto] c.batmRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguimRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesStartupFolder: D:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exeStartupFolder: D:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\COLORC~1.LNK - C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\Gamma\CalibrationLoader.exeStartupFolder: D:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\COLORC~2.LNK - C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\Color Calibrator Tray.exeStartupFolder: D:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: DisableCAD = dword:1IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dllIE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllIE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dllTCP: NameServer = 192.168.1.1TCP: Interfaces\{0CD7C75E-1619-458B-8019-63503B43140F} : NameServer = 208.72.145.133,208.72.145.129TCP: Interfaces\{8B01CA1F-6E9F-4D69-A1B6-D4336CAC1967} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{8B01CA1F-6E9F-4D69-A1B6-D4336CAC1967}\2375942554839353 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{8B01CA1F-6E9F-4D69-A1B6-D4336CAC1967}\34862796374756E63702960586F6E656 : DHCPNameServer = 198.224.149.135 198.224.148.135TCP: Interfaces\{8B01CA1F-6E9F-4D69-A1B6-D4336CAC1967}\449647368644F63647F627 : DHCPNameServer = 192.168.7.1TCP: Interfaces\{8B01CA1F-6E9F-4D69-A1B6-D4336CAC1967}\65562796A7F6E6024425F49444022514A5250253339373 : DHCPNameServer = 192.168.43.1TCP: Interfaces\{8B01CA1F-6E9F-4D69-A1B6-D4336CAC1967}\8497164747 : DHCPNameServer = 65.106.1.196 65.106.7.196 8.8.8.8Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLLSA: Notification Packages = scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGinamASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dllx64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dllx64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dllx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exex64-Run: [TpShocks] TpShocks.exex64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exex64-Run: [ResetACGauge] C:\Program Files (x86)\Lenovo\Access Connections\smbhlpr.exe /RESETACGAUGEREGx64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exex64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exex64-Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silentx64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [HP Color LaserJet CM1312 MFP Series Fax] C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe "HP Color LaserJet CM1312 MFP Series Fax"x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /tx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-Notify: psfus - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dllx64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLHosts: 192.168.1.154 NPI1D10E9.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-27 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-9-27 204880]R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2012-4-27 29512]R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-8-21 28992]R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2011-12-28 25416]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-27 1030952]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-9-27 378944]R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-6-20 46792]R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2012-4-27 15472]R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2012-8-21 249152]R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2012-3-26 33344]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-9-27 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-27 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-27 46808]R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2012-4-27 198784]R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-9-7 87992]R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-6-6 498688]R2 DokanCEDriver;DokanCEDriver;C:\Program Files (x86)\PogoplugBackup\dokance.sys [2013-5-7 71608]R2 DokanCEMounter;DokanCEMounter;C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe [2013-5-7 116000]R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-6-20 831272]R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-6-20 548136]R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-7 210896]R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2012-4-27 43584]R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2012-4-27 101736]R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-4-27 62016]R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2012-4-27 133992]R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-3-25 121144]R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-6-16 65657]R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2012-4-27 101888]R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-4-18 1153368]R2 Skype C2C Service;Skype C2C Service;D:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]R2 smihlp2;SMI Helper Driver (smihlp2);C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-5-30 13128]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-3-7 382272]R2 tor;Tor Win32 Service;C:\Program Files (x86)\Tor\tor.exe [2013-8-30 3233806]R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2012-4-27 145256]R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2012-4-27 142696]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-4-27 2656280]R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-6-6 986112]R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376]R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2012-4-27 166016]R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\Windows\System32\drivers\bpenum.sys [2011-5-19 84480]R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2011-5-19 182272]R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\Windows\System32\drivers\bpusb.sys [2011-5-19 83968]R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-26 25496]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-5-10 97792]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-5-10 217600]R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2012-9-4 27960]R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-4-24 42184]R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2011-5-30 40248]S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-1 659976]S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-3-8 135952]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920]S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2012-5-29 144992]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S2 SROSVC;Screen Reading Optimizer Service Program;C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [2012-5-19 446800]S2 xrdd.exe;X-Rite Device Services Manager;C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [2011-3-10 203088]S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2012-7-20 31744]S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2012-4-27 437288]S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-4-27 39976]S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2012-5-19 320576]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-1-16 57856]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-26 34200]S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2012-6-11 22016]S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2012-1-25 9728]S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2012-6-8 27136]S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168]S3 Neo_SuperAwesome;VPN Client Device Driver - SuperAwesome;C:\Windows\System32\drivers\Neo_0041.sys [2012-5-11 29808]S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2012-4-27 1662560]S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2012-4-27 1665120]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-4-28 59392]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-28 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088].=============== Created Last 30 ================.2013-11-09 04:07:54 10280728 ----a-w- d:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A6427944-31C1-442F-B053-C91282AC373E}\mpengine.dll.==================== Find3M ====================.2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-09-03 19:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-08-30 07:48:10 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll.============= FINISH: 11:24:08.75 =============== --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1Install Date: 4/27/2012 10:25:36 AMSystem Uptime: 11/11/2013 11:18:31 AM (0 hours ago).Motherboard: LENOVO | | 4270CTOProcessor: Intel® Core i7-2760QM CPU @ 2.40GHz | CPU | 2401/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 223 GiB total, 153.744 GiB free.D: is FIXED (NTFS) - 655 GiB total, 12.228 GiB free.E: is FIXED (NTFS) - 29 GiB total, 24.606 GiB free.H: is FIXED (NTFS) - 0 GiB total, 0.162 GiB free.J: is FIXED (FAT32) - 2794 GiB total, 2381.131 GiB free..==== Disabled Device Manager Items =============.Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}Description: Officejet 4500 G510n-zDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: HPName: Officejet 4500 G510n-zPNP Device ID: ROOT\MULTIFUNCTION\0000Service: .Class GUID: Description: HP Color LaserJet CM1312nfi MFPDevice ID: ROOT\MULTIFUNCTION\0001Manufacturer: Name: HP Color LaserJet CM1312nfi MFPPNP Device ID: ROOT\MULTIFUNCTION\0001Service: .Class GUID: Description: HP LaserJet CM1415fnwDevice ID: ROOT\MULTIFUNCTION\0002Manufacturer: Name: HP LaserJet CM1415fnwPNP Device ID: ROOT\MULTIFUNCTION\0002Service: .Class GUID: Description: HP LaserJet CM1415fnwDevice ID: ROOT\MULTIFUNCTION\0003Manufacturer: Name: HP LaserJet CM1415fnwPNP Device ID: ROOT\MULTIFUNCTION\0003Service: .Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}Description: HP LaserJet CM1415fnwDevice ID: ROOT\MULTIFUNCTION\0004Manufacturer: Hewlett-PackardName: HP LaserJet CM1415fnwPNP Device ID: ROOT\MULTIFUNCTION\0004Service: .Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Description: Officejet 4500 G510n-zDevice ID: ROOT\IMAGE\0002Manufacturer: HPName: Officejet 4500 G510n-zPNP Device ID: ROOT\IMAGE\0002Service: StillCam.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: VPN Client Adapter - SuperAwesomeDevice ID: ROOT\NET\0000Manufacturer: SoftEther CorporationName: VPN Client Adapter - SuperAwesomePNP Device ID: ROOT\NET\0000Service: Neo_SuperAwesome.==== System Restore Points ===================.RP245: 10/1/2013 3:11:49 PM - Windows UpdateRP246: 10/6/2013 7:24:18 PM - Windows UpdateRP247: 10/9/2013 9:07:58 PM - Windows UpdateRP248: 10/10/2013 9:52:29 PM - Windows UpdateRP249: 10/15/2013 9:20:36 AM - Windows UpdateRP250: 10/18/2013 6:14:17 PM - Windows UpdateRP251: 10/22/2013 6:54:02 PM - Windows UpdateRP252: 10/29/2013 7:23:17 PM - Windows UpdateRP253: 11/1/2013 8:02:27 PM - Windows UpdateRP255: 11/1/2013 8:10:03 PM - Windows Defender CheckpointRP256: 11/5/2013 6:45:22 PM - Windows UpdateRP257: 11/8/2013 10:07:42 PM - Windows Update.==== Installed Programs ======================.4500_G510af_Help_Web4500_G510nz_Help_Web4500G510af_Software_Min4500G510af_web4500G510nz_Software_Min4500G510nz_web64 Bit HP CIO Components Installer7-Zip 9.22 (x64 edition)abgx360 v1.0.6Adobe AIRAdobe Community HelpAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Media PlayerAdobe Photoshop CS5Adobe Reader X (10.1.8)AgDataViewerAkamai NetSession InterfaceAvanquest updateavast! Free AntivirusBufferChmClient Security - Password ManagerCloneCDConexant 20672 SmartAudio HDConvertXtoDVD 4.0.9.322CustomerResearchQFolderD3DX10Define ExtDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDeviceDiscoveryDeviceManagementQFolderDHTML Editing ComponentEPSON XP-200 Series Printer UninstallGoogle ChromeGoogle Earth Plug-inGoogle Update HelperHewlett-Packard ACLM.NET v1.1.0.0HijackThis 1.99.1Hotspot Shield 3.09HP Color LaserJet CM1312 MFP Series 5.1HP Customer Participation Program 10.0HP FWUpdateEDO3HP Imaging Device Functions 10.0HP LaserJet Professional CM1410 SeriesHP LJ CM1410 MFP Series HP ScanHP Officejet 4500 G510a-fHP Officejet 4500 G510n-zHP Product DetectionHP UpdateHPDiagnosticAlertHPLaserJetHelp_LearnCenterHPLJUThppCLJCM1312hppCM1410LaserJetServicehppFaxDrvCM1312hppFaxDrvCM1410hppFaxUtilityCM1312hppFaxUtilityCM1410hppFontshppLaserJetServicehppManualsCM1312hppQFolderCM1312hppScanToCM1312hppSendFaxCM1312hppSendFaxCM1410hppTLBXFXCM1410hppusgCM1312hpzTLBXFXI.R.I.S. OCRIlemiTVAppIntegrated Camera Driver Installer Package Ver.1.1.0.1147Integrated Camera TWAINIntel PROSet WirelessIntel® Control CenterIntel® Identity Protection Technology 1.0.74.0Intel® Management Engine ComponentsIntel® Network Connections DriversIntel® OpenCL CPU RuntimeIntel® Processor GraphicsIntel® PROSet/Wireless for Bluetooth® + High SpeedIntel® WiDiIntel® Wireless DisplayIntel® PROSet/Wireless WiFi SoftwareIntel® PROSet/Wireless WiMAX SoftwareJava 7 Update 25Java Auto UpdaterJavaFX 2.1.1Junk Mail filter updateLenovo Auto Scroll UtilityLenovo Patch UtilityLenovo Patch Utility 64 bitLenovo Power Management DriverLenovo Screen Reading OptimizerLenovo SimpleTapLenovo Solution CenterLenovo System Interface DriverLenovo System UpdateMalwarebytes Anti-Malware version 1.75.0.1300MarketResearchMarketsplash ShortcutsMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Choice GuardMicrosoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bitMicrosoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Microsoft_VC80_ATL_x86_x64Microsoft_VC80_CRT_x86Microsoft_VC80_CRT_x86_x64Microsoft_VC80_MFC_x86Microsoft_VC80_MFC_x86_x64Microsoft_VC80_MFCLOC_x86Microsoft_VC80_MFCLOC_x86_x64Microsoft_VC90_ATL_x86Microsoft_VC90_ATL_x86_x64Microsoft_VC90_CRT_x86Microsoft_VC90_CRT_x86_x64Microsoft_VC90_MFC_x86Microsoft_VC90_MFC_x86_x64MotoCastMotoHelper MergeModulesMotorola Device ManagerMotorola Device Software UpdateMOTOROLA MEDIA LINKMotorola Mobile Drivers Installation 6.0.0Movie MakerMSVCRTMSVCRT_amd64MSVCRT110MSVCRT110_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2721691)MSXML 4.0 SP3 Parser (KB2758694)MSXML 4.0 SP3 Parser (KB973685)Network64NVIDIA 3D Vision Driver 296.20NVIDIA Control Panel 296.20NVIDIA Graphics Driver 296.20NVIDIA HD Audio Driver 1.3.12.0NVIDIA Install ApplicationNVIDIA nView 135.64NVIDIA nView Desktop ManagerNVIDIA Optimus 1.3.12NVIDIA Stereoscopic 3D DriverNVIDIA Update ComponentsOn Screen DisplayPANTONE Color Calibrator 1.0PDF Settings CS5Photo CommonPhoto GalleryPogoplug BackupPower ManagerRapidBoot ShieldRenesas Electronics USB 3.0 Host Controller DriverRICOH_Media_Driver_v2.14.18.01ScanSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2794707) 32-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit EditionSkype Click to CallSkype™ 5.10SmartFTP ClientSnagit 10Spybot - Search & DestroySUPERAntiSpywareSystem Requirements Lab for IntelThinkPad Bluetooth with Enhanced Data Rate SoftwareThinkPad FullScreen MagnifierThinkPad UltraNav DriverThinkPad UltraNav UtilityThinkVantage Access ConnectionsThinkVantage Active Protection SystemThinkVantage AutoLockThinkVantage Communications UtilityThinkVantage Fingerprint SoftwareToolboxTrayAppTrueCryptUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2827323) 32-Bit EditionVLC media player 2.0.5Web Easy ProfessionalWeb Easy Professional 8WebRegWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live Upload ToolWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Mobile Device CenterWindows Mobile Device Center Driver UpdateX-Rite Device Services Manager.==== Event Viewer Messages From Past Week ========.11/9/2013 9:46:36 AM, Error: Service Control Manager [7034] - The AcSvc service terminated unexpectedly. It has done this 1 time(s).11/8/2013 10:04:08 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.11/11/2013 11:20:42 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom11/11/2013 11:20:41 AM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.11/11/2013 11:20:19 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.11/11/2013 11:19:51 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.11/11/2013 11:19:21 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the X-Rite Device Services Manager service to connect.11/11/2013 11:19:21 AM, Error: Service Control Manager [7000] - The X-Rite Device Services Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion..==== End Of File =========================== A great big thank you to whomever offers some assistance here!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.