Jump to content

PC malware or hijack


Recommended Posts

Hi

I have been battling with malware in my Lenovo X201 notebook PC running Windows 7 (also has Avast).

I wish I had found this forum immediately, it would have saved me from doing actions that you might tell me I should not have done ;-)

The only suspicious signs before things went bad were (but maybe they are unrelated):

- the computer just stopping (like a hard switch off) when I was doing very computation intensive stuff (fan would start running faster, and tehn turned off).

- annoying Acrobat Reader Update ping at startup that would never actually execute when I selected it, seemed to fail.

Suddenly things degenerated on the 31st of december:

- on boot I get errors for Acrotray.exe and ipoint.exe, and for PrivateIconClient.exe I get error unable to load Jit Compiler, Intel Management and Security has stopped running; if I try running Mozilla I get could not load XPCOM. I can run Google Chrome.

- USB ports are dead

- I can no longer launch most programs from the taskbar or from shortcut icons (I would get a message "incorrect parameter" and then the choice of deleting the shortcut), though some of those apps would launch if I went straight to the location of the exe file.

- I cannot install or uninstall programs. If I download an exe, I can execute it if I do it right after download, but it seems that with time they become useless. Changing their name sometimes helps make them launchable, if I do it fast.

- I tried backing up some files to NAS (stupid?), on some files I got Error 0x800700E1 file contains a virus for some files.

I found that in safe mode I can launch programs normally, but I cannot uninstall or install (I think this is normal in safe mode). Right now I am posting from Chrome running PC in safe mode.

I ran the following sequence:

- Kaspersky TDSSkiller - nothing found

- ran Rkill

- ran Malwarebytes, found and quarantined :

Worm.Waledac 3 on my accounting software download files (probably been there for a while)

PUP.Optional.Softonic.A on a download (looks harmless?)

PUP Adware.Installer on a download of 7zip.exe (looks harmless?)

- ran Hitmanpro, found mostly ad cookies

- ran RogueKiller, found:

PUM HJ POL HKLM\[...]\System DisableRegistryTools - Deleted

PUM HJ POL HKLM\[...]\WOW6432Node\[...]\System DisableRegistryTools - 0x2 file does not exist

(these two were also in the other 2 PCs on the same network - for now those PC seem ok, but I ran RogueKiller to remove the two PUMs and they seem fine now.)

- ran ADW Cleaner

- ran Junkware Removal Tool

- ran ESET Online Scanner

- ran Emsisoft EmergencyKitscanner

Somewhere along there I found:

- Win32/Adware.Error attached to old download registryfix.exe

- Win32:Dropper-gen and Win32:Malware-gen and Somoto-F

Once I thought everything was clean, I restarted in normal mode. I ran RootKiller and the two DisableRegistryTools keys were back. Computer is no better than before, cannot remove or turn off Avast, cannot install anything.

I ran the recommended procedure for this forum, reran Malwarebytes and DDS, logs are below

thanks

Mike

This is the original (first time run) mbam-log that showed the 5 malwares:

==============================================

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Database version: v2014.01.01.03

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

Internet Explorer 11.0.9600.16476

Mike :: THINK-MIKE [administrator]

Protection: Disabled

01/01/2014 12:20:56

mbam-log-2014-01-01 (12-20-56).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 242456

Time elapsed: 12 minute(s), 50 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 5

C:\Users\Mike\Downloads\7zip.exe (PUP.Adware.Installer) -> Quarantined and deleted successfully.

C:\Users\Mike\Downloads\EBP_ComptaLiberale_14_1_3_2533_SETUP.exe (Worm.Waledac) -> Quarantined and deleted successfully.

C:\Users\Mike\Downloads\EBP_ComptaLiberale_15_0_5_2670_SETUP.exe (Worm.Waledac) -> Quarantined and deleted successfully.

C:\Users\Mike\Downloads\EBP_ComptaLiberale_15_1_1_2705_SETUP.exe (Worm.Waledac) -> Quarantined and deleted successfully.

C:\Users\Mike\Downloads\SoftonicDownloader_for_gvim.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.

(end)

Here is the dds.txt log that I just ran:

=============================

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK

Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2

Run by Mike at 16:13:31 on 2014-01-02

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7988.5546 [GMT 1:00]

.

AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\ctfmon.exe

C:\Windows\explorer.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: IePasswordManagerHelper Class: {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

uRun: [Facebook Update] "C:\Users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

uRun: [GoogleChromeAutoLaunch_A9A28D217F0AF6C0AE66A9006030A09A] "C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window

mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"

mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

mRun: [Message Center Plus] C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /start

mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe

mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

StartupFolder: C:\Users\Mike\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIGITA~1.LNK - C:\Program Files (x86)\Digital Line Detect\DLG.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\START3~1.LNK - C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: DisableCAD = dword:1

IE: &Download with BitKinex - C:\Program Files (x86)\BitKinex\ieext_cp.htm

IE: &Register in BitKinex - C:\Program Files (x86)\BitKinex\ieext_reg.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{E0FD9B82-E110-4933-8354-933EC3BED623}\37379646D696B656 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{E0FD9B82-E110-4933-8354-933EC3BED623}\37379646D696B65653 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{E0FD9B82-E110-4933-8354-933EC3BED623}\4646D2772747 : DHCPNameServer = 8.8.8.8 8.8.4.4 192.168.1.1

TCP: Interfaces\{EF7AC66D-2C9D-4EC0-B233-B3EBEDB272C5} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

LSA: Notification Packages = scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

x64-Run: [TpShocks] TpShocks.exe

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe

x64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [Windows7FirewallControl] C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe

x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-Notify: psfus - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

x64-SSODL: WebCheck - <orphaned>

x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll

x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\vi1c66ql.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: C:\Users\Mike\AppData\Local\Citrix\Plugins\104\npappdetector.dll

FF - plugin: C:\Users\Mike\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Mike\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

.

============= SERVICES / DRIVERS ===============

.

R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2010-9-8 30320]

R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2010-6-16 23664]

R3 cleanhlp;cleanhlp;C:\EEK\Run\cleanhlp64.sys [2014-1-2 57024]

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2010-12-12 295600]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-9-8 56344]

S0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-8 65776]

S0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-8 207904]

S1 A2DDA;A2 Direct Disk Access Support Driver;C:\EEK\Run\a2ddax64.sys [2014-1-2 26176]

S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-5-22 1034464]

S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-5-22 422216]

S1 cbfs3;cbfs3;C:\Windows\System32\drivers\cbfs3.sys [2013-7-29 321424]

S1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2010-4-23 15400]

S2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2012-3-17 65024]

S2 AnsoftRSMService;Ansoft RSM Service;C:\Program Files (x86)\Ansoft\RSM\AnsoftRSMService.exe [2012-3-17 126976]

S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-5-22 78648]

S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-12 50344]

S2 BitKinex;BitKinex File Transfer Service;C:\Program Files (x86)\BitKinex\bitkinexsvc.exe DISPATCH --> C:\Program Files (x86)\BitKinex\bitkinexsvc.exe DISPATCH [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 EBP Pervasive.SQL;EBP Pervasive.SQL;C:\PVSW\Bin\WGE_SRV.exe [2006-12-7 32768]

S2 ftpsvc;Microsoft FTP Service;C:\Windows\System32\svchost.exe -k ftpsvc [2009-7-14 27136]

S2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-14 27136]

S2 JungleDiskWorkgroupService;JungleDiskWorkgroupService;C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe [2011-5-17 9769800]

S2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2010-9-8 50536]

S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-9-8 74088]

S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2010-12-12 93032]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-1 418376]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-1 701512]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

S2 smihlp;SMI Helper Driver (smihlp);C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-3-13 13840]

S2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]

S2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-7-6 2673064]

S2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-7-2 93072]

S2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2010-4-23 63928]

S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-9-30 12728]

S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-9-8 2533400]

S2 Windows7FirewallService;Windows7FirewallService;C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [2012-1-5 833536]

S3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2010-9-8 163072]

S3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-31 79672]

S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-2-22 245760]

S3 bthav;Bluetooth AV Profile;C:\Windows\System32\drivers\bthav.sys [2008-7-10 40448]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-9-8 35104]

S3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2010-9-8 292864]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2011-9-27 89160]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-10-28 107288]

S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2010-9-8 164200]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-1-5 1431888]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]

S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-12 158976]

S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-12-12 289280]

S3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2007-5-9 16032]

S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-5-9 50208]

S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-1 25928]

S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-18 7680512]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2010-9-8 31152]

S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2010-9-8 75112]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-10-28 204568]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-2 59392]

S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-9-30 126392]

S3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2009-10-9 41536]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-12 1255736]

S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]

S4 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2010-7-22 814344]

S4 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2010-12-12 45496]

.

=============== Created Last 30 ================

.

2014-01-02 14:18:42 -------- d-----w- C:\$RECYCLE.BIN

2014-01-02 13:52:38 -------- d-----w- C:\ProgramData\Kaspersky Lab Setup Files

2014-01-02 13:19:38 98816 ----a-w- C:\Windows\sed.exe

2014-01-02 13:19:38 256000 ----a-w- C:\Windows\PEV.exe

2014-01-02 13:19:38 208896 ----a-w- C:\Windows\MBR.exe

2014-01-02 07:40:32 -------- d-----w- C:\EEK

2014-01-01 21:06:02 -------- d-----w- C:\Program Files (x86)\ESET

2014-01-01 17:53:52 773632 ----a-w- C:\Users\Mike\AppData\Roaming\System.Data.SQLite.dll

2014-01-01 13:48:00 -------- d-----w- C:\Windows\ERUNT

2014-01-01 13:41:43 -------- d-----w- C:\AdwCleaner

2014-01-01 13:34:59 82944 ----a-w- C:\Windows\System32\drivers\ipfltdrv.sys.bak

2014-01-01 12:07:25 -------- d-----w- C:\Program Files\HitmanPro

2014-01-01 12:06:59 -------- d-----w- C:\ProgramData\HitmanPro

2014-01-01 11:20:10 -------- d-----w- C:\Users\Mike\AppData\Roaming\Malwarebytes

2014-01-01 11:20:05 -------- d-----w- C:\ProgramData\Malwarebytes

2014-01-01 11:20:04 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-01-01 11:20:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-31 11:57:52 -------- d-----w- C:\Users\Mike\AppData\Local\Samsung

2013-12-31 11:57:49 -------- d-----w- C:\Users\Mike\AppData\Roaming\Samsung

2013-12-31 11:55:51 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll

2013-12-31 11:55:35 821824 ----a-w- C:\Windows\SysWow64\dgderapi.dll

2013-12-31 11:54:51 -------- d-----w- C:\ProgramData\Samsung

2013-12-31 11:54:51 -------- d-----w- C:\Program Files (x86)\Samsung

2013-12-31 08:05:57 82744 ----a-w- C:\Windows\System32\drivers\aswstm.sys.1388477173

2013-12-31 08:05:57 79672 ----a-w- C:\Windows\System32\drivers\aswstm.sys

2013-12-28 20:13:29 -------- d-----w- C:\OpenSSL-Win32

2013-12-27 21:01:34 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-12-12 08:39:47 -------- d-----w- C:\Users\Mike\AppData\Roaming\AVAST Software

2013-12-12 02:05:12 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2013-12-12 02:05:12 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2013-12-12 02:05:11 12625920 ----a-w- C:\Windows\System32\wmploc.DLL

2013-12-12 02:05:11 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2013-12-11 07:41:53 335360 ----a-w- C:\Windows\System32\msieftp.dll

.

==================== Find3M ====================

.

2013-12-31 08:05:53 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-12-31 08:05:53 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-12-31 08:05:53 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-12-31 08:05:52 43152 ----a-w- C:\Windows\avastSS.scr

2013-12-12 08:33:31 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-12-12 08:33:30 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-12-11 11:37:29 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-12-11 11:37:29 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll

2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll

2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll

2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll

2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll

2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-10-30 11:07:00 90112 ----a-w- C:\Windows\MAMCityDownload.ocx

2013-10-30 11:07:00 330240 ----a-w- C:\Windows\MASetupCaller.dll

2013-10-30 11:07:00 30568 ----a-w- C:\Windows\MusiccityDownload.exe

2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll

2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-10-28 00:12:12 204568 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys

2013-10-28 00:12:10 107288 ----a-w- C:\Windows\System32\drivers\ssudbus.sys

2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx

2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll

2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx

2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll

2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe

2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe

2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe

2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe

2013-10-08 05:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

.

============= FINISH: 16:14:03.08 ===============

Here is the attach.txt:

==================

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 12/12/2010 16:47:22

System Uptime: 02/01/2014 15:16:57 (1 hours ago)

.

Motherboard: LENOVO | | 3249A25

Processor: Intel® Core i5 CPU M 540 @ 2.53GHz | None | 2527/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 287 GiB total, 17.954 GiB free.

I: is CDROM ()

Q: is FIXED (NTFS) - 10 GiB total, 3.187 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: sptd

Device ID: ROOT\LEGACY_SPTD\0000

Manufacturer:

Name: sptd

PNP Device ID: ROOT\LEGACY_SPTD\0000

Service: sptd

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: aswRvrt

Device ID: ROOT\LEGACY_ASWRVRT\0000

Manufacturer:

Name: aswRvrt

PNP Device ID: ROOT\LEGACY_ASWRVRT\0000

Service: aswRvrt

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: aswVmm

Device ID: ROOT\LEGACY_ASWVMM\0000

Manufacturer:

Name: aswVmm

PNP Device ID: ROOT\LEGACY_ASWVMM\0000

Service: aswVmm

.

==== System Restore Points ===================

.

RP291: 20/12/2013 01:24:22 - Scheduled Checkpoint

RP292: 27/12/2013 18:37:42 - Scheduled Checkpoint

RP293: 27/12/2013 21:59:18 - Installed Java SE Development Kit 7 Update 45 (64-bit)

RP294: 27/12/2013 22:01:13 - Installed Java 7 Update 45 (64-bit)

RP295: 31/12/2013 09:04:14 - avast! antivirus system restore point

RP296: 31/12/2013 12:54:10 - Installed Samsung Kies

.

==== Installed Programs ======================

.

3Dconnexion 3DxSoftware (x64 Edition)

3Dconnexion 3DxWare (x64)

3Dconnexion Add-In for AutoCAD 2007 - 2010

3Dconnexion Add-In for Inventor 11 - 2012

3Dconnexion Add-In for Solid Edge V18 - ST4

3Dconnexion Add-In for SolidWorks 2005 - 2012 (x64)

3Dconnexion Add-On for XSI v5.0 - 2012

3Dconnexion Collage

3Dconnexion Extension for SketchUp

3Dconnexion Plug-In for 3ds Max v9 - 2012

3Dconnexion Plug-in for Acrobat 3D

3Dconnexion Plug-In for Maya v8.5 - 2012

3Dconnexion Plug-In for NX v3.0 - v8.0

3Dconnexion Plug-In for Photoshop CS3 - CS5

3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 1.0

3Dconnexion Trainer

ABBYY FineReader 10 Professional Edition

Access Help

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe AIR

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Creative Suite 2

Adobe Creative Suite 5.5 Design Standard

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Center 1.0

Adobe Illustrator CS2

Adobe InDesign CS2

Adobe Photoshop CS2

Adobe Reader 9.1

Adobe Shockwave Player 11.6

Adobe Stock Photos 1.0

Adobe SVG Viewer 3.0

Ansoft Libraries

Ansoft Maxwell 13.0

Ansoft Remote Simulation Manager

Atmel ARM GNU Toolchain

Atmel AVR (32 bit) GNU Toolchain

Atmel AVR (8 bit) GNU Toolchain

Atmel Studio 6.1

Atmel USB

AtmelSoftwareFramework

Audacity 1.3.14 (Unicode)

avast! Free Antivirus

AVR macro Assembler

BitKinex

Burn.Now 4.5

Calcul ESB

Cisco WebEx Meetings

Citrix Online Launcher

Client Security - Password Manager

CodeBlocks

Conexant 20585 SmartAudio HD

Corel Burn.Now Lenovo Edition

Corel DVD MovieFactory 7

Corel DVD MovieFactory Lenovo Edition

Create Recovery Media

Dassault Systemes Software VC9 Prerequisites x86-x64

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

DELFTship

DesignFOIL_R6_DEMO

Direct DiscRecorder

Disable AMT Profile Synchronization Pop-up for Windows Vista/7

DivX Setup

Dropbox

EBP Btrieve 8.6

EBP Compta Libérale 14.1

EBP Compta Libérale 15.0

EBP Compta Libérale 15.1

EBP Déclaration BNC 4.0

EBP Utilitaire d'échanges 1.1

EBP Utilitaire d'échanges 1.1.2

EditPlus 3

eMule

Epson Event Manager

EPSON Scan

EPSON SX510W Series Printer Uninstall

EpsonNet Print

EpsonNet Setup

ESET Online Scanner v3

ExamDiff 1.9 (Build 1.9.0.2)

ExamDiff Pro 6.0 (6.0.3.0, 32-bit)

Facebook Video Calling 1.2.0.287

femm 4.2 01Oct2011

FileZilla Client 3.5.1

FOIL R4.5 Demo

Forté Agent

GIMP 2.8.4

GitHub

Google Chrome

Google Drive

Google Update Helper

GoToMeeting 5.7.0.1172

HitmanPro 3.7

HL-2250DN

HP USB Disk Storage Format Tool

HxD Hex Editor version 1.7.7.0

HydroComp PropCad 2005

HydroComp PropExpert 2005

IcoFX 2.4

Integrated Camera Driver Installer Package Ver.1.1.0.19

Intel PROSet Wireless

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Network Connections Drivers

Intel® PROSet/Wireless WiFi Software

Intel® Turbo Boost Technology Monitor

InterVideo WinDVD 8

Java 7 Update 45

Java 7 Update 45 (64-bit)

Java Auto Updater

Java SE Development Kit 7 Update 45 (64-bit)

Java SE Development Kit 6 Update 25

JLink OB CDC Driver Package

Jungle Disk Workgroup

KiCad 2013.04.19

LAME v3.99.3 (for Windows)

Legalsounds Download Manager

Lenovo Auto Scroll Utility

Lenovo System Interface Driver

Lenovo ThinkVantage Toolbox

Lenovo Warranty Information

Lenovo Welcome

LTspice IV

Malwarebytes Anti-Malware version 1.75.0.1300

Message Center Plus

MH++ Rev. 7.0.l

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft Help Viewer 1.0

Microsoft IntelliPoint 8.2

Microsoft Office 2003 Web Components

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Visio Professional 2003

Microsoft Office Word MUI (English) 2010

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server System CLR Types

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319

Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio 2005 Tools for Applications - ENU

Microsoft Visual Studio 2010 Shell (Isolated) - ENU

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Mobile Broadband

Mozilla Firefox 26.0 (x86 en-US)

Mozilla Maintenance Service

MSVC90_x64

MSVC90_x86

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MultiSurface Aerodynamics (8S)

Node.js

On Screen Display

Poedit

QuickTime

Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7

Rescue and Recovery

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition

Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

SILKYPIX Developer Studio Pro English

Skype™ 6.11

SolidWorks 2012 x64 Edition SP0

SolidWorks eDrawings 2011

SolidWorks eDrawings 2012 x64 Edition SP0

SolidWorks Explorer 2012 SP0 x64 Edition

Sublime Text 2.0.1

Suite Specific

swMSM

SyncBackSE

System Update

TeamViewer 7

ThinkPad Bluetooth with Enhanced Data Rate Software

ThinkPad FullScreen Magnifier

ThinkPad Modem Adapter

ThinkPad Power Management Driver

ThinkPad Power Manager

ThinkPad UltraNav Driver

ThinkPad UltraNav Utility

ThinkVantage Access Connections

ThinkVantage Active Protection System

ThinkVantage Communications Utility

ThinkVantage Fingerprint Software

Titanium Studio

TomTom HOME

TomTom HOME Visual Studio Merge Modules

TurboCAD Deluxe 18

TurboCAD Symbols

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition

Utilitaire de mise à jour des logiciels EBP 1.1.3

VC80CRTRedist - 8.0.50727.6195

VLC media player 2.0.7

Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)

Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)

Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)

Windows Driver Package - Intel (e1kexpress) Net (12/10/2009 11.5.10.0)

Windows Driver Package - Intel (HECIx64) System (09/17/2009 6.0.0.1179)

Windows Driver Package - Intel System (06/04/2009 1.0.0.0002)

Windows Driver Package - Intel System (10/28/2009 9.1.1.1022)

Windows Driver Package - Intel USB (08/20/2009 9.1.1.1020)

Windows Driver Package - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4)

Windows Driver Package - Segger (jlink) USB (04/11/2012 2.6.8.2)

Windows Driver Package - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4)

Windows Driver Package - Synaptics (SynTP) Mouse (04/22/2010 15.0.18.0)

Windows Live Sync

Windows Media Player Firefox Plugin

Windows7FirewallControl Plus 4.1.21.93

WINGS32 Demo

WinRAR 4.00 beta 2 (64-bit)

WinSCP 5.1.3

XnView 1.97.8

.

==== Event Viewer Messages From Past Week ========

.

02/01/2014 16:13:02, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

02/01/2014 16:13:00, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

02/01/2014 15:18:52, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

02/01/2014 15:18:51, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

02/01/2014 15:18:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

02/01/2014 15:18:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

02/01/2014 15:17:40, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21

02/01/2014 15:17:27, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswVmm cbfs3 discache lenovo.smi spldr sptd TPPWRIF Wanarpv6

02/01/2014 15:17:21, Error: Service Control Manager [7001] - The Fax service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.

02/01/2014 15:17:00, Error: sptd [4] - Driver detected an internal error in its data structures for .

02/01/2014 14:39:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management & Security Application User Notification Service service to connect.

02/01/2014 14:39:48, Error: Service Control Manager [7000] - The Intel® Management & Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

02/01/2014 14:38:45, Error: Service Control Manager [7000] - The System Update service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:38:22, Error: Service Control Manager [7023] - The HsfXAudioService service terminated with the following error: Operation did not complete successfully because the file contains a virus.

02/01/2014 14:38:22, Error: Service Control Manager [7000] - The IviRegMgr service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:38:18, Error: Service Control Manager [7000] - The Bluetooth Service service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:36:17, Error: Service Control Manager [7000] - The Intel® PROSet/Wireless Event Log service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:36:16, Error: Service Control Manager [7000] - The AcSvc service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:36:14, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: Operation did not complete successfully because the file contains a virus.

02/01/2014 14:36:12, Error: Service Control Manager [7000] - The Ulead Burning Helper service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:36:11, Error: Service Control Manager [7000] - The TeamViewer 7 service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:36:10, Error: Service Control Manager [7000] - The StarWind AE Service service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:36:09, Error: Service Control Manager [7000] - The Intel® PROSet/Wireless Registry Service service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:36:08, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:36:08, Error: Service Control Manager [7000] - The MBAMScheduler service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:36:07, Error: Service Control Manager [7000] - The JungleDiskWorkgroupService service failed to start due to the following error: The parameter is incorrect.

02/01/2014 14:34:03, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

02/01/2014 14:32:22, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

02/01/2014 14:19:42, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

01/01/2014 20:25:52, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service Windows7FirewallService with arguments "" in order to run the server: {D2BD3A48-BE1F-488A-B816-5119F4219BD2}

01/01/2014 16:45:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}

01/01/2014 16:45:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

01/01/2014 16:06:26, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004

01/01/2014 15:38:05, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

01/01/2014 15:38:05, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

01/01/2014 15:37:34, Error: Service Control Manager [7000] - The BitKinex File Transfer Service service failed to start due to the following error: The parameter is incorrect.

01/01/2014 15:37:33, Error: Service Control Manager [7000] - The Ansoft RSM Service service failed to start due to the following error: The parameter is incorrect.

01/01/2014 15:37:30, Error: Service Control Manager [7000] - The AcPrfMgrSvc service failed to start due to the following error: The parameter is incorrect.

01/01/2014 14:53:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

.

==== End Of File ===========================

Sorry about double post, I was not bumping... my PC is not well and I thought the post had not gone through, page froze.

small correction, USB ports are not dead, but the Logitech wireless mouse connected to USB port is no longer working.

I did not mention this, but maybe it is no coincidence: everything went haywire soon after I installed a program by Samsung called Kies, used to back up mobile phone

Extra info:

Coincidence or not, trouble started soon after downloading and installing Samsung Kies

USB ports are working, it was the Logtech wireless mouse that got cut off its USB port, but the port is ok.

Edited by LDTate
Removed additonal posts to prevent topic from looking like user is already being assisted.
Link to post
Share on other sites

  • Staff

Download Windows Repair (all in one) from here.

Install the program then run

Go to step 3 and allow it to run SFC

waio%20step3.JPG

On the start repairs tab click start

waiostart%20rep.JPG

Select the following items and tick restart system when finished

Reset Registry Permissions

Reset File Permissions

Register System Files

Repair WMI

Repair Windows Firewall

Repair Internet Explorer

Repair Hosts File

Remove Policies Set By Infections

Repair Missing Start menu Icons

Repair Icons

Repair Winsock & DNS Cache

Remove Temp Files

Repair Proxy Settings

Unhide Non System Files

Repair Windows Updates

Set windows Services To Default

Repair MSI (windows Installer)

Repair File Associations

Repair windows Safe mode

After that come back and tell me if that has made a difference.

Gringo

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.