Jump to content

Recommended Posts

Hello. Malwarebytes detected these infections:

 

 


Folders Detected: 2
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT2504091 (PUP.Optional.Conduit.A) -> No action taken.

Files Detected: 2
C:\ProgramData\Conduit\IE\CT2504091\SetupIcon.ico (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT2504091\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.

 

Are they safe to remove?

Link to post
Share on other sites

Hello Feito and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Here they are, I hope this is fine:

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by someone at 21:15:24 on 2014-01-22
Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.2009.288 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\hkcmd.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Opera\opera.exe
C:\windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uProxyServer = hxxp=127.0.0.1
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [AdobeBridge] <no file>
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
mRunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\a6de8603-dce4-427b-b3db-72c9b0d74fe2.exe /check
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.



TCP: NameServer = 192.168.1.1
TCP: Interfaces\{F9067315-337B-4017-8FB0-FAC20830D8BB} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F9067315-337B-4017-8FB0-FAC20830D8BB}\349545140233137353 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F9067315-337B-4017-8FB0-FAC20830D8BB}\84F6C6970274271696C6 : DHCPNameServer = 192.168.1.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-5-17 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-5-17 207904]
R1 aswKbd;aswKbd;C:\windows\System32\drivers\aswKbd.sys [2012-10-6 19600]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-9-7 1034464]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2012-11-4 422216]
R1 funfrm;funfrm;C:\windows\System32\drivers\funfrm.sys [2010-12-3 58896]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-9-7 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-27 50344]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-12-3 26128]
R3 aswStm;aswStm;C:\windows\System32\drivers\aswstm.sys [2013-12-27 82744]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2014-1-18 283064]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 vm332avs;Lenovo Camera2;C:\windows\System32\drivers\vm332avs.sys [2010-12-3 229488]
R3 wdmirror;wdmirror;C:\windows\System32\drivers\WDMirror.sys [2010-12-3 11280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S2 SAService;Conexant SmartAudio service;C:\windows\System32\SASrv.exe [2010-12-3 445496]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 Bridge0;Bridge0;C:\windows\System32\drivers\WDBridge.sys [2010-12-3 79376]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2013-12-13 111616]
S3 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-12-3 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-12-3 579400]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-6-17 19456]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-6-17 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-9-6 1255736]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
.
=============== Created Last 30 ================
.
2014-01-21 16:36:32 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2CBD73BA-F0FF-4F60-94E4-4D568058A188}\mpengine.dll
2014-01-19 06:24:29 -------- d-----w- C:\AdwCleaner
2014-01-18 17:50:45 283064 ----a-w- C:\windows\System32\drivers\dtsoftbus01.sys
2014-01-17 18:32:18 304128 ----a-w- C:\windows\IsUn0411.exe
2014-01-15 12:16:33 -------- d-----w- C:\windows\Migration
2014-01-15 10:37:04 99840 ----a-w- C:\windows\System32\drivers\usbccgp.sys
2014-01-15 10:37:04 53248 ----a-w- C:\windows\System32\drivers\usbehci.sys
2014-01-15 10:37:04 343040 ----a-w- C:\windows\System32\drivers\usbhub.sys
2014-01-15 10:37:04 325120 ----a-w- C:\windows\System32\drivers\usbport.sys
2014-01-15 10:37:04 30720 ----a-w- C:\windows\System32\drivers\usbuhci.sys
2014-01-15 10:37:04 25600 ----a-w- C:\windows\System32\drivers\usbohci.sys
2014-01-15 10:37:03 7808 ----a-w- C:\windows\System32\drivers\usbd.sys
2014-01-15 10:37:02 3156480 ----a-w- C:\windows\System32\win32k.sys
2014-01-15 10:37:00 376768 ----a-w- C:\windows\System32\drivers\netio.sys
2014-01-13 23:01:41 0 ----a-w- C:\windows\SysWow64\shoF24A.tmp
2014-01-13 21:19:55 44544 ----a-w- C:\windows\System32\themeservice.dll.backup
2014-01-13 21:19:45 332288 ----a-w- C:\windows\System32\uxtheme.dll.backup
2014-01-13 21:19:31 2851840 ----a-w- C:\windows\System32\themeui.dll.backup
2014-01-13 20:12:00 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2014-01-13 09:06:06 -------- d-----w- C:\Program Files (x86)\Conduit
2014-01-13 09:05:56 -------- d-----w- C:\ProgramData\Conduit
2014-01-07 07:58:44 -------- d--h--w- C:\windows\AxInstSV
2013-12-27 18:17:16 82744 ----a-w- C:\windows\System32\drivers\aswstm.sys
.
==================== Find3M ====================
.
2014-01-15 12:41:02 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 12:41:02 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-01-13 21:19:55 44544 ----a-w- C:\windows\System32\themeservice.dll
2014-01-13 21:19:45 332288 ----a-w- C:\windows\System32\uxtheme.dll
2014-01-13 21:19:33 2851840 ----a-w- C:\windows\System32\themeui.dll
2014-01-13 20:13:31 381440 ----a-w- C:\windows\System32\drivers\sptd.sys
2013-12-27 18:17:07 78648 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2013-12-27 18:17:07 207904 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2013-12-27 18:17:07 1034464 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2013-12-27 18:17:05 43152 ----a-w- C:\windows\avastSS.scr
2013-12-18 04:13:56 270496 ------w- C:\windows\System32\MpSigStub.exe
2013-11-26 10:19:07 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\windows\System32\WMPhoto.dll
2013-11-23 16:34:10 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2013-11-23 16:34:10 194048 ----a-w- C:\windows\SysWow64\elshyph.dll
2013-11-12 02:23:09 2048 ----a-w- C:\windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2013-10-30 02:32:01 335360 ----a-w- C:\windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\windows\SysWow64\msieftp.dll
.
============= FINISH: 21:17:39,16 ===============

 

 

 

 

 

==== Installed Programs ======================
.
7-Zip 9.20
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.05)
ALPS Touch Pad Driver
avast! Free Antivirus
Broadcom 802.11 Wireless Driver
Canon MP Navigator EX 4.0
Canon Solution Menu EX
CanoScan LiDE 110 Scanner Driver
CCleaner
Conexant HD Audio
DAEMON Tools Lite
EasyCapture
Energy Management
ESET Online Scanner v3
ffdshow [rev 3154] [2009-12-09]
Intel® Graphics Media Accelerator Driver
IntelR Matrix Storage Manager
Japanese Fonts Support For Adobe Reader 9
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo ReadyComm 5
Lenovo ReadyComm 5.0 Service
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NCsoft Launcher
Opera 12.16
PDF Settings CS5
Power2Go
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Skype? 6.11
Spybot - Search & Destroy
System Requirements Lab for Intel
VeriFace
VLC media player 2.1.2
Windows Driver Package - Lenovo (ACPIVPC) System (05/19/2009 4.4.0.1)
Windows Live ID Sign-in Assistant
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Upload Tool
WinRAR 5.01 (64-bit)

.
==== Event Viewer Messages From Past Week ========
.
22/1/2014 8:58:17 pm, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
22/1/2014 8:55:46 pm, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
22/1/2014 8:55:46 pm, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
22/1/2014 8:32:15 pm, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
22/1/2014 8:29:39 am, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
22/1/2014 8:29:38 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
21/1/2014 9:54:12 am, Error: bowser [8003] - The master browser has received a server announcement from the computer ATA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F9067315-337B-4017-8FB0-FAC20830D8BB}. The master browser is stopping or an election is being forced.
21/1/2014 6:29:59 pm, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
21/1/2014 6:27:15 pm, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
21/1/2014 6:27:08 pm, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
20/1/2014 7:00:07 am, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
20/1/2014 6:57:16 am, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
20/1/2014 6:57:07 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 9:38:55 pm, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 9:36:30 pm, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 9:36:28 pm, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 8:21:57 pm, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 8:19:37 pm, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 8:19:35 pm, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 7:45:30 pm, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 7:42:56 pm, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 7:42:55 pm, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 7:30:10 pm, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 7:27:44 pm, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 7:27:37 pm, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 4:16:48 am, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 4:14:21 pm, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
19/1/2014 4:14:16 am, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 4:14:16 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 10:13:32 am, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 10:10:58 pm, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
19/1/2014 10:10:55 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
18/1/2014 6:52:42 am, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
18/1/2014 6:50:06 pm, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
18/1/2014 6:50:04 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
17/1/2014 4:05:13 am, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
17/1/2014 4:02:42 am, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
17/1/2014 4:02:40 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
17/1/2014 12:48:26 pm, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
17/1/2014 12:46:23 am, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
17/1/2014 12:46:23 pm, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
17/1/2014 12:46:00 am, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
17/1/2014 12:46:00 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
17/1/2014 12:03:43 pm, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
16/1/2014 3:49:20 am, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
16/1/2014 3:46:54 am, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
16/1/2014 3:46:51 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
15/1/2014 2:31:40 am, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
15/1/2014 2:29:17 am, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
15/1/2014 2:29:06 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
15/1/2014 12:24:38 am, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
15/1/2014 12:22:03 am, Error: Service Control Manager [7000] - The STEC3 service failed to start due to the following error: The system cannot find the file specified.
15/1/2014 12:21:56 am, Error: Service Control Manager [7000] - The Conexant SmartAudio service service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================

 

Link to post
Share on other sites

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 3
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

 

 

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2504091

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AF1D701A-F597-41B5-A454-C666D51AC257}

~~~ Files

Successfully deleted: [File] C:\windows\syswow64\shoF24A.tmp

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\conduit"

Successfully deleted: [Folder] "C:\Users\someone\appdata\locallow\conduit"

~~~ Event Viewer Logs were cleared

 

 

 

 

 

 

 

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39CDF7F0-C994-4DA1-A94C-CCBF194616BB}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75558F6E-1E9A-44FA-8599-3D87011C3CA8}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

 

 

 

Malwarebytes didn't detect anything. I can remove all of those with AdAware?

Link to post
Share on other sites

 

 

Database version: v2014.01.24.06

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 213727

Time elapsed: 6 minute(s), 52 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

 

Link to post
Share on other sites

if you do not follow my instructions, there is no way to know what is going on there.

ESET is good choice, but I don't know from where you download it, what settings you are made and finally to see your log file.

How can I help you in this case?

If you want to proceed on your own, just let me know, no problem.

Link to post
Share on other sites

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Link to post
Share on other sites

 

 

========== Processes (SafeList) ==========

PRC - [2014/01/28 00:32:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\someone\Desktop\OTL.exe

PRC - [2013/12/27 20:17:02 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2013/12/27 20:17:02 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeen.exe

PRC - [2010/12/03 07:09:57 | 003,122,440 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

PRC - [2010/01/19 12:44:40 | 000,536,576 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera2\VM332_STI.EXE

PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

========== Modules (No Company Name) ==========

MOD - [2013/10/23 10:55:44 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll

MOD - [2010/12/03 07:09:57 | 000,492,808 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/12/27 20:17:02 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2013/11/26 11:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2010/03/25 11:32:02 | 000,445,496 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\SASrv.exe -- (SAService)

SRV:64bit: - [2009/09/22 20:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)

SRV:64bit: - [2009/08/14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)

SRV - [2014/01/15 14:41:02 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2009/07/16 05:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)

SRV - [2009/07/14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)

SRV - [2009/07/14 16:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)

SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/18 19:50:46 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2014/01/13 22:13:31 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2013/12/27 20:17:07 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2013/12/27 20:17:07 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)

DRV:64bit: - [2013/12/27 20:17:07 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)

DRV:64bit: - [2013/12/27 20:17:07 | 000,082,744 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)

DRV:64bit: - [2013/12/27 20:17:07 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2013/10/23 10:55:53 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)

DRV:64bit: - [2013/10/23 10:55:52 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/08/21 11:13:11 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd)

DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/12/03 07:09:16 | 000,058,896 | ---- | M] () [Kernel | System | Running] -- C:\windows\SysNative\drivers\funfrm.sys -- (funfrm)

DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/04/22 06:11:42 | 000,260,216 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

DRV:64bit: - [2010/04/20 19:45:32 | 000,229,488 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm332avs.sys -- (vm332avs)

DRV:64bit: - [2010/01/18 11:45:50 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)

DRV:64bit: - [2009/07/21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)

DRV:64bit: - [2009/07/16 13:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)

DRV:64bit: - [2009/07/16 05:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)

DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/07 19:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/07/03 03:42:08 | 007,342,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)

DRV:64bit: - [2009/06/10 22:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)

DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/05/19 15:43:32 | 000,026,128 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV:64bit: - [2008/08/06 14:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2012/12/01 04:47:59 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\STEC3.sys -- (STEC3)

DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com/

IE - HKCU\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor

O1 HOSTS File: ([2014/01/02 11:57:25 | 000,450,660 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 123fporn.info

O1 - Hosts: 15467 more lines...

O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)

O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

O4 - HKLM..\Run: [updateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)

O4 - HKCU..\Run: [PlayNC Launcher] File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab (SysInfo Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9067315-337B-4017-8FB0-FAC20830D8BB}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found

O18:64bit: - Protocol\Handler\sacore - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\dssrequest - No CLSID value found

O18 - Protocol\Handler\sacore - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{48c18493-513e-11e2-b1a3-1c750857f74b}\Shell - "" = AutoRun

O33 - MountPoints2\{48c18493-513e-11e2-b1a3-1c750857f74b}\Shell\AutoRun\command - "" = G:\SETUP.EXE

O33 - MountPoints2\{48c18493-513e-11e2-b1a3-1c750857f74b}\Shell\setup\command - "" = G:\setup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/28 00:32:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\someone\Desktop\OTL.exe

[2014/01/23 21:42:26 | 001,037,068 | ---- | C] (Thisisu) -- C:\Users\someone\Desktop\JRT.exe

[2014/01/19 08:24:29 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2014/01/18 19:50:45 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\windows\SysNative\drivers\dtsoftbus01.sys

[2014/01/15 14:41:27 | 000,000,000 | ---D | C] -- C:\Users\deathxempress\AppData\Local\Google

[2014/01/15 14:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[2014/01/15 14:16:33 | 000,000,000 | ---D | C] -- C:\windows\Migration

[2014/01/13 22:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite

[2014/01/13 22:12:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite

[2014/01/13 17:54:48 | 000,000,000 | ---D | C] -- C:\Users\deathxempress\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2014/01/13 17:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2014/01/07 09:58:44 | 000,000,000 | -H-D | C] -- C:\windows\AxInstSV

[2014/01/07 09:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

========== Files - Modified Within 30 Days ==========

[2014/01/28 00:32:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\deathxempress\Desktop\OTL.exe

[2014/01/28 00:09:57 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/01/28 00:09:56 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/01/28 00:04:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2014/01/28 00:01:47 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2014/01/28 00:01:36 | 1579,626,496 | -HS- | M] () -- C:\hiberfil.sys

[2014/01/23 21:42:56 | 001,037,068 | ---- | M] (Thisisu) -- C:\Users\someone\Desktop\JRT.exe

[2014/01/20 18:56:52 | 004,922,192 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

[2014/01/19 08:23:26 | 001,236,282 | ---- | M] () -- C:\Users\someone\Desktop\AdwCleaner.exe

[2014/01/18 19:55:22 | 000,791,972 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2014/01/18 19:55:22 | 000,659,148 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2014/01/18 19:55:22 | 000,126,570 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2014/01/18 19:50:46 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\windows\SysNative\drivers\dtsoftbus01.sys

[2014/01/15 14:20:34 | 000,772,246 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2014/01/13 22:13:31 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) -- C:\windows\SysNative\drivers\sptd.sys

[2014/01/02 11:57:25 | 000,450,660 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts

========== Files Created - No Company Name ==========

[2014/01/19 08:23:21 | 001,236,282 | ---- | C] () -- C:\Users\someone\Desktop\AdwCleaner.exe

[2013/12/08 13:10:28 | 000,085,504 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll

[2013/09/11 21:24:19 | 000,053,248 | ---- | C] () -- C:\windows\SysWow64\CommonDL.dll

[2013/09/11 21:24:19 | 000,002,411 | ---- | C] () -- C:\windows\SysWow64\lgAxconfig.ini

[2013/06/27 00:19:37 | 000,000,256 | -H-- | C] () -- C:\windows\SysWow64\FJLTAFOU.BIN

[2013/06/27 00:19:36 | 000,000,256 | -H-- | C] () -- C:\windows\SysWow64\LTAW14FN.BIN

[2012/10/21 15:11:01 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat

[2012/09/29 22:16:13 | 000,393,256 | ---- | C] () -- C:\windows\SysWow64\CNQ2414N.DAT

[2012/09/13 22:11:41 | 000,772,246 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/20 23:02:30 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\Audacity

[2013/10/23 23:19:42 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\AVAST Software

[2012/09/28 13:09:32 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2014/01/17 20:31:27 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\DAEMON Tools Lite

[2012/09/09 07:16:22 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\EasyCapture

[2012/12/14 19:56:11 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\ImgBurn

[2013/10/24 09:29:55 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\Leadertech

[2012/09/05 03:08:48 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\Opera

[2013/08/04 23:06:32 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\Opera Software

[2013/04/30 11:19:17 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\savedata

[2014/01/02 11:22:54 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\SoftGrid Client

[2012/09/21 00:38:47 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2012/09/13 22:14:08 | 000,000,000 | ---D | M] -- C:\Users\someone\AppData\Roaming\TP

========== Purity Check ==========

========== Files - Unicode (All) ==========

< End of report >

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = OperaStable] -- "C:\Program Files (x86)\Opera\Launcher.exe" -noautoupdate "%1"

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\windows\system32\rundll32.exe" "C:\windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{016C79E6-A5E0-4EE3-83EB-05E9B9E524B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{DDDD3C32-8604-43BD-9724-7DF66BB11336}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1028BD45-A3B4-4510-A46B-66CA076C5F87}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{11DCD7B7-73D4-4A60-95BF-26972D3C9AD9}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe |

"{1823DBAE-0BFD-4F18-85FC-1ACDFB509EED}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |

"{1B6C91D6-BBD1-4035-9A14-66D612936EC2}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |

"{1D7347EA-9D84-498F-9A46-419ED1A6EB2C}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe |

"{2F1C3934-9AE7-4BE8-9257-A9BA50794136}" = dir=out | app=c:\windows\system32\igrssvcs.exe |

"{3C860ABF-55C6-4264-A79E-377FB35020DC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{51D8BF02-A12B-4D9D-A291-337CF03D46CC}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |

"{6147470A-78DC-47F8-A717-039246ECA004}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |

"{71D6CAE8-ED13-4B9D-8E2C-3C6C0731202B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{73B983E2-8FFF-42E4-AC63-04D1774DDD81}" = dir=in | app=c:\windows\system32\igrssvcs.exe |

"{7FD5DA57-0F93-4848-B6E6-A3431A581497}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe |

"{9285F895-32A5-44D9-9510-4F27BC6A026F}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe |

"{973CBFE7-3E0F-4F0B-8EAE-35F9E75D580B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{A004FE7D-7A2B-4A14-8B0A-F1FFCD85241B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |

"{A40D9DE3-549A-438B-86AB-6250614AC4ED}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |

"{A996768F-A4F7-459D-9371-6337D2D03478}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |

"{ADE5DE42-E217-44F8-9FC4-FFC1D9D4CBC0}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |

"{C4BBF3E3-3261-421B-9868-BE0ED530FF24}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{CB4AF277-A590-415A-8F52-0C536EDAB146}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |

"{D015035E-B427-4EE5-8DC6-4A3DFE38C67D}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |

"{D79323DA-8ED5-477F-AF36-FDCF42A434E7}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |

"{DD1BC863-64C5-4CA4-A797-15C83ED3F4BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{E7E5F236-0438-4374-9665-92DF3F043890}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |

"{F072A993-686A-49AA-916A-5FE096422026}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |

"{F0F89B9D-0F5A-42A5-991D-34BEEF638052}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"92F4CDC794E6E4E29DC063D292D1C94F6FA1EA1E" = Windows Driver Package - Lenovo (ACPIVPC) System (05/19/2009 4.4.0.1)

"CCleaner" = CCleaner

"CNXT_AUDIO_HDA" = Conexant HD Audio

"HDMI" = Intel® Graphics Media Accelerator Driver

"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{89BVXZ20-3Q3E-445W-8AV3-YU21VB91F911}" = Audacity

"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Lenovo EasyCamera

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11

"{53C63F43-B827-42D9-8886-4698D91EA33B}" = System Requirements Lab for Intel

"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7

"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver

"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)

"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9

"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin

"Audacity_is1" = Audacity 2.0.2

"avast" = avast! Free Antivirus

"DAEMON Tools Lite" = DAEMON Tools Lite

"EasyCapture4.0" = EasyCapture

"ESET Online Scanner" = ESET Online Scanner v3

"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]

"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300

"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"Opera 12.16.1860" = Opera 12.16

"VeriFace" = VeriFace

"VLC media player" = VLC media player 2.1.2

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 1/26/2014 3:49:56 PM | Computer Name = Something | Source = CVHSVC | ID = 100

Description = Information only. Too many failures while downloading ranges: 2

Error - 1/26/2014 3:50:26 PM | Computer Name = Something | Source = CVHSVC | ID = 100

Description = Information only. (Stream product id=0x0066): Streaming Failed

Error - 1/26/2014 7:17:25 PM | Computer Name = Something | Source = MsiInstaller | ID = 11327

Description =

Error - 1/26/2014 7:17:37 PM | Computer Name = Something | Source = Application Error | ID = 1000

Description = Faulting application name: setup.exe_unknown, version: 0.0.0.0, time

stamp: 0x3cf519ae Faulting module name: setup.exe, version: 0.0.0.0, time stamp:

0x3cf519ae Exception code: 0xc0000006 Fault offset: 0x0001c584 Faulting process id:

0x1350 Faulting application start time: 0x01cf1aec04bfac54 Faulting application path:

F:\setup.exe Faulting module path: F:\setup.exe Report Id: 0afc760a-86e0-11e3-9400-1c750857f74b

Error - 1/26/2014 7:17:37 PM | Computer Name = Something | Source = Application Error | ID = 1005

Description = Windows cannot access the file for one of the following reasons: there

is a problem with the network connection, the disk that the file is stored on,

or the storage drivers installed on this computer; or the disk is missing. Windows

closed the program setup.exe because of this error. Program: setup.exe File: The

error value is listed in the Additional Data section. User Action 1. Open the file

again. This situation might be a temporary problem that corrects itself when the

program runs again. 2. If the file still cannot be accessed and - It is on the network,

your

network administrator should verify that there is not a problem with the network

and that the server can be contacted. - It is on a removable disk, for example,

a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.

3.

Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,

click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,

and then press ENTER. 4. If the problem persists, restore the file from a backup

copy. 5. Determine whether other files on the same disk can be opened. If not, the

disk might be damaged. If it is a hard disk, contact your administrator or computer

hardware vendor for further assistance. Additional Data Error value: C0000098 Disk

type: 0

Error - 1/27/2014 2:01:20 AM | Computer Name = Something | Source = SideBySide | ID = 16842832

Description = Activation context generation failed for "c:\program files (x86)\ESET\eset

online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line

. A component version required by the application conflicts with another component

version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component

2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 1/27/2014 2:01:29 AM | Computer Name = Something | Source = SideBySide | ID = 16842832

Description = Activation context generation failed for "c:\Users\someone\Desktop\esetsmartinstaller_enu.exe".Error

in manifest or policy file "" on line . A component version required by the application

conflicts with another component version already active. Conflicting components

are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component

2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 1/27/2014 2:04:22 AM | Computer Name = Something | Source = SideBySide | ID = 16842815

Description = Activation context generation failed for "c:\program files (x86)\spybot

- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program

files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of

attribute "language" in element "assemblyIdentity" is invalid.

Error - 1/27/2014 6:04:17 PM | Computer Name = Something | Source = CVHSVC | ID = 100

Description = Information only. Too many failures while downloading ranges: 2

Error - 1/27/2014 6:04:47 PM | Computer Name = Something | Source = CVHSVC | ID = 100

Description = Information only. (Stream product id=0x0066): Streaming Failed

[ System Events ]

Error - 1/25/2014 6:36:18 PM | Computer Name = Something | Source = volsnap | ID = 393252

Description = The shadow copies of volume C: were aborted because the shadow copy

storage could not grow due to a user imposed limit.

Error - 1/25/2014 10:23:01 PM | Computer Name = Something | Source = Service Control Manager | ID = 7000

Description = The Conexant SmartAudio service service failed to start due to the

following error: %%2

Error - 1/25/2014 10:23:07 PM | Computer Name = Something | Source = Service Control Manager | ID = 7000

Description = The STEC3 service failed to start due to the following error: %%2

Error - 1/25/2014 10:25:55 PM | Computer Name = Something | Source = Service Control Manager | ID = 7000

Description = The ReadyComm.DirectRouter service failed to start due to the following

error: %%2

Error - 1/26/2014 3:47:31 PM | Computer Name = Something | Source = Service Control Manager | ID = 7000

Description = The Conexant SmartAudio service service failed to start due to the

following error: %%2

Error - 1/26/2014 3:47:36 PM | Computer Name = Something | Source = Service Control Manager | ID = 7000

Description = The STEC3 service failed to start due to the following error: %%2

Error - 1/26/2014 3:49:56 PM | Computer Name = Something | Source = Service Control Manager | ID = 7000

Description = The ReadyComm.DirectRouter service failed to start due to the following

error: %%2

Error - 1/27/2014 6:02:07 PM | Computer Name = Something | Source = Service Control Manager | ID = 7000

Description = The Conexant SmartAudio service service failed to start due to the

following error: %%2

Error - 1/27/2014 6:02:12 PM | Computer Name = Something | Source = Service Control Manager | ID = 7000

Description = The STEC3 service failed to start due to the following error: %%2

Error - 1/27/2014 6:04:44 PM | Computer Name = Something | Source = Service Control Manager | ID = 7000

Description = The ReadyComm.DirectRouter service failed to start due to the following

error: %%2

< End of report >

 

 

Link to post
Share on other sites

Now?

 

 

OTL logfile created on: 1/28/2014 12:41:32 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\someone

\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type

= NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000409 | Country: Italy | Language: EN | Date Format:

M/d/yyyy

1.96 Gb Total Physical Memory | 0.83 Gb Available Physical Memory |

42.16% Memory free

3.92 Gb Paging File | 2.65 Gb Available in Paging File | 67.61% Paging

File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:

\Program Files (x86)

Drive C: | 150.89 Gb Total Space | 16.19 Gb Free Space | 6.40% Space

Free | Partition Type: NTFS

Drive D: | 30.25 Gb Total Space | 29.59 Gb Free Space | 97.82% Space

Free | Partition Type: NTFS

Computer Name: Something | User Name: someone | Logged in as

Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include

64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name

Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/28 00:32:36 | 000,602,112 | ---- | M] (OldTimer Tools)

-- C:\Users\someone\Desktop\OTL.exe

PRC - [2013/12/27 20:17:02 | 003,764,024 | ---- | M] (AVAST Software)

-- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2013/12/27 20:17:02 | 000,050,344 | ---- | M] (AVAST Software)

-- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft

Corporation) -- C:\Program Files (x86)\Microsoft Application

Virtualization Client\sftvsa.exe

PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft

Corporation) -- C:\Program Files (x86)\Microsoft Application

Virtualization Client\sftlist.exe

PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems

Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM

\1.0\armsvc.exeen.exe

PRC - [2010/12/03 07:09:57 | 003,122,440 | ---- | M] (Lenovo) -- C:

\Program Files (x86)\Lenovo\VeriFace\PManage.exe

PRC - [2010/01/19 12:44:40 | 000,536,576 | ---- | M] (Vimicro) -- C:

\Program Files (x86)\USB Camera2\VM332_STI.EXE

PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel

Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage

Manager\IAAnotif.exe

PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel

Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage

Manager\IAANTmon.exe

========== Modules (No Company Name) ==========

MOD - [2013/10/23 10:55:44 | 019,336,120 | ---- | M] () -- C:\Program

Files\AVAST Software\Avast\libcef.dll

MOD - [2010/12/03 07:09:57 | 000,492,808 | ---- | M] () -- C:\Program

Files (x86)\Lenovo\VeriFace\ChooseLang.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/12/27 20:17:02 | 000,050,344 | ---- | M] (AVAST

Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast

\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2013/11/26 11:18:09 | 000,111,616 | ---- | M] (Microsoft

Corporation) [On_Demand | Stopped] -- C:\windows\SysNative

\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft

Corporation) [Auto | Running] -- C:\Program Files\Windows Defender

\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2010/03/25 11:32:02 | 000,445,496 | ---- | M] (Conexant

Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\SASrv.exe --

(SAService)

SRV:64bit: - [2009/09/22 20:16:32 | 000,579,400 | ---- | M] (Lenovo

Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo

\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)

SRV:64bit: - [2009/08/14 16:22:48 | 000,509,192 | ---- | M] (Lenovo

Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo

\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)

SRV - [2014/01/15 14:41:02 | 000,257,928 | ---- | M] (Adobe Systems

Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed

\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft

Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework

\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype

Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater

\Updater.exe -- (SkypeUpdate)

SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft

Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft

Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft

Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft

Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems

Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files

\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2009/07/16 05:12:42 | 000,276,296 | ---- | M] (Lenovo Group

Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo

\ReadyComm\PS_MDP.dll -- (PS_MDP)

SRV - [2009/07/14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group

Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo

\ReadyComm\common\IGRS.exe -- (IGRS)

SRV - [2009/07/14 16:27:20 | 000,103,688 | ---- | M] (Lenovo Group

Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm

\common\router.dll -- (ReadyComm.DirectRouter)

SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft

Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET

\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel

Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel

Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/18 19:50:46 | 000,283,064 | ---- | M] (Disc Soft

Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers

\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2014/01/13 22:13:31 | 000,381,440 | ---- | M] (Duplex

Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers

\sptd.sys -- (sptd)

DRV:64bit: - [2013/12/27 20:17:07 | 001,034,464 | ---- | M] (AVAST

Software) [File_System | System | Running] -- C:\Windows\SysNative

\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2013/12/27 20:17:07 | 000,422,216 | ---- | M] (AVAST

Software) [File_System | System | Running] -- C:\Windows\SysNative

\drivers\aswsp.sys -- (aswSP)

DRV:64bit: - [2013/12/27 20:17:07 | 000,207,904 | ---- | M] () [Kernel

| Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys --

(aswVmm)

DRV:64bit: - [2013/12/27 20:17:07 | 000,082,744 | ---- | M] (AVAST

Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative

\drivers\aswstm.sys -- (aswStm)

DRV:64bit: - [2013/12/27 20:17:07 | 000,078,648 | ---- | M] (AVAST

Software) [File_System | Auto | Running] -- C:\Windows\SysNative

\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2013/10/23 10:55:53 | 000,065,776 | ---- | M] () [Kernel

| Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys --

(aswRvrt)

DRV:64bit: - [2013/10/23 10:55:52 | 000,092,544 | ---- | M] (AVAST

Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers

\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft

Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative

\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft

Corporation) [File_System | On_Demand | Running] -- C:\Windows

\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft

Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative

\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft

Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative

\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft

Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft

Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/08/21 11:13:11 | 000,019,600 | ---- | M] (AVAST

Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers

\aswKbd.sys -- (aswKbd)

DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft

Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative

\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek )

[Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers

\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced

Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced

Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative

\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/12/03 07:09:16 | 000,058,896 | ---- | M] () [Kernel

| System | Running] -- C:\windows\SysNative\drivers\funfrm.sys --

(funfrm)

DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-

Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows

\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/04/22 06:11:42 | 000,260,216 | ---- | M] (Alps

Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows

\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

DRV:64bit: - [2010/04/20 19:45:32 | 000,229,488 | ---- | M] (Vimicro

Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative

\drivers\vm332avs.sys -- (vm332avs)

DRV:64bit: - [2010/01/18 11:45:50 | 000,717,368 | ---- | M] (Conexant

Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative

\drivers\CHDRT64.sys -- (CnxtHdAudService)

DRV:64bit: - [2009/07/21 16:20:06 | 000,121,840 | ---- | M] (CyberLink)

[Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys

-- (wsvd)

DRV:64bit: - [2009/07/16 13:55:34 | 000,011,280 | ---- | M] (Lenovo)

[Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers

\WDMirror.sys -- (wdmirror)

DRV:64bit: - [2009/07/16 05:38:20 | 000,079,376 | ---- | M] (Lenovo)

[Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers

\WDBridge.sys -- (Bridge0)

DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD

Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows

\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI

Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise

Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/07 19:45:50 | 002,769,400 | ---- | M] (Broadcom

Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative

\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/07/03 03:42:08 | 007,342,432 | ---- | M] (Intel

Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative

\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel

Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\netw5v64.sys -- (netw5v64)

DRV:64bit: - [2009/06/10 22:34:36 | 000,270,848 | ---- | M] (Broadcom

Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\k57nd60a.sys -- (k57nd60a)

DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom

Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom

Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom

Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative

\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge

Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows

\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/04 20:54:36 | 000,408,600 | ---- | M] (Intel

Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers

\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/05/19 15:43:32 | 000,026,128 | ---- | M] (Lenovo

Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative

\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV:64bit: - [2008/08/06 14:32:16 | 000,151,656 | ---- | M] (Microsoft

Corporation) [File_System | On_Demand | Stopped] -- C:\Windows

\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2012/12/01 04:47:59 | 000,002,368 | ---- | M] (AntiCracking)

[Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\STEC3.sys -- (STEC3)

DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft

Corporation) [File_System | On_Demand | Stopped] -- C:\Windows

\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary

Start Pages = http://download.eset...lineScanner.cab (OnlineScanner Control)

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}

http://content.syste...el_4.5.15.0.cab (SysInfo Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}

https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =

192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9067315-

337B-4017-8FB0-FAC20830D8BB}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found

O18:64bit: - Protocol\Handler\sacore - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\dssrequest - No CLSID value found

O18 - Protocol\Handler\sacore - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}

- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype

Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows

\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows

\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft

Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows

\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows

\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:

\windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -

No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No

CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{48c18493-513e-11e2-b1a3-1c750857f74b}\Shell - "" =

AutoRun

O33 - MountPoints2\{48c18493-513e-11e2-b1a3-1c750857f74b}\Shell

\AutoRun\command - "" = G:\SETUP.EXE

O33 - MountPoints2\{48c18493-513e-11e2-b1a3-1c750857f74b}\Shell\setup

\command - "" = G:\setup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows:

(ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows:

(ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days

==========

[2014/01/28 00:32:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:

\Users\someone\Desktop\OTL.exe

[2014/01/23 21:42:26 | 001,037,068 | ---- | C] (Thisisu) -- C:\Users

\someone\Desktop\JRT.exe

[2014/01/19 08:24:29 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2014/01/18 19:50:45 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:

\windows\SysNative\drivers\dtsoftbus01.sys

[2014/01/15 14:41:27 | 000,000,000 | ---D | C] -- C:\Users

\deathxempress\AppData\Local\Google

[2014/01/15 14:41:09 | 000,000,000 | ---D | C] -- C:\Program Files

(x86)\Google

[2014/01/15 14:16:33 | 000,000,000 | ---D | C] -- C:\windows\Migration

[2014/01/13 22:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite

[2014/01/13 22:12:00 | 000,000,000 | ---D | C] -- C:\Program Files

(x86)\DAEMON Tools Lite

[2014/01/13 17:54:48 | 000,000,000 | ---D | C] -- C:\Users

\deathxempress\AppData\Roaming\Microsoft\Windows\Start Menu\Programs

\WinRAR

[2014/01/13 17:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\WinRAR

[2014/01/07 09:58:44 | 000,000,000 | -H-D | C] -- C:\windows\AxInstSV

[2014/01/07 09:20:45 | 000,000,000 | ---D | C] -- C:\Program Files

\WinRAR

========== Files - Modified Within 30 Days ==========

[2014/01/28 00:32:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:

\Users\deathxempress\Desktop\OTL.exe

[2014/01/28 00:09:57 | 000,013,632 | -H-- | M] () -- C:\windows

\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-

439d-8115-601632D005A0

[2014/01/28 00:09:56 | 000,013,632 | -H-- | M] () -- C:\windows

\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-

439d-8115-601632D005A0

[2014/01/28 00:04:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks

\Adobe Flash Player Updater.job

[2014/01/28 00:01:47 | 000,067,584 | --S- | M] () -- C:\windows

\bootstat.dat

[2014/01/28 00:01:36 | 1579,626,496 | -HS- | M] () -- C:\hiberfil.sys

[2014/01/23 21:42:56 | 001,037,068 | ---- | M] (Thisisu) -- C:\Users

\someone\Desktop\JRT.exe

[2014/01/20 18:56:52 | 004,922,192 | ---- | M] () -- C:\windows

\SysNative\FNTCACHE.DAT

[2014/01/19 08:23:26 | 001,236,282 | ---- | M] () -- C:\Users\someone

\Desktop\AdwCleaner.exe

[2014/01/18 19:55:22 | 000,791,972 | ---- | M] () -- C:\windows

\SysNative\PerfStringBackup.INI

[2014/01/18 19:55:22 | 000,659,148 | ---- | M] () -- C:\windows

\SysNative\perfh009.dat

[2014/01/18 19:55:22 | 000,126,570 | ---- | M] () -- C:\windows

\SysNative\perfc009.dat

[2014/01/18 19:50:46 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:

\windows\SysNative\drivers\dtsoftbus01.sys

[2014/01/15 14:20:34 | 000,772,246 | ---- | M] () -- C:\windows

\SysWow64\PerfStringBackup.INI

[2014/01/13 22:13:31 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) --

C:\windows\SysNative\drivers\sptd.sys

[2014/01/02 11:57:25 | 000,450,660 | R--- | M] () -- C:\windows

\SysNative\drivers\etc\hosts

========== Files Created - No Company Name ==========

[2014/01/19 08:23:21 | 001,236,282 | ---- | C] () -- C:\Users\someone

\Desktop\AdwCleaner.exe

[2013/12/08 13:10:28 | 000,085,504 | ---- | C] () -- C:\windows

\SysWow64\ff_vfw.dll

[2013/09/11 21:24:19 | 000,053,248 | ---- | C] () -- C:\windows

\SysWow64\CommonDL.dll

[2013/09/11 21:24:19 | 000,002,411 | ---- | C] () -- C:\windows

\SysWow64\lgAxconfig.ini

[2013/06/27 00:19:37 | 000,000,256 | -H-- | C] () -- C:\windows

\SysWow64\FJLTAFOU.BIN

[2013/06/27 00:19:36 | 000,000,256 | -H-- | C] () -- C:\windows

\SysWow64\LTAW14FN.BIN

[2012/10/21 15:11:01 | 000,000,017 | ---- | C] () -- C:\windows

\SysWow64\shortcut_ex.dat

[2012/09/29 22:16:13 | 000,393,256 | ---- | C] () -- C:\windows

\SysWow64\CNQ2414N.DAT

[2012/09/13 22:11:41 | 000,772,246 | ---- | C] () -- C:\windows

\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows

\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-

0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-

41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-

409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-

4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-

0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 04:24:57 |

014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-

41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 03:55:59 |

012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-

D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 |

000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-

42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 |

000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-

85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 |

000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-

4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/20 23:02:30 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\Audacity

[2013/10/23 23:19:42 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\AVAST Software

[2012/09/28 13:09:32 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2014/01/17 20:31:27 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\DAEMON Tools Lite

[2012/09/09 07:16:22 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\EasyCapture

[2012/12/14 19:56:11 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\ImgBurn

[2013/10/24 09:29:55 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\Leadertech

[2012/09/05 03:08:48 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\Opera

[2013/08/04 23:06:32 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\Opera Software

[2013/04/30 11:19:17 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\savedata

[2014/01/02 11:22:54 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\SoftGrid Client

[2012/09/21 00:38:47 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming

\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2012/09/13 22:14:08 | 000,000,000 | ---D | M] -- C:\Users\someone

\AppData\Roaming\TP

========== Purity Check ==========

========== Files - Unicode (All) ==========

< End of report >

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE

(Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe

(Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft

Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE

(Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = OperaStable] -- "C:\Program Files (x86)\Opera\Launcher.exe"

-noautoupdate "%1"

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell

\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1

(Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE"

%1 (Microsoft Corporation)

htmlfile [print] -- "C:\windows\system32\rundll32.exe" "C:\windows

\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1

(Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1

(Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1"

(Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:

\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:

\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%

\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC

\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC

\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet

Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:

\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%*

(Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1

(Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE"

%1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1

(Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1

(Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1"

(Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%

\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC

\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC

\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet

Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg

Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center

\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess

\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess

\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess

\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List

==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess

\Parameters\FirewallPolicy\FirewallRules]

"{016C79E6-A5E0-4EE3-83EB-05E9B9E524B5}" = rport=5355 | protocol=17 |

dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{DDDD3C32-8604-43BD-9724-7DF66BB11336}" = lport=5355 | protocol=17 |

dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List

==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess

\Parameters\FirewallPolicy\FirewallRules]

"{1028BD45-A3B4-4510-A46B-66CA076C5F87}" = protocol=17 | dir=in | app=

%programfiles%\windows media player\wmplayer.exe |

"{11DCD7B7-73D4-4A60-95BF-26972D3C9AD9}" = dir=out | app=c:\program

files\lenovo\readycomm\connsvc.exe |

"{1823DBAE-0BFD-4F18-85FC-1ACDFB509EED}" = dir=out | app=c:\program

files (x86)\lenovo\readycomm\common\igrs.exe |

"{1B6C91D6-BBD1-4035-9A14-66D612936EC2}" = protocol=17 | dir=in |

app=c:\program files (x86)\opera\opera.exe |

"{1D7347EA-9D84-498F-9A46-419ED1A6EB2C}" = dir=out | app=c:\program

files\lenovo\readycomm\appsvc.exe |

"{2F1C3934-9AE7-4BE8-9257-A9BA50794136}" = dir=out | app=c:\windows

\system32\igrssvcs.exe |

"{3C860ABF-55C6-4264-A79E-377FB35020DC}" = dir=in | app=c:\program

files (x86)\skype\phone\skype.exe |

"{51D8BF02-A12B-4D9D-A291-337CF03D46CC}" = dir=out | app=c:\program

files\lenovo\readycomm\readycomm.exe |

"{6147470A-78DC-47F8-A717-039246ECA004}" = protocol=6 | dir=in |

app=c:\program files (x86)\opera\opera.exe |

"{71D6CAE8-ED13-4B9D-8E2C-3C6C0731202B}" = protocol=6 | dir=out | app=

%programfiles(x86)%\windows media player\wmplayer.exe |

"{73B983E2-8FFF-42E4-AC63-04D1774DDD81}" = dir=in | app=c:\windows

\system32\igrssvcs.exe |

"{7FD5DA57-0F93-4848-B6E6-A3431A581497}" = dir=in | app=c:\program

files\lenovo\readycomm\appsvc.exe |

"{9285F895-32A5-44D9-9510-4F27BC6A026F}" = dir=in | app=c:\program

files\lenovo\readycomm\connsvc.exe |

"{973CBFE7-3E0F-4F0B-8EAE-35F9E75D580B}" = protocol=17 | dir=out |

app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{A004FE7D-7A2B-4A14-8B0A-F1FFCD85241B}" = protocol=6 | dir=in |

app=c:\programdata\battle.net\agent\agent.1737\agent.exe |

"{A40D9DE3-549A-438B-86AB-6250614AC4ED}" = protocol=17 | dir=in |

app=c:\programdata\battle.net\agent\agent.954\agent.exe |

"{A996768F-A4F7-459D-9371-6337D2D03478}" = dir=in | app=c:\program

files\lenovo\readycomm\projectionist.exe |

"{ADE5DE42-E217-44F8-9FC4-FFC1D9D4CBC0}" = protocol=6 | dir=in |

app=c:\program files (x86)\opera\opera.exe |

"{C4BBF3E3-3261-421B-9868-BE0ED530FF24}" = protocol=17 | dir=out |

app=%programfiles%\windows media player\wmplayer.exe |

"{CB4AF277-A590-415A-8F52-0C536EDAB146}" = dir=out | app=c:\program

files (x86)\lenovo\readycomm\common\igrs.exe |

"{D015035E-B427-4EE5-8DC6-4A3DFE38C67D}" = dir=out | app=c:\program

files\lenovo\readycomm\projectionist.exe |

"{D79323DA-8ED5-477F-AF36-FDCF42A434E7}" = dir=in | app=c:\program

files (x86)\lenovo\readycomm\common\igrs.exe |

"{DD1BC863-64C5-4CA4-A797-15C83ED3F4BB}" = protocol=6 | dir=out | app=

%programfiles%\windows media player\wmplayer.exe |

"{E7E5F236-0438-4374-9665-92DF3F043890}" = protocol=17 | dir=in |

app=c:\program files (x86)\opera\opera.exe |

"{F072A993-686A-49AA-916A-5FE096422026}" = dir=in | app=c:\program

files (x86)\lenovo\readycomm\common\igrs.exe |

"{F0F89B9D-0F5A-42A5-991D-34BEEF638052}" = protocol=17 | dir=in | app=

%programfiles(x86)%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion

\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005

Redistributable (x64)

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" =

Microsoft_VC80_MFCLOC_x86_x64

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework

4.5.1

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-

Run 2010

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage

Manager

"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" =

Microsoft_VC90_MFCLOC_x86_x64

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET

Framework 4.5.1

"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in

Assistant

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005

Redistributable (x64)

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"92F4CDC794E6E4E29DC063D292D1C94F6FA1EA1E" = Windows Driver Package -

Lenovo (ACPIVPC) System (05/19/2009 4.4.0.1)

"CCleaner" = CCleaner

"CNXT_AUDIO_HDA" = Conexant HD Audio

"HDMI" = Intel® Graphics Media Accelerator Driver

"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion

\Uninstall]

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010

x86 Redistributable - 10.0.30319

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008

Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX

Control for Remote Connections

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{89BVXZ20-3Q3E-445W-8AV3-YU21VB91F911}" = Audacity

"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Lenovo EasyCamera

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows

Marketplace

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11

"{53C63F43-B827-42D9-8886-4698D91EA33B}" = System Requirements Lab for

Intel

"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller

Driver For Windows 7

"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless

Driver

"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter

2010 - English

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008

Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008

Redistributable - x86 9.0.30729.6161

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)

"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For

Adobe Reader 9

"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search &

Destroy

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows

- LIVE Redistributable

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin

"Audacity_is1" = Audacity 2.0.2

"avast" = avast! Free Antivirus

"DAEMON Tools Lite" = DAEMON Tools Lite

"EasyCapture4.0" = EasyCapture

"ESET Online Scanner" = ESET Online Scanner v3

"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]

"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey

Recovery

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version

1.75.0.1300

"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"Opera 12.16.1860" = Opera 12.16

"VeriFace" = VeriFace

"VLC media player" = VLC media player 2.1.2

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 1/26/2014 3:49:56 PM | Computer Name = Something | Source =

CVHSVC | ID = 100

Description = Information only. Too many failures while downloading

ranges: 2

Error - 1/26/2014 3:50:26 PM | Computer Name = Something | Source =

CVHSVC | ID = 100

Description = Information only. (Stream product id=0x0066): Streaming

Failed

Error - 1/26/2014 7:17:25 PM | Computer Name = Something | Source =

MsiInstaller | ID = 11327

Description =

Error - 1/26/2014 7:17:37 PM | Computer Name = Something | Source =

Application Error | ID = 1000

Description = Faulting application name: setup.exe_unknown, version:

0.0.0.0, time

stamp: 0x3cf519ae Faulting module name: setup.exe, version: 0.0.0.0,

time stamp:

0x3cf519ae Exception code: 0xc0000006 Fault offset: 0x0001c584 Faulting

process id:

0x1350 Faulting application start time: 0x01cf1aec04bfac54 Faulting

application path:

F:\setup.exe Faulting module path: F:\setup.exe Report Id: 0afc760a-

86e0-11e3-9400-1c750857f74b

Error - 1/26/2014 7:17:37 PM | Computer Name = Something | Source =

Application Error | ID = 1005

Description = Windows cannot access the file for one of the following

reasons: there

is a problem with the network connection, the disk that the file is

stored on,

or the storage drivers installed on this computer; or the disk is

missing. Windows

closed the program setup.exe because of this error. Program: setup.exe

File: The

error value is listed in the Additional Data section. User Action 1.

Open the file

again. This situation might be a temporary problem that corrects itself

when the

program runs again. 2. If the file still cannot be accessed and - It is

on the network,

your

network administrator should verify that there is not a problem with

the network

and that the server can be contacted. - It is on a removable disk, for

example,

a floppy disk or CD-ROM, verify that the disk is fully inserted into

the computer.

3.

Check and repair the file system by running CHKDSK. To run CHKDSK,

click Start,

click Run, type CMD, and then click OK. At the command prompt, type

CHKDSK /F,

and then press ENTER. 4. If the problem persists, restore the file from

a backup

copy. 5. Determine whether other files on the same disk can be opened.

If not, the

disk might be damaged. If it is a hard disk, contact your administrator

or computer

hardware vendor for further assistance. Additional Data Error value:

C0000098 Disk

type: 0

Error - 1/27/2014 2:01:20 AM | Computer Name = Something | Source =

SideBySide | ID = 16842832

Description = Activation context generation failed for "c:\program

files (x86)\ESET\eset

online scanner\ESETSmartInstaller.exe".Error in manifest or policy file

"" on line

. A component version required by the application conflicts with

another component

version already active. Conflicting components are:. Component 1: C:

\windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest

.

Component

2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest

.

Error - 1/27/2014 2:01:29 AM | Computer Name = Something | Source =

SideBySide | ID = 16842832

Description = Activation context generation failed for "c:\Users

\someone\Desktop\esetsmartinstaller_enu.exe".Error

in manifest or policy file "" on line . A component version required by

the application

conflicts with another component version already active. Conflicting

components

are:. Component 1: C:\windows\WinSxS\manifests

\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest

.

Component

2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest

.

Error - 1/27/2014 2:04:22 AM | Computer Name = Something | Source =

SideBySide | ID = 16842815

Description = Activation context generation failed for "c:\program

files (x86)\spybot

- search & destroy\DelZip179.dll".Error in manifest or policy file "c:

\program

files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The

value "*" of

attribute "language" in element "assemblyIdentity" is invalid.

Error - 1/27/2014 6:04:17 PM | Computer Name = Something | Source =

CVHSVC | ID = 100

Description = Information only. Too many failures while downloading

ranges: 2

Error - 1/27/2014 6:04:47 PM | Computer Name = Something | Source =

CVHSVC | ID = 100

Description = Information only. (Stream product id=0x0066): Streaming

Failed

[ System Events ]

Error - 1/25/2014 6:36:18 PM | Computer Name = Something | Source =

volsnap | ID = 393252

Description = The shadow copies of volume C: were aborted because the

shadow copy

storage could not grow due to a user imposed limit.

Error - 1/25/2014 10:23:01 PM | Computer Name = Something | Source =

Service Control Manager | ID = 7000

Description = The Conexant SmartAudio service service failed to start

due to the

following error: %%2

Error - 1/25/2014 10:23:07 PM | Computer Name = Something | Source =

Service Control Manager | ID = 7000

Description = The STEC3 service failed to start due to the following

error: %%2

Error - 1/25/2014 10:25:55 PM | Computer Name = Something | Source =

Service Control Manager | ID = 7000

Description = The ReadyComm.DirectRouter service failed to start due to

the following

error: %%2

Error - 1/26/2014 3:47:31 PM | Computer Name = Something | Source =

Service Control Manager | ID = 7000

Description = The Conexant SmartAudio service service failed to start

due to the

following error: %%2

Error - 1/26/2014 3:47:36 PM | Computer Name = Something | Source =

Service Control Manager | ID = 7000

Description = The STEC3 service failed to start due to the following

error: %%2

Error - 1/26/2014 3:49:56 PM | Computer Name = Something | Source =

Service Control Manager | ID = 7000

Description = The ReadyComm.DirectRouter service failed to start due to

the following

error: %%2

Error - 1/27/2014 6:02:07 PM | Computer Name = Something | Source =

Service Control Manager | ID = 7000

Description = The Conexant SmartAudio service service failed to start

due to the

following error: %%2

Error - 1/27/2014 6:02:12 PM | Computer Name = Something | Source =

Service Control Manager | ID = 7000

Description = The STEC3 service failed to start due to the following

error: %%2

Error - 1/27/2014 6:04:44 PM | Computer Name = Something | Source =

Service Control Manager | ID = 7000

Description = The ReadyComm.DirectRouter service failed to start due to

the following

error: %%2

< End of report >

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.