Jump to content

service has been disabled or deleted. The console cannot continue.


ShooMoe

Recommended Posts

I get this message every time is boot. I have no idea why and how to fix it. I have tried to install a new account and it still shows up. Not sure where to start. It's some other erratic things that I can't quite explain... And a google search for the last two days has gotten me nowhere.

Any help will be appreciated.

Thanks

shooMoe

Link to post
Share on other sites

Here is the results.. THANKS!

 

--------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by Blessed (administrator) on IBM-PC on 18-07-2014 00:07:43
Running from C:\Users\Blessed\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\ATTSplusPCMT\SPLUS_UI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [380544 2012-05-28] (Alcor Micro Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2908984 2012-07-12] (Synaptics Incorporated)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [293256 2012-10-10] (Lenovo Group Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [258936 2011-11-14] ()
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1095472 2012-03-12] (Lenovo)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/MCM_WCP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U218DHP&pc=U218
SearchScopes: HKLM - DefaultScope {B6A06A97-564D-49AC-88A1-6E1313E23B03} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MALCJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {B6A06A97-564D-49AC-88A1-6E1313E23B03} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MALCJS
SearchScopes: HKLM-x32 - DefaultScope {B6A06A97-564D-49AC-88A1-6E1313E23B03} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MALCJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {B6A06A97-564D-49AC-88A1-6E1313E23B03} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MALCJS
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

FireFox:
========
FF ProfilePath: C:\Users\Blessed\AppData\Roaming\Mozilla\Firefox\Profiles\alfnu6qw.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client

==================== Services (Whitelisted) =================

S4 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-03-12] (Lenovo)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-06] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
S4 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [187784 2012-10-10] (Lenovo Group Limited)
S4 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S4 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [File not signed]
S4 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1492280 2012-02-06] (Lenovo Group Limited)
S3 IEEtwCollectorService; %SystemRoot%\system32\IEEtwCollector.exe /V [X]

==================== Drivers (Whitelisted) ====================

S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [71440 2012-03-12] (Windows ® Win 7 DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27960 2012-07-12] (Synaptics Incorporated)
S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [3051000 2012-04-03] (Sunplus Technology)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-18 00:08 - 2014-07-18 00:08 - 01682416 _____ (Malwarebytes Corporation) C:\Users\Blessed\Downloads\mbam-check-2.1.1.1001.exe
2014-07-18 00:07 - 2014-07-18 00:08 - 00011879 _____ () C:\Users\Blessed\Downloads\FRST.txt
2014-07-18 00:07 - 2014-07-18 00:07 - 02086912 _____ (Farbar) C:\Users\Blessed\Downloads\FRST64.exe
2014-07-18 00:07 - 2014-07-18 00:07 - 00000000 ____D () C:\FRST
2014-07-18 00:06 - 2014-07-18 00:06 - 01077248 _____ (Farbar) C:\Users\Blessed\Downloads\FRST.exe
2014-07-18 00:04 - 2014-07-18 00:04 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Adobe
2014-07-18 00:04 - 2014-07-18 00:04 - 00000000 ____D () C:\Users\Blessed\AppData\Local\Macromedia
2014-07-17 21:59 - 2014-07-17 21:59 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2014-07-17 21:59 - 2014-07-17 21:59 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Malwarebytes
2014-07-17 21:59 - 2014-07-17 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-07-17 21:59 - 2014-07-17 21:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-17 21:59 - 2014-07-17 21:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-17 21:59 - 2010-01-07 16:07 - 00038224 _____ (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2014-07-17 21:59 - 2010-01-07 16:07 - 00022104 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-16 23:25 - 2014-07-16 23:25 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\PwrMgr
2014-07-16 23:22 - 2014-07-16 23:23 - 58080904 _____ (Microsoft Corporation) C:\Users\Blessed\Downloads\EIE11_EN-US_WOL_WIN764.EXE
2014-07-16 23:20 - 2014-07-16 23:21 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Mozilla
2014-07-16 23:20 - 2014-07-16 23:21 - 00000000 ____D () C:\Users\Blessed\AppData\Local\Mozilla
2014-07-16 23:09 - 2014-07-16 23:09 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\LSC
2014-07-16 22:59 - 2014-07-16 22:59 - 00109296 _____ () C:\Users\Blessed\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-16 22:59 - 2014-07-16 22:59 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Synaptics
2014-07-16 22:59 - 2014-07-16 22:59 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Leadertech
2014-07-16 22:59 - 2014-07-16 22:59 - 00000000 ____D () C:\Users\Blessed\AppData\Local\Lenovo
2014-07-16 22:59 - 2014-07-16 22:59 - 00000000 _____ () C:\Users\Blessed\agent.log
2014-07-16 22:58 - 2014-07-16 22:59 - 00000000 ____D () C:\Users\Blessed
2014-07-16 22:58 - 2014-07-16 22:58 - 00000020 ___SH () C:\Users\Blessed\ntuser.ini
2014-07-16 22:58 - 2014-07-16 22:58 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\PCHC
2014-07-16 22:58 - 2014-07-16 22:58 - 00000000 ____D () C:\Users\Blessed\AppData\Local\VirtualStore
2014-07-16 22:58 - 2013-09-08 19:46 - 00000000 ___RD () C:\Users\Blessed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-16 22:58 - 2013-09-08 19:46 - 00000000 ___RD () C:\Users\Blessed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-16 22:58 - 2013-06-28 10:07 - 00000000 ____D () C:\Users\Blessed\AppData\Local\Microsoft Help
2014-07-16 22:58 - 2013-04-03 18:34 - 00002111 _____ () C:\Users\Blessed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-07-16 22:58 - 2013-04-03 18:29 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Macromedia
2014-07-16 22:53 - 2014-07-16 22:53 - 00109296 _____ () C:\Users\Mercy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 ____D () C:\Users\Mercy\AppData\Roaming\Synaptics
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 ____D () C:\Users\Mercy\AppData\Roaming\PwrMgr
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 ____D () C:\Users\Mercy\AppData\Roaming\Leadertech
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 ____D () C:\Users\Mercy\AppData\Local\Lenovo
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 _____ () C:\Users\Mercy\agent.log
2014-07-16 22:52 - 2014-07-16 22:53 - 00000000 ____D () C:\Users\Mercy
2014-07-16 22:52 - 2014-07-16 22:52 - 00000020 ___SH () C:\Users\Mercy\ntuser.ini
2014-07-16 22:52 - 2014-07-16 22:52 - 00000000 ____D () C:\Users\Mercy\AppData\Roaming\PCHC
2014-07-16 22:52 - 2014-07-16 22:52 - 00000000 ____D () C:\Users\Mercy\AppData\Local\VirtualStore
2014-07-16 22:52 - 2013-09-08 19:46 - 00000000 ___RD () C:\Users\Mercy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-16 22:52 - 2013-09-08 19:46 - 00000000 ___RD () C:\Users\Mercy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-16 22:52 - 2013-06-28 10:07 - 00000000 ____D () C:\Users\Mercy\AppData\Local\Microsoft Help
2014-07-16 22:52 - 2013-04-03 18:34 - 00002111 _____ () C:\Users\Mercy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-07-16 22:52 - 2013-04-03 18:29 - 00000000 ____D () C:\Users\Mercy\AppData\Roaming\Macromedia
2014-07-16 22:08 - 2014-07-16 22:08 - 00000000 ____H () C:\Users\Fortis\Documents\Default.rdp
2014-07-16 08:16 - 2014-07-16 08:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2014-07-16 08:11 - 2014-07-16 08:11 - 00002002 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-07-16 00:01 - 2014-07-16 23:25 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-07-15 23:46 - 2014-07-15 23:46 - 00000000 ___RD () C:\Users\Fortis\SkyDrive
2014-07-15 23:41 - 2014-07-15 23:41 - 00000134 _____ () C:\Users\Fortis\Desktop\Internet Explorer Troubleshooting.url
2014-07-15 23:19 - 2014-07-15 23:20 - 58082952 _____ (Microsoft Corporation) C:\Users\Fortis\Downloads\EIE11_EN-US_MCM_WIN764.EXE
2014-07-15 23:14 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-15 23:14 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-15 23:14 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-15 23:14 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-15 23:14 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-15 23:01 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-15 23:01 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-15 23:01 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-15 23:01 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-15 23:01 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-15 23:01 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-15 23:01 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-15 23:01 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-15 23:01 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-15 23:01 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-15 23:01 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-15 23:01 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-15 23:01 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-15 23:01 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-15 23:01 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-15 23:01 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-15 23:01 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-15 23:01 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-15 23:01 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-15 23:01 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-11 06:33 - 2014-07-11 06:33 - 00000000 ____D () C:\34be4dada0abee508e5a0f3e0a
2014-07-09 16:07 - 2014-07-09 16:07 - 00000000 __SHD () C:\found.014
2014-07-08 14:28 - 2014-07-08 14:28 - 00000000 _____ () C:\Users\Fortis\Downloads\Support-LogMeInRescue(5).exe
2014-07-08 13:01 - 2014-07-08 13:01 - 00000000 ____D () C:\6f88305e220cb313096d9f4a6f1cf3af
2014-07-06 23:27 - 2014-07-06 23:27 - 00000000 ____D () C:\5796ec4a1a55f38d4c4b330edc309daa
2014-07-02 06:23 - 2014-07-02 06:23 - 00000000 ____D () C:\28c2c1fe6b54e5335b
2014-06-23 06:57 - 2014-06-23 06:57 - 00000000 __SHD () C:\found.013
2014-06-19 05:49 - 2014-06-19 05:49 - 00000000 ____D () C:\Windows\Temp2867B090-7C47-86B0-7235-176E5E85E61B-Signatures
2014-06-18 07:17 - 2014-06-18 07:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-07-18 00:08 - 2014-07-18 00:08 - 01682416 _____ (Malwarebytes Corporation) C:\Users\Blessed\Downloads\mbam-check-2.1.1.1001.exe
2014-07-18 00:08 - 2014-07-18 00:07 - 00011879 _____ () C:\Users\Blessed\Downloads\FRST.txt
2014-07-18 00:07 - 2014-07-18 00:07 - 02086912 _____ (Farbar) C:\Users\Blessed\Downloads\FRST64.exe
2014-07-18 00:07 - 2014-07-18 00:07 - 00000000 ____D () C:\FRST
2014-07-18 00:06 - 2014-07-18 00:06 - 01077248 _____ (Farbar) C:\Users\Blessed\Downloads\FRST.exe
2014-07-18 00:06 - 2013-04-03 18:12 - 01587170 _____ () C:\Windows\WindowsUpdate.log
2014-07-18 00:05 - 2013-12-14 19:56 - 00000000 ____D () C:\Program Files (x86)\ATTSplusPCMT
2014-07-18 00:05 - 2013-06-20 13:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-18 00:04 - 2014-07-18 00:04 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Adobe
2014-07-18 00:04 - 2014-07-18 00:04 - 00000000 ____D () C:\Users\Blessed\AppData\Local\Macromedia
2014-07-18 00:04 - 2013-04-03 18:20 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-07-18 00:03 - 2013-06-28 11:05 - 00066726 _____ () C:\Windows\setupact.log
2014-07-18 00:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-17 22:38 - 2009-07-14 00:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-17 22:38 - 2009-07-14 00:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-17 21:59 - 2014-07-17 21:59 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2014-07-17 21:59 - 2014-07-17 21:59 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Malwarebytes
2014-07-17 21:59 - 2014-07-17 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-07-17 21:59 - 2014-07-17 21:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-17 21:59 - 2014-07-17 21:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-17 21:58 - 2009-07-14 01:13 - 00005172 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-17 15:15 - 2013-04-03 18:20 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-07-17 03:01 - 2013-06-20 11:27 - 00002113 _____ () C:\Windows\epplauncher.mif
2014-07-16 23:25 - 2014-07-16 23:25 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\PwrMgr
2014-07-16 23:25 - 2014-07-16 00:01 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-07-16 23:25 - 2013-12-08 07:03 - 00038760 _____ () C:\Windows\IE11_main.log
2014-07-16 23:23 - 2014-07-16 23:22 - 58080904 _____ (Microsoft Corporation) C:\Users\Blessed\Downloads\EIE11_EN-US_WOL_WIN764.EXE
2014-07-16 23:21 - 2014-07-16 23:20 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Mozilla
2014-07-16 23:21 - 2014-07-16 23:20 - 00000000 ____D () C:\Users\Blessed\AppData\Local\Mozilla
2014-07-16 23:09 - 2014-07-16 23:09 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\LSC
2014-07-16 23:00 - 2013-04-03 18:29 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-07-16 22:59 - 2014-07-16 22:59 - 00109296 _____ () C:\Users\Blessed\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-16 22:59 - 2014-07-16 22:59 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Synaptics
2014-07-16 22:59 - 2014-07-16 22:59 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\Leadertech
2014-07-16 22:59 - 2014-07-16 22:59 - 00000000 ____D () C:\Users\Blessed\AppData\Local\Lenovo
2014-07-16 22:59 - 2014-07-16 22:59 - 00000000 _____ () C:\Users\Blessed\agent.log
2014-07-16 22:59 - 2014-07-16 22:58 - 00000000 ____D () C:\Users\Blessed
2014-07-16 22:58 - 2014-07-16 22:58 - 00000020 ___SH () C:\Users\Blessed\ntuser.ini
2014-07-16 22:58 - 2014-07-16 22:58 - 00000000 ____D () C:\Users\Blessed\AppData\Roaming\PCHC
2014-07-16 22:58 - 2014-07-16 22:58 - 00000000 ____D () C:\Users\Blessed\AppData\Local\VirtualStore
2014-07-16 22:53 - 2014-07-16 22:53 - 00109296 _____ () C:\Users\Mercy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 ____D () C:\Users\Mercy\AppData\Roaming\Synaptics
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 ____D () C:\Users\Mercy\AppData\Roaming\PwrMgr
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 ____D () C:\Users\Mercy\AppData\Roaming\Leadertech
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 ____D () C:\Users\Mercy\AppData\Local\Lenovo
2014-07-16 22:53 - 2014-07-16 22:53 - 00000000 _____ () C:\Users\Mercy\agent.log
2014-07-16 22:53 - 2014-07-16 22:52 - 00000000 ____D () C:\Users\Mercy
2014-07-16 22:52 - 2014-07-16 22:52 - 00000020 ___SH () C:\Users\Mercy\ntuser.ini
2014-07-16 22:52 - 2014-07-16 22:52 - 00000000 ____D () C:\Users\Mercy\AppData\Roaming\PCHC
2014-07-16 22:52 - 2014-07-16 22:52 - 00000000 ____D () C:\Users\Mercy\AppData\Local\VirtualStore
2014-07-16 22:08 - 2014-07-16 22:08 - 00000000 ____H () C:\Users\Fortis\Documents\Default.rdp
2014-07-16 08:16 - 2014-07-16 08:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2014-07-16 08:15 - 2014-02-20 17:43 - 00000000 ____D () C:\Users\Fortis\AppData\Roaming\LSC
2014-07-16 08:11 - 2014-07-16 08:11 - 00002002 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-07-16 08:11 - 2013-06-20 14:23 - 00000000 ____D () C:\Users\Fortis\AppData\Local\LSC
2014-07-16 08:11 - 2013-04-03 18:21 - 00000000 ____D () C:\Program Files\Lenovo
2014-07-16 08:11 - 2013-04-03 01:40 - 00000000 ____D () C:\ProgramData\Lenovo
2014-07-16 08:10 - 2013-04-03 18:29 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-07-16 03:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-07-16 03:20 - 2009-07-14 00:45 - 00416712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-16 03:19 - 2014-05-07 04:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-16 03:19 - 2011-12-08 16:43 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-16 03:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-16 03:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-16 03:03 - 2013-06-20 13:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-16 00:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-16 00:49 - 2013-09-18 03:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-15 23:46 - 2014-07-15 23:46 - 00000000 ___RD () C:\Users\Fortis\SkyDrive
2014-07-15 23:46 - 2013-06-20 14:06 - 00000000 ____D () C:\Users\Fortis
2014-07-15 23:44 - 2013-06-20 14:06 - 00002136 _____ () C:\Users\Fortis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-07-15 23:41 - 2014-07-15 23:41 - 00000134 _____ () C:\Users\Fortis\Desktop\Internet Explorer Troubleshooting.url
2014-07-15 23:20 - 2014-07-15 23:19 - 58082952 _____ (Microsoft Corporation) C:\Users\Fortis\Downloads\EIE11_EN-US_MCM_WIN764.EXE
2014-07-11 06:33 - 2014-07-11 06:33 - 00000000 ____D () C:\34be4dada0abee508e5a0f3e0a
2014-07-09 16:07 - 2014-07-09 16:07 - 00000000 __SHD () C:\found.014
2014-07-08 14:28 - 2014-07-08 14:28 - 00000000 _____ () C:\Users\Fortis\Downloads\Support-LogMeInRescue(5).exe
2014-07-08 13:01 - 2014-07-08 13:01 - 00000000 ____D () C:\6f88305e220cb313096d9f4a6f1cf3af
2014-07-07 06:22 - 2009-07-14 01:08 - 00032578 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-06 23:27 - 2014-07-06 23:27 - 00000000 ____D () C:\5796ec4a1a55f38d4c4b330edc309daa
2014-07-04 10:34 - 2013-12-14 19:40 - 00000000 ____D () C:\Users\Fortis\AppData\Local\LogMeIn Rescue Applet
2014-07-04 10:25 - 2014-06-14 07:25 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-07-04 10:25 - 2010-11-20 23:47 - 00604854 _____ () C:\Windows\PFRO.log
2014-07-02 06:23 - 2014-07-02 06:23 - 00000000 ____D () C:\28c2c1fe6b54e5335b
2014-06-29 22:09 - 2014-07-15 23:14 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 22:04 - 2014-07-15 23:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-26 17:40 - 2013-06-26 21:09 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-23 06:57 - 2014-06-23 06:57 - 00000000 __SHD () C:\found.013
2014-06-20 18:05 - 2013-04-03 18:28 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2014-06-19 05:49 - 2014-06-19 05:49 - 00000000 ____D () C:\Windows\Temp2867B090-7C47-86B0-7235-176E5E85E61B-Signatures
2014-06-18 13:48 - 2013-06-20 12:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 07:18 - 2014-06-18 07:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\IBM\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-16 01:26

==================== End Of Log ============================

 

Addition.txt

CheckResults.txt

Link to post
Share on other sites

  • Root Admin

Well you have at least some minor issues that would best be dealt with by scanning deeper for malware and some general cleanup.

 

You have this which personally I'd recommend removing as these type of applications are typically not needed:  PC SpeedBoost

 

You have some tasks that don't appear to have files associated to them so they should be removed.

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thanks

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.