Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Too many processes? Any assistance is appreciated...


  • This topic is locked This topic is locked
6 replies to this topic

#1 Tilt24

Tilt24

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 13 September 2012 - 08:05 AM

Hi there - so I'm a newbie and not sure I'm putting this request in the right place...I got a ThinkPad E530 recently and noticed that after random program/process removals and disables, I STILL have a lot going on that I'm pretty sure I don't need...

I've gone through the HiJackThis process and will paste the results here...if anyone can help out on what I need to get rid of, etc., it's much appreciated. ALSO - if this should be posted in another area of the forum, please advise, thanks!


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:55:32 AM, on 9/13/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\AuthenTec TrueSuite\x86\BioMonitor.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\tilton\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {09152f0b-739c-4dec-a245-1aa8a37594f1} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\tilton\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O3 - Toolbar: TrueSuite Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to WebSite-Watcher - C:\Users\tilton\AppData\Roaming\aignes\WebSite-Watcher\config\settings\wswie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
O16 - DPF: {C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} (MachineInfoActiveX.MachineInfoActiveX) - http://shop.lenovo.com/SEUILibrary/lenovo-portal/cab/autodetect/MachineInfo.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - AuthenTec, Inc - C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12889 bytes

BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:42 PM

Posted 16 September 2012 - 10:09 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

[*]Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: (no name) - {09152f0b-739c-4dec-a245-1aa8a37594f1} - (no file)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll (file missing)


Click on Fix Checked when finished and exit HijackThis.

Restart the computer normally.
===

The HijackThis tool is not ready for the 64 bit operating system. In your case I would like to see a final DDS Log.
I would remove HijackThis using the Add/Remove Programs list. The DDS tool should be used on your system from now on.


Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
    • DDS.scr <- not recommended if you use Chrome to download this .scr file. Use the other options.
    • DDS.pif
    • DDS.COM
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===

Please download AdwCleaner by Xplode onto your Desktop.

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
===

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Please post the logs for my review.

#3 Tilt24

Tilt24
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 18 September 2012 - 08:05 AM

Hey, thanks so much. I'm just now getting this and will have that info to you ASAP

#4 Tilt24

Tilt24
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 18 September 2012 - 10:23 AM

ok - here are all of them...THANKS AGAIN

from DDS:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by tilton at 8:08:55 on 2012-09-18
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7781.6100 [GMT -7:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Windows\system32\CxAudMsg64.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Windows\SysWOW64\SAsrv.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\AuthenTec TrueSuite\TouchControl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files\AuthenTec TrueSuite\x86\BioMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\rundll32.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
uInternet Settings,ProxyOverride = <local>
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DefaultTab Browser Helper: {7f6afbf1-e065-4627-a2fd-810366367d01} - C:\Users\tilton\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: TrueSuite Browser Helper Object: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Symantec VIP Access Add-On: {c63cd127-a1cb-4d49-a4f7-d6f88a917be6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
TB: TrueSuite Toolbar: {c98ee38d-21e4-4a50-907d-2b56fec7013e} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to WebSite-Watcher - C:\Users\tilton\AppData\Roaming\aignes\WebSite-Watcher\config\settings\wswie.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\Office10\EXCEL.EXE/3000
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
DPF: {C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} - hxxp://shop.lenovo.com/SEUILibrary/lenovo-portal/cab/autodetect/MachineInfo.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{33F9198B-73CD-4EDC-ACF8-16C6773D96C6} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{33F9198B-73CD-4EDC-ACF8-16C6773D96C6}\5465F402146334632413 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{33F9198B-73CD-4EDC-ACF8-16C6773D96C6}\7556374796E6D275966496 : DhcpNameServer = 4.2.2.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
IFEO: bluesoleil.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO: ccleaner64.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO: htcupctloader.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO: intelsmallbusinessadvantage.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO: privacyiconclient.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\tilton\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO-X64: DefaultTabBHO - No File
BHO-X64: TrueSuite Browser Helper Object: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
BHO-X64: TrueSuite Browser Helper Object - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO-X64: IEPlugin - No File
TB-X64: TrueSuite Toolbar: {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun-x64: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun-x64: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
mRun-x64: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun-x64: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IFEO-X64: bluesoleil.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO-X64: ccleaner64.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO-X64: htcupctloader.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO-X64: intelsmallbusinessadvantage.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO-X64: privacyiconclient.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]
R0 BtHidBus;Bluetooth HID Bus Service;C:\Windows\system32\Drivers\BtHidBus.sys --> C:\Windows\system32\Drivers\BtHidBus.sys [?]
R0 Fastboot;Fastboot;C:\Windows\system32\DRIVERS\Fastboot.sys --> C:\Windows\system32\DRIVERS\Fastboot.sys [?]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\system32\DRIVERS\iusb3hcs.sys --> C:\Windows\system32\DRIVERS\iusb3hcs.sys [?]
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys --> C:\Windows\system32\DRIVERS\NBVol.sys [?]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys --> C:\Windows\system32\DRIVERS\NBVolUp.sys [?]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\system32\DRIVERS\ApsHM64.sys --> C:\Windows\system32\DRIVERS\ApsHM64.sys [?]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]
R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 avgtp;avgtp;\??\C:\Windows\system32\drivers\avgtpx64.sys --> C:\Windows\system32\drivers\avgtpx64.sys [?]
R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2012-1-30 33344]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-9-7 44808]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-9-7 133912]
R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\system32\CxAudMsg64.exe --> C:\Windows\system32\CxAudMsg64.exe [?]
R2 FastbootService;FastbootService;C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2012-7-7 169776]
R2 FPLService;TrueSuiteService;C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2011-12-22 313672]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2012-3-26 101736]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2012-3-26 133992]
R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SASrv.exe [2012-7-7 446592]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2012-3-26 145256]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2012-3-26 144960]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-5-29 2143072]
R3 5U877;5U877;C:\Windows\system32\DRIVERS\5U877.sys --> C:\Windows\system32\DRIVERS\5U877.sys [?]
R3 BTCOM;Bluetooth Serial port driver;C:\Windows\system32\DRIVERS\btcomport.sys --> C:\Windows\system32\DRIVERS\btcomport.sys [?]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;C:\Windows\system32\Drivers\btcombus.sys --> C:\Windows\system32\Drivers\btcombus.sys [?]
R3 btnetBUs;Bluetooth PAN Bus Service;C:\Windows\system32\Drivers\btnetBus.sys --> C:\Windows\system32\Drivers\btnetBus.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys --> C:\Windows\system32\DRIVERS\iusb3hub.sys [?]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys --> C:\Windows\system32\DRIVERS\iusb3xhc.sys [?]
R3 IvtBtBUs;IVT Bluetooth Bus Service;C:\Windows\system32\Drivers\IvtBtBus.sys --> C:\Windows\system32\Drivers\IvtBtBus.sys [?]
R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\system32\DRIVERS\RtsP2Stor.sys --> C:\Windows\system32\DRIVERS\RtsP2Stor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-5-8 11856]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\system32\DRIVERS\Tvti2c.sys --> C:\Windows\system32\DRIVERS\Tvti2c.sys [?]
R3 tvtvcamd;ThinkVantage Virtual Camera;C:\Windows\system32\DRIVERS\tvtvcamd.sys --> C:\Windows\system32\DRIVERS\tvtvcamd.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-7 136176]
S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2012-2-2 145472]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [?]
S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-7-7 276248]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-7 136176]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2012-7-7 332272]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2012-7-7 1662528]
S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2012-7-7 1665088]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 DefaultTabUpdate;DefaultTabUpdate;C:\Users\tilton\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2012-8-8 107520]
S4 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2011-11-9 8447848]
S4 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-7-7 128280]
S4 Intel® Small Business Advantage;Intel® Small Business Advantage;C:\Program Files (x86)\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2012-7-7 49376]
S4 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-7-7 163608]
S4 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2012-7-7 58192]
S4 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-7-7 61264]
S4 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2012-7-7 175440]
S4 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040]
S4 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-7 363800]
S4 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-4-10 84080]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-09-18 06:29:58 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1733343-44AD-4408-9D5D-D90190F30385}\mpengine.dll
2012-09-13 23:25:26 -------- d-----w- C:\Users\tilton\AppData\Roaming\TraxsourceDownloader
2012-09-13 23:25:04 -------- d-----w- C:\Program Files (x86)\Traxsource Downloader
2012-09-13 14:37:53 -------- d-----w- C:\Users\tilton\AppData\Local\Nero_AG
2012-09-13 14:36:12 -------- d-----w- C:\Users\tilton\AppData\Local\Nero
2012-09-13 14:18:18 -------- d-----w- C:\ProgramData\Nero
2012-09-13 14:08:43 15920 ----a-w- C:\Windows\System32\drivers\NBVolUp.sys
2012-09-13 14:08:40 72240 ----a-w- C:\Windows\System32\drivers\NBVol.sys
2012-09-13 14:08:40 -------- d-----w- C:\Program Files (x86)\Nero
2012-09-13 14:08:35 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-13 14:07:51 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2012-09-13 14:07:47 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2012-09-13 14:07:43 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2012-09-13 14:07:39 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2012-09-13 14:07:35 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2012-09-13 14:07:31 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2012-09-13 14:07:27 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll
2012-09-13 14:07:23 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2012-09-12 12:49:53 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-12 12:49:53 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 12:49:48 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-12 12:49:48 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 12:49:48 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-12 12:49:47 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 12:49:47 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-07 23:02:23 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-08-27 22:51:49 -------- d-----w- C:\Program Files\CCleaner
2012-08-25 16:06:30 -------- d-----w- C:\Drivers
2012-08-23 21:17:06 -------- d-----w- C:\Users\tilton\AppData\Local\Akamai
2012-08-22 20:54:58 -------- d-----r- C:\Program Files (x86)\Skype
2012-08-19 23:37:16 -------- dc----w- C:\Users\tilton\AppData\Local\MigWiz
2012-08-19 23:34:13 -------- d-----w- C:\Users\tilton\AppData\Local\bluesoleil
2012-08-19 23:26:20 -------- d-----w- C:\Program Files (x86)\IVT Corporation
2012-08-19 17:43:04 -------- d-----w- C:\Program Files (x86)\LG Electronics
.
==================== Find3M ====================
.
2012-09-04 00:02:13 31080 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2012-08-21 09:13:13 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-08-21 09:13:12 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-21 09:13:12 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-08-21 09:13:12 266776 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
2012-08-21 09:13:11 19600 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2012-08-21 09:13:11 142128 ----a-w- C:\Windows\System32\drivers\aswFW.sys
2012-08-21 09:12:33 41224 ----a-w- C:\Windows\avastSS.scr
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-13 10:47:42 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys
2012-07-07 16:27:08 0 ----a-w- C:\Windows\SysWow64\dlumd9.dll
2012-07-07 16:27:08 0 ----a-w- C:\Windows\SysWow64\dlumd11.dll
2012-07-07 16:27:08 0 ----a-w- C:\Windows\SysWow64\dlumd10.dll
2012-07-07 16:27:08 0 ----a-w- C:\Windows\System32\dlumd9.dll
2012-07-07 16:27:08 0 ----a-w- C:\Windows\System32\dlumd11.dll
2012-07-07 16:27:08 0 ----a-w- C:\Windows\System32\dlumd10.dll
2012-07-07 16:10:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-07-07 16:10:08 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-07-07 16:10:00 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-07-07 16:10:00 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-07-07 16:09:49 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-07-07 16:09:49 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-07-07 16:09:49 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-07-07 16:09:49 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-07-07 16:09:49 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-07-07 16:09:49 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-07-07 16:09:49 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-07-07 16:09:34 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-07-07 16:09:26 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-07-07 16:09:26 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-07-07 16:08:54 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-07-07 16:08:54 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-07-07 16:08:33 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-07-07 16:08:33 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-07-07 16:08:13 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-07-07 16:08:13 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-07-07 16:08:04 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-07-07 16:08:04 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-07-07 16:08:04 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-07-07 16:07:55 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2012-07-07 16:07:48 723456 ----a-w- C:\Windows\System32\EncDec.dll
2012-07-07 16:07:48 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2012-07-07 16:07:34 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2012-07-07 16:07:34 229888 ----a-w- C:\Windows\System32\wwansvc.dll
2012-07-06 20:07:42 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-25 23:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
.
============= FINISH: 8:09:42.38 ===============


from AdwCleaner:


# AdwCleaner v2.002 - Logfile created 09/18/2012 at 08:12:28
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : tilton - TILTON-THINK
# Boot Mode : Normal
# Running from : C:\Users\tilton\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\tilton\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\tilton\AppData\Local\Conduit
Folder Deleted : C:\Users\tilton\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\tilton\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\tilton\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\tilton\AppData\Roaming\Babylon
Folder Deleted : C:\Users\tilton\AppData\Roaming\DefaultTab

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\tilton\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.12] : homepage = "hxxps://isearch.avg.com/?cid={E9492291-EF75-446A-8C02-18D7B93F393C}&mid=dcedc691d44c47d083a869c1a5d756c5-a3fdaa35572cf81df7854f907ed82db80d6ef20b&lang=en&ds=gl011&pr=sa&d=2012-08-15 10:52:27&v=12.2.0.5&sap=hp",
Deleted [l.1621] : homepage = "hxxps://isearch.avg.com/?cid={E9492291-EF75-446A-8C02-18D7B93F393C}&mid=dcedc691d44c47d083a869c1a5d756c5-a3fdaa35572cf81df7854f907ed82db80d6ef20b&lang=en&ds=gl011&pr=sa&d=2012-08-15 10:52:27&v=12.2.0.5&sap=hp",

*************************

AdwCleaner[S1].txt - [7853 octets] - [18/09/2012 08:12:28]

########## EOF - C:\AdwCleaner[S1].txt - [7913 octets] ##########


from Security Check:


Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
avast! Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2012
TuneUp Utilities Language Pack (en-US)
Adobe Reader X (10.1.4)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 6%
````````````````````End of Log``````````````````````

#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:42 PM

Posted 18 September 2012 - 12:44 PM

Your logs are clean.

What are you current issues with this computer?

#6 Tilt24

Tilt24
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 19 September 2012 - 09:38 AM

Hi, thanks again -- I downloaded a couple of programs that I was unsure of and didn't know if they loaded any programs, etc., that I didn't want (plus there seemed to be a lot of bloatware)...the computer itself seems fine, but after looking at a lot of processes and not knowing what they were, I just wanted to make sure that my system was as clean as possible. Apologies if I made it seem like there was currently something wrong - just wanted to try to make sure nothing GOES wrong. Much appreciated again..

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:42 PM

Posted 19 September 2012 - 10:03 AM

If all is well:

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

To remove AdwCleaner.

Please double click on adwcleaner.exe to run the tool.
Click on Uninstall.
Confirm with Yes.

Delete the other tools we used.

Surf Safely, and Think Prevention!
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users