Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Dropbox & I E do not connect; Skype not recognize webcam; cut and paste not fncn


  • This topic is locked This topic is locked
81 replies to this topic

#1 zoo55

zoo55

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 04 March 2014 - 09:01 AM

Lenovo A7 touch screen i5 running win7/64, avast antivirus,  About 6 months ago, lost the ability to cut and paste files among directories.   I Googled the problem and found lots of solutions not at all relevant to me.  sigh.  A pain, but sort of livable-with.   Now in the space of 2 days, Skype wont recognize my webcam and dropbox and Internet Explorer both do not think I am connected to the internet at all.  I have done the standard reinstall / update programs, uninstall/reinstall drivers on Device Manager.  Malwarebytes scan ok.  Dropbox forum helper thought it might be avast antivirus, but I disabled that and still no joy.   Could not run F Scan at all. I think that the problem started when I tried to download some screen capture freeware.  I've cleaned out as much as I can, but still no joy.

 

You will also see from the logs that K9 is installed.  However, it is not working now.  I uninstalled/reinstalled IE 11 two days ago, and when I did that K9 deactivated itself.

 

Help?  Thanks!

 

DDS Logs below.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by DZV at 21:34:03 on 2014-03-04
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8156.5045 [GMT 8:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\EscSvc64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Windows\System32\spool\drivers\x64\3\E_YATII2E.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Windows\SysWOW64\C2MP\TrayMenu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\Lenovo BrgVolOSD\BrgVolOSD.exe
C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files\tixati\tixati.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
uSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Adobe Reader Synchronizer] "C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATII2E.EXE /EPT "EPLTarget\P0000000000000000" /M "L210 Series"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [OSD Utility] C:\Program Files (x86)\Lenovo\Lenovo BrgVolOSD\BrgVolOSD.exe
mRun: [Lenovo Silver Silk Wireless Keyboard] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [TMCMonitor] "C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe"
mRun: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [Fastboot] "C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe"
mRun: [SetDefaultSCR] C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [iTunesHelper] "C:\Program Files\Itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
StartupFolder: C:\Users\DZV\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\DZV\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TrayMenu.lnk - C:\Windows\SysWOW64\C2MP\TrayMenu.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
LSP: C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 202.156.1.16 218.186.2.16 218.186.2.6
TCP: Interfaces\{5D3FB8F2-D910-4990-AEE9-BE04E3F4DACD} : DHCPNameServer = 203.116.1.94 203.116.254.150
TCP: Interfaces\{C747F795-FA75-4FE1-83E8-9EDD3D401EEC} : DHCPNameServer = 202.156.1.16 218.186.2.16 218.186.2.6
TCP: Interfaces\{E21E8972-862C-4169-87AC-3A582F898164} : DHCPNameServer = 202.156.1.16 218.186.2.16 218.186.2.6
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Shopping Helper SmartbarEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - 
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Shopping Helper Smartbar: {ae07101b-46d4-4a98-af68-0333ea26e113} - 
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 
x64-Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - 
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - 
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-5 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-5 207904]
R0 Fastboot;Fastboot;C:\Windows\System32\drivers\Fastboot.sys [2012-6-25 71440]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-8 16152]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-25 30056]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-3-5 1038072]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-3-5 421704]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-3-5 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-9 50344]
R2 bckd;bckd;C:\Windows\System32\drivers\bckd.sys [2013-3-1 127216]
R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2013-3-1 2649840]
R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [2013-8-26 151648]
R2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [2012-10-29 653888]
R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2013-5-5 135824]
R2 FastbootService;FastbootService;C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe [2012-6-25 169776]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-25 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-9 607456]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-6-25 128280]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-6-25 161560]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-2-12 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-2-21 1141336]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-2-12 23552]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-25 363800]
R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-12 80184]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2012-1-11 31216]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-8 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-8 787736]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-6-25 257128]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-25 565352]
S2 CLKMSVC10_3A60B698;CyberLink Product - 2012/06/24 15:00:21;C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [2011-4-21 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-1-23 4915040]
S3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2012-6-25 620584]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-6-25 39976]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-5-14 103064]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-3-27 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-3-27 9800]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-25 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-3 111616]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-9-10 22528]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\rtwlanu.sys [2012-6-25 1094248]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-5-14 203672]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-3 1255736]
S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2009-7-22 121840]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-03-04 02:33:08 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0FD0182-AB15-46D8-B872-DA37875CFA16}\offreg.dll
2014-03-03 12:34:03 -------- d-----w- C:\ProgramData\boost_interprocess
2014-03-02 19:00:59 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-28 10:04:54 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0FD0182-AB15-46D8-B872-DA37875CFA16}\mpengine.dll
2014-02-28 07:12:47 -------- d-----w- C:\Program Files (x86)\ESET
2014-02-28 07:05:15 -------- d-----w- C:\Windows\ERUNT
2014-02-28 07:00:10 -------- d-----w- C:\AdwCleaner
2014-02-27 14:02:27 -------- d-----r- C:\Program Files (x86)\Skype
2014-02-27 12:29:42 -------- d-----w- C:\Users\DZV\AppData\Roaming\DropboxMaster
2014-02-27 12:22:50 -------- d-----w- C:\Users\DZV\AppData\Roaming\Dropbox
2014-02-26 15:06:19 -------- d-----w- C:\Windows\Migration
2014-02-23 05:49:28 -------- d-----w- C:\Users\DZV\AppData\Local\Skype
2014-02-20 16:28:50 -------- d-----w- C:\Users\DZV\AppData\Roaming\RealNetworks
2014-02-20 16:28:19 -------- d-----w- C:\ProgramData\RealNetworks
2014-02-20 16:28:19 -------- d-----w- C:\Program Files (x86)\RealNetworks
2014-02-20 16:28:09 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2014-02-20 15:37:07 -------- d-----w- C:\Users\DZV\AppData\Roaming\Hensense.com
2014-02-20 15:37:03 -------- d-----w- C:\Program Files (x86)\Hensence.com
2014-02-20 15:16:49 -------- d-----w- C:\Users\DZV\AppData\Roaming\WMBrowser
2014-02-20 13:16:36 20472 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\TeamViewer_PrintProcessor.dll
2014-02-19 11:59:31 -------- d-----w- C:\Program Files (x86)\Moffsoft FreeCalc
2014-02-12 09:04:55 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-12 09:04:55 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-12 09:04:55 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-12 09:04:55 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-08 14:16:52 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-08 14:08:19 -------- d-----w- C:\Program Files\iPod
2014-02-08 14:08:18 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-08 14:08:18 -------- d-----w- C:\Program Files\iTunes
.
==================== Find3M  ====================
.
2014-02-21 04:26:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 04:26:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-20 16:27:54 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-02-09 02:41:57 80184 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-02-09 02:41:57 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-02-09 02:41:57 1038072 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-02-09 02:41:56 43152 ----a-w- C:\Windows\avastSS.scr
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-01-12 12:58:54 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-17 22:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-06 02:02:08 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
.
============= FINISH: 21:34:21.98 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 3/3/2013 4:02:03 PM
System Uptime: 3/3/2014 3:17:54 AM (42 hours ago)
.
Motherboard: LENOVO |  | ChiefRiver
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz | SOCKET 0 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 19.993 GiB free.
D: is FIXED (NTFS) - 576 GiB total, 434.342 GiB free.
F: is CDROM ()
G: is FIXED (NTFS) - 1863 GiB total, 413.941 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek RTL8188CUS Wireless LAN 802.11n USB Slim Solo
Device ID: USB\VID_0BDA&PID_819A\00E04C000001
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8188CUS Wireless LAN 802.11n USB Slim Solo
PNP Device ID: USB\VID_0BDA&PID_819A\00E04C000001
Service: RTL8192cu
.
==== System Restore Points ===================
.
RP207: 3/3/2014 3:00:32 AM - Windows Update
.
==== Installed Programs ======================
.
??????? Windows Live Mesh ActiveX ??(????)
??????? Windows Live Mesh ActiveX ???
7-Zip 9.20 (x64 edition)
AceMoney
Adobe Flash Player 12 ActiveX
Adobe Reader XI (11.0.06)
AngryBirds
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio Paint
Audacity 2.0.3
avast! Free Antivirus
Bing Maps 3D
Blue Coat K9 Web Protection
Bonjour
Canon MP250 series MP Drivers
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CopyTrans Suite Remove Only
Curling
CutePDF Writer 3.0
D3DX10
Dolby Home Theater v4
Driver & Application Installation
Dropbox
EaseUS Partition Master 9.2.1 Home Edition
EasyCleaner
Epson Customer Research Participation
Epson Event Manager
EPSON L210 Series Printer Uninstall
EPSON Scan
Epson User's Guide L210 Series
Extended Asian Language font pack for Adobe Reader XI
Firework
FormatFactory 3.0.1
Fruit Ninja
Funny Cube
Game Portal
Google Chrome
Google Earth
Google Update Helper
GPL Ghostscript
GPL Ghostscript 8.54
GPL Ghostscript Fonts
Happy Hit
HMA! Pro VPN 2.8.1.10
iCloud
Idea Touch 4.5
ImgBurn
Intel® Control Center
Intel® Manageability Engine Firmware Recovery Agent
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
IrfanView (remove only)
iTunes
Java 7 Update 51
Java Auto Updater
Junk Mail filter update
K-Lite Codec Pack 9.9.5 (64-bit)
LAME v3.99.3 (for Windows)
Lenovo Bluetooth with Enhanced Data Rate Software
Lenovo BrgVolOSD
Lenovo Camera Fun Zone
Lenovo EBook&QuickNotes
Lenovo Power2Go
Lenovo PowerDVD10
Lenovo Registration
Lenovo Rescue System
Lenovo Screensaver
Lenovo Silver Silk Wireless Keyboard
Lenovo VeriTouch 
Lenovo VeriTouch2.0
Lenovo YouCam
LenovoModifyWindowStyle
LenovoUtility version 1.0
Link Up
LVT
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft XNA Framework Redistributable 3.0
Moffsoft FreeCalc
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MT2OFX V3.5.37
Music Star
MyFreeCodec
NVIDIA Control Panel 307.21
NVIDIA Graphics Driver 307.21
NVIDIA HD Audio Driver 1.2.24.0
NVIDIA Install Application
NVIDIA Optimus 1.10.8
NVIDIA PhysX
NVIDIA PhysX System Software 9.11.0621
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenAL
PDF Split And Merge Basic
PowerCinema
QuickTime
Rapidboot Advanced
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
RealUpgrade 1.1
Revo Uninstaller 1.95
Samsung i-Launcher 1.0.1.28
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
ScreenRecorder
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition 
Skype Click to Call
Skype™ 6.14
Snowflake Suite
StreamTorrent 1.0
TaxACT 2010
TaxACT 2011 - 1040 Edition
TaxACT 2012 - 1040 Edition
TeamViewer 9
ThemeWallpaper
Tixati
Tool Portal
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UpdateService
VLC Codec Pack 2.0.5
VLC media player 2.1.0
VoiceOver Kit
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series x64 Edition
.
==== Event Viewer Messages From Past Week ========
.
3/4/2014 10:06:41 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
3/3/2014 3:19:03 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 9 service to connect.
3/3/2014 3:19:03 AM, Error: Service Control Manager [7000]  - The TeamViewer 9 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
3/3/2014 12:57:22 AM, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
.
==== End Of File ===========================
 

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,669 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:31 PM

Posted 09 March 2014 - 09:05 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/526460 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 11 March 2014 - 08:17 AM

DDS logs below.  I would have zipped and attached but do not see a way to do that in reply box.
 
Thanks!
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by DZV at 21:12:43 on 2014-03-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8156.5787 [GMT 8:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\Windows\System32\spool\drivers\x64\3\E_YATII2E.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\SysWOW64\C2MP\TrayMenu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files (x86)\Lenovo\Lenovo BrgVolOSD\BrgVolOSD.exe
C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\system32\EscSvc64.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Adobe Reader Synchronizer] "C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATII2E.EXE /EPT "EPLTarget\P0000000000000000" /M "L210 Series"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [OSD Utility] C:\Program Files (x86)\Lenovo\Lenovo BrgVolOSD\BrgVolOSD.exe
mRun: [Lenovo Silver Silk Wireless Keyboard] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [TMCMonitor] "C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe"
mRun: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [Fastboot] "C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe"
mRun: [SetDefaultSCR] C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [iTunesHelper] "C:\Program Files\Itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
StartupFolder: C:\Users\DZV\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\DZV\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TrayMenu.lnk - C:\Windows\SysWOW64\C2MP\TrayMenu.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
LSP: C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 202.156.1.16 218.186.2.16 218.186.2.6
TCP: Interfaces\{5D3FB8F2-D910-4990-AEE9-BE04E3F4DACD} : DHCPNameServer = 203.116.1.94 203.116.254.150
TCP: Interfaces\{C747F795-FA75-4FE1-83E8-9EDD3D401EEC} : DHCPNameServer = 202.156.1.16 218.186.2.16 218.186.2.6
TCP: Interfaces\{E21E8972-862C-4169-87AC-3A582F898164} : DHCPNameServer = 202.156.1.16 218.186.2.16 218.186.2.6
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Shopping Helper SmartbarEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - 
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Shopping Helper Smartbar: {ae07101b-46d4-4a98-af68-0333ea26e113} - 
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 
x64-Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - 
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - 
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-5 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-5 207904]
R0 Fastboot;Fastboot;C:\Windows\System32\drivers\Fastboot.sys [2012-6-25 71440]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-8 16152]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-25 30056]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-3-5 1038072]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-3-5 421704]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-3-5 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-9 50344]
R2 bckd;bckd;C:\Windows\System32\drivers\bckd.sys [2013-3-1 127216]
R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2013-3-1 2649840]
R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [2013-8-26 151648]
R2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [2012-10-29 653888]
R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2013-5-5 135824]
R2 FastbootService;FastbootService;C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe [2012-6-25 169776]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-25 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-9 607456]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-6-25 128280]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-6-25 161560]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-2-12 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-2-21 1141336]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-2-12 23552]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-1-23 4915040]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-25 363800]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2012-1-11 31216]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-8 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-8 787736]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-6-25 257128]
S2 CLKMSVC10_3A60B698;CyberLink Product - 2012/06/24 15:00:21;C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [2011-4-21 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-12 80184]
S3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2012-6-25 620584]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-6-25 39976]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-5-14 103064]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-3-27 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-3-27 9800]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-25 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-3 111616]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-9-10 22528]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-25 565352]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\rtwlanu.sys [2012-6-25 1094248]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-5-14 203672]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-3 1255736]
S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2009-7-22 121840]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-03-11 12:45:06 -------- d-----w- C:\Users\DZV\AppData\Roaming\DropboxMaster
2014-03-11 12:44:29 -------- d-----w- C:\Users\DZV\AppData\Roaming\Dropbox
2014-03-11 10:40:51 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D0DBEDDA-3CBC-48DD-8811-AC48E9C19A12}\mpengine.dll
2014-03-10 15:31:00 -------- d-----w- C:\Users\DZV\AppData\Local\{9BF0A51B-BD75-4C44-A63F-7B2013D5E242}
2014-03-10 14:03:21 -------- d-----w- C:\Users\DZV\AppData\Local\{459F126D-1E72-4381-BC1C-9BE7926B6A14}
2014-03-08 06:53:15 -------- d-----w- C:\Users\DZV\AppData\Roaming\Saba
2014-03-08 06:53:12 -------- d-----w- C:\Users\DZV\AppData\Roaming\Centra
2014-03-03 12:34:03 -------- d-----w- C:\ProgramData\boost_interprocess
2014-03-02 19:00:59 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-28 07:12:47 -------- d-----w- C:\Program Files (x86)\ESET
2014-02-28 07:05:15 -------- d-----w- C:\Windows\ERUNT
2014-02-28 07:00:10 -------- d-----w- C:\AdwCleaner
2014-02-27 14:02:27 -------- d-----r- C:\Program Files (x86)\Skype
2014-02-26 15:06:19 -------- d-----w- C:\Windows\Migration
2014-02-23 05:49:28 -------- d-----w- C:\Users\DZV\AppData\Local\Skype
2014-02-20 16:28:50 -------- d-----w- C:\Users\DZV\AppData\Roaming\RealNetworks
2014-02-20 16:28:19 -------- d-----w- C:\ProgramData\RealNetworks
2014-02-20 16:28:19 -------- d-----w- C:\Program Files (x86)\RealNetworks
2014-02-20 16:28:09 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2014-02-20 15:37:07 -------- d-----w- C:\Users\DZV\AppData\Roaming\Hensense.com
2014-02-20 15:37:03 -------- d-----w- C:\Program Files (x86)\Hensence.com
2014-02-20 15:16:49 -------- d-----w- C:\Users\DZV\AppData\Roaming\WMBrowser
2014-02-20 13:16:36 20472 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\TeamViewer_PrintProcessor.dll
2014-02-19 11:59:31 -------- d-----w- C:\Program Files (x86)\Moffsoft FreeCalc
2014-02-12 09:04:55 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-12 09:04:55 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-12 09:04:55 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-12 09:04:55 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
.
==================== Find3M  ====================
.
2014-02-21 04:26:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 04:26:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-20 16:27:54 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-02-09 02:41:57 80184 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-02-09 02:41:57 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-02-09 02:41:57 1038072 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-02-09 02:41:56 43152 ----a-w- C:\Windows\avastSS.scr
2014-02-08 14:16:48 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-01-12 12:58:54 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-17 22:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 21:13:12.00 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 3/3/2013 4:02:03 PM
System Uptime: 3/11/2014 9:00:36 PM (0 hours ago)
.
Motherboard: LENOVO |  | ChiefRiver
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz | SOCKET 0 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 21.328 GiB free.
D: is FIXED (NTFS) - 576 GiB total, 437.606 GiB free.
F: is CDROM ()
G: is FIXED (NTFS) - 1863 GiB total, 406.463 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_362B17AA&REV_07\4&1E2F0696&0&00E1
Manufacturer: Realtek
Name: Realtek PCIe GBE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_362B17AA&REV_07\4&1E2F0696&0&00E1
Service: RTL8167
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek RTL8188CUS Wireless LAN 802.11n USB Slim Solo
Device ID: USB\VID_0BDA&PID_819A\00E04C000001
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8188CUS Wireless LAN 802.11n USB Slim Solo
PNP Device ID: USB\VID_0BDA&PID_819A\00E04C000001
Service: RTL8192cu
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
??????? Windows Live Mesh ActiveX ??(????)
??????? Windows Live Mesh ActiveX ???
7-Zip 9.20 (x64 edition)
AceMoney
Adobe Flash Player 12 ActiveX
Adobe Reader XI (11.0.06)
AngryBirds
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio Paint
Audacity 2.0.3
avast! Free Antivirus
Bing Maps 3D
Blue Coat K9 Web Protection
Bonjour
Canon MP250 series MP Drivers
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CopyTrans Suite Remove Only
Curling
CutePDF Writer 3.0
D3DX10
Dolby Home Theater v4
Driver & Application Installation
Dropbox
EaseUS Partition Master 9.2.1 Home Edition
EasyCleaner
Epson Customer Research Participation
Epson Event Manager
EPSON L210 Series Printer Uninstall
EPSON Scan
Epson User's Guide L210 Series
Extended Asian Language font pack for Adobe Reader XI
Firework
FormatFactory 3.0.1
Fruit Ninja
Funny Cube
Game Portal
Google Chrome
Google Earth
Google Update Helper
GPL Ghostscript
GPL Ghostscript 8.54
GPL Ghostscript Fonts
Happy Hit
HMA! Pro VPN 2.8.1.10
iCloud
Idea Touch 4.5
ImgBurn
Intel® Control Center
Intel® Manageability Engine Firmware Recovery Agent
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
IrfanView (remove only)
iTunes
Java 7 Update 51
Java Auto Updater
Junk Mail filter update
K-Lite Codec Pack 9.9.5 (64-bit)
LAME v3.99.3 (for Windows)
Lenovo Bluetooth with Enhanced Data Rate Software
Lenovo BrgVolOSD
Lenovo Camera Fun Zone
Lenovo EBook&QuickNotes
Lenovo Power2Go
Lenovo PowerDVD10
Lenovo Registration
Lenovo Rescue System
Lenovo Screensaver
Lenovo Silver Silk Wireless Keyboard
Lenovo VeriTouch 
Lenovo VeriTouch2.0
Lenovo YouCam
LenovoModifyWindowStyle
LenovoUtility version 1.0
Link Up
LVT
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft XNA Framework Redistributable 3.0
Moffsoft FreeCalc
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MT2OFX V3.5.37
Music Star
MyFreeCodec
NVIDIA Control Panel 307.21
NVIDIA Graphics Driver 307.21
NVIDIA HD Audio Driver 1.2.24.0
NVIDIA Install Application
NVIDIA Optimus 1.10.8
NVIDIA PhysX
NVIDIA PhysX System Software 9.11.0621
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenAL
PDF Split And Merge Basic
PowerCinema
QuickTime
Rapidboot Advanced
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
RealUpgrade 1.1
Revo Uninstaller 1.95
Samsung i-Launcher 1.0.1.28
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
ScreenRecorder
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition 
Skype Click to Call
Skype™ 6.14
Snowflake Suite
StreamTorrent 1.0
TaxACT 2010
TaxACT 2011 - 1040 Edition
TaxACT 2012 - 1040 Edition
TeamViewer 9
ThemeWallpaper
Tixati
Tool Portal
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UpdateService
VLC Codec Pack 2.0.5
VLC media player 2.1.0
VoiceOver Kit
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series x64 Edition
.
==== Event Viewer Messages From Past Week ========
.
3/9/2014 8:00:52 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
3/9/2014 11:36:13 PM, Error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/11/2014 8:46:41 PM, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
.
==== End Of File ===========================
 


#4 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 11 March 2014 - 08:19 AM

PS no DVD/CD available.  (Thanks,  Lenovo!)



#5 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 11 March 2014 - 08:24 AM

Just before dds scan, I uninstalled and reinstalled dropbox - no joy, same problem as always.  Also, more detail on IE - When I type in the search bar, for every page it says, "This page cannot be displayed" and asks me to make sure "www.microsoft.com" is the right address.  Chrome works fine.  Still no luck with Skype webcam, either.  I also have a toshiba notebook with the exact same programs on it, and all is right with that world.



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,804 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:31 AM

Posted 13 March 2014 - 07:08 PM

Greetings zoo55 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 15 March 2014 - 08:07 AM

Gary,

 

Below are the two log files.  Thanks for your help!  As I think about the problem, it may be a router issue?  Also, before I ran the dds I posted here I was working with the drobbox forum help.   They looked at one of the access logs and saw a number of "access denied" entries referring to the location where dropbox is located, and asked me to check if there was some firewall or other security blocking.  I checked avast, windows firewall and my router and everything afaik is open.  FYI.

 

David

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by DZV (administrator) on LENOVO on 15-03-2014 21:01:06
Running from C:\Users\DZV\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII2E.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Quanta Computer Inc.) C:\Program Files (x86)\Lenovo\Lenovo BrgVolOSD\BrgVolOSD.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
() C:\Windows\SysWOW64\C2MP\TrayMenu.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
() C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [OSD Utility] - C:\Program Files (x86)\Lenovo\Lenovo BrgVolOSD\BrgVolOSD.exe [18275840 2012-03-16] (Quanta Computer Inc.)
HKLM-x32\...\Run: [Lenovo Silver Silk Wireless Keyboard] - C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe [391680 2011-11-22] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [TMCMonitor] - C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe [53248 2009-11-10] ()
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-01-11] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [230696 2012-01-11] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-14] (Lenovo, Inc.)
HKLM-x32\...\Run: [Fastboot] - C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe [1251120 2012-03-02] (Lenovo)
HKLM-x32\...\Run: [SetDefaultSCR] - C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe [102400 2009-12-31] (Lenovo)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-09] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files\Itunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520 2014-02-21] (RealNetworks, Inc.)
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Run: [Adobe Reader Synchronizer] - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [698760 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-14] (Samsung)
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII2E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Policies\Explorer: [NoDrives] 0x00000002
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\MountPoints2: {dca8f7a3-000b-11e3-b49f-047d7bf54706} - H:\iLinker.exe
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...0c966feabec1\InprocServer32: [Default-shell32]  ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-12199940-82188221-3316144088-1001\...\RunOnce: [themeset] - C:\Users\Default\AppData\Local\lenovo\SetWindow.exe [354816 2011-07-12] (Lenovo)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\DZV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\DZV\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Shopping Helper SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 02 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 03 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 04 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 05 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 17 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Tcpip\Parameters: [DhcpNameServer] 202.156.1.16 218.186.2.16 218.186.2.6
 
Chrome: 
=======
CHR HomePage: hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShopHelp&co=SG&userid=5e0fe572-5140-f682-5bba-c377598b3668&searchtype=hp&installDate=12/10/2013
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\Itunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (RealPlayer Downloader) - C:\Users\DZV\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-02-21]
CHR Extension: (SaveFrom.net helper) - C:\Users\DZV\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl [2013-10-06]
CHR Extension: (Google Wallet) - C:\Users\DZV\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (WebSite Recommendation) - C:\Users\DZV\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj [2013-09-14]
CHR Extension: (LogMeIn) - C:\Users\DZV\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-10-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-02-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-02-12]
 
==================== Services (Whitelisted) =================
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-09] (AVAST Software)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2649840 2013-03-01] (Blue Coat Systems, Inc.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [1084192 2011-12-15] (Broadcom Corporation.)
S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-21] (CyberLink)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [653888 2013-10-10] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe [169776 2012-03-02] (Lenovo)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [34528 2013-04-24] (The OpenVPN Project)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-02-12] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141336 2014-02-21] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-02-12] ()
S4 wlcrasvc; C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-22] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corp.)
 
==================== Drivers (Whitelisted) ====================
 
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-12] ()
R2 bckd; C:\Windows\System32\drivers\bckd.sys [127216 2013-03-01] (Blue Coat Systems, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2012-12-21] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2012-12-21] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2012-12-21] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2012-12-21] ()
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [71440 2012-03-02] (Windows ® Win 7 DDK provider)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [257128 2011-09-02] (Realtek Semiconductor Corp.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1094248 2011-12-30] (Realtek Semiconductor Corporation                           )
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-15 21:01 - 2014-03-15 21:01 - 00022995 _____ () C:\Users\DZV\Downloads\FRST.txt
2014-03-15 21:00 - 2014-03-15 21:01 - 00000000 ____D () C:\FRST
2014-03-15 21:00 - 2014-03-15 21:00 - 02157056 _____ (Farbar) C:\Users\DZV\Downloads\FRST64.exe
2014-03-13 00:52 - 2014-03-13 00:52 - 00000000 ____D () C:\Users\DZV\AppData\Local\Apps\2.0
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Users\DZV\AppData\Local\{F6D35C1E-62F2-49ED-A02B-08F75CFC080A}
2014-03-12 13:17 - 2014-03-01 14:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 13:17 - 2014-03-01 13:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 13:17 - 2014-03-01 13:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 13:17 - 2014-03-01 12:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 13:17 - 2014-03-01 12:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 13:17 - 2014-03-01 12:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 13:17 - 2014-03-01 12:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 13:17 - 2014-03-01 12:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 13:17 - 2014-03-01 12:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 13:17 - 2014-03-01 12:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 13:17 - 2014-03-01 12:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 13:17 - 2014-03-01 12:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 13:17 - 2014-03-01 12:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 13:17 - 2014-03-01 12:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 13:17 - 2014-03-01 12:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 13:17 - 2014-03-01 12:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 13:17 - 2014-03-01 12:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 13:17 - 2014-03-01 11:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 13:17 - 2014-03-01 11:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 13:17 - 2014-03-01 11:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 13:17 - 2014-03-01 11:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 13:17 - 2014-03-01 11:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 13:17 - 2014-03-01 11:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 13:17 - 2014-03-01 11:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 13:17 - 2014-03-01 11:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 13:17 - 2014-03-01 11:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 13:17 - 2014-03-01 11:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 13:17 - 2014-03-01 11:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 13:17 - 2014-03-01 11:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 13:17 - 2014-03-01 11:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 13:17 - 2014-03-01 11:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 13:17 - 2014-03-01 11:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 13:17 - 2014-03-01 11:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 13:17 - 2014-03-01 11:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 13:17 - 2014-03-01 10:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 13:17 - 2014-03-01 10:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 13:17 - 2014-03-01 10:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 13:17 - 2014-03-01 10:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 13:17 - 2014-03-01 10:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 13:17 - 2014-03-01 10:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 13:17 - 2014-02-07 09:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 13:17 - 2014-01-29 10:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 13:17 - 2014-01-29 10:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 13:17 - 2014-01-28 10:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 12:51 - 2014-02-04 10:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 12:51 - 2014-02-04 10:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 12:51 - 2014-02-04 10:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 12:51 - 2014-02-04 10:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 02:51 - 2014-03-12 02:51 - 00000000 ____D () C:\Users\DZV\AppData\Local\{DCA44188-1B59-4A61-90A8-36C95AEC2248}
2014-03-11 21:13 - 2014-03-11 21:13 - 00025197 _____ () C:\Users\DZV\Desktop\dds.txt
2014-03-11 21:13 - 2014-03-11 21:13 - 00010930 _____ () C:\Users\DZV\Desktop\attach.txt
2014-03-11 21:11 - 2014-03-11 21:11 - 00688992 ____R (Swearware) C:\Users\DZV\Downloads\dds.com
2014-03-11 20:45 - 2014-03-11 20:45 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\DropboxMaster
2014-03-11 20:44 - 2014-03-11 20:45 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Dropbox
2014-03-11 20:44 - 2014-03-11 20:44 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-11 20:35 - 2014-03-11 20:35 - 37660568 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.6.2.exe
2014-03-10 23:31 - 2014-03-10 23:31 - 00000000 ____D () C:\Users\DZV\AppData\Local\{9BF0A51B-BD75-4C44-A63F-7B2013D5E242}
2014-03-10 22:47 - 2014-03-12 21:42 - 00013857 _____ () C:\Users\DZV\Documents\AnnaVance OHS.wlmp
2014-03-10 22:03 - 2014-03-10 22:03 - 00000000 ____D () C:\Users\DZV\AppData\Local\{459F126D-1E72-4381-BC1C-9BE7926B6A14}
2014-03-09 10:27 - 2014-03-15 10:39 - 00000000 ____D () C:\Users\DZV\Documents\work
2014-03-08 14:53 - 2014-03-08 14:55 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Centra
2014-03-08 14:53 - 2014-03-08 14:53 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Saba
2014-03-08 14:42 - 2014-03-08 14:48 - 76638220 _____ () C:\Users\DZV\Downloads\Virtual-Open-House-(LPH453835)_HD_en_US_14-02-19_21.10.exe
2014-03-06 22:02 - 2014-03-06 22:02 - 00000606 _____ () C:\Users\DZV\Downloads\skype-for-desktop-logging.zip
2014-03-06 22:02 - 2014-03-06 22:02 - 00000000 ____D () C:\Users\DZV\Downloads\skype-for-desktop-logging
2014-03-04 21:35 - 2014-03-04 21:35 - 00026016 _____ () C:\Users\DZV\Documents\DDS.txt
2014-03-04 21:35 - 2014-03-04 21:35 - 00010740 _____ () C:\Users\DZV\Documents\Attach.txt
2014-03-03 21:01 - 2014-03-03 21:01 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-12199940-82188221-3316144088-1000
2014-03-03 20:49 - 2014-03-03 20:49 - 00315488 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.6.13Meta (2).exe
2014-03-03 20:34 - 2014-03-03 20:34 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-03-03 03:01 - 2013-12-21 17:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-03 03:01 - 2013-12-21 16:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-03 02:12 - 2014-03-03 02:16 - 00000000 ____D () C:\Users\DZV\Downloads\cports-x64
2014-03-03 02:12 - 2014-03-03 02:12 - 00107492 _____ () C:\Users\DZV\Downloads\cports-x64.zip
2014-02-28 15:12 - 2014-02-28 15:12 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-28 15:05 - 2014-02-28 15:05 - 00000000 ____D () C:\Windows\ERUNT
2014-02-28 15:00 - 2014-02-28 15:02 - 00000000 ____D () C:\AdwCleaner
2014-02-28 13:58 - 2014-02-28 13:59 - 310319458 _____ () C:\Users\DZV\Documents\backup0228141358.reg
2014-02-27 22:21 - 2014-02-27 22:21 - 00277614 _____ () C:\Users\DZV\Downloads\Everything-1.2.1.371.zip
2014-02-27 22:15 - 2014-02-27 22:15 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Aero.RNP.162316937227156792.2.2.Run.exe
2014-02-27 22:15 - 2014-02-27 22:15 - 00162010 _____ () C:\Users\DZV\Downloads\DIAG_MATS_NETWORK_global (1).DiagCab
2014-02-27 22:08 - 2014-02-27 22:08 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Aero.RNP.162316937227156792.2.1.Run.exe
2014-02-27 22:07 - 2014-02-27 22:07 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Aero.FISC.162316937227156792.1.1.Run.exe
2014-02-27 22:02 - 2014-02-27 22:02 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-27 22:02 - 2014-02-27 22:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-27 21:26 - 2014-02-27 21:27 - 24993792 _____ () C:\Users\DZV\Downloads\SkypeSetup_6.11.0.102.msi
2014-02-27 21:03 - 2014-02-27 21:03 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Skype.RNP.197316933410126366.1.1.Run.exe
2014-02-27 21:03 - 2014-02-27 21:03 - 00162010 _____ () C:\Users\DZV\Downloads\DIAG_MATS_NETWORK_global.DiagCab
2014-02-27 20:37 - 2014-02-27 20:37 - 00315488 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.6.13Meta (1).exe
2014-02-27 20:27 - 2014-02-27 20:28 - 37295024 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.7.38.exe
2014-02-27 20:17 - 2014-02-27 20:17 - 00315488 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.6.13Meta.exe
2014-02-23 13:49 - 2014-02-27 22:02 - 00000000 ____D () C:\Users\DZV\AppData\Local\Skype
2014-02-23 13:41 - 2014-02-23 13:41 - 34827424 _____ (Skype Technologies S.A.) C:\Users\DZV\Downloads\SkypeSetupFull.exe
2014-02-23 10:22 - 2014-02-23 10:22 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Skype.RNP.7316549339391547.1.1.Run.exe
2014-02-23 09:52 - 2014-02-23 09:52 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Devices.RNP.160316547543389381.1.1.Run.exe
2014-02-21 09:09 - 2014-02-21 09:09 - 00001345 _____ () C:\Users\DZV\Desktop\Revo Uninstaller (2).lnk
2014-02-21 00:28 - 2014-02-21 00:28 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-02-21 00:28 - 2014-02-21 00:28 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-02-21 00:28 - 2014-02-21 00:28 - 00001309 _____ () C:\Users\Public\Desktop\RealPlayer Cloud.lnk
2014-02-21 00:28 - 2014-02-21 00:28 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\RealNetworks
2014-02-21 00:28 - 2014-02-21 00:28 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-02-21 00:28 - 2014-02-21 00:28 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-02-21 00:27 - 2014-02-21 00:28 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-21 00:26 - 2014-02-21 00:33 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Real
2014-02-21 00:25 - 2014-02-21 00:28 - 00000000 ____D () C:\ProgramData\Real
2014-02-20 23:40 - 2014-02-20 23:40 - 00001330 _____ () C:\Users\DZV\Desktop\HMA! Pro VPN.lnk
2014-02-20 23:37 - 2014-02-21 00:17 - 00000000 ____D () C:\Program Files (x86)\Hensence.com
2014-02-20 23:37 - 2014-02-20 23:37 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Hensense.com
2014-02-20 23:33 - 2014-02-20 23:33 - 00003112 _____ () C:\Windows\System32\Tasks\{E1065B69-0CC0-43F1-BB38-3BB7A76D3554}
2014-02-20 23:18 - 2014-02-20 23:47 - 00000008 _____ () C:\Users\DZV\AppData\Local\~wmrg
2014-02-20 23:16 - 2014-02-21 09:12 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Recorder 14
2014-02-20 23:16 - 2014-02-21 00:17 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\WMBrowser
2014-02-19 19:59 - 2014-02-19 19:59 - 00782433 _____ (Moffsoft ) C:\Users\DZV\Downloads\MoffFreeCalcSetup.exe
2014-02-19 19:59 - 2014-02-19 19:59 - 00001135 _____ () C:\Users\Public\Desktop\Moffsoft FreeCalc.lnk
2014-02-19 19:59 - 2014-02-19 19:59 - 00000000 ____D () C:\Program Files (x86)\Moffsoft FreeCalc
2014-02-19 19:58 - 2014-02-19 19:58 - 01709019 _____ (Moffsoft ) C:\Users\DZV\Downloads\MoffCalc2Setup.exe
2014-02-17 19:39 - 2014-02-17 19:39 - 00020136 _____ () C:\Users\DZV\Documents\NORMAL.dotx
 
==================== One Month Modified Files and Folders =======
 
2014-03-15 21:01 - 2014-03-15 21:01 - 00022995 _____ () C:\Users\DZV\Downloads\FRST.txt
2014-03-15 21:01 - 2014-03-15 21:00 - 00000000 ____D () C:\FRST
2014-03-15 21:00 - 2014-03-15 21:00 - 02157056 _____ (Farbar) C:\Users\DZV\Downloads\FRST64.exe
2014-03-15 20:55 - 2013-07-10 10:28 - 00000000 ____D () C:\Users\DZV\AppData\Local\E55DE2DC-7CE4-42D7-A814-CCA373499EEC.aplzod
2014-03-15 20:54 - 2013-03-03 20:07 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Skype
2014-03-15 20:43 - 2012-06-25 05:57 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-15 20:26 - 2013-07-15 09:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-15 20:09 - 2013-04-01 08:35 - 01783101 _____ () C:\Windows\WindowsUpdate.log
2014-03-15 11:01 - 2012-06-25 05:42 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-03-15 10:39 - 2014-03-09 10:27 - 00000000 ____D () C:\Users\DZV\Documents\work
2014-03-15 03:50 - 2009-07-14 13:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-14 22:43 - 2012-06-25 05:57 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-14 00:08 - 2013-10-11 00:26 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\vlc
2014-03-13 22:55 - 2009-07-14 12:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-13 22:55 - 2009-07-14 12:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-13 22:49 - 2012-06-25 06:05 - 629673472 ___SH () C:\lenovo_rapidboot.img
2014-03-13 22:48 - 2012-06-25 05:42 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-03-13 22:48 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-13 22:47 - 2013-10-20 09:42 - 00422046 _____ () C:\Windows\PFRO.log
2014-03-13 22:47 - 2013-10-13 22:15 - 00007616 _____ () C:\Windows\setupact.log
2014-03-13 00:52 - 2014-03-13 00:52 - 00000000 ____D () C:\Users\DZV\AppData\Local\Apps\2.0
2014-03-12 22:42 - 2013-03-05 21:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-12 22:40 - 2009-07-14 12:45 - 00362088 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 22:39 - 2013-03-21 02:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 22:39 - 2013-03-21 02:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 22:30 - 2013-03-04 23:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 22:27 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-12 21:42 - 2014-03-10 22:47 - 00013857 _____ () C:\Users\DZV\Documents\AnnaVance OHS.wlmp
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Users\DZV\AppData\Local\{F6D35C1E-62F2-49ED-A02B-08F75CFC080A}
2014-03-12 08:26 - 2013-07-15 09:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 08:26 - 2013-03-21 01:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 08:26 - 2012-06-25 06:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 02:51 - 2014-03-12 02:51 - 00000000 ____D () C:\Users\DZV\AppData\Local\{DCA44188-1B59-4A61-90A8-36C95AEC2248}
2014-03-11 21:13 - 2014-03-11 21:13 - 00025197 _____ () C:\Users\DZV\Desktop\dds.txt
2014-03-11 21:13 - 2014-03-11 21:13 - 00010930 _____ () C:\Users\DZV\Desktop\attach.txt
2014-03-11 21:11 - 2014-03-11 21:11 - 00688992 ____R (Swearware) C:\Users\DZV\Downloads\dds.com
2014-03-11 20:45 - 2014-03-11 20:45 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\DropboxMaster
2014-03-11 20:45 - 2014-03-11 20:44 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Dropbox
2014-03-11 20:45 - 2013-03-03 16:04 - 00000000 ___RD () C:\Users\DZV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-11 20:44 - 2014-03-11 20:44 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-11 20:43 - 2013-03-03 16:02 - 00000000 ____D () C:\Users\DZV
2014-03-11 20:35 - 2014-03-11 20:35 - 37660568 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.6.2.exe
2014-03-10 23:31 - 2014-03-10 23:31 - 00000000 ____D () C:\Users\DZV\AppData\Local\{9BF0A51B-BD75-4C44-A63F-7B2013D5E242}
2014-03-10 22:03 - 2014-03-10 22:03 - 00000000 ____D () C:\Users\DZV\AppData\Local\{459F126D-1E72-4381-BC1C-9BE7926B6A14}
2014-03-09 23:24 - 2013-03-24 22:57 - 00000000 ____D () C:\Users\DZV\SCGS Chinese
2014-03-09 20:03 - 2009-07-14 13:13 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-09 17:11 - 2013-03-29 16:53 - 00004779 _____ () C:\Users\DZV\Sti_Trace.log
2014-03-09 13:31 - 2014-01-23 09:45 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\TeamViewer
2014-03-09 12:06 - 2013-03-09 14:54 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\IrfanView
2014-03-08 14:55 - 2014-03-08 14:53 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Centra
2014-03-08 14:53 - 2014-03-08 14:53 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Saba
2014-03-08 14:48 - 2014-03-08 14:42 - 76638220 _____ () C:\Users\DZV\Downloads\Virtual-Open-House-(LPH453835)_HD_en_US_14-02-19_21.10.exe
2014-03-08 14:28 - 2013-03-21 00:56 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\tixati
2014-03-06 22:02 - 2014-03-06 22:02 - 00000606 _____ () C:\Users\DZV\Downloads\skype-for-desktop-logging.zip
2014-03-06 22:02 - 2014-03-06 22:02 - 00000000 ____D () C:\Users\DZV\Downloads\skype-for-desktop-logging
2014-03-04 21:35 - 2014-03-04 21:35 - 00026016 _____ () C:\Users\DZV\Documents\DDS.txt
2014-03-04 21:35 - 2014-03-04 21:35 - 00010740 _____ () C:\Users\DZV\Documents\Attach.txt
2014-03-04 10:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2014-03-03 21:01 - 2014-03-03 21:01 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-12199940-82188221-3316144088-1000
2014-03-03 20:49 - 2014-03-03 20:49 - 00315488 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.6.13Meta (2).exe
2014-03-03 20:34 - 2014-03-03 20:34 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-03-03 02:16 - 2014-03-03 02:12 - 00000000 ____D () C:\Users\DZV\Downloads\cports-x64
2014-03-03 02:12 - 2014-03-03 02:12 - 00107492 _____ () C:\Users\DZV\Downloads\cports-x64.zip
2014-03-03 01:55 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-03 01:54 - 2013-11-13 03:00 - 00014581 _____ () C:\Windows\IE11_main.log
2014-03-02 10:13 - 2013-04-17 22:13 - 00466512 _____ () C:\Users\DZV\dzv4.amk
2014-03-01 14:05 - 2014-03-12 13:17 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 13:17 - 2014-03-12 13:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 13:16 - 2014-03-12 13:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 12:58 - 2014-03-12 13:17 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 12:52 - 2014-03-12 13:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 12:51 - 2014-03-12 13:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 12:42 - 2014-03-12 13:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 12:40 - 2014-03-12 13:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 12:37 - 2014-03-12 13:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 12:33 - 2014-03-12 13:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 12:33 - 2014-03-12 13:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 12:32 - 2014-03-12 13:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 12:30 - 2014-03-12 13:17 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 12:23 - 2014-03-12 13:17 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 12:17 - 2014-03-12 13:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 12:11 - 2014-03-12 13:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 12:02 - 2014-03-12 13:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 11:54 - 2014-03-12 13:17 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 11:52 - 2014-03-12 13:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 11:51 - 2014-03-12 13:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 11:47 - 2014-03-12 13:17 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 11:43 - 2014-03-12 13:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 11:43 - 2014-03-12 13:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 11:42 - 2014-03-12 13:17 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 11:40 - 2014-03-12 13:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 11:38 - 2014-03-12 13:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 11:37 - 2014-03-12 13:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 11:35 - 2014-03-12 13:17 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 11:18 - 2014-03-12 13:17 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 11:16 - 2014-03-12 13:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 11:14 - 2014-03-12 13:17 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 11:10 - 2014-03-12 13:17 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 11:03 - 2014-03-12 13:17 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 11:00 - 2014-03-12 13:17 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 10:57 - 2014-03-12 13:17 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 10:38 - 2014-03-12 13:17 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 10:32 - 2014-03-12 13:17 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 10:27 - 2014-03-12 13:17 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 10:25 - 2014-03-12 13:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 10:25 - 2014-03-12 13:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 15:12 - 2014-02-28 15:12 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-28 15:11 - 2012-06-25 06:03 - 00799564 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-28 15:05 - 2014-02-28 15:05 - 00000000 ____D () C:\Windows\ERUNT
2014-02-28 15:02 - 2014-02-28 15:00 - 00000000 ____D () C:\AdwCleaner
2014-02-28 13:59 - 2014-02-28 13:58 - 310319458 _____ () C:\Users\DZV\Documents\backup0228141358.reg
2014-02-27 22:21 - 2014-02-27 22:21 - 00277614 _____ () C:\Users\DZV\Downloads\Everything-1.2.1.371.zip
2014-02-27 22:15 - 2014-02-27 22:15 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Aero.RNP.162316937227156792.2.2.Run.exe
2014-02-27 22:15 - 2014-02-27 22:15 - 00162010 _____ () C:\Users\DZV\Downloads\DIAG_MATS_NETWORK_global (1).DiagCab
2014-02-27 22:08 - 2014-02-27 22:08 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Aero.RNP.162316937227156792.2.1.Run.exe
2014-02-27 22:07 - 2014-02-27 22:07 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Aero.FISC.162316937227156792.1.1.Run.exe
2014-02-27 22:02 - 2014-02-27 22:02 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-27 22:02 - 2014-02-27 22:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-27 22:02 - 2014-02-23 13:49 - 00000000 ____D () C:\Users\DZV\AppData\Local\Skype
2014-02-27 22:02 - 2012-06-25 06:02 - 00000000 ____D () C:\ProgramData\Skype
2014-02-27 21:27 - 2014-02-27 21:26 - 24993792 _____ () C:\Users\DZV\Downloads\SkypeSetup_6.11.0.102.msi
2014-02-27 21:03 - 2014-02-27 21:03 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Skype.RNP.197316933410126366.1.1.Run.exe
2014-02-27 21:03 - 2014-02-27 21:03 - 00162010 _____ () C:\Users\DZV\Downloads\DIAG_MATS_NETWORK_global.DiagCab
2014-02-27 20:37 - 2014-02-27 20:37 - 00315488 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.6.13Meta (1).exe
2014-02-27 20:28 - 2014-02-27 20:27 - 37295024 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.7.38.exe
2014-02-27 20:17 - 2014-02-27 20:17 - 00315488 _____ (Dropbox, Inc.) C:\Users\DZV\Downloads\Dropbox 2.6.13Meta.exe
2014-02-23 13:41 - 2014-02-23 13:41 - 34827424 _____ (Skype Technologies S.A.) C:\Users\DZV\Downloads\SkypeSetupFull.exe
2014-02-23 10:22 - 2014-02-23 10:22 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Skype.RNP.7316549339391547.1.1.Run.exe
2014-02-23 09:52 - 2014-02-23 09:52 - 00347816 _____ (Microsoft Corporation) C:\Users\DZV\Downloads\MicrosoftFixit.Devices.RNP.160316547543389381.1.1.Run.exe
2014-02-21 09:12 - 2014-02-20 23:16 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Recorder 14
2014-02-21 09:11 - 2013-04-02 08:39 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-21 09:09 - 2014-02-21 09:09 - 00001345 _____ () C:\Users\DZV\Desktop\Revo Uninstaller (2).lnk
2014-02-21 00:33 - 2014-02-21 00:26 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Real
2014-02-21 00:28 - 2014-02-21 00:28 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-02-21 00:28 - 2014-02-21 00:28 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-02-21 00:28 - 2014-02-21 00:28 - 00001309 _____ () C:\Users\Public\Desktop\RealPlayer Cloud.lnk
2014-02-21 00:28 - 2014-02-21 00:28 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\RealNetworks
2014-02-21 00:28 - 2014-02-21 00:28 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-02-21 00:28 - 2014-02-21 00:28 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-02-21 00:28 - 2014-02-21 00:27 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-21 00:28 - 2014-02-21 00:25 - 00000000 ____D () C:\ProgramData\Real
2014-02-21 00:27 - 2012-06-25 05:59 - 00505416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-02-21 00:17 - 2014-02-20 23:37 - 00000000 ____D () C:\Program Files (x86)\Hensence.com
2014-02-21 00:17 - 2014-02-20 23:16 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\WMBrowser
2014-02-21 00:17 - 2011-02-25 06:01 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-21 00:17 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\registration
2014-02-20 23:47 - 2014-02-20 23:18 - 00000008 _____ () C:\Users\DZV\AppData\Local\~wmrg
2014-02-20 23:40 - 2014-02-20 23:40 - 00001330 _____ () C:\Users\DZV\Desktop\HMA! Pro VPN.lnk
2014-02-20 23:37 - 2014-02-20 23:37 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Hensense.com
2014-02-20 23:33 - 2014-02-20 23:33 - 00003112 _____ () C:\Windows\System32\Tasks\{E1065B69-0CC0-43F1-BB38-3BB7A76D3554}
2014-02-20 23:32 - 2012-06-25 05:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-20 21:16 - 2014-02-06 06:37 - 00002078 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
2014-02-20 21:16 - 2014-01-23 09:41 - 00001139 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-20 10:55 - 2013-10-20 20:51 - 00000000 ____D () C:\Program Files\Blue Coat K9 Web Protection
2014-02-19 19:59 - 2014-02-19 19:59 - 00782433 _____ (Moffsoft ) C:\Users\DZV\Downloads\MoffFreeCalcSetup.exe
2014-02-19 19:59 - 2014-02-19 19:59 - 00001135 _____ () C:\Users\Public\Desktop\Moffsoft FreeCalc.lnk
2014-02-19 19:59 - 2014-02-19 19:59 - 00000000 ____D () C:\Program Files (x86)\Moffsoft FreeCalc
2014-02-19 19:58 - 2014-02-19 19:58 - 01709019 _____ (Moffsoft ) C:\Users\DZV\Downloads\MoffCalc2Setup.exe
2014-02-17 19:39 - 2014-02-17 19:39 - 00020136 _____ () C:\Users\DZV\Documents\NORMAL.dotx
2014-02-16 03:02 - 2013-08-04 21:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 03:00 - 2013-03-03 21:51 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
Some content of TEMP:
====================
C:\Users\DZV\AppData\Local\Temp\6_Offer_6.exe
C:\Users\DZV\AppData\Local\Temp\6_Offer_8.exe
C:\Users\DZV\AppData\Local\Temp\BackupSetup.exe
C:\Users\DZV\AppData\Local\Temp\certutil.exe
C:\Users\DZV\AppData\Local\Temp\cleanup_tool.exe
C:\Users\DZV\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9gm7gd.dll
C:\Users\DZV\AppData\Local\Temp\fs_health_check.exe
C:\Users\DZV\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\DZV\AppData\Local\Temp\k9-webprotection-4.4.268.exe
C:\Users\DZV\AppData\Local\Temp\msvcr71.dll
C:\Users\DZV\AppData\Local\Temp\nspr4.dll
C:\Users\DZV\AppData\Local\Temp\nss3.dll
C:\Users\DZV\AppData\Local\Temp\plc4.dll
C:\Users\DZV\AppData\Local\Temp\plds4.dll
C:\Users\DZV\AppData\Local\Temp\Quarantine.exe
C:\Users\DZV\AppData\Local\Temp\smime3.dll
C:\Users\DZV\AppData\Local\Temp\softokn3.dll
C:\Users\DZV\AppData\Local\Temp\zzoxici5.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-10 00:43
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by DZV at 2014-03-15 21:01:35
Running from C:\Users\DZV\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version:  - MechCAD Software)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AngryBirds (HKLM-x32\...\{20CE0033-8F3D-464B-8BA2-A08EB0F27FD3}) (Version: 1.00.1206 - Rovio)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio Paint (HKLM-x32\...\{E2D90067-5A3F-41C2-BB72-9D16444065CF}) (Version: 1.6.1.144 - ArcSoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Blue Coat K9 Web Protection (HKLM\...\Blue Coat K9 Web Protection) (Version: 4.4.268 - Blue Coat Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CopyTrans Suite Remove Only (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Curling (HKLM-x32\...\{369AAC15-34EF-4A1E-9090-29BEE38956F4}) (Version: 1.22.063010 - NTTC)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.01.1214 - Lenovo)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
EaseUS Partition Master 9.2.1 Home Edition (HKLM-x32\...\EaseUS Partition Master Home Edition_is1) (Version:  - EaseUS)
EasyCleaner (HKLM-x32\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - ToniArts)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.51.0000 - EPSON)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
EPSON L210 Series Printer Uninstall (HKLM\...\EPSON L210 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson User's Guide L210 Series (HKLM-x32\...\L210 Series Useg) (Version:  - )
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
Firework (HKLM-x32\...\{736DB9B0-D2BA-41DC-AACD-384A599B7D24}) (Version: 1.22.063010 - NTTC)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fruit Ninja (HKLM-x32\...\Fruit Ninja1.7.4.11) (Version: 1.7.4.11 - Halfbrick Studios)
Funny Cube (HKLM-x32\...\{791708C1-0D84-4D05-88DC-A29EE9808270}) (Version: 1.22.063010 - NTTC)
Game Portal (HKLM-x32\...\{3364D966-E729-4061-B599-386887853D06}) (Version: 2.50.012.0217 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
GPL Ghostscript 8.54 (HKLM-x32\...\GPL Ghostscript 8.54) (Version:  - )
GPL Ghostscript Fonts (HKLM-x32\...\GPL Ghostscript Fonts) (Version:  - )
Happy Hit (HKLM-x32\...\{A8BE86A1-7E0E-4814-80E5-6F4073B744F7}) (Version: 1.39.063010 - NTTC)
HMA! Pro VPN 2.8.1.10 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.1.10 - )
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Idea Touch 4.5 (HKLM-x32\...\{E8B07384-64E4-48AB-940D-5F68C99721DD}) (Version: 4.50.012.0307 - Lenovo)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35132 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.9.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.3400 - Broadcom Corporation)
Lenovo BrgVolOSD (HKLM-x32\...\{B0CAB976-C41D-4800-A7BA-CBD4BF4EA920}) (Version: 1.1.05 - Lenovo)
Lenovo Camera Fun Zone (HKLM-x32\...\Lenovo Camera Fun Zone) (Version: 1.1.1.6 - Shanghai MotionTek Co., Ltd.)
Lenovo EBook&QuickNotes (HKLM-x32\...\InstallShield_{63EA246F-3C4F-4809-B0DE-3738F99B34DD}) (Version: 1.0.3.22 - ArcSoft)
Lenovo EBook&QuickNotes (x32 Version: 1.0.3.22 - ArcSoft) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.6008 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.6008 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3711.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.3711.52 - CyberLink Corp.) Hidden
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.3609 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.3609 - CyberLink Corp.) Hidden
Lenovo Screensaver (HKLM-x32\...\{803E6DED-5050-4E3D-B26A-5915397362CD}) (Version: 1.0.5.120412 - Lenovo)
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\InstallShield_{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.02 - Lenovo)
Lenovo Silver Silk Wireless Keyboard (x32 Version: 1.02 - Lenovo) Hidden
Lenovo VeriTouch  (HKLM-x32\...\InstallShield_{6A7F7465-284F-4299-8663-CDB496CEFA7D}) (Version: 2.0.1.21 - ArcSoft)
Lenovo VeriTouch2.0 (x32 Version: 2.0.1.21 - ArcSoft) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4910 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.4910 - CyberLink Corp.) Hidden
LenovoModifyWindowStyle (HKLM-x32\...\{EBC41B09-E56D-421C-B3D0-84AC1103541B}) (Version: 1.01.0711 - Lenovo)
LenovoUtility version 1.0 (HKLM-x32\...\{4F949BD9-1E99-40C7-9102-C67E2D384995}_is1) (Version: 1.0 - Lenovo)
Link Up (HKLM-x32\...\{3DEDB107-2FCB-4544-844D-EC2878A9F22C}) (Version: 1.23.063010 - NTTC)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 1.01.0213 - Lenovo)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Moffsoft FreeCalc (HKLM-x32\...\MoffFreeCalc_is1) (Version: 1.1 - Moffsoft)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MT2OFX V3.5.37 (HKLM-x32\...\MT2OFX_is1) (Version:  - SmaleSoft)
Music Star (HKLM-x32\...\{E4FB9C8E-E965-4885-A4F8-8D2991AD4A36}) (Version: 1.44.063010 - NTTC)
Music Star (x32 Version: 1.44.063010 - NTTC) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NVIDIA Control Panel 307.21 (Version: 307.21 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 307.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.11.0621 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PowerCinema (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 7.0.6207 - CyberLink Corp.)
PowerCinema (x32 Version: 7.0.6207 - CyberLink Corp.) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapidboot Advanced (HKLM-x32\...\Rapidboot Advanced) (Version: 1.0.5.3 - Lenovo)
RealDownloader (x32 Version: 17.0.6 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.6 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6554 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29003 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B20F9D1C-A0A5-4CD8-8306-DA03872311B1}) (Version: 1.00.0183 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung i-Launcher 1.0.1.28 (HKLM-x32\...\Samsung i-Launcher) (Version: 1.0.1.28 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
ScreenRecorder (HKLM\...\{55A9972B-EA29-43C3-94B6-7A178D6F2E11}) (Version: 4.0.0 - Burak Uysaler)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Snowflake Suite (HKLM-x32\...\{E03B9D73-3806-4466-97B1-75C4486F65DF}) (Version: 1.0 - Natural User Interface Technologies AB)
StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version:  - )
TaxACT 2010 (HKLM-x32\...\TaxACT 2010) (Version:  - 2nd Story Software, Inc.)
TaxACT 2011 - 1040 Edition (HKLM-x32\...\TaxACT 2011 - 1040 Edition) (Version:  - 2nd Story Software, Inc.)
TaxACT 2012 - 1040 Edition (HKLM-x32\...\TaxACT 2012 - 1040 Edition) (Version:  - 2nd Story Software, Inc.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
ThemeWallpaper (HKLM-x32\...\{F29CBF73-C211-4616-898A-379A2679F990}) (Version: 1.2.0.120113 - Lenovo)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Tool Portal (HKLM-x32\...\{2532F8E1-D1D2-4478-9A32-FD0897B6D1A0}) (Version: 2.50.012.0222 - Lenovo)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809 - Microsoft Corporation) Hidden
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0CAD7AF2-1886-483D-8A76-175EF67328EB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-26] (Intel Corporation)
Task: {4A9A2C12-1E1D-41BF-B299-740D457F8B53} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {5D67E57B-264C-497E-A8E8-602FFD91EDC8} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\rvlkl\rvlkl.exe
Task: {7B8A5B90-CF7A-4501-8044-68F289D90B2E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-01-11] (CyberLink)
Task: {8036A75A-801B-48BC-8631-18C168ADB70B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-09] (AVAST Software)
Task: {8259C4BD-9FA4-478A-88F3-D9DF81226792} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-12199940-82188221-3316144088-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-02-12] (RealNetworks, Inc.)
Task: {8C2C80F3-D934-4335-B0EA-C01D5F33E6B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-26] (Piriform Ltd)
Task: {A3781219-4B1A-45E2-B1CD-0BDD0346CF42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: {A6F82EBC-4103-4D70-B371-A20652F9F820} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C66468D1-F04F-4C2E-9BCB-390BD0705998} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-26] (Intel Corporation)
Task: {EA6ED52B-D7A4-4FA7-9568-1A7FC6CD9517} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-06-25 05:44 - 2012-10-17 05:35 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-09 16:03 - 2012-10-04 18:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2014-02-20 21:16 - 2013-10-17 23:32 - 00020472 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2012-06-25 05:42 - 2011-12-16 12:37 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2014-02-12 14:42 - 2014-02-12 14:42 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-02-12 16:29 - 2014-02-12 16:29 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2013-02-25 04:04 - 2013-02-25 04:04 - 00704008 _____ () C:\Windows\SysWOW64\C2MP\TrayMenu.exe
2009-11-10 07:38 - 2009-11-10 07:38 - 00053248 _____ () C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe
2014-03-13 18:47 - 2014-03-13 16:22 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14031300\algo.dll
2014-03-15 19:01 - 2014-03-15 16:32 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14031500\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-06-25 06:05 - 2012-03-02 15:48 - 00030512 ____N () C:\Program Files (x86)\Lenovo\Rapidboot\FBServiceps.dll
2014-02-21 00:27 - 2014-02-21 00:27 - 00867928 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Plugins\cldplin.dll
2012-03-12 10:55 - 2012-03-12 10:55 - 00008192 _____ () C:\Program Files (x86)\Lenovo\Lenovo BrgVolOSD\CD_DLL.dll
2011-11-04 02:48 - 2011-11-04 02:48 - 00056320 _____ () C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skfunc.dll
2009-12-05 07:59 - 2009-12-05 07:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-05 08:04 - 2009-12-05 08:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2013-10-22 19:42 - 2013-10-22 19:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-13 03:40 - 2014-02-13 03:40 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-06-25 05:43 - 2011-11-30 11:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-06-25 05:42 - 2011-12-16 10:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-03-15 18:44 - 2014-03-15 08:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 18:44 - 2014-03-15 08:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 18:44 - 2014-03-15 08:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 18:44 - 2014-03-15 08:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 18:44 - 2014-03-15 08:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 18:44 - 2014-03-15 08:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
MSCONFIG\startupreg: LVT => C:\Program Files\Lenovo\LVT\LJYZ.exe 1
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek RTL8188CUS Wireless LAN 802.11n USB Slim Solo
Description: Realtek RTL8188CUS Wireless LAN 802.11n USB Slim Solo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8192cu
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/13/2014 11:33:17 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 4468.  Message ID: [0x2509].
 
Error: (03/13/2014 11:26:54 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 6464.  Message ID: [0x2509].
 
Error: (03/13/2014 11:21:54 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 916.  Message ID: [0x2509].
 
Error: (03/13/2014 10:49:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/13/2014 09:33:04 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 7932.  Message ID: [0x2509].
 
Error: (03/13/2014 04:20:18 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 7760.  Message ID: [0x2509].
 
Error: (03/13/2014 04:18:37 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 8304.  Message ID: [0x2509].
 
Error: (03/13/2014 04:04:55 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 8948.  Message ID: [0x2509].
 
Error: (03/13/2014 02:42:41 AM) (Source: Application Hang) (User: )
Description: The program Skype.exe version 6.14.0.104 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 14d8
 
Start Time: 01cf3e012f937ef4
 
Termination Time: 30
 
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Report Id: 152552bc-aa16-11e3-90b4-047d7bf54706
 
Error: (03/12/2014 10:41:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (03/13/2014 02:42:05 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/12/2014 10:46:00 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
 
Error: (03/11/2014 08:46:41 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
 
Error: (03/09/2014 11:36:13 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (03/09/2014 08:00:52 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/09/2014 09:57:50 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/08/2014 02:35:09 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
 
Error: (03/08/2014 02:32:29 PM) (Source: DCOM) (User: )
Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (03/04/2014 10:06:41 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/03/2014 03:19:03 AM) (Source: Service Control Manager) (User: )
Description: The TeamViewer 9 service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (06/14/2013 09:23:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21828 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (06/11/2013 10:49:30 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2928 seconds with 1440 seconds of active time.  This session ended with a crash.
 
Error: (05/03/2013 04:10:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 57 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-11-23 21:21:19.558
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\rikvm_3A60B698.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-01 22:27:01.547
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\rikvm_3A60B698.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-04-25 08:22:17.548
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\rikvm_3A60B698.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-04-25 08:22:17.502
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\rikvm_3A60B698.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 37%
Total physical RAM: 8155.61 MB
Available physical RAM: 5065.27 MB
Total Pagefile: 16309.39 MB
Available Pagefile: 12908.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (Windows 7) (Fixed) (Total:97.66 GB) (Free:19.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:575.71 GB) (Free:437.7 GB) NTFS
Drive g: (G Seagate) (Fixed) (Total:1863.01 GB) (Free:406.46 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 4A9728AC)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=576 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=25 GB) - (Type=12)
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: A4B57300)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,804 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:31 AM

Posted 15 March 2014 - 09:03 AM

Hi David,

 

I will be reviewing your logs a bit later today but can you tell me if you are still working with Dropbox?  It doesn't matter to me where you receive help but it should only be from one forum at a time so there is consistency in the approach.

 

Let me know sir.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 15 March 2014 - 09:20 AM

Just working with you! Thanks.

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,804 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:31 AM

Posted 15 March 2014 - 09:23 AM

OK thanks.  I see you are in a much different time zone so I will have a reply waiting for you when you awaken.  :)


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,804 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:31 AM

Posted 15 March 2014 - 03:26 PM

Good Morning,

Your computer is quite ill. We will begin to address a variety of issues but I must first advise you of the following.

===================================================

BACKDOOR WARNING!

--------------------

One or more of the identified infections is a Backdoor Trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. Please let me know if you have already noticed evidences of financial institution irregularities.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have Tixati installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Tixati, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
() C:\Windows\SysWOW64\C2MP\TrayMenu.exe
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Policies\Explorer: [NoDrives] 0x00000002
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...0c966feabec1\InprocServer32: [Default-shell32]  ATTENTION! ====> ZeroAccess?
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Winsock: Catalog9 01 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 02 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 03 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 04 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 05 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 17 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
2014-02-20 23:37 - 2014-02-21 00:17 - 00000000 ____D () C:\Program Files (x86)\Hensence.com
2014-02-20 23:37 - 2014-02-20 23:37 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Hensense.com
2014-02-20 23:33 - 2014-02-20 23:33 - 00003112 _____ () C:\Windows\System32\Tasks\{E1065B69-0CC0-43F1-BB38-3BB7A76D3554}
2014-02-20 23:18 - 2014-02-20 23:47 - 00000008 _____ () C:\Users\DZV\AppData\Local\~wmrg
C:\Users\DZV\AppData\Local\Temp\6_Offer_6.exe
C:\Users\DZV\AppData\Local\Temp\6_Offer_8.exe
C:\Users\DZV\AppData\Local\Temp\BackupSetup.exe
C:\Users\DZV\AppData\Local\Temp\certutil.exe
C:\Users\DZV\AppData\Local\Temp\cleanup_tool.exe
C:\Users\DZV\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9gm7gd.dll
C:\Users\DZV\AppData\Local\Temp\fs_health_check.exe
C:\Users\DZV\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\DZV\AppData\Local\Temp\k9-webprotection-4.4.268.exe
C:\Users\DZV\AppData\Local\Temp\msvcr71.dll
C:\Users\DZV\AppData\Local\Temp\nspr4.dll
C:\Users\DZV\AppData\Local\Temp\nss3.dll
C:\Users\DZV\AppData\Local\Temp\plc4.dll
C:\Users\DZV\AppData\Local\Temp\plds4.dll
C:\Users\DZV\AppData\Local\Temp\Quarantine.exe
C:\Users\DZV\AppData\Local\Temp\smime3.dll
C:\Users\DZV\AppData\Local\Temp\softokn3.dll
C:\Users\DZV\AppData\Local\Temp\zzoxici5.dll
Task: {5D67E57B-264C-497E-A8E8-602FFD91EDC8} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\rvlkl\rvlkl.exe
C:\ProgramData\rvlkl
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Run TDSSKiller by Kaspersky on Vista/7

--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • If you desire you may print out and follow the instructions for performing a scan.
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

tdss1.png

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

tdss2.png

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

tdss4.png

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply even if no threats are found.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

===================================================

aswMBR

--------------------
  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.

aswMBR1.png

  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.

aswMBR2.png

  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • TDSSKiller log
  • aswMBR log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 16 March 2014 - 01:41 AM

Nothing found by TDSS, so no log.  Fixlog and aswMBR log below.
 
David
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by DZV at 2014-03-16 14:26:21 Run:1
Running from C:\Users\DZV\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
() C:\Windows\SysWOW64\C2MP\TrayMenu.exe
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...\Policies\Explorer: [NoDrives] 0x00000002
HKU\S-1-5-21-12199940-82188221-3316144088-1000\...0c966feabec1\InprocServer32: [Default-shell32]  ATTENTION! ====> ZeroAccess?
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Winsock: Catalog9 01 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 02 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 03 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 04 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 05 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
Winsock: Catalog9 17 C:\Program Files (x86)\Hensence.com\MediaBox\NetworkSniffer.dll [802816] (Hensence.com)
2014-02-20 23:37 - 2014-02-21 00:17 - 00000000 ____D () C:\Program Files (x86)\Hensence.com
2014-02-20 23:37 - 2014-02-20 23:37 - 00000000 ____D () C:\Users\DZV\AppData\Roaming\Hensense.com
2014-02-20 23:33 - 2014-02-20 23:33 - 00003112 _____ () C:\Windows\System32\Tasks\{E1065B69-0CC0-43F1-BB38-3BB7A76D3554}
2014-02-20 23:18 - 2014-02-20 23:47 - 00000008 _____ () C:\Users\DZV\AppData\Local\~wmrg
C:\Users\DZV\AppData\Local\Temp\6_Offer_6.exe
C:\Users\DZV\AppData\Local\Temp\6_Offer_8.exe
C:\Users\DZV\AppData\Local\Temp\BackupSetup.exe
C:\Users\DZV\AppData\Local\Temp\certutil.exe
C:\Users\DZV\AppData\Local\Temp\cleanup_tool.exe
C:\Users\DZV\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9gm7gd.dll
C:\Users\DZV\AppData\Local\Temp\fs_health_check.exe
C:\Users\DZV\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\DZV\AppData\Local\Temp\k9-webprotection-4.4.268.exe
C:\Users\DZV\AppData\Local\Temp\msvcr71.dll
C:\Users\DZV\AppData\Local\Temp\nspr4.dll
C:\Users\DZV\AppData\Local\Temp\nss3.dll
C:\Users\DZV\AppData\Local\Temp\plc4.dll
C:\Users\DZV\AppData\Local\Temp\plds4.dll
C:\Users\DZV\AppData\Local\Temp\Quarantine.exe
C:\Users\DZV\AppData\Local\Temp\smime3.dll
C:\Users\DZV\AppData\Local\Temp\softokn3.dll
C:\Users\DZV\AppData\Local\Temp\zzoxici5.dll
Task: {5D67E57B-264C-497E-A8E8-602FFD91EDC8} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\rvlkl\rvlkl.exe
C:\ProgramData\rvlkl
*****************
 
[1128] C:\Windows\SysWOW64\C2MP\TrayMenu.exe => Process closed successfully.
HKU\S-1-5-21-12199940-82188221-3316144088-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDrives => Value deleted successfully.
HKU\S-1-5-21-12199940-82188221-3316144088-1000\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
Winsock: Catalog entry 000000000001 => Deleted successfully.
Winsock: Catalog entry 000000000002 => Deleted successfully.
Winsock: Catalog entry 000000000003 => Deleted successfully.
Winsock: Catalog entry 000000000004 => Deleted successfully.
Winsock: Catalog entry 000000000005 => Deleted successfully.
Winsock: Catalog entry 000000000017 => Deleted successfully.
C:\Program Files (x86)\Hensence.com => Moved successfully.
C:\Users\DZV\AppData\Roaming\Hensense.com => Moved successfully.
C:\Windows\System32\Tasks\{E1065B69-0CC0-43F1-BB38-3BB7A76D3554} => Moved successfully.
C:\Users\DZV\AppData\Local\~wmrg => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\6_Offer_6.exe => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\6_Offer_8.exe => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\certutil.exe => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\cleanup_tool.exe => Moved successfully.
"C:\Users\DZV\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9gm7gd.dll" => File/Directory not found.
C:\Users\DZV\AppData\Local\Temp\fs_health_check.exe => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\k9-webprotection-4.4.268.exe => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\msvcr71.dll => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\nspr4.dll => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\nss3.dll => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\plc4.dll => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\plds4.dll => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\smime3.dll => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\softokn3.dll => Moved successfully.
C:\Users\DZV\AppData\Local\Temp\zzoxici5.dll => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D67E57B-264C-497E-A8E8-602FFD91EDC8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D67E57B-264C-497E-A8E8-602FFD91EDC8} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RVLKL\RVLKL => Key deleted successfully.
"C:\ProgramData\rvlkl" => File/Directory not found.
 
==== End of Fixlog ====
 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-03-16 14:31:14
-----------------------------
14:31:14.166    OS Version: Windows x64 6.1.7601 Service Pack 1
14:31:14.166    Number of processors: 4 586 0x3A09
14:31:14.166    ComputerName: LENOVO  UserName: DZV
14:31:14.726    Initialize success
14:31:17.532    AVAST engine defs: 14031501
14:31:58.076    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:31:58.077    Disk 0 Vendor: WDC_WD75 03.0 Size: 715404MB BusType: 3
14:31:58.217    Disk 0 MBR read successfully
14:31:58.218    Disk 0 MBR scan
14:31:58.221    Disk 0 Windows 7 default MBR code
14:31:58.225    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          200 MB offset 2048
14:31:58.233    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       100000 MB offset 411648
14:31:58.247    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       589525 MB offset 205214310
14:31:58.280    Disk 0 Partition 4 00     12  Compaq diag NTFS        25675 MB offset 1412564992
14:31:58.318    Disk 0 scanning C:\Windows\system32\drivers
14:32:05.708    Service scanning
14:32:41.558    Modules scanning
14:32:41.563    Disk 0 trace - called modules:
14:32:41.902    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys 
14:32:41.907    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009a01060]
14:32:41.911    3 CLASSPNP.SYS[fffff88001cf043f] -> nt!IofCallDriver -> [0xfffffa80071f1e40]
14:32:41.915    5 ACPI.sys[fffff88000f897a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80071f4050]
14:32:42.299    AVAST engine scan C:\Windows
14:32:43.876    AVAST engine scan C:\Windows\system32
14:34:57.258    AVAST engine scan C:\Windows\system32\drivers
14:35:06.380    AVAST engine scan C:\Users\DZV
14:37:29.276    AVAST engine scan C:\ProgramData
14:38:35.296    Scan finished successfully
14:39:33.740    Disk 0 MBR has been saved successfully to "C:\Users\DZV\Desktop\MBR.dat"
14:39:33.744    The log file has been saved successfully to "C:\Users\DZV\Desktop\aswMBR.txt"
 


#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,804 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:31 AM

Posted 16 March 2014 - 01:54 PM

Thank you sir. How is your computer running now?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 16 March 2014 - 02:49 PM

No change. All same problems continue unabated.

Any suggestions?

David

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,804 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:31 AM

Posted 16 March 2014 - 02:55 PM

Thanks David,

Please run these.

===================================================

Run Combofix in Vista/7

--------------------

Combofix is a very powerful tool and special attention must be taken to allow it to work properly. Please pay careful attention to the following instructions.

sUBs, the author of Combofix, recommends you to uninstall AVG or CA Internet Security before running the program. If you have either of these programs on your computer please uninstall them using AppRemover which can be downloaded here. We will be sure to reinstall the Antivirus program once we are finished using Combofix.
  • Please download ComboFix from one of these locations:

BleepingComputer
ForoSpyware

  • Save Combofix.exe to your Desktop <-- Important!!!
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts. It is important you do not mouseclick while the program is running or it may stall.
Note #1: Often times it may appear as if ComboFix has stopped working. To verify it is still running please do one of the following below. If, based on the below, you have concluded ComboFix has stopped running please stop and advise me.
  • Check your computer clock. If it is still running then so is ComboFix
  • Open Task Manager and select the Applications Tab. If the status of AutoScan is Running, then ComboFix is running
  • Open Task Manager and select the Processes Tab. Under Image Name look for files ending in .3xe. If there are fluctuating numbers under CPU and Mem Usage then ComboFix is running
Note #2: If you receive the following error "Illegal operation attempted on a registery key that has been marked for deletion" please just restart your computer to resolve this issue

If Combofix fails to run properly using the above instructions please attempt the following:
  • Right click on the Combofix icon on your desktop and select Delete
  • Download a new copy but rename it to freshcopy.exe first, then save it to your desktop
  • Now download RKill.exe (or RKill renamed as iExplore.exe if the first one doesn't work properly) and save it to your desktop
  • Restart your computer in Safe Mode
  • Right click on RKill (or iExplore) and select Run as Administrator. If you are using Windows XP simply double click the icon
  • A black DOS screen should flash and disappear. If not, try to launch the program with the second file. If neither works please stop and let me know
  • When RKill is finished running you will be presented with a text file and a copy will be saved on your desktop. Copy and paste the contents of this report in your reply
  • Do not reboot your computer
  • Double click the freshcopy.exe icon (renamed Combofix file)
  • When finished, it will produce a log. Please copy and paste the C:\Combofix.txt log information in your next reply
  • If you disabled your antivirus please enable it again. If you uninstalled it please wait for instructions to reinstall it
===================================================

RogueKiller by Tigzy

--------------------
  • Download RogueKiller and save it to your desktop
  • Close all running programs
  • For Vista/7 users right click on the icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • When prompted, Click Scan
  • A report should open and a copy of the report will be placed on your desktop
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it winlogon.exe (or winlogon.com) and try again
  • Copy and paste the contents of the report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Combofix log
  • RogueKiller log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users