Hi, hoping someone might be able to help me with a possible infection.
A few months ago, I started to notice some mouse lagging whenever I started chrome. I didn't think anything of it at the time because I usually start chrome with 5 tabs and 5 extensions, and figured with was the startup footprint that was causing the lagging.
Last night, I decided to run some comprehensive scans just in case when I noticed that Windows 7 Safe Mode was no longer an option on Windows Boot Manager (F8). Could an infection have deleted that? I didn't remove it and I know for sure that it was there a few months ago.
So far, I've run Avast, Windows defender, MBAM, ATF Cleaner, DDS, and GMER. Attached are the MBAM, GMER, and DDS logs.
Any help is greatly appreciated! Thank you!
=============
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 4/29/2015
Scan Time: 3:44:57 AM
Logfile: Malwarebytes log 20150429.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.29.01
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: peter
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 371512
Time Elapsed: 8 min, 14 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
============= GMER One
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-04-29 09:16:13
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000078 HGST rev.GH2Z 465.76GB
Running: gmer rootkit scanner 373f4le.exe; Driver: C:\Users\peter\AppData\Local\Temp\pglcafow.sys
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [7056:6564] 000007fef20d9688
Thread C:\Windows\system32\taskhost.exe [5676:5800] 000000006c48f5a0
---- EOF - GMER 2.1 ----
============ GMER Two
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-04-29 09:42:45
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000078 HGST rev.GH2Z 465.76GB
Running: gmer rootkit scanner 373f4le.exe; Driver: C:\Users\peter\AppData\Local\Temp\pglcafow.sys
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [7056:6564] 000007fef20d9688
Thread C:\Windows\system32\taskhost.exe [5676:5800] 000000006c48f5a0
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e82aea6cc5ef
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e82aea6cc5ef (not active ControlSet)
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
============ DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17728 BrowserJavaVersion: 11.31.2
Run by peter at 9:53:31 on 2015-04-29
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.11976.6642 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Windows\system32\valWBFPolicyService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Integrated Camera\Monitor.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\peter\Downloads\gmer rootkit scanner 373f4le.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\peter\Downloads\Windows-KB890830-x64-V5.23.exe
c:\76f9e649afb72d21941f94371c7ed9\mrtstub.exe
C:\Windows\system32\MRT.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [Google Update] "C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRunOnce: [Adobe Speed Launcher] 1430311720
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Integrated Camera_Monitor] "C:\Program Files (x86)\Integrated Camera\monitor.exe"
mRun: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\peter\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Windows\System32\taskmgr.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\IGPXTS~1.LNK - C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T29L10NSP8EP5-10049/webex/ieatgpc1.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{864F2150-CBA7-4B9A-BF8B-42E708ACF5A2} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9478C2E5-98A4-4940-9A92-009BB4100C40} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{95A64313-59F9-4E70-82DC-36AF7F25476D} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{95A64313-59F9-4E70-82DC-36AF7F25476D}\25F69716C605C657D605F6F6C6 : DHCPNameServer = 10.1.10.1
TCP: Interfaces\{95A64313-59F9-4E70-82DC-36AF7F25476D}\25F69716C605C657D67416274656E6 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{95A64313-59F9-4E70-82DC-36AF7F25476D}\84F67794445636964656027457563747 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{95A64313-59F9-4E70-82DC-36AF7F25476D}\D43435F53547166666 : DHCPNameServer = 192.168.0.246 192.168.0.23
TCP: Interfaces\{95A64313-59F9-4E70-82DC-36AF7F25476D}\D49414D275966496 : DHCPNameServer = 192.168.112.1 8.8.8.8
TCP: Interfaces\{95A64313-59F9-4E70-82DC-36AF7F25476D}\D496649643632303C45402A45647071636B6023413031302355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{95A64313-59F9-4E70-82DC-36AF7F25476D}\E6563737F6C6C636 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [Enhanced Performance Keyboard] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe
x64-Run: [TpShocks] TpShocks.exe
x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-11-5 65736]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-11-5 272248]
R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2014-7-7 29512]
R0 excsd;ExpressCache Storage Filter Driver;C:\Windows\System32\drivers\excsd.sys [2014-7-7 117488]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-7-7 632168]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-7-7 28008]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-7-7 20464]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2014-1-29 29496]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-11-5 1047320]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-11-5 442264]
R1 excfs;ExpressCache File System Filter Driver;C:\Windows\System32\drivers\excfs.sys [2014-7-7 25840]
R1 OMNISMI;OMNISMI;C:\Windows\SysWOW64\drivers\omnismi.sys [2014-7-7 14776]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-11-5 29168]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-11-5 89944]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-11-5 137288]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-4-29 343336]
R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2013-10-11 9281840]
R2 ExpressCache;ExpressCache;C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [2013-11-18 828656]
R2 FastbootService;FastbootService;C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2014-7-7 160048]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-7-29 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-7-7 169432]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2014-7-7 59224]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2014-7-21 110128]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-7-7 73048]
R2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller;C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-7-7 197464]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2014-7-29 115184]
R2 lnvDiscoveryWinSvc;lnvDiscoveryWinSvc;C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [2014-7-7 21552]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2014-7-21 124400]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2014-7-21 126512]
R2 valWBFPolicyService;Synaptics FP WBF Policy Service;C:\Windows\System32\valWBFPolicyService.exe [2015-1-29 49968]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-2-3 427192]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2014-5-29 3816176]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2014-7-21 488216]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2013-8-13 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2013-8-13 21920]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-7-7 368624]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-7-7 790000]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-11-11 25528]
R3 Power Manager DBC Service;Power Manager Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2014-7-7 1669920]
R3 QuickControlService;Lenovo QuickControl Service;C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2014-6-11 316400]
R3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2014-7-7 423128]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2014-7-29 31472]
R3 SPUVCbv;SPUVCb Driver Service;C:\Windows\System32\drivers\SPUVCBv_x64.sys [2014-3-18 1521312]
R3 tvtvcamd;Camera Plus (VGA Resolution Maximum);C:\Windows\System32\drivers\tvtvcamd.sys [2014-7-7 27432]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2013-6-20 206744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-12-4 200168]
S2 QuickControlMasterSvc;Lenovo QuickControl Master Service;C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2014-6-11 61936]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2013-11-7 140600]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2013-12-11 1419576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2014-7-7 320560]
S3 Fastboot;Fastboot;C:\Windows\System32\drivers\Fastboot.sys [2014-7-7 71472]
S3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter;C:\Windows\System32\drivers\ibtusb.sys [2013-12-10 169680]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-4-14 114688]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2013-11-11 35256]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-7-7 450520]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-8-13 46568]
S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-2-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;C:\Program Files (x86)\Common Files\Lenovo\easyplussdk\bin\EPHotspot64.exe [2014-7-29 533760]
S3 LSCWinService;LSCWinService;C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-5-29 284912]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2014-7-7 1664800]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-7-21 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-7-21 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-7-21 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-7-21 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2014-1-13 1198456]
S4 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2014-1-13 1710456]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2014-1-13 1161592]
S4 ibtsiva;Intel Bluetooth Service;C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-7-7 113096]
.
=============== Created Last 30 ================
.
2015-04-29 13:50:50 -------- d-----w- C:\76f9e649afb72d21941f94371c7ed9
2015-04-29 06:59:15 -------- d-----w- C:\Windows\pss
2015-04-29 04:48:33 43112 ----a-w- C:\Windows\avastSS.scr
2015-04-29 02:57:22 12032440 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D54EF66C-FEFB-4A4B-A3A0-954C12299DCF}\mpengine.dll
2015-04-25 02:23:47 82944 ----a-w- C:\Windows\System32\dwmapi.dll
2015-04-25 02:23:47 67584 ----a-w- C:\Windows\SysWow64\dwmapi.dll
2015-04-25 02:23:47 1632768 ----a-w- C:\Windows\System32\dwmcore.dll
2015-04-25 02:23:47 1372160 ----a-w- C:\Windows\SysWow64\dwmcore.dll
2015-04-25 02:23:36 2543104 ----a-w- C:\Windows\System32\wpdshext.dll
2015-04-25 02:23:36 2311168 ----a-w- C:\Windows\SysWow64\wpdshext.dll
2015-04-25 02:23:36 1195008 ----a-w- C:\Windows\System32\drivers\UMDF\WpdMtpDr.dll
2015-04-22 14:55:59 -------- d-----w- C:\Users\peter\AppData\Local\TeamViewer
2015-04-15 02:10:54 5557696 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-04-13 12:56:55 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-04-07 21:19:13 -------- d-s---w- C:\Windows\System32\CompatTel
2015-04-07 21:19:13 -------- d-----w- C:\Windows\System32\appraiser
2015-04-07 17:27:46 957952 ----a-w- C:\Windows\System32\appraiser.dll
2015-04-07 17:27:46 769536 ----a-w- C:\Windows\System32\invagent.dll
2015-04-07 17:27:46 726528 ----a-w- C:\Windows\System32\generaltel.dll
2015-04-07 17:27:46 419840 ----a-w- C:\Windows\System32\devinv.dll
2015-04-07 17:27:46 30720 ----a-w- C:\Windows\System32\acmigration.dll
2015-04-07 17:27:46 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-04-07 17:27:46 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-04-07 17:27:46 1239720 ----a-w- C:\Windows\System32\aitstatic.exe
2015-04-07 17:27:46 1111552 ----a-w- C:\Windows\System32\aeinv.dll
.
==================== Find3M ====================
.
2015-04-29 13:17:09 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-04-29 04:48:36 272248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2015-04-29 04:48:36 137288 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2015-04-29 04:48:35 93528 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2015-04-29 04:48:35 89944 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2015-04-29 04:48:35 65736 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2015-04-29 04:48:35 29168 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2015-04-29 04:48:27 1047320 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2015-03-25 03:24:41 98304 ----a-w- C:\Windows\System32\wudriver.dll
2015-03-25 03:24:41 3298816 ----a-w- C:\Windows\System32\wucltux.dll
2015-03-25 03:24:41 191488 ----a-w- C:\Windows\System32\wuwebv.dll
2015-03-25 03:24:08 60416 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-03-25 03:23:58 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-03-25 03:23:55 36864 ----a-w- C:\Windows\System32\wuapp.exe
2015-03-25 03:00:57 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-03-25 03:00:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-03-17 05:22:35 95672 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-03-17 05:22:35 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-03-17 05:19:37 1727904 ----a-w- C:\Windows\System32\ntdll.dll
2015-03-17 05:17:00 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-03-17 05:17:00 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-03-17 05:17:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-03-17 05:15:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-03-17 05:15:44 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-03-17 05:15:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-03-17 05:13:29 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-03-17 05:13:17 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-03-17 05:01:09 3976632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-03-17 05:01:09 3920824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-03-17 04:59:26 1309696 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-03-17 04:57:25 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-03-17 04:57:21 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-03-17 04:57:20 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-03-17 04:57:17 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-03-17 04:57:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-03-17 04:57:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2015-03-17 04:57:12 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-03-17 04:57:11 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-03-17 04:57:07 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-03-17 04:56:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-03-17 04:56:56 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2015-03-17 04:56:41 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-03-17 04:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-03-17 04:56:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-03-17 04:56:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-03-17 04:56:00 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-03-17 04:53:35 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-03-17 04:53:13 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-03-17 03:45:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-03-17 03:45:23 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-03-17 03:43:04 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-17 03:43:04 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-17 03:43:04 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-03-17 03:43:03 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-03-13 04:25:14 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-03-13 04:25:01 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-03-13 04:09:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-03-13 04:08:33 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-03-13 04:08:27 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-03-13 04:08:17 417280 ----a-w- C:\Windows\System32\html.iec
2015-03-13 04:06:54 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-03-13 03:54:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-03-13 03:54:00 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-03-13 03:53:22 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-03-13 03:50:45 6025216 ----a-w- C:\Windows\System32\jscript9.dll
2015-03-13 03:44:48 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-03-13 03:42:18 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-03-13 03:32:48 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-03-13 03:28:48 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-03-13 03:28:37 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-03-13 03:27:51 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-03-13 03:27:35 340992 ----a-w- C:\Windows\SysWow64\html.iec
2015-03-13 03:26:19 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-03-13 03:16:26 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-03-13 03:15:40 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-03-13 03:05:50 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-03-13 03:05:24 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-03-13 03:01:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-03-13 02:49:21 4305408 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-03-13 02:45:57 2358784 ----a-w- C:\Windows\System32\wininet.dll
2015-03-13 02:43:41 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-03-13 02:42:47 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-03-13 02:20:28 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-03-10 03:25:10 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2015-03-10 03:21:42 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2015-03-10 03:08:26 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2015-03-10 03:05:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2015-03-05 05:12:33 404480 ----a-w- C:\Windows\System32\gdi32.dll
2015-03-05 04:05:06 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2015-03-04 04:55:13 367552 ----a-w- C:\Windows\System32\clfs.sys
2015-03-04 04:41:27 79360 ----a-w- C:\Windows\System32\clfsw32.dll
2015-03-04 04:10:54 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll
2015-02-26 16:58:07 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-26 16:58:07 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys
2015-02-25 03:18:01 754688 ----a-w- C:\Windows\System32\drivers\http.sys
2015-02-24 08:17:24 295552 ------w- C:\Windows\System32\MpSigStub.exe
2015-02-20 04:41:01 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-02-20 04:40:59 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-02-20 04:40:56 14336 ----a-w- C:\Windows\System32\dciman32.dll
.
============= FINISH: 9:53:51.33 ===============
============= Attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/22/2014 2:01:56 AM
System Uptime: 4/29/2015 8:47:01 AM (1 hours ago)
.
Motherboard: LENOVO | | 20AQCTO1WW
Processor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz | CPU Socket - U3E1 | 1875/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 449 GiB total, 344.703 GiB free.
Q: is FIXED (NTFS) - 16 GiB total, 5.135 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
==== System Restore Points ===================
.
RP107: 4/21/2015 11:09:19 AM - Windows Update
RP108: 4/24/2015 10:23:49 PM - Windows Update
RP109: 4/28/2015 10:57:08 PM - Windows Update
RP110: 4/29/2015 12:47:44 AM - avast! antivirus system restore point
.
==== Installed Programs ======================
.
7-Zip 9.22 (x64 edition)
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Reader X (10.1.7) MUI
AnswerWorks 5.0 English Runtime
Avast Free Antivirus
Cisco AnyConnect VPN Client
Cisco WebEx Meetings
Create Recovery Media
Definition Update for Microsoft Office 2010 (KB2965299) 64-Bit Edition
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8
DisplayLink Core Software
Dolby Home Theater v4
EPSON WF-3640 Series Printer Uninstall
ExpressCache
FileZilla Client 3.10.3
Google Chrome
Google Talk Plugin
Google Update Helper
Inst5676
Integrated Camera
Intel(R) Management Engine Components
Intel(R) Network Connections Drivers
Intel(R) PRO/Wireless Driver
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1412.3)
Intel(R) Smart Connect Technology
Intel(R) Update Manager
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel(R) WiDi
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
Java 8 Update 31
Java Auto Updater
join.me
Lenovo Auto Scroll Utility
Lenovo Communications Utility
Lenovo Fingerprint Manager Pro
Lenovo Patch Utility
Lenovo Patch Utility 64 bit
Lenovo Peer Connect SDK
Lenovo Power Management Driver
Lenovo QuickControl
Lenovo QuickDisplay
Lenovo Reach
Lenovo Registration
Lenovo SHAREit
Lenovo Solution Center
Lenovo System Update
Lenovo USB Graphics
Lenovo USB3.0 to DVI VGA Monitor Adapter
Lenovo User Guide
Lenovo Warranty Information
Malwarebytes Anti-Malware version 2.0.4.1028
Message Center Plus
Metric Collection SDK
Metric Collection SDK 35
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5.2
Microsoft Application Error Reporting
Microsoft Help Viewer 1.1
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Report Viewer 2012 Runtime
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server 2012 (64-bit)
Microsoft SQL Server 2012 Express LocalDB
Microsoft SQL Server 2012 Native Client
Microsoft SQL Server 2012 Setup (English)
Microsoft SQL Server 2012 Transact-SQL Compiler Service
Microsoft SQL Server 2012 Transact-SQL ScriptDom
Microsoft SQL Server System CLR Types
Microsoft System CLR Types for SQL Server 2012 (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual Studio 2010 Shell (Isolated) - ENU
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
On Screen Display
Power Manager
Quicken 2010
RapidBoot HDD Accelerator
Realtek Card Reader
Realtek High Definition Audio Driver
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
Samsung Printer Live Update
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2889839) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition
Security Update for Microsoft Word 2010 (KB2553428) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit)
SQL Server 2012 Common Files
SQL Server 2012 Management Studio
Synaptics WBF DDK 5011
ThinkPad UltraNav Driver
Thinkpad USB 3.0 Ethernet Adapter Driver
ThinkVantage Active Protection System
ThinkVantage Password Manager
Update for Microsoft Access 2010 (KB2837601) 64-Bit Edition
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2881026) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition
Update for Microsoft Office 2010 (KB2920813) 64-Bit Edition
Update for Microsoft Office 2010 (KB2956141) 64-Bit Edition
Update for Microsoft Office 2010 (KB2956191) 64-Bit Edition
Update for Microsoft Office 2010 (KB2965235) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2956205) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2965295) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2956190) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition
Update for Microsoft Visio 2010 (KB2881025) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition
USB Enhanced Performance Keyboard
Visual Studio 2010 Prerequisites - English
Windows Driver Package - Intel (e1dexpress) Net (07/12/2013 12.8.33.9427)
Windows Driver Package - Intel Corporation (iaStorA) HDC (11/15/2013 12.8.10.1005)
Windows Driver Package - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04)
Windows Driver Package - Synaptics (SmbDrv) System (02/25/2014 18.0.7.34)
Windows Driver Package - Synaptics (SynTP) Mouse (02/25/2014 18.0.7.34)
.
==== Event Viewer Messages From Past Week ========
.
4/29/2015 8:48:19 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/29/2015 3:12:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/29/2015 3:12:51 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
4/29/2015 3:12:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/29/2015 3:12:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
4/29/2015 3:12:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
4/29/2015 3:12:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/29/2015 3:12:42 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/29/2015 3:12:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
4/29/2015 3:12:25 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswRvrt aswSnx aswSP aswVmm CSC DfsC discache NetBIOS NetBT nsiproxy OMNISMI Psched rdbss spldr tdx TPPWRIF vwififlt Wanarpv6 WfpLwf
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/29/2015 3:12:25 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/29/2015 3:02:04 AM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
4/28/2015 7:50:01 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
4/28/2015 1:17:04 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{9478C2E5-98A4-4940-9A92-009BB4100C40} because another computer on the network has the same name. The server could not start.
4/27/2015 9:37:03 AM, Error: Microsoft-Windows-RasSstp [1] - CoId={AC96B454-F7D0-487C-8595-9E825099167F}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
4/27/2015 11:58:31 AM, Error: Schannel [36888] - The following fatal alert was generated: 48. The internal error state is 552.
4/27/2015 11:58:31 AM, Error: Schannel [36882] - The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.
4/27/2015 1:43:30 AM, Error: Microsoft-Windows-DistributedCOM [10006] - DCOM got error "2147944122" from the computer NESSO-DELL-T620 when attempting to activate the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
4/27/2015 1:32:38 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/24/2015 7:25:39 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
4/24/2015 7:21:59 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ExpressCache service.
4/24/2015 2:58:19 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.2 with the system having network hardware address 00-00-00-02-02-02. Network operations on this system may be disrupted as a result.
4/23/2015 11:13:09 PM, Error: Schannel [36887] - The following fatal alert was received: 80.
4/22/2015 8:11:16 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
.
==== End Of File ===========================