Hey everyone! I think I may have gotten a trojan inside my laptop and was wondering if someone could read/interpret these logs.
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 6:12:59 PM, on 6/7/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Users\lakel_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Java\jre7\bin\javaw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lakel_000\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0021802 - {11111111-1111-1111-1111-110211181102} - C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coIEPlg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Dropbox.lnk = lakel_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} (ExentInf1 Class) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: McAfee Application Installer Cleanup (0212161356983193) (0212161356983193mcinstcleanup) - Unknown owner - C:\windows\TEMP\021216~1.EXE (file missing)
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @oem46.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Unknown owner - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PST Service - Motorola - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 13864 bytes
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2
Run by lakel_000 at 18:17:45 on 2013-06-07
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.8058.4526 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\BtwRSupportService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\windows\system32\dashost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\system32\taskhostex.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8w ekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Users\lakel_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lakel_000\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\SysWOW64\NOTEPAD.EXE
C:\windows\system32\SearchFilterHost.exe
C:\Users\lakel_000\Downloads\1xzgm12d.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://lenovo13.msn.com
uDefault_Page_URL = hxxp://lenovo13.msn.com
uProxyOverride = local;192.168.*.*
mWinlogon: Userinit = userinit.exe
BHO: Shopping Sidekick Plugin: {11111111-1111-1111-1111-110211181102} - C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
mRun: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\LAKEL_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startu p\Dropbox.lnk - C:\Users\lakel_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} -
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\0556272797F5D444 : DHCPNameServer = 10.16.80.24 10.16.80.37
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\14C6F56457F636F6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\2516D6164616 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\2516D61646160294E6E602F4D6168616 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\54163797023547275656470224C6575637 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\7594E4F583333363 : DHCPNameServer = 192.168.254.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SynLenovoGestureMgr] "C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2012-12-14 645952]
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2012-12-14 39008]
R0 nvpciflt;nvpciflt;C:\windows\System32\Drivers\nvpciflt.sys [2013-1-11 30648]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [2013-4-11 56336]
R0 SymDS;Symantec Data Store;C:\windows\System32\Drivers\N360x64\1403010.016\symds64.sys [2013-4-8 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\Drivers\N360x64\1403010.016\symefa64.sys [2013-4-8 1139800]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [2013-5-31 1393240]
R1 ccSet_N360;Norton 360 Settings Manager;C:\windows\System32\Drivers\N360x64\1403010.016\ccsetx64.sys [2013-4-8 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130606.001\IDSviA64.sys [2013-6-7 513184]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\Drivers\N360x64\1403010.016\ironx64.sys [2013-4-8 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\Drivers\N360x64\1403010.016\symnets.sys [2013-4-8 432800]
R1 ZDCNDIS6a64;ZDCNDIS5 NDIS5.1 Protocol Driver;C:\windows\System32\Zdcndis6a64.sys [2013-3-14 41280]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600]
R2 BcmBtRSupport;Bluetooth Radio Control Service;C:\windows\System32\BtwRSupportService.exe [2012-12-14 2227992]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-12-14 7168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-12-14 166720]
R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-7-17 116632]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccsvchst.exe [2013-4-8 144520]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-7-16 69640]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2013-3-6 65657]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-12-14 365376]
R2 X5XSEx_Pr148;X5XSEx_Pr148;C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.sys [2012-12-14 56136]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-9-24 1153840]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\windows\System32\Drivers\bcbtums.sys [2012-12-14 169240]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\windows\System32\Drivers\btwampfl.sys [2012-12-14 161144]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\Drivers\btwl2cap.sys [2012-12-14 40248]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\Drivers\dtsoftbus01.sys [2013-5-19 283200]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-1-1 138912]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-8-31 342528]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\Drivers\iwdbus.sys [2012-10-9 25568]
R3 JMCR;JMCR;C:\windows\System32\Drivers\jmcr.sys [2012-7-18 174176]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-8-21 110744]
R3 NETwNe64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\Drivers\netwew00.sys [2012-11-15 4309032]
R3 rtsuvc;Lenovo EasyCamera;C:\windows\System32\Drivers\rtsuvc.sys [2012-12-14 8229264]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-11-13 43832]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\windows\System32\Drivers\usb3Hub.sys [2012-10-9 47072]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\windows\System32\Drivers\xHCIPort.sys [2012-10-9 188896]
S2 0212161356983193mcinstcleanup;McAfee Application Installer Cleanup (0212161356983193);C:\windows\TEMP\021216~1.EXE -cleanup -nolog --> C:\windows\TEMP\021216~1.EXE -cleanup -nolog [?]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\windows\System32\Drivers\motfilt.sys [2009-1-29 6144]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\Drivers\intelaud.sys [2012-10-9 35296]
S3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\Drivers\lvrs64.sys [2012-10-26 351520]
S3 LVUVC64;@oem68.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC);C:\windows\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]
S3 motccgp;Motorola USB Composite Device Driver;C:\windows\System32\Drivers\motccgp.sys [2012-6-11 22016]
S3 motccgpfl;MotCcgpFlService;C:\windows\System32\Drivers\motccgpfl.sys [2012-1-25 9728]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\windows\System32\Drivers\Motousbnet.sys [2012-6-8 27136]
S3 motusbdevice;Motorola USB Dev Driver;C:\windows\System32\Drivers\motusbdevice.sys [2011-11-8 11776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-9-24 272176]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\lakel_000\Downloads\RealTemp_370\Win Ring0x64.sys [2008-7-26 14544]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2012-12-14 102376]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\windows\System32\Drivers\xusb22.sys [2012-7-25 89088]
S4 SymELAM;Symantec ELAM Driver;C:\windows\System32\Drivers\N360x64\1403010.016\symelam.sys [2013-4-8 23448]
.
=============== Created Last 30 ================
.
2013-06-07 19:27:47 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-07 19:27:47 -------- d-----w- C:\Program Files\iTunes
2013-06-07 19:27:47 -------- d-----w- C:\Program Files\iPod
2013-06-07 19:27:47 -------- d-----w- C:\Program Files (x86)\iTunes
2013-06-07 01:48:58 -------- d-----w- C:\windows\Hewlett-Packard
2013-06-06 03:46:55 222384 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10205.bin
2013-06-04 21:06:06 -------- d-----w- C:\Program Files (x86)\Flawless Widescreen
2013-06-04 21:05:53 -------- d-----w- C:\Users\lakel_000\AppData\Local\Programs
2013-05-27 02:49:33 131 ----a-w- C:\DeletePrintJobs.cmd
2013-05-24 20:50:53 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-05-24 20:50:53 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-05-24 20:50:53 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-05-24 20:50:52 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-05-24 20:50:52 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-05-21 01:24:18 78200 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-21 01:24:17 693112 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-05-20 02:47:28 505104 ----a-w- C:\windows\SysWow64\msxml.dll
2013-05-20 02:47:28 115016 ----a-w- C:\windows\SysWow64\MSINET.OCX
2013-05-20 02:47:20 69632 ----a-w- C:\windows\SysWow64\xmltok.dll
2013-05-20 02:47:20 36864 ----a-w- C:\windows\SysWow64\xmlparse.dll
2013-05-20 02:47:20 35840 ----a-w- C:\windows\SysWow64\comdlg32.oca
2013-05-20 02:47:20 140488 ----a-w- C:\windows\SysWow64\comdlg32.ocx
2013-05-20 02:47:19 89360 ----a-w- C:\windows\SysWow64\VB5DB.DLL
2013-05-20 02:47:19 29184 ----a-w- C:\windows\SysWow64\MSINET.oca
2013-05-20 02:47:19 28432 ----a-w- C:\windows\SysWow64\msxmlr.dll
2013-05-20 02:47:19 26096 ----a-w- C:\windows\SysWow64\xmlinst.exe
2013-05-20 00:04:30 -------- d-----w- C:\windows\SysWow64\directx
2013-05-19 23:56:53 283200 ----a-w- C:\windows\System32\drivers\dtsoftbus01.sys
2013-05-19 23:56:48 -------- d-----w- C:\Users\lakel_000\AppData\Roaming\DAEMON Tools Lite
2013-05-19 23:56:47 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2013-05-19 23:56:08 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2013-05-19 20:52:13 13648384 ----a-w- C:\windows\System32\Windows.UI.Xaml.dll
2013-05-19 20:52:12 3552768 ----a-w- C:\windows\System32\tquery.dll
2013-05-19 20:52:07 2107904 ----a-w- C:\windows\System32\mssrch.dll
2013-05-19 20:52:06 10789888 ----a-w- C:\windows\SysWow64\Windows.UI.Xaml.dll
2013-05-19 20:52:05 2767360 ----a-w- C:\windows\SysWow64\tquery.dll
2013-05-19 20:52:04 1593344 ----a-w- C:\windows\SysWow64\mssrch.dll
2013-05-19 20:52:03 1829408 ----a-w- C:\windows\System32\ntdll.dll
2013-05-19 20:52:02 1444864 ----a-w- C:\windows\System32\MSAudDecMFT.dll
2013-05-18 18:22:21 1455368 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-05-16 22:46:05 70144 ----a-w- C:\windows\System32\appinfo.dll
2013-05-16 22:46:05 112872 ----a-w- C:\windows\System32\consent.exe
2013-05-16 21:50:58 971680 ----a-w- C:\windows\System32\deployJava1.dll
2013-05-16 21:50:58 1092512 ----a-w- C:\windows\System32\npDeployJava1.dll
2013-05-16 21:50:52 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2013-05-16 21:25:52 861184 ----a-w- C:\windows\System32\drivers\http.sys
2013-05-16 19:49:42 2851840 ----a-w- C:\windows\System32\esent.dll
2013-05-16 19:49:42 2382336 ----a-w- C:\windows\SysWow64\esent.dll
2013-05-16 18:07:44 6987528 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-05-11 10:37:28 209472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-05-01 07:59:12 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59:12 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts
2013-04-13 05:56:35 444416 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-04-09 23:17:44 2242048 ----a-w- C:\windows\System32\wininet.dll
2013-04-09 23:17:36 915968 ----a-w- C:\windows\System32\uxtheme.dll
2013-04-09 23:16:58 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-04-09 22:30:26 1767424 ----a-w- C:\windows\SysWow64\wininet.dll
2013-04-09 22:29:44 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-04-09 05:33:02 489576 ----a-w- C:\windows\System32\AudioEng.dll
2013-04-09 05:33:02 446792 ----a-w- C:\windows\System32\AudioSes.dll
2013-04-09 05:33:02 253544 ----a-w- C:\windows\System32\audiodg.exe
2013-04-09 05:27:43 284424 ----a-w- C:\windows\System32\drivers\spaceport.sys
2013-04-09 05:20:02 86280 ----a-w- C:\windows\System32\kdnet.dll
2013-04-09 05:20:02 306952 ----a-w- C:\windows\System32\kd_02_10ec.dll
2013-04-09 05:18:05 77960 ----a-w- C:\windows\System32\kdvm.dll
2013-04-09 04:52:07 816128 ----a-w- C:\windows\System32\SearchIndexer.exe
2013-04-09 04:52:07 373760 ----a-w- C:\windows\System32\SearchProtocolHost.exe
2013-04-09 04:52:07 197120 ----a-w- C:\windows\System32\SearchFilterHost.exe
2013-04-09 04:52:07 126464 ----a-w- C:\windows\System32\Robocopy.exe
2013-04-09 04:52:06 804352 ----a-w- C:\windows\System32\RecoveryDrive.exe
2013-04-09 04:51:51 367616 ----a-w- C:\windows\System32\conhost.exe
2013-04-09 04:51:45 523264 ----a-w- C:\windows\System32\XpsGdiConverter.dll
2013-04-09 04:51:41 99840 ----a-w- C:\windows\System32\wscsvc.dll
2013-04-09 04:51:41 456704 ----a-w- C:\windows\System32\wpncore.dll
2013-04-09 04:51:17 595456 ----a-w- C:\windows\System32\Windows.Networking.dll
2013-04-09 04:51:17 391168 ----a-w- C:\windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-04-09 04:51:05 10116096 ----a-w- C:\windows\System32\twinui.dll
2013-04-09 04:50:53 414720 ----a-w- C:\windows\System32\GenuineCenter.dll
2013-04-09 04:50:39 422400 ----a-w- C:\windows\System32\schannel.dll
2013-04-09 04:50:39 1285632 ----a-w- C:\windows\System32\schedsvc.dll
2013-04-09 04:50:03 96256 ----a-w- C:\windows\System32\mssprxy.dll
2013-04-09 04:50:03 745984 ----a-w- C:\windows\System32\mssvp.dll
2013-04-09 04:50:02 65024 ----a-w- C:\windows\System32\msscntrs.dll
2013-04-09 04:50:02 435200 ----a-w- C:\windows\System32\mssph.dll
2013-04-09 04:50:02 13824 ----a-w- C:\windows\System32\msshooks.dll
2013-04-09 04:49:45 468992 ----a-w- C:\windows\System32\MFMediaEngine.dll
2013-04-09 04:49:45 281088 ----a-w- C:\windows\System32\mfreadwrite.dll
2013-04-09 04:49:36 817152 ----a-w- C:\windows\System32\kerberos.dll
2013-04-09 04:49:33 210432 ----a-w- C:\windows\System32\iuilp.dll
2013-04-09 04:49:16 50176 ----a-w- C:\windows\System32\fmifs.dll
2013-04-09 04:49:16 231936 ----a-w- C:\windows\System32\fhengine.dll
2013-04-09 04:49:09 172544 ----a-w- C:\windows\System32\dwmredir.dll
2013-04-09 04:49:06 196096 ----a-w- C:\windows\System32\dmvdsitf.dll
2013-04-09 04:48:43 2303488 ----a-w- C:\windows\System32\authui.dll
2013-04-09 04:48:42 785408 ----a-w- C:\windows\System32\audiosrv.dll
2013-04-09 04:48:42 169472 ----a-w- C:\windows\System32\AudioEndpointBuilder.dll
2013-04-09 04:48:34 419840 ----a-w- C:\windows\System32\intl.cpl
2013-04-09 02:35:13 4038144 ----a-w- C:\windows\System32\win32k.sys
2013-04-09 02:34:49 83968 ----a-w- C:\windows\System32\drivers\hidclass.sys
2013-04-09 02:34:42 27648 ----a-w- C:\windows\System32\drivers\hidusb.sys
2013-04-09 02:34:30 95744 ----a-w- C:\windows\System32\drivers\hidbth.sys
2013-04-09 02:33:41 60416 ----a-w- C:\windows\System32\drivers\ndproxy.sys
2013-04-09 02:33:05 623104 ----a-w- C:\windows\System32\drivers\srv2.sys
2013-04-09 02:32:02 805376 ----a-w- C:\windows\System32\drivers\PEAuth.sys
2013-04-09 02:31:14 247808 ----a-w- C:\windows\System32\drivers\srvnet.sys
2013-04-09 02:31:01 83456 ----a-w- C:\windows\System32\drivers\wanarp.sys
2013-04-08 23:44:25 123880 ----a-w- C:\windows\SysWow64\wscapi.dll
2013-04-08 23:39:14 1408896 ----a-w- C:\windows\SysWow64\ntdll.dll
2013-04-08 23:37:29 426024 ----a-w- C:\windows\SysWow64\AudioEng.dll
2013-04-08 23:37:29 324368 ----a-w- C:\windows\SysWow64\AudioSes.dll
2013-04-08 21:52:16 670208 ----a-w- C:\windows\SysWow64\SearchIndexer.exe
2013-04-08 21:52:16 302592 ----a-w- C:\windows\SysWow64\SearchProtocolHost.exe
2013-04-08 21:52:16 171008 ----a-w- C:\windows\SysWow64\SearchFilterHost.exe
2013-04-08 21:52:16 106496 ----a-w- C:\windows\SysWow64\Robocopy.exe
2013-04-08 21:52:06 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll
2013-04-04 23:30:17 503080 ----a-w- C:\windows\System32\ci.dll
2013-04-04 09:35:05 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-30 18:16:05 1403784 ----a-w- C:\windows\System32\winload.efi
2013-03-30 18:16:05 1267424 ----a-w- C:\windows\System32\winload.exe
2013-03-28 22:09:09 1093880 ----a-w- C:\windows\System32\winresume.exe
2013-03-28 22:09:04 1217328 ----a-w- C:\windows\System32\winresume.efi
2013-03-16 22:53:58 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-03-16 22:53:58 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-03-15 22:05:34 298456 ----a-w- C:\windows\System32\rsaenh.dll
2013-03-15 22:05:16 252928 ----a-w- C:\windows\SysWow64\rsaenh.dll
.
============= FINISH: 18:18:43.48 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 12/31/2012 2:46:19 PM
System Uptime: 6/7/2013 11:53:26 AM (7 hours ago)
.
Motherboard: LENOVO | | INVALID
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz | U3E1 | 2401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 884 GiB total, 768.797 GiB free.
D: is FIXED (NTFS) - 25 GiB total, 21.97 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP22: 5/19/2013 12:40:10 PM - Windows Update
RP23: 5/26/2013 1:59:30 PM - Scheduled Checkpoint
RP24: 6/4/2013 2:34:25 PM - Scheduled Checkpoint
RP25: 6/6/2013 7:19:42 PM - Removed Prince of Persia The Sands of Time
RP26: 6/7/2013 12:08:04 PM - 6/7/2013
RP27: 6/7/2013 12:09:48 PM - 6/7/2013 Blaine
RP28: 6/7/2013 12:29:17 PM - Windows Backup
.
==== Installed Programs ======================
.
µTorrent
64 Bit HP CIO Components Installer
Adobe AIR
Adobe Download Assistant
Adobe Premiere Elements 11
Adobe Reader XI (11.0.03)
Amazon Browser App
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Battlelog Web Plugins
Bing Bar
Bonjour
BufferChm
C4400
Compatibility Pack for the 2007 Office system
Copy
Curse Client
D3DX10
DAEMON Tools Lite
Destinations
DeviceDiscovery
Dolby Home Theater v4
Dropbox
Elements 11 Organizer
Energy Management
ESN Sonar
Flawless Widescreen version 1.0.10
FreeRide Games
Google Chrome
Google Update Helper
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart C4400 All-In-One Driver Software 14.0 Rel. 6
HP Update
HPDiagnosticAlert
HPPhotoGadget
iCloud
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) WiDi
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
Intelligent Touchpad
iTunes
Java 7 Update 21
Java 7 Update 21 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 21 (64-bit)
JMicron Flash Media Controller Driver
League of Legends
Lenovo Bluetooth with Enhanced Data Rate Software
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo Photos
Lenovo PowerDVD10
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Standard Edition 2003
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Motorola Device Software Update
Motorola Mobile Drivers Installation 5.9.0
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Norton 360
NVIDIA Control Panel 310.90
NVIDIA Graphics Driver 310.90
NVIDIA Install Application
NVIDIA Optimus 1.11.3
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Update 1.11.3
NVIDIA Update Components
Onekey Theater
Paint.NET v3.5.10
Pando Media Booster
Photo Common
Photo Gallery
Power2Go
PRE11 STI 64Installer
Prince of Persia T2T
PS_AIO_03_C4400_Software_Min
Puzzle Pirates
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Scan
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shared C Run-time for x64
Shopping Sidekick Plugin
Skype 6.3
SMPlayer 0.6.9
Status
Steam
SugarSync Manager
Synaptics Pointing Device Driver
TechPowerUp GPU-Z
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UserGuide
Ventrilo Client for Windows x64
WebReg
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 (64-bit)
WinZip 17.0
World of Warcraft
.
==== Event Viewer Messages From Past Week ========
.
6/7/2013 6:07:38 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
6/7/2013 2:07:39 PM, Error: volsnap [14] - The shadow copies of volume I: were aborted because of an IO failure on volume I:.
6/7/2013 2:06:43 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume27'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 2:04:18 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume23'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 2:03:52 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume19'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 12:30:48 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume15'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 12:30:45 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume13'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 11:59:22 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
6/7/2013 11:59:22 AM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/7/2013 11:57:29 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: The password for this account has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
6/7/2013 11:57:29 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
6/7/2013 11:53:27 AM, Error: Application Popup [875] -
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x4000000037caa. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x4000000037bc9. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000031722. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000438b8. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000004387b. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003a224. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000039c1a. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000388a3. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000038058. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000037ef8. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000379e5. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003797b. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000031fef. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000031c5d. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000031695. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000315d3. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1600000003062b. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x10000000396c2. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000037ae6. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000037a9a. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000031bd6. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. A corruption was found in a file system index structure. The file reference number is 0x10000000014c6. The name of the file is "\Windows\servicing\Packages". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".
6/5/2013 12:39:40 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000039c4b. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:40 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000037346. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:40 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000034002. The name of the file is "<unable to determine file name>".
.
==== End Of File ===========================
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-06-07 18:26:56
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000045 ST1000LM024_HN-M101MBB rev.2AR10001 931.51GB
Running: 1xzgm12d.exe; Driver: C:\Users\LAKEL_~1\AppData\Local\Temp\pwtoqpod.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\windows\system32\ntoskrnl.exe!KiCpuId + 988 fffff8015dc6141c 1 byte [31]
---- User code sections - GMER 2.1 ----
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\BtwRSupportService.exe[1260] C:\windows\system32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\BtwRSupportService.exe[1260] C:\windows\system32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\BtwRSupportService.exe[1260] C:\windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[7664] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[7664] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[7664] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5740] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5740] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5740] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1916] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1916] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1916] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3896] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3896] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3896] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe[6236] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe[6236] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe[6236] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[1544] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[1544] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[1544] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Windows\System32\igfxpers.exe[4916] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Windows\System32\igfxpers.exe[4916] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\System32\svchost.exe[8656] c:\windows\system32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\windows\System32\svchost.exe[8656] c:\windows\system32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
---- Threads - GMER 2.1 ----
Thread C:\windows\system32\csrss.exe [4884:5564] fffff960007285e8
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [4788:2968] 000007faac123e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [4788:8672] 000007faac123e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [4788:5812] 000007faa510c0d0
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [5472:6652] 000007faa3f37c4c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [5472:7796] 000007faa510c0d0
Thread C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [892:9116] 0000000000020060
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 6:12:59 PM, on 6/7/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Users\lakel_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Java\jre7\bin\javaw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lakel_000\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0021802 - {11111111-1111-1111-1111-110211181102} - C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coIEPlg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Dropbox.lnk = lakel_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} (ExentInf1 Class) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: McAfee Application Installer Cleanup (0212161356983193) (0212161356983193mcinstcleanup) - Unknown owner - C:\windows\TEMP\021216~1.EXE (file missing)
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @oem46.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Unknown owner - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PST Service - Motorola - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 13864 bytes
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2
Run by lakel_000 at 18:17:45 on 2013-06-07
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.8058.4526 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\BtwRSupportService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\windows\system32\dashost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\system32\taskhostex.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8w ekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Users\lakel_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lakel_000\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\SysWOW64\NOTEPAD.EXE
C:\windows\system32\SearchFilterHost.exe
C:\Users\lakel_000\Downloads\1xzgm12d.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://lenovo13.msn.com
uDefault_Page_URL = hxxp://lenovo13.msn.com
uProxyOverride = local;192.168.*.*
mWinlogon: Userinit = userinit.exe
BHO: Shopping Sidekick Plugin: {11111111-1111-1111-1111-110211181102} - C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
mRun: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\LAKEL_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startu p\Dropbox.lnk - C:\Users\lakel_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} -
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\0556272797F5D444 : DHCPNameServer = 10.16.80.24 10.16.80.37
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\14C6F56457F636F6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\2516D6164616 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\2516D61646160294E6E602F4D6168616 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\54163797023547275656470224C6575637 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{EF643B26-82C1-496E-8D4D-64ABD16DC56B}\7594E4F583333363 : DHCPNameServer = 192.168.254.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SynLenovoGestureMgr] "C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2012-12-14 645952]
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2012-12-14 39008]
R0 nvpciflt;nvpciflt;C:\windows\System32\Drivers\nvpciflt.sys [2013-1-11 30648]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [2013-4-11 56336]
R0 SymDS;Symantec Data Store;C:\windows\System32\Drivers\N360x64\1403010.016\symds64.sys [2013-4-8 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\Drivers\N360x64\1403010.016\symefa64.sys [2013-4-8 1139800]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [2013-5-31 1393240]
R1 ccSet_N360;Norton 360 Settings Manager;C:\windows\System32\Drivers\N360x64\1403010.016\ccsetx64.sys [2013-4-8 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130606.001\IDSviA64.sys [2013-6-7 513184]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\Drivers\N360x64\1403010.016\ironx64.sys [2013-4-8 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\Drivers\N360x64\1403010.016\symnets.sys [2013-4-8 432800]
R1 ZDCNDIS6a64;ZDCNDIS5 NDIS5.1 Protocol Driver;C:\windows\System32\Zdcndis6a64.sys [2013-3-14 41280]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600]
R2 BcmBtRSupport;Bluetooth Radio Control Service;C:\windows\System32\BtwRSupportService.exe [2012-12-14 2227992]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-12-14 7168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-12-14 166720]
R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-7-17 116632]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccsvchst.exe [2013-4-8 144520]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-7-16 69640]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2013-3-6 65657]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-12-14 365376]
R2 X5XSEx_Pr148;X5XSEx_Pr148;C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.sys [2012-12-14 56136]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-9-24 1153840]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\windows\System32\Drivers\bcbtums.sys [2012-12-14 169240]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\windows\System32\Drivers\btwampfl.sys [2012-12-14 161144]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\Drivers\btwl2cap.sys [2012-12-14 40248]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\Drivers\dtsoftbus01.sys [2013-5-19 283200]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-1-1 138912]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-8-31 342528]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\Drivers\iwdbus.sys [2012-10-9 25568]
R3 JMCR;JMCR;C:\windows\System32\Drivers\jmcr.sys [2012-7-18 174176]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-8-21 110744]
R3 NETwNe64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\Drivers\netwew00.sys [2012-11-15 4309032]
R3 rtsuvc;Lenovo EasyCamera;C:\windows\System32\Drivers\rtsuvc.sys [2012-12-14 8229264]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-11-13 43832]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\windows\System32\Drivers\usb3Hub.sys [2012-10-9 47072]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\windows\System32\Drivers\xHCIPort.sys [2012-10-9 188896]
S2 0212161356983193mcinstcleanup;McAfee Application Installer Cleanup (0212161356983193);C:\windows\TEMP\021216~1.EXE -cleanup -nolog --> C:\windows\TEMP\021216~1.EXE -cleanup -nolog [?]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\windows\System32\Drivers\motfilt.sys [2009-1-29 6144]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\Drivers\intelaud.sys [2012-10-9 35296]
S3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\Drivers\lvrs64.sys [2012-10-26 351520]
S3 LVUVC64;@oem68.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC);C:\windows\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]
S3 motccgp;Motorola USB Composite Device Driver;C:\windows\System32\Drivers\motccgp.sys [2012-6-11 22016]
S3 motccgpfl;MotCcgpFlService;C:\windows\System32\Drivers\motccgpfl.sys [2012-1-25 9728]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\windows\System32\Drivers\Motousbnet.sys [2012-6-8 27136]
S3 motusbdevice;Motorola USB Dev Driver;C:\windows\System32\Drivers\motusbdevice.sys [2011-11-8 11776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-9-24 272176]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\lakel_000\Downloads\RealTemp_370\Win Ring0x64.sys [2008-7-26 14544]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2012-12-14 102376]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\windows\System32\Drivers\xusb22.sys [2012-7-25 89088]
S4 SymELAM;Symantec ELAM Driver;C:\windows\System32\Drivers\N360x64\1403010.016\symelam.sys [2013-4-8 23448]
.
=============== Created Last 30 ================
.
2013-06-07 19:27:47 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-07 19:27:47 -------- d-----w- C:\Program Files\iTunes
2013-06-07 19:27:47 -------- d-----w- C:\Program Files\iPod
2013-06-07 19:27:47 -------- d-----w- C:\Program Files (x86)\iTunes
2013-06-07 01:48:58 -------- d-----w- C:\windows\Hewlett-Packard
2013-06-06 03:46:55 222384 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10205.bin
2013-06-04 21:06:06 -------- d-----w- C:\Program Files (x86)\Flawless Widescreen
2013-06-04 21:05:53 -------- d-----w- C:\Users\lakel_000\AppData\Local\Programs
2013-05-27 02:49:33 131 ----a-w- C:\DeletePrintJobs.cmd
2013-05-24 20:50:53 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-05-24 20:50:53 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-05-24 20:50:53 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-05-24 20:50:52 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-05-24 20:50:52 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-05-21 01:24:18 78200 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-21 01:24:17 693112 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-05-20 02:47:28 505104 ----a-w- C:\windows\SysWow64\msxml.dll
2013-05-20 02:47:28 115016 ----a-w- C:\windows\SysWow64\MSINET.OCX
2013-05-20 02:47:20 69632 ----a-w- C:\windows\SysWow64\xmltok.dll
2013-05-20 02:47:20 36864 ----a-w- C:\windows\SysWow64\xmlparse.dll
2013-05-20 02:47:20 35840 ----a-w- C:\windows\SysWow64\comdlg32.oca
2013-05-20 02:47:20 140488 ----a-w- C:\windows\SysWow64\comdlg32.ocx
2013-05-20 02:47:19 89360 ----a-w- C:\windows\SysWow64\VB5DB.DLL
2013-05-20 02:47:19 29184 ----a-w- C:\windows\SysWow64\MSINET.oca
2013-05-20 02:47:19 28432 ----a-w- C:\windows\SysWow64\msxmlr.dll
2013-05-20 02:47:19 26096 ----a-w- C:\windows\SysWow64\xmlinst.exe
2013-05-20 00:04:30 -------- d-----w- C:\windows\SysWow64\directx
2013-05-19 23:56:53 283200 ----a-w- C:\windows\System32\drivers\dtsoftbus01.sys
2013-05-19 23:56:48 -------- d-----w- C:\Users\lakel_000\AppData\Roaming\DAEMON Tools Lite
2013-05-19 23:56:47 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2013-05-19 23:56:08 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2013-05-19 20:52:13 13648384 ----a-w- C:\windows\System32\Windows.UI.Xaml.dll
2013-05-19 20:52:12 3552768 ----a-w- C:\windows\System32\tquery.dll
2013-05-19 20:52:07 2107904 ----a-w- C:\windows\System32\mssrch.dll
2013-05-19 20:52:06 10789888 ----a-w- C:\windows\SysWow64\Windows.UI.Xaml.dll
2013-05-19 20:52:05 2767360 ----a-w- C:\windows\SysWow64\tquery.dll
2013-05-19 20:52:04 1593344 ----a-w- C:\windows\SysWow64\mssrch.dll
2013-05-19 20:52:03 1829408 ----a-w- C:\windows\System32\ntdll.dll
2013-05-19 20:52:02 1444864 ----a-w- C:\windows\System32\MSAudDecMFT.dll
2013-05-18 18:22:21 1455368 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-05-16 22:46:05 70144 ----a-w- C:\windows\System32\appinfo.dll
2013-05-16 22:46:05 112872 ----a-w- C:\windows\System32\consent.exe
2013-05-16 21:50:58 971680 ----a-w- C:\windows\System32\deployJava1.dll
2013-05-16 21:50:58 1092512 ----a-w- C:\windows\System32\npDeployJava1.dll
2013-05-16 21:50:52 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2013-05-16 21:25:52 861184 ----a-w- C:\windows\System32\drivers\http.sys
2013-05-16 19:49:42 2851840 ----a-w- C:\windows\System32\esent.dll
2013-05-16 19:49:42 2382336 ----a-w- C:\windows\SysWow64\esent.dll
2013-05-16 18:07:44 6987528 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-05-11 10:37:28 209472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-05-01 07:59:12 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59:12 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts
2013-04-13 05:56:35 444416 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-04-09 23:17:44 2242048 ----a-w- C:\windows\System32\wininet.dll
2013-04-09 23:17:36 915968 ----a-w- C:\windows\System32\uxtheme.dll
2013-04-09 23:16:58 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-04-09 22:30:26 1767424 ----a-w- C:\windows\SysWow64\wininet.dll
2013-04-09 22:29:44 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-04-09 05:33:02 489576 ----a-w- C:\windows\System32\AudioEng.dll
2013-04-09 05:33:02 446792 ----a-w- C:\windows\System32\AudioSes.dll
2013-04-09 05:33:02 253544 ----a-w- C:\windows\System32\audiodg.exe
2013-04-09 05:27:43 284424 ----a-w- C:\windows\System32\drivers\spaceport.sys
2013-04-09 05:20:02 86280 ----a-w- C:\windows\System32\kdnet.dll
2013-04-09 05:20:02 306952 ----a-w- C:\windows\System32\kd_02_10ec.dll
2013-04-09 05:18:05 77960 ----a-w- C:\windows\System32\kdvm.dll
2013-04-09 04:52:07 816128 ----a-w- C:\windows\System32\SearchIndexer.exe
2013-04-09 04:52:07 373760 ----a-w- C:\windows\System32\SearchProtocolHost.exe
2013-04-09 04:52:07 197120 ----a-w- C:\windows\System32\SearchFilterHost.exe
2013-04-09 04:52:07 126464 ----a-w- C:\windows\System32\Robocopy.exe
2013-04-09 04:52:06 804352 ----a-w- C:\windows\System32\RecoveryDrive.exe
2013-04-09 04:51:51 367616 ----a-w- C:\windows\System32\conhost.exe
2013-04-09 04:51:45 523264 ----a-w- C:\windows\System32\XpsGdiConverter.dll
2013-04-09 04:51:41 99840 ----a-w- C:\windows\System32\wscsvc.dll
2013-04-09 04:51:41 456704 ----a-w- C:\windows\System32\wpncore.dll
2013-04-09 04:51:17 595456 ----a-w- C:\windows\System32\Windows.Networking.dll
2013-04-09 04:51:17 391168 ----a-w- C:\windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-04-09 04:51:05 10116096 ----a-w- C:\windows\System32\twinui.dll
2013-04-09 04:50:53 414720 ----a-w- C:\windows\System32\GenuineCenter.dll
2013-04-09 04:50:39 422400 ----a-w- C:\windows\System32\schannel.dll
2013-04-09 04:50:39 1285632 ----a-w- C:\windows\System32\schedsvc.dll
2013-04-09 04:50:03 96256 ----a-w- C:\windows\System32\mssprxy.dll
2013-04-09 04:50:03 745984 ----a-w- C:\windows\System32\mssvp.dll
2013-04-09 04:50:02 65024 ----a-w- C:\windows\System32\msscntrs.dll
2013-04-09 04:50:02 435200 ----a-w- C:\windows\System32\mssph.dll
2013-04-09 04:50:02 13824 ----a-w- C:\windows\System32\msshooks.dll
2013-04-09 04:49:45 468992 ----a-w- C:\windows\System32\MFMediaEngine.dll
2013-04-09 04:49:45 281088 ----a-w- C:\windows\System32\mfreadwrite.dll
2013-04-09 04:49:36 817152 ----a-w- C:\windows\System32\kerberos.dll
2013-04-09 04:49:33 210432 ----a-w- C:\windows\System32\iuilp.dll
2013-04-09 04:49:16 50176 ----a-w- C:\windows\System32\fmifs.dll
2013-04-09 04:49:16 231936 ----a-w- C:\windows\System32\fhengine.dll
2013-04-09 04:49:09 172544 ----a-w- C:\windows\System32\dwmredir.dll
2013-04-09 04:49:06 196096 ----a-w- C:\windows\System32\dmvdsitf.dll
2013-04-09 04:48:43 2303488 ----a-w- C:\windows\System32\authui.dll
2013-04-09 04:48:42 785408 ----a-w- C:\windows\System32\audiosrv.dll
2013-04-09 04:48:42 169472 ----a-w- C:\windows\System32\AudioEndpointBuilder.dll
2013-04-09 04:48:34 419840 ----a-w- C:\windows\System32\intl.cpl
2013-04-09 02:35:13 4038144 ----a-w- C:\windows\System32\win32k.sys
2013-04-09 02:34:49 83968 ----a-w- C:\windows\System32\drivers\hidclass.sys
2013-04-09 02:34:42 27648 ----a-w- C:\windows\System32\drivers\hidusb.sys
2013-04-09 02:34:30 95744 ----a-w- C:\windows\System32\drivers\hidbth.sys
2013-04-09 02:33:41 60416 ----a-w- C:\windows\System32\drivers\ndproxy.sys
2013-04-09 02:33:05 623104 ----a-w- C:\windows\System32\drivers\srv2.sys
2013-04-09 02:32:02 805376 ----a-w- C:\windows\System32\drivers\PEAuth.sys
2013-04-09 02:31:14 247808 ----a-w- C:\windows\System32\drivers\srvnet.sys
2013-04-09 02:31:01 83456 ----a-w- C:\windows\System32\drivers\wanarp.sys
2013-04-08 23:44:25 123880 ----a-w- C:\windows\SysWow64\wscapi.dll
2013-04-08 23:39:14 1408896 ----a-w- C:\windows\SysWow64\ntdll.dll
2013-04-08 23:37:29 426024 ----a-w- C:\windows\SysWow64\AudioEng.dll
2013-04-08 23:37:29 324368 ----a-w- C:\windows\SysWow64\AudioSes.dll
2013-04-08 21:52:16 670208 ----a-w- C:\windows\SysWow64\SearchIndexer.exe
2013-04-08 21:52:16 302592 ----a-w- C:\windows\SysWow64\SearchProtocolHost.exe
2013-04-08 21:52:16 171008 ----a-w- C:\windows\SysWow64\SearchFilterHost.exe
2013-04-08 21:52:16 106496 ----a-w- C:\windows\SysWow64\Robocopy.exe
2013-04-08 21:52:06 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll
2013-04-04 23:30:17 503080 ----a-w- C:\windows\System32\ci.dll
2013-04-04 09:35:05 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-30 18:16:05 1403784 ----a-w- C:\windows\System32\winload.efi
2013-03-30 18:16:05 1267424 ----a-w- C:\windows\System32\winload.exe
2013-03-28 22:09:09 1093880 ----a-w- C:\windows\System32\winresume.exe
2013-03-28 22:09:04 1217328 ----a-w- C:\windows\System32\winresume.efi
2013-03-16 22:53:58 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-03-16 22:53:58 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-03-15 22:05:34 298456 ----a-w- C:\windows\System32\rsaenh.dll
2013-03-15 22:05:16 252928 ----a-w- C:\windows\SysWow64\rsaenh.dll
.
============= FINISH: 18:18:43.48 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 12/31/2012 2:46:19 PM
System Uptime: 6/7/2013 11:53:26 AM (7 hours ago)
.
Motherboard: LENOVO | | INVALID
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz | U3E1 | 2401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 884 GiB total, 768.797 GiB free.
D: is FIXED (NTFS) - 25 GiB total, 21.97 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP22: 5/19/2013 12:40:10 PM - Windows Update
RP23: 5/26/2013 1:59:30 PM - Scheduled Checkpoint
RP24: 6/4/2013 2:34:25 PM - Scheduled Checkpoint
RP25: 6/6/2013 7:19:42 PM - Removed Prince of Persia The Sands of Time
RP26: 6/7/2013 12:08:04 PM - 6/7/2013
RP27: 6/7/2013 12:09:48 PM - 6/7/2013 Blaine
RP28: 6/7/2013 12:29:17 PM - Windows Backup
.
==== Installed Programs ======================
.
µTorrent
64 Bit HP CIO Components Installer
Adobe AIR
Adobe Download Assistant
Adobe Premiere Elements 11
Adobe Reader XI (11.0.03)
Amazon Browser App
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Battlelog Web Plugins
Bing Bar
Bonjour
BufferChm
C4400
Compatibility Pack for the 2007 Office system
Copy
Curse Client
D3DX10
DAEMON Tools Lite
Destinations
DeviceDiscovery
Dolby Home Theater v4
Dropbox
Elements 11 Organizer
Energy Management
ESN Sonar
Flawless Widescreen version 1.0.10
FreeRide Games
Google Chrome
Google Update Helper
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart C4400 All-In-One Driver Software 14.0 Rel. 6
HP Update
HPDiagnosticAlert
HPPhotoGadget
iCloud
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) WiDi
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
Intelligent Touchpad
iTunes
Java 7 Update 21
Java 7 Update 21 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 21 (64-bit)
JMicron Flash Media Controller Driver
League of Legends
Lenovo Bluetooth with Enhanced Data Rate Software
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo Photos
Lenovo PowerDVD10
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Standard Edition 2003
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Motorola Device Software Update
Motorola Mobile Drivers Installation 5.9.0
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Norton 360
NVIDIA Control Panel 310.90
NVIDIA Graphics Driver 310.90
NVIDIA Install Application
NVIDIA Optimus 1.11.3
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Update 1.11.3
NVIDIA Update Components
Onekey Theater
Paint.NET v3.5.10
Pando Media Booster
Photo Common
Photo Gallery
Power2Go
PRE11 STI 64Installer
Prince of Persia T2T
PS_AIO_03_C4400_Software_Min
Puzzle Pirates
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Scan
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shared C Run-time for x64
Shopping Sidekick Plugin
Skype 6.3
SMPlayer 0.6.9
Status
Steam
SugarSync Manager
Synaptics Pointing Device Driver
TechPowerUp GPU-Z
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UserGuide
Ventrilo Client for Windows x64
WebReg
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 (64-bit)
WinZip 17.0
World of Warcraft
.
==== Event Viewer Messages From Past Week ========
.
6/7/2013 6:07:38 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
6/7/2013 2:07:39 PM, Error: volsnap [14] - The shadow copies of volume I: were aborted because of an IO failure on volume I:.
6/7/2013 2:06:43 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume27'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 2:04:18 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume23'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 2:03:52 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume19'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 12:30:48 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume15'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 12:30:45 PM, Error: Microsoft-Windows-FilterManager [3] - Filter Manager failed to attach to volume '\Device\HarddiskVolume13'. This volume will be unavailable for filtering until a reboot. The final status was 0xC03A001C.
6/7/2013 11:59:22 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
6/7/2013 11:59:22 AM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/7/2013 11:57:29 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: The password for this account has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
6/7/2013 11:57:29 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
6/7/2013 11:53:27 AM, Error: Application Popup [875] -
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x4000000037caa. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x4000000037bc9. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000031722. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000438b8. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000004387b. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003a224. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000039c1a. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000388a3. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000038058. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000037ef8. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000379e5. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003797b. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000031fef. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000031c5d. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000031695. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000315d3. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1600000003062b. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x10000000396c2. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000037ae6. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000037a9a. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000031bd6. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:41 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. A corruption was found in a file system index structure. The file reference number is 0x10000000014c6. The name of the file is "\Windows\servicing\Packages". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".
6/5/2013 12:39:40 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000039c4b. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:40 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000037346. The name of the file is "<unable to determine file name>".
6/5/2013 12:39:40 PM, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Windows8_OS. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000034002. The name of the file is "<unable to determine file name>".
.
==== End Of File ===========================
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-06-07 18:26:56
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000045 ST1000LM024_HN-M101MBB rev.2AR10001 931.51GB
Running: 1xzgm12d.exe; Driver: C:\Users\LAKEL_~1\AppData\Local\Temp\pwtoqpod.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\windows\system32\ntoskrnl.exe!KiCpuId + 988 fffff8015dc6141c 1 byte [31]
---- User code sections - GMER 2.1 ----
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\WLANExt.exe[1452] C:\windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\BtwRSupportService.exe[1260] C:\windows\system32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\BtwRSupportService.exe[1260] C:\windows\system32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\BtwRSupportService.exe[1260] C:\windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2168] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2780] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3008] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\wbem\wmiprvse.exe[3184] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[7664] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[7664] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[7664] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\windows\system32\nvvsvc.exe[2580] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\windows\Explorer.EXE[4044] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5740] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5740] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5740] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1916] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1916] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1916] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3896] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3896] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3896] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe[6236] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe[6236] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe[6236] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[1544] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[1544] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[1544] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Windows\System32\igfxpers.exe[4916] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Windows\System32\igfxpers.exe[4916] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fab668177a 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fab6681782 4 bytes [68, B6, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3516] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fab2311532 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fab231153a 4 bytes [31, B2, FA, 07]
.text C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe[7924] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fab231165a 4 bytes [31, B2, FA, 07]
.text C:\windows\System32\svchost.exe[8656] c:\windows\system32\WSOCK32.dll!recvfrom + 742 000007faad8c1b32 4 bytes [8C, AD, FA, 07]
.text C:\windows\System32\svchost.exe[8656] c:\windows\system32\WSOCK32.dll!recvfrom + 750 000007faad8c1b3a 4 bytes [8C, AD, FA, 07]
---- Threads - GMER 2.1 ----
Thread C:\windows\system32\csrss.exe [4884:5564] fffff960007285e8
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [4788:2968] 000007faac123e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [4788:8672] 000007faac123e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [4788:5812] 000007faa510c0d0
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [5472:6652] 000007faa3f37c4c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [5472:7796] 000007faa510c0d0
Thread C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [892:9116] 0000000000020060
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----