I can only get into a browser when I am in safe mode. How do I fix (I have tried installing new drivers; nothing changed)? I am running Windows 7 on a Lenovo ThinkPad. I have tried disabling add-ons, updated browsers, tried to revert to last known working timestamp, and hard reset. I do not currently have access to an install disc or boot CD, and I am unable to include the attach doc.
DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.7601.18715 BrowserJavaVersion: 10.21.2
Run by admin at 21:23:19 on 2015-07-30
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.3176.2166 [GMT -4:00]
.
AV: Symantec Endpoint Protection *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Symantec Endpoint Protection *Disabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Symantec Endpoint Protection\Rtvscan.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldwz_15_25¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0DzztCzy0A0D0DyByC0B0AtB0FyBtN0D0Tzu0StCtByCyCtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0E0FtCtB0EtB0EtGyD0BtAyEtG0C0FtBtAtGtCtAyD0DtGtDtAyCtAtD0D0A0CyD0E0FtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByByEzytA0B0AyDtGtByC0DyBtGyEtAtCtBtG0AzztA0DtGyBtD0F0A0CyD0FyEtDyD0E0C2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzztDtD%26cr%3D1041564713%26a%3Dwncy_dnldwz_15_25%26os%3DWindows 7 Enterprise
uDefault_Page_URL = hxxp://schools.nyc.gov
uProxyServer = 127.0.0.1:9666
uProxyOverride = 127.0.0.1
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Filter Results: {dd4c66b8-f943-4b10-8053-7e9ee39bba4a} -
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [GoogleChromeAutoLaunch_D9394DE6386755479577597100432920] "c:\users\admin\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default"
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [ALCKRESI.EXE] c:\program files\lenovo\autolock\ALCKRESI.EXE
mRun: [LENOVO.TPKNRRES] c:\program files\lenovo\communications utility\TPKNRRES.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [RotateImage] c:\program files\integrated camera driver\RCIMGDIR.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [IndexSearch] "c:\program files\nuance\paperport\IndexSearch.exe"
mRun: [PaperPort PTD] "c:\program files\nuance\paperport\pptd40nt.exe"
mRun: [PPort12reminder] "c:\program files\nuance\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\12\config\ereg\Ereg.ini"
mRun: [PDFHook] c:\program files\nuance\pdf viewer plus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] c:\program files\nuance\pdf viewer plus\RegistryController.exe
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: legalnoticecaption = NYCDOE
mPolicies-System: legalnoticetext = This computer system, including all related equipment, is the property of the NYC Department of Education (NYCDoE) and is solely for uses authorized by NYCDoE. You have no right to privacy on the system, and all information and activity on the system may be monitored. Any unauthorized use of the system may result in disciplinary action, civil or criminal penalties.
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
Trusted Zone: cybershift.net
Trusted Zone: mathxlforschool.com
Trusted Zone: nycboe.net
Trusted Zone: nycenet.edu
Trusted Zone: thelearningodyssey.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{D0591289-51FA-447C-B958-897928C40F79} : DHCPNameServer = 10.251.38.21 10.251.38.22
TCP: Interfaces\{EC29A048-EEFD-40B3-A64B-5B7B829FF00B} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{EC29A048-EEFD-40B3-A64B-5B7B829FF00B}\3557C6C6966716E60275966496027457563747 : DHCPNameServer = 10.128.128.128
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\18.7.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\44.0.2403.125\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2012-2-14 25968]
R0 ngvss;ngvss;c:\windows\system32\drivers\ngvss.sys [2015-7-22 95112]
R1 PHCORE;PHCORE;c:\program files\lenovo\rapidboot\PHCORE.sys [2010-12-3 33640]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2014-7-22 142648]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec endpoint protection\Rtvscan.exe [2010-12-21 1832072]
R3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-2-14 41088]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETwNs32.sys [2012-10-2 7522304]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2015-7-22 49776]
S0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2015-7-22 208664]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-7-22 788784]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-7-22 433264]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2011-5-19 13680]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
S2 22134214;SuperOptimizer Stats;c:\windows\system32\rundll32.exe [2009-7-13 44544]
S2 AbtSvcHost;AbtSvcHost;c:\windows\system32\AbtSvcHost_.exe [2015-3-3 84376]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-7-22 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-7-22 76000]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-7-22 113592]
S2 avast! Antivirus;Avast Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2015-7-22 146600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 EDPA;EDPA;c:\program files\manufacturer\endpoint agent\edpa.exe [2011-3-14 255672]
S2 HyperW7Svc;HyperW7 Service;c:\program files\lenovo\rapidboot\HyperW7Svc.exe [2010-12-3 107880]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\lenovo\communications utility\CamMute.exe [2012-2-14 40808]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2011-4-11 45496]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\lenovo\communications utility\TPKNRSVC.exe [2012-2-14 59240]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\lenovo\virtscrl\lvvsst.exe [2011-4-11 93032]
S2 MediaDevSrv;MediaDevSrv;c:\programdata\mediadev\1404154465\mediadev.exe [2014-6-30 366952]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\nuance\paperport\PDFProFiltSrvPP.exe [2010-3-9 144672]
S2 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\thinkpad\utilities\PWMEWSVC.exe [2012-2-14 143360]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
S2 rpcnetp;rpcnetp;c:\windows\system32\rpcnetp.exe [2012-4-25 17920]
S2 RtkAudioService;Realtek Audio Service;c:\program files\realtek\audio\hda\RtkAudioService.exe [2012-2-14 141928]
S2 Service Mgr FilterResults;Service Mgr FilterResults;c:\programdata\f08cac26-e74f-49b4-9ff1-f081aa55e1b3\PluginContainer.exe [2015-6-20 652520]
S2 SROSVC;Screen Reading Optimizer Service Program;c:\program files\lenovo\screen reading optimizer\SROSVC.exe [2012-2-14 443240]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\lenovo\hotkey\tphkload.exe [2011-4-11 99328]
S2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2011-4-11 64440]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2012-2-14 2655768]
S2 Update Mgr FilterResults;Update Mgr FilterResults;c:\program files\common files\f08cac26-e74f-49b4-9ff1-f081aa55e1b3\Updater.exe [2015-6-20 574696]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\avast software\avast\ng\vbox\VBoxAswDrv.sys [2015-7-22 220752]
S2 vToolbarUpdater18.7.0;vToolbarUpdater18.7.0;c:\program files\common files\avg secure search\vtoolbarupdater\18.7.0\ToolbarUpdater.exe [2015-7-17 1842576]
S2 WDP;WDP;c:\program files\manufacturer\endpoint agent\wdp.exe [2011-3-14 232120]
S2 WinDevSrv;WinDevSrv;"c:\programdata\online\sv.exe" --> c:\programdata\online\sv.exe [?]
S3 5U877;USB Video Device;c:\windows\system32\drivers\5U877.sys [2012-2-14 130944]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\avast software\avast\ng\vbox\AvastVBoxSVC.exe [2015-7-22 3218624]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2014-6-23 266240]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\drivers\btwampfl.sys [2012-2-14 367656]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2012-2-14 33832]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2012-2-14 292200]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2015-6-20 30504]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2011-2-10 261800]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2014-12-3 111408]
S3 IAMT03;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMT03.sys [2011-5-16 40848]
S3 IAMTV;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTV.sys [2011-5-16 38288]
S3 IAMTXP;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTXP.sys [2011-5-16 47496]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2012-2-14 269824]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\intel\wifi\bin\PanDhcpDns.exe [2010-12-17 227600]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-3-17 6758912]
S3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2012-2-14 83304]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2012-2-14 246888]
S3 SFsCtrx111;SFsCtrx111;c:\windows\system32\drivers\SFsCtrx111.sys [2012-2-14 48824]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]
S3 tdifd111;tdifd111;c:\windows\system32\drivers\tdifd111.sys [2012-2-14 45624]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 vfsmfd;vfsmfd;c:\windows\system32\drivers\vfsmfd.sys [2012-2-14 48824]
S3 vrtam;vrtam;c:\windows\system32\drivers\vrtam.sys [2012-2-14 19256]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-16 1343400]
.
=============== Created Last 30 ================
.
2015-07-24 04:36:30 -------- d-----w- c:\program files\GUM9685.tmp
2015-07-24 00:01:57 -------- d-----w- C:\SUPERDelete
2015-07-24 00:00:38 -------- d-----w- c:\users\admin\appdata\roaming\SUPERAntiSpyware.com
2015-07-24 00:00:21 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2015-07-24 00:00:21 -------- d-----w- c:\program files\SUPERAntiSpyware
2015-07-23 23:38:15 -------- d-----w- c:\program files\CCleaner
2015-07-23 18:33:31 -------- d-----w- C:\AdwCleaner
2015-07-23 17:58:01 -------- d-----w- c:\users\admin\appdata\roaming\AVAST Software
2015-07-22 15:56:01 -------- d-----w- c:\windows\system32\vbox
2015-07-22 15:53:50 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-07-22 15:53:50 113592 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-07-22 15:53:48 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-07-22 15:53:47 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-07-22 15:53:46 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-07-22 15:53:46 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-07-22 15:53:44 788784 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-07-22 15:53:42 95112 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-07-22 15:53:10 43112 ----a-w- c:\windows\avastSS.scr
2015-07-22 15:49:38 -------- d-----w- c:\program files\AVAST Software
2015-07-22 15:48:00 -------- d-----w- c:\programdata\AVAST Software
.
==================== Find3M ====================
.
2015-07-30 18:04:15 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2015-07-30 17:58:49 17920 ----a-w- c:\windows\system32\rpcnetp.dll
2015-07-30 17:58:46 78032 ----a-w- c:\windows\system32\rpcnet.dll
2015-07-09 18:43:12 48496 ----a-w- c:\windows\system32\identprv.dll
.
============= FINISH: 21:24:22.93 ===============
DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.7601.18715 BrowserJavaVersion: 10.21.2
Run by admin at 21:23:19 on 2015-07-30
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.3176.2166 [GMT -4:00]
.
AV: Symantec Endpoint Protection *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Symantec Endpoint Protection *Disabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Symantec Endpoint Protection\Rtvscan.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldwz_15_25¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0DzztCzy0A0D0DyByC0B0AtB0FyBtN0D0Tzu0StCtByCyCtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0E0FtCtB0EtB0EtGyD0BtAyEtG0C0FtBtAtGtCtAyD0DtGtDtAyCtAtD0D0A0CyD0E0FtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByByEzytA0B0AyDtGtByC0DyBtGyEtAtCtBtG0AzztA0DtGyBtD0F0A0CyD0FyEtDyD0E0C2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzztDtD%26cr%3D1041564713%26a%3Dwncy_dnldwz_15_25%26os%3DWindows 7 Enterprise
uDefault_Page_URL = hxxp://schools.nyc.gov
uProxyServer = 127.0.0.1:9666
uProxyOverride = 127.0.0.1
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Filter Results: {dd4c66b8-f943-4b10-8053-7e9ee39bba4a} -
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [GoogleChromeAutoLaunch_D9394DE6386755479577597100432920] "c:\users\admin\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default"
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [ALCKRESI.EXE] c:\program files\lenovo\autolock\ALCKRESI.EXE
mRun: [LENOVO.TPKNRRES] c:\program files\lenovo\communications utility\TPKNRRES.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [RotateImage] c:\program files\integrated camera driver\RCIMGDIR.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [IndexSearch] "c:\program files\nuance\paperport\IndexSearch.exe"
mRun: [PaperPort PTD] "c:\program files\nuance\paperport\pptd40nt.exe"
mRun: [PPort12reminder] "c:\program files\nuance\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\12\config\ereg\Ereg.ini"
mRun: [PDFHook] c:\program files\nuance\pdf viewer plus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] c:\program files\nuance\pdf viewer plus\RegistryController.exe
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: legalnoticecaption = NYCDOE
mPolicies-System: legalnoticetext = This computer system, including all related equipment, is the property of the NYC Department of Education (NYCDoE) and is solely for uses authorized by NYCDoE. You have no right to privacy on the system, and all information and activity on the system may be monitored. Any unauthorized use of the system may result in disciplinary action, civil or criminal penalties.
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
Trusted Zone: cybershift.net
Trusted Zone: mathxlforschool.com
Trusted Zone: nycboe.net
Trusted Zone: nycenet.edu
Trusted Zone: thelearningodyssey.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{D0591289-51FA-447C-B958-897928C40F79} : DHCPNameServer = 10.251.38.21 10.251.38.22
TCP: Interfaces\{EC29A048-EEFD-40B3-A64B-5B7B829FF00B} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{EC29A048-EEFD-40B3-A64B-5B7B829FF00B}\3557C6C6966716E60275966496027457563747 : DHCPNameServer = 10.128.128.128
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\18.7.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\44.0.2403.125\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2012-2-14 25968]
R0 ngvss;ngvss;c:\windows\system32\drivers\ngvss.sys [2015-7-22 95112]
R1 PHCORE;PHCORE;c:\program files\lenovo\rapidboot\PHCORE.sys [2010-12-3 33640]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2014-7-22 142648]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec endpoint protection\Rtvscan.exe [2010-12-21 1832072]
R3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-2-14 41088]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETwNs32.sys [2012-10-2 7522304]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2015-7-22 49776]
S0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2015-7-22 208664]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-7-22 788784]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-7-22 433264]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2011-5-19 13680]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
S2 22134214;SuperOptimizer Stats;c:\windows\system32\rundll32.exe [2009-7-13 44544]
S2 AbtSvcHost;AbtSvcHost;c:\windows\system32\AbtSvcHost_.exe [2015-3-3 84376]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-7-22 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-7-22 76000]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-7-22 113592]
S2 avast! Antivirus;Avast Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2015-7-22 146600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 EDPA;EDPA;c:\program files\manufacturer\endpoint agent\edpa.exe [2011-3-14 255672]
S2 HyperW7Svc;HyperW7 Service;c:\program files\lenovo\rapidboot\HyperW7Svc.exe [2010-12-3 107880]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\lenovo\communications utility\CamMute.exe [2012-2-14 40808]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2011-4-11 45496]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\lenovo\communications utility\TPKNRSVC.exe [2012-2-14 59240]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\lenovo\virtscrl\lvvsst.exe [2011-4-11 93032]
S2 MediaDevSrv;MediaDevSrv;c:\programdata\mediadev\1404154465\mediadev.exe [2014-6-30 366952]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\nuance\paperport\PDFProFiltSrvPP.exe [2010-3-9 144672]
S2 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\thinkpad\utilities\PWMEWSVC.exe [2012-2-14 143360]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
S2 rpcnetp;rpcnetp;c:\windows\system32\rpcnetp.exe [2012-4-25 17920]
S2 RtkAudioService;Realtek Audio Service;c:\program files\realtek\audio\hda\RtkAudioService.exe [2012-2-14 141928]
S2 Service Mgr FilterResults;Service Mgr FilterResults;c:\programdata\f08cac26-e74f-49b4-9ff1-f081aa55e1b3\PluginContainer.exe [2015-6-20 652520]
S2 SROSVC;Screen Reading Optimizer Service Program;c:\program files\lenovo\screen reading optimizer\SROSVC.exe [2012-2-14 443240]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\lenovo\hotkey\tphkload.exe [2011-4-11 99328]
S2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2011-4-11 64440]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2012-2-14 2655768]
S2 Update Mgr FilterResults;Update Mgr FilterResults;c:\program files\common files\f08cac26-e74f-49b4-9ff1-f081aa55e1b3\Updater.exe [2015-6-20 574696]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\avast software\avast\ng\vbox\VBoxAswDrv.sys [2015-7-22 220752]
S2 vToolbarUpdater18.7.0;vToolbarUpdater18.7.0;c:\program files\common files\avg secure search\vtoolbarupdater\18.7.0\ToolbarUpdater.exe [2015-7-17 1842576]
S2 WDP;WDP;c:\program files\manufacturer\endpoint agent\wdp.exe [2011-3-14 232120]
S2 WinDevSrv;WinDevSrv;"c:\programdata\online\sv.exe" --> c:\programdata\online\sv.exe [?]
S3 5U877;USB Video Device;c:\windows\system32\drivers\5U877.sys [2012-2-14 130944]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\avast software\avast\ng\vbox\AvastVBoxSVC.exe [2015-7-22 3218624]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2014-6-23 266240]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\drivers\btwampfl.sys [2012-2-14 367656]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2012-2-14 33832]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2012-2-14 292200]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2015-6-20 30504]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2011-2-10 261800]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2014-12-3 111408]
S3 IAMT03;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMT03.sys [2011-5-16 40848]
S3 IAMTV;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTV.sys [2011-5-16 38288]
S3 IAMTXP;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTXP.sys [2011-5-16 47496]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2012-2-14 269824]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\intel\wifi\bin\PanDhcpDns.exe [2010-12-17 227600]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-3-17 6758912]
S3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2012-2-14 83304]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2012-2-14 246888]
S3 SFsCtrx111;SFsCtrx111;c:\windows\system32\drivers\SFsCtrx111.sys [2012-2-14 48824]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]
S3 tdifd111;tdifd111;c:\windows\system32\drivers\tdifd111.sys [2012-2-14 45624]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 vfsmfd;vfsmfd;c:\windows\system32\drivers\vfsmfd.sys [2012-2-14 48824]
S3 vrtam;vrtam;c:\windows\system32\drivers\vrtam.sys [2012-2-14 19256]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-16 1343400]
.
=============== Created Last 30 ================
.
2015-07-24 04:36:30 -------- d-----w- c:\program files\GUM9685.tmp
2015-07-24 00:01:57 -------- d-----w- C:\SUPERDelete
2015-07-24 00:00:38 -------- d-----w- c:\users\admin\appdata\roaming\SUPERAntiSpyware.com
2015-07-24 00:00:21 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2015-07-24 00:00:21 -------- d-----w- c:\program files\SUPERAntiSpyware
2015-07-23 23:38:15 -------- d-----w- c:\program files\CCleaner
2015-07-23 18:33:31 -------- d-----w- C:\AdwCleaner
2015-07-23 17:58:01 -------- d-----w- c:\users\admin\appdata\roaming\AVAST Software
2015-07-22 15:56:01 -------- d-----w- c:\windows\system32\vbox
2015-07-22 15:53:50 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-07-22 15:53:50 113592 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-07-22 15:53:48 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-07-22 15:53:47 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-07-22 15:53:46 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-07-22 15:53:46 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-07-22 15:53:44 788784 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-07-22 15:53:42 95112 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-07-22 15:53:10 43112 ----a-w- c:\windows\avastSS.scr
2015-07-22 15:49:38 -------- d-----w- c:\program files\AVAST Software
2015-07-22 15:48:00 -------- d-----w- c:\programdata\AVAST Software
.
==================== Find3M ====================
.
2015-07-30 18:04:15 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2015-07-30 17:58:49 17920 ----a-w- c:\windows\system32\rpcnetp.dll
2015-07-30 17:58:46 78032 ----a-w- c:\windows\system32\rpcnet.dll
2015-07-09 18:43:12 48496 ----a-w- c:\windows\system32\identprv.dll
.
============= FINISH: 21:24:22.93 ===============