1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

my lenovo laptop working slow

Discussion in 'Virus & Other Malware Removal' started by myvizhi, May 7, 2014.

Thread Status:
Not open for further replies.
Advertisement
  1. myvizhi

    myvizhi Thread Starter

    Joined:
    May 7, 2014
    Messages:
    2
    hi,
    my lenovo G560 laptop working very slow.i run OLE.the result is below


    OTL logfile created on: 5/7/2014 2:46:54 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\USER\Downloads
    64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.87 Gb Total Physical Memory | 0.78 Gb Available Physical Memory | 41.86% Memory free
    3.73 Gb Paging File | 1.87 Gb Available in Paging File | 50.07% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 78.03 Gb Total Space | 42.38 Gb Free Space | 54.32% Space Free | Partition Type: NTFS
    Drive D: | 195.31 Gb Total Space | 180.93 Gb Free Space | 92.63% Space Free | Partition Type: NTFS
    Drive E: | 192.32 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

    Computer Name: USER-PC | User Name: USER | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/05/07 14:45:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\USER\Downloads\OTL.exe
    PRC - [2014/04/02 19:27:55 | 003,774,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
    PRC - [2014/02/03 19:52:49 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2011/06/30 15:26:34 | 000,162,072 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7rtscan.exe
    PRC - [2011/06/03 19:29:26 | 000,198,384 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7tsmngr.exe
    PRC - [2011/05/14 17:59:36 | 000,220,440 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7fwsrvc.exe
    PRC - [2011/02/11 18:55:32 | 000,132,376 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSecurity.exe
    PRC - [2011/02/11 18:55:26 | 000,128,280 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7PSSrvc.exe
    PRC - [2011/01/20 20:25:50 | 000,072,472 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SysMon.Exe
    PRC - [2011/01/20 20:25:32 | 000,148,248 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7EmlPxy.exe
    PRC - [2011/01/20 20:25:30 | 000,262,424 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7CrvSvc.exe
    PRC - [2010/05/14 14:38:44 | 011,517,952 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\App.exe
    PRC - [2010/03/12 14:48:21 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2010/03/12 14:48:20 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe


    ========== Modules (No Company Name) ==========

    MOD - [2014/04/24 06:03:13 | 000,390,472 | ---- | M] () -- C:\Users\USER\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
    MOD - [2014/04/24 06:03:12 | 013,692,232 | ---- | M] () -- C:\Users\USER\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
    MOD - [2014/04/24 06:03:10 | 004,081,480 | ---- | M] () -- C:\Users\USER\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll
    MOD - [2014/04/24 06:03:05 | 000,674,632 | ---- | M] () -- C:\Users\USER\AppData\Local\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
    MOD - [2014/04/24 06:03:04 | 000,093,000 | ---- | M] () -- C:\Users\USER\AppData\Local\Google\Chrome\Application\34.0.1847.131\libegl.dll
    MOD - [2014/04/24 06:03:03 | 001,647,432 | ---- | M] () -- C:\Users\USER\AppData\Local\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
    MOD - [2014/04/24 06:03:01 | 000,065,352 | ---- | M] () -- C:\Users\USER\AppData\Local\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
    MOD - [2013/12/15 20:51:15 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
    MOD - [2010/05/14 14:38:44 | 011,517,952 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\App.exe
    MOD - [2010/05/14 14:34:20 | 000,147,456 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfXCommWrapper.dll
    MOD - [2010/05/14 14:34:14 | 000,013,312 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfSoundPlayLib.dll
    MOD - [2010/05/14 14:34:10 | 000,077,824 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfDeviceHW.dll
    MOD - [2010/05/14 14:34:10 | 000,040,960 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfRasWrapper.dll
    MOD - [2010/05/14 14:34:08 | 000,102,400 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfWaveLib.dll
    MOD - [2010/05/14 14:34:06 | 000,430,080 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfXComm.dll
    MOD - [2010/05/14 14:33:58 | 000,026,624 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfCustomization.dll
    MOD - [2010/05/14 14:33:50 | 000,053,248 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfLogService.dll
    MOD - [2010/05/14 14:33:46 | 000,212,992 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfHelper.dll
    MOD - [2010/05/14 14:33:42 | 000,013,312 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfSerialPort.dll
    MOD - [2010/05/14 14:33:40 | 000,014,336 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zfThreading.dll
    MOD - [2010/04/03 19:13:00 | 000,971,776 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\libxml2.dll
    MOD - [2010/04/03 19:13:00 | 000,290,904 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\libxslt.dll
    MOD - [2010/04/03 19:13:00 | 000,073,728 | ---- | M] () -- C:\Program Files\Reliance Netconnect - Broadband+\bin\zlib1.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - File not found [Auto | Running] -- C:\Program Files\Reliance Netconnect -- (UDisk Monitor)
    SRV:64bit: - [2014/02/03 19:52:49 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2009/07/14 07:11:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2009/07/14 07:10:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV - [2013/09/16 20:20:05 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/04/18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
    SRV - [2011/06/30 15:26:34 | 000,162,072 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7rtscan.exe -- (K7RTScan)
    SRV - [2011/06/03 19:29:26 | 000,198,384 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7tsmngr.exe -- (K7TSMngr)
    SRV - [2011/05/14 17:59:36 | 000,220,440 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7fwsrvc.exe -- (K7FWSrvc)
    SRV - [2011/02/11 18:55:26 | 000,128,280 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7PSSrvc.exe -- (K7PSSrvc)
    SRV - [2011/01/20 20:25:46 | 000,303,384 | ---- | M] (K7 Computing Pvt Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SpmSrc.exe -- (K7SpmSrc)
    SRV - [2011/01/20 20:25:32 | 000,148,248 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7EmlPxy.exe -- (K7EmlPxy)
    SRV - [2011/01/20 20:25:30 | 000,262,424 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7CrvSvc.exe -- (K7CrvSvc)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/12 14:48:21 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2010/03/12 14:48:20 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
    SRV - [2009/06/11 02:53:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2014/02/03 19:53:07 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2014/02/03 19:53:07 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
    DRV:64bit: - [2014/02/03 19:53:06 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2014/02/03 19:53:06 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2013/12/27 21:02:22 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
    DRV:64bit: - [2013/12/15 20:51:23 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
    DRV:64bit: - [2013/12/15 20:51:21 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
    DRV:64bit: - [2013/08/30 13:18:09 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
    DRV:64bit: - [2012/10/17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
    DRV:64bit: - [2011/05/31 15:37:28 | 001,099,296 | ---- | M] (K7 Computing Pvt Ltd) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\K7Sentry.sys -- (K7Sentry)
    DRV:64bit: - [2011/01/20 20:31:30 | 000,040,992 | ---- | M] (K7 Computing Pvt Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\K7FWHlpr.sys -- (K7FWHlpr)
    DRV:64bit: - [2010/07/30 09:23:14 | 000,175,688 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\u302mdm.sys -- (u302mdm)
    DRV:64bit: - [2010/07/30 09:23:14 | 000,157,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\u302mgmt.sys -- (u302mgmt)
    DRV:64bit: - [2010/07/30 09:23:14 | 000,154,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\u302bus.sys -- (u302bus)
    DRV:64bit: - [2010/07/30 09:23:14 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\u302mdfl.sys -- (u302mdfl)
    DRV:64bit: - [2010/05/19 17:04:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2010/05/19 16:47:34 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
    DRV:64bit: - [2010/05/19 16:46:57 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2010/05/19 16:46:55 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2010/04/15 15:12:48 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/04/03 19:13:20 | 000,120,704 | ---- | M] (ZTEMT Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT_ZTEMT_U_USBSER.sys -- (ztemtusbser)
    DRV:64bit: - [2010/03/12 14:48:19 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
    DRV:64bit: - [2010/02/02 15:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/07/14 07:22:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009/07/14 07:22:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2009/07/14 07:22:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 07:18:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 07:17:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/14 07:17:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2009/07/14 07:15:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/11 02:04:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/11 02:04:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/11 02:04:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/11 02:01:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/04/18 21:01:08 | 000,015,904 | ---- | M] (K7 Computing Pvt Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\K7TdiHlp.sys -- (K7TdiHlp)
    DRV:64bit: - [2009/03/25 21:18:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
    DRV:64bit: - [2009/03/25 21:18:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic)
    DRV:64bit: - [2009/03/25 21:18:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt)
    DRV:64bit: - [2009/03/25 21:18:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
    DRV:64bit: - [2009/03/25 21:18:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus)
    DRV:64bit: - [2009/03/25 21:18:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5)
    DRV:64bit: - [2009/03/25 21:18:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
    DRV:64bit: - [2007/04/09 18:11:02 | 000,054,992 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
    DRV - [2009/07/14 06:49:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ir...DyB0F0BtN0D0TzutBtDtCtBtDyBtDyE&cr=1342594537
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1Qzu0CyEyEyCtCzy0ByByDtAtAtDtDyB0F0BtN0D0TzutBtDtCtBtDyBtDyE&cr=1342594537
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
    IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
    IE - HKLM\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
    IE - HKLM\..\SearchScopes\{0368C24B-0F35-9F2D-9720-24DA47D9A83E}: "URL" = http://home.myplaycity.com/results.php?category=web&s={searchTerms}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://home.myplaycity.com/results.php?category=web&s={searchTerms}
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://home.myplaycity.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\URLSearchHook: {0696f815-a3a9-490a-bb14-9ec3350b1276} - No CLSID value found
    IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
    IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0DB83AD4-B48F-4FF0-B602-C65C435D1FCE}
    IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
    IE - HKCU\..\SearchScopes\{0368C24B-0F35-9F2D-9720-24DA47D9A83E}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{0DB83AD4-B48F-4FF0-B602-C65C435D1FCE}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1Qzu0CyEyEyCtCzy0ByByDtAtAtDtDyB0F0BtN0D0TzutBtDtCtBtDyBtDyE&cr=1342594537
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=116257&tt=031012_ccp_4012_8&babsrc=SP_ss&mntrId=92dc07fb000000000000000000000000
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://my.myplaycity.com/results.php?category=web&s={searchTerms}
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\USER\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\USER\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/18 21:31:06 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin [2013/12/03 22:17:12 | 000,000,000 | ---D | M]

    [2013/01/28 19:37:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\extensions
    [2012/08/08 21:09:13 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\extensions\[email protected]
    [2012/07/31 17:29:18 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
    [2012/10/05 22:30:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012/08/06 18:50:44 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - plugin: Error reading preferences file
    CHR - Extension: uTorrentControl_v6 = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.29.0.520_0\
    CHR - Extension: uTorrentControl_v6 = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.29.0.520_0\nativeMessaging\nmHost
    CHR - Extension: uTorrentControl_v6 = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.30.1.502_0\
    CHR - Extension: uTorrentControl_v6 = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.30.1.502_0\nativeMessaging\nmHost
    CHR - Extension: avast! Online Security = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
    CHR - Extension: Need for Speed World = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk\1.0.0.4_0\
    CHR - Extension: Google Wallet = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\

    O1 HOSTS File: ([2009/06/11 02:30:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (no name) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - No CLSID value found.
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [K7TSStart] C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSecurity.exe (K7 Computing Pvt Ltd)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
    O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FFE5068-7397-4FF5-BCEA-A4DBC27550A9}: NameServer = 220.226.6.104 220.226.100.40
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271832~1.68\{16cdf~1\loader.dll) - File not found
    O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll) - File not found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{341b8570-d3f2-11e0-96c9-002682c9c1f6}\Shell - "" = AutoRun
    O33 - MountPoints2\{341b8570-d3f2-11e0-96c9-002682c9c1f6}\Shell\AutoRun\command - "" = I:\.\Setup.exe
    O33 - MountPoints2\{88e265af-3838-11e1-a373-002682c9c1f6}\Shell - "" = AutoRun
    O33 - MountPoints2\{88e265af-3838-11e1-a373-002682c9c1f6}\Shell\AutoRun\command - "" = H:\Startme.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (K7TSDbg)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/05/04 22:04:07 | 000,000,000 | ---D | C] -- C:\Users\USER\Desktop\reconcltion
    [2014/05/04 19:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
    [2014/05/04 19:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Phone
    [2014/05/04 17:57:58 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\AvastPEToolkit
    [2014/04/10 23:21:51 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\NokiaAccount
    [2014/04/10 23:20:58 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Nokia
    [2014/04/10 23:20:46 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\PC Suite
    [2014/04/10 23:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
    [2014/04/10 23:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
    [2014/04/10 23:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
    [2014/04/10 23:18:15 | 000,026,112 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
    [2014/04/10 23:18:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
    [2014/04/10 23:17:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
    [2014/04/10 23:17:13 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
    [2014/04/10 23:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
    [2014/04/10 23:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
    [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/05/07 14:44:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/05/07 14:36:08 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/05/07 14:05:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2958576185-3026276549-3106284581-1000UA.job
    [2014/05/07 10:57:49 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/05/07 10:57:49 | 000,659,818 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/05/07 10:57:49 | 000,120,714 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/05/07 10:27:20 | 000,021,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/05/07 10:27:20 | 000,021,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/05/07 10:22:29 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/05/07 10:22:17 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
    [2014/05/07 10:22:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/05/07 10:22:06 | 1502,793,728 | -HS- | M] () -- C:\hiberfil.sys
    [2014/05/04 21:05:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2958576185-3026276549-3106284581-1000Core.job
    [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/01/04 22:53:05 | 000,772,430 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/12/14 21:00:07 | 000,007,598 | ---- | C] () -- C:\Users\USER\AppData\Local\Resmon.ResmonCfg
    [2013/09/23 21:16:07 | 000,254,183 | ---- | C] () -- C:\Users\USER\Raja Rani (tamil) Songs 2013, Songs of Raja Rani (tamil) Movie, Listen Raja Rani (tamil) Songs Online, MP3 Songs, Music.htm
    [2012/07/04 23:43:27 | 000,302,425 | ---- | C] () -- C:\Users\USER\AppData\Local\funmoods-speeddial.crx
    [2012/07/04 23:43:24 | 000,031,470 | ---- | C] () -- C:\Users\USER\AppData\Local\funmoods.crx
    [2011/08/13 14:34:02 | 000,005,120 | ---- | C] () -- C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/06/08 20:26:35 | 000,001,088 | ---- | C] () -- C:\Users\USER\VLC media player.lnk

    ========== ZeroAccess Check ==========

    [2009/07/14 10:25:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2010/07/27 20:29:11 | 014,162,944 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 19:33:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 07:10:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 06:45:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 07:11:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >
     
  2. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,720
    Hi myvizhi,
    You have two antivirus programs running at the same time.
    That will not work well, and can make your system Unstable.
    First, you need to Uninstall either Avast or K7 Security. Keep just one of them.
    Then Reboot the machine.
    -----------------------------------------------------------
    Download MGA Diagnostic Tool to your Desktop.
    • Double click MGADiag.exe to launch the program.
    • Click Continue and let the scan run.
    • When finished it will have created a log.
    • Click Copy.
    • Next open Notepad.
      • Click Start > Run type Notepad click OK.
      • This will open an empty Notepad file.
      • Right click in the empty file and choose Paste to copy the log from MGA Diagnostics into it.
      • Save the file to your Desktop.
    • Close MGA Diagnostic Tool.
    • Copy/Paste the Notepad log you just made in your next reply please.

    askey127
     
  3. myvizhi

    myvizhi Thread Starter

    Joined:
    May 7, 2014
    Messages:
    2
    hi ,
    thank u for ur reply.i hav done wat u said the result is below


    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-GJY49-VJBQ7-HYRR2
    Windows Product Key Hash: W5/6nm6F2UPXrCkY5xUhXb/+21g=
    Windows Product ID: 00426-OEM-8992662-00006
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7600.2.00010100.0.0.001
    ID: {6BE01771-C76A-4A33-88CA-6E13D5B99113}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7600.win7_gdr.110408-1633
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 103 Blocked VLK
    Microsoft Office Enterprise 2007 - 103 Blocked VLK
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{6BE01771-C76A-4A33-88CA-6E13D5B99113}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010100.0.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-HYRR2</PKey><PID>00426-OEM-8992662-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-2958576185-3026276549-3106284581</SID><SYSTEM><Manufacturer>LENOVO</Manufacturer><Model>20042 </Model></SYSTEM><BIOS><Manufacturer>LENOVO</Manufacturer><Version>29CN29WW(V2.06)</Version><SMBIOSVersion major="2" minor="6"/><Date>20100708000000.000000+000</Date></BIOS><HWID>7FB83607018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>India Standard Time(GMT+05:30)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>103</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>103</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>ACD7202654E586</Val><Hash>fFic3JgCreGGRxyF8uMWB4R4Jcg=</Hash><Pid>89388-707-1528066-65346</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="103"/><App Id="16" Version="12" Result="103"/><App Id="18" Version="12" Result="103"/><App Id="19" Version="12" Result="103"/><App Id="1A" Version="12" Result="103"/><App Id="1B" Version="12" Result="103"/><App Id="44" Version="12" Result="103"/><App Id="A1" Version="12" Result="103"/><App Id="BA" Version="12" Result="103"/></Applications></Office></Software></GenuineResults>

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7600.16385

    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00178-926-600006-02-1033-7600.0000-2132011
    Installation ID: 019256853204487236587033744166406714247703303193456054
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: HYRR2
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 5/12/2014 8:38:37 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 3:19:2014 17:45
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: MAAAAAEABAABAAEAAAABAAAAAQABAAEAJJRmvNrcAi00iV6QDoj6LKwizMoWwFxd

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
    ACPI Table Name OEMID Value OEMTableID Value
    APIC INTEL Calpella
    FACP LENOVO CB-01
    HPET LENOVO CB-01
    BOOT INTEL Calpella
    MCFG LENOVO CB-01
    WDRT INTEL Calpella
    ASF! INTEL Calpella
    SLIX LENOVO CB-01
    SSDT INTEL SataPri
    SSDT INTEL SataPri
    ASPT INTEL Calpella
    SSDT INTEL SataPri
    SSDT INTEL SataPri
    SSDT INTEL SataPri
    SLIC HPQOEM SLIC-MPC
     
  4. Triple6

    Triple6 Moderator

    Joined:
    Dec 26, 2002
    Messages:
    52,854
    First Name:
    Rob
    Seems you are running an illegal copy of Windows and Office therefore we cannot provide you with assistance as per the forum rules.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1125559

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice