Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help to Remove ad.xtendmedia Please

Started by MayaM , Oct 10 2012 01:19 PM

  • Please log in to reply
11 replies to this topic

#1 MayaM

MayaM

    New Member

  • Members
  • Pip
  • 6 posts
  • Gender:Female

Posted 10 October 2012 - 01:19 PM

Hi there,

I believe my computer is infected with the ad.xtendmedia virus (or what ever it's called). I've tried running MalwareBytes, SuperAntiSpyware, and AdAware but none of them have detected or removed it.

The symptoms are ads constantly popping up in the bottom left of my screen, with a link to ad.xtendmedia when I scroll over them. My browser also sometimes automatically redirects to other sites when I click on a link on a web page.

Instructions or other help as to how to get rid of it would be greatly appreciated.

Thanks so much in advance! :)

 

  • BC Ads
  • BleepingComputer.com

#2 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 10 October 2012 - 01:40 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 MayaM

MayaM

    New Member

  • Members
  • Pip
  • 6 posts
  • Gender:Female

Posted 11 October 2012 - 01:14 PM

Thank you!

Here are the results. I haven't posted any log for ESET scanner as no threats were found.

00:13:01.0049 4044 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
00:13:01.0431 4044 ============================================================
00:13:01.0431 4044 Current date / time: 2012/10/11 00:13:01.0431
00:13:01.0431 4044 SystemInfo:
00:13:01.0431 4044
00:13:01.0431 4044 OS Version: 6.1.7600 ServicePack: 0.0
00:13:01.0431 4044 Product type: Workstation
00:13:01.0431 4044 ComputerName: SHARELL-PC
00:13:01.0431 4044 UserName: Sharell
00:13:01.0431 4044 Windows directory: C:\windows
00:13:01.0431 4044 System windows directory: C:\windows
00:13:01.0431 4044 Running under WOW64
00:13:01.0431 4044 Processor architecture: Intel x64
00:13:01.0431 4044 Number of processors: 2
00:13:01.0431 4044 Page size: 0x1000
00:13:01.0431 4044 Boot type: Normal boot
00:13:01.0431 4044 ============================================================
00:13:05.0422 4044 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:13:05.0426 4044 ============================================================
00:13:05.0426 4044 \Device\Harddisk0\DR0:
00:13:05.0426 4044 MBR partitions:
00:13:05.0426 4044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38DE5800
00:13:05.0426 4044 ============================================================
00:13:05.0438 4044 C: <-> \Device\Harddisk0\DR0\Partition1
00:13:05.0438 4044 ============================================================
00:13:05.0438 4044 Initialize success
00:13:05.0438 4044 ============================================================
00:13:13.0232 2780 ============================================================
00:13:13.0232 2780 Scan started
00:13:13.0232 2780 Mode: Manual;
00:13:13.0232 2780 ============================================================
00:13:14.0021 2780 ================ Scan system memory ========================
00:13:14.0021 2780 System memory - ok
00:13:14.0021 2780 ================ Scan services =============================
00:13:14.0301 2780 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
00:13:14.0308 2780 1394ohci - ok
00:13:14.0339 2780 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
00:13:14.0341 2780 ACPI - ok
00:13:14.0377 2780 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
00:13:14.0382 2780 AcpiPmi - ok
00:13:14.0538 2780 [ C59992E25F4EBAD9E5C15B0D5D225F99 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
00:13:14.0546 2780 Ad-Aware Service - ok
00:13:14.0769 2780 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:13:14.0772 2780 AdobeFlashPlayerUpdateSvc - ok
00:13:14.0839 2780 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
00:13:16.0892 2780 adp94xx - ok
00:13:16.0961 2780 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
00:13:16.0970 2780 adpahci - ok
00:13:17.0019 2780 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
00:13:17.0024 2780 adpu320 - ok
00:13:17.0073 2780 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
00:13:17.0074 2780 AeLookupSvc - ok
00:13:17.0114 2780 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\windows\system32\drivers\afd.sys
00:13:17.0118 2780 AFD - ok
00:13:17.0149 2780 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
00:13:17.0153 2780 agp440 - ok
00:13:17.0190 2780 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
00:13:17.0207 2780 ALG - ok
00:13:17.0249 2780 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
00:13:17.0252 2780 aliide - ok
00:13:17.0305 2780 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
00:13:17.0308 2780 amdide - ok
00:13:17.0352 2780 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
00:13:17.0356 2780 AmdK8 - ok
00:13:17.0361 2780 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
00:13:17.0380 2780 AmdPPM - ok
00:13:17.0423 2780 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\windows\system32\DRIVERS\amdsata.sys
00:13:17.0427 2780 amdsata - ok
00:13:17.0486 2780 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
00:13:17.0491 2780 amdsbs - ok
00:13:17.0512 2780 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\windows\system32\DRIVERS\amdxata.sys
00:13:17.0514 2780 amdxata - ok
00:13:17.0526 2780 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
00:13:17.0545 2780 AppID - ok
00:13:19.0202 2780 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
00:13:19.0223 2780 AppIDSvc - ok
00:13:19.0305 2780 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
00:13:19.0306 2780 Appinfo - ok
00:13:19.0530 2780 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:13:19.0543 2780 Apple Mobile Device - ok
00:13:19.0591 2780 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
00:13:19.0599 2780 arc - ok
00:13:19.0628 2780 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
00:13:19.0634 2780 arcsas - ok
00:13:19.0718 2780 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
00:13:19.0733 2780 AsyncMac - ok
00:13:19.0776 2780 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
00:13:19.0779 2780 atapi - ok
00:13:19.0879 2780 [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr C:\windows\system32\DRIVERS\athrx.sys
00:13:19.0902 2780 athr - ok
00:13:19.0956 2780 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
00:13:19.0962 2780 AudioEndpointBuilder - ok
00:13:19.0972 2780 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
00:13:19.0976 2780 AudioSrv - ok
00:13:20.0194 2780 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
00:13:20.0223 2780 AVGIDSAgent - ok
00:13:22.0092 2780 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys
00:13:22.0124 2780 AVGIDSDriver - ok
00:13:22.0166 2780 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\windows\system32\DRIVERS\avgidsfiltera.sys
00:13:22.0169 2780 AVGIDSFilter - ok
00:13:22.0229 2780 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
00:13:22.0237 2780 AVGIDSHA - ok
00:13:22.0281 2780 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
00:13:22.0297 2780 Avgldx64 - ok
00:13:22.0334 2780 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
00:13:22.0336 2780 Avgmfx64 - ok
00:13:22.0385 2780 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
00:13:22.0389 2780 Avgrkx64 - ok
00:13:22.0416 2780 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
00:13:22.0432 2780 Avgtdia - ok
00:13:22.0470 2780 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
00:13:22.0472 2780 avgwd - ok
00:13:22.0514 2780 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
00:13:22.0519 2780 AxInstSV - ok
00:13:22.0570 2780 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
00:13:22.0580 2780 b06bdrv - ok
00:13:22.0608 2780 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
00:13:22.0618 2780 b57nd60a - ok
00:13:22.0665 2780 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
00:13:22.0669 2780 BDESVC - ok
00:13:22.0692 2780 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
00:13:22.0703 2780 Beep - ok
00:13:22.0746 2780 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
00:13:22.0750 2780 BFE - ok
00:13:22.0798 2780 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\System32\qmgr.dll
00:13:22.0804 2780 BITS - ok
00:13:22.0844 2780 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
00:13:22.0847 2780 blbdrive - ok
00:13:22.0945 2780 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:13:22.0955 2780 Bonjour Service - ok
00:13:22.0974 2780 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\windows\system32\DRIVERS\bowser.sys
00:13:22.0978 2780 bowser - ok
00:13:22.0998 2780 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
00:13:23.0001 2780 BrFiltLo - ok
00:13:23.0017 2780 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
00:13:23.0020 2780 BrFiltUp - ok
00:13:23.0047 2780 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\windows\System32\browser.dll
00:13:23.0049 2780 Browser - ok
00:13:23.0080 2780 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
00:13:23.0102 2780 Brserid - ok
00:13:23.0107 2780 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
00:13:23.0124 2780 BrSerWdm - ok
00:13:23.0140 2780 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
00:13:23.0159 2780 BrUsbMdm - ok
00:13:23.0164 2780 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
00:13:23.0167 2780 BrUsbSer - ok
00:13:23.0172 2780 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
00:13:23.0181 2780 BTHMODEM - ok
00:13:23.0215 2780 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
00:13:23.0219 2780 bthserv - ok
00:13:23.0240 2780 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
00:13:23.0244 2780 cdfs - ok
00:13:23.0282 2780 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
00:13:23.0291 2780 cdrom - ok
00:13:23.0331 2780 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
00:13:23.0332 2780 CertPropSvc - ok
00:13:23.0421 2780 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
00:13:23.0432 2780 cfWiMAXService - ok
00:13:23.0476 2780 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
00:13:23.0480 2780 circlass - ok
00:13:23.0513 2780 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
00:13:23.0517 2780 CLFS - ok
00:13:23.0588 2780 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:13:23.0592 2780 clr_optimization_v2.0.50727_32 - ok
00:13:23.0629 2780 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:13:23.0633 2780 clr_optimization_v2.0.50727_64 - ok
00:13:23.0673 2780 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
00:13:23.0677 2780 CmBatt - ok
00:13:23.0693 2780 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
00:13:23.0706 2780 cmdide - ok
00:13:23.0734 2780 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\windows\system32\Drivers\cng.sys
00:13:23.0745 2780 CNG - ok
00:13:23.0796 2780 [ 25C58EE97BE0416A373E3E4F855206B5 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
00:13:23.0819 2780 CnxtHdAudService - ok
00:13:23.0841 2780 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
00:13:23.0844 2780 Compbatt - ok
00:13:23.0876 2780 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
00:13:23.0881 2780 CompositeBus - ok
00:13:23.0892 2780 COMSysApp - ok
00:13:23.0916 2780 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
00:13:23.0924 2780 ConfigFree Service - ok
00:13:23.0943 2780 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
00:13:23.0955 2780 crcdisk - ok
00:13:24.0001 2780 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\windows\system32\cryptsvc.dll
00:13:24.0002 2780 CryptSvc - ok
00:13:24.0043 2780 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
00:13:24.0048 2780 DcomLaunch - ok
00:13:24.0065 2780 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
00:13:24.0078 2780 defragsvc - ok
00:13:24.0114 2780 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\windows\system32\Drivers\dfsc.sys
00:13:24.0123 2780 DfsC - ok
00:13:24.0172 2780 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
00:13:24.0176 2780 Dhcp - ok
00:13:24.0187 2780 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
00:13:24.0188 2780 discache - ok
00:13:24.0220 2780 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
00:13:24.0223 2780 Disk - ok
00:13:24.0258 2780 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\windows\System32\dnsrslvr.dll
00:13:24.0260 2780 Dnscache - ok
00:13:24.0270 2780 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
00:13:24.0279 2780 dot3svc - ok
00:13:24.0321 2780 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
00:13:25.0912 2780 Dot4 - ok
00:13:25.0950 2780 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
00:13:25.0964 2780 Dot4Print - ok
00:13:25.0992 2780 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
00:13:25.0997 2780 dot4usb - ok
00:13:26.0027 2780 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
00:13:26.0031 2780 DPS - ok
00:13:26.0065 2780 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
00:13:26.0074 2780 drmkaud - ok
00:13:26.0116 2780 [ 372117D46A16ADD8CA6E3EE3B3BDD57C ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
00:13:26.0126 2780 DXGKrnl - ok
00:13:26.0159 2780 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
00:13:26.0160 2780 EapHost - ok
00:13:26.0258 2780 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
00:13:26.0341 2780 ebdrv - ok
00:13:26.0369 2780 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\windows\System32\lsass.exe
00:13:26.0371 2780 EFS - ok
00:13:26.0440 2780 [ 3D69FAE60EDE442E004611A4EE4DB44C ] ehRecvr C:\windows\ehome\ehRecvr.exe
00:13:26.0457 2780 ehRecvr - ok
00:13:26.0470 2780 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
00:13:26.0486 2780 ehSched - ok
00:13:26.0514 2780 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
00:13:26.0525 2780 elxstor - ok
00:13:26.0530 2780 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
00:13:26.0549 2780 ErrDev - ok
00:13:26.0611 2780 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
00:13:26.0614 2780 EventSystem - ok
00:13:26.0638 2780 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
00:13:26.0654 2780 exfat - ok
00:13:26.0685 2780 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
00:13:26.0695 2780 fastfat - ok
00:13:26.0752 2780 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
00:13:26.0757 2780 Fax - ok
00:13:26.0784 2780 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
00:13:26.0789 2780 fdc - ok
00:13:26.0833 2780 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
00:13:26.0836 2780 fdPHost - ok
00:13:26.0858 2780 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
00:13:26.0876 2780 FDResPub - ok
00:13:26.0893 2780 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
00:13:26.0896 2780 FileInfo - ok
00:13:26.0924 2780 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
00:13:28.0511 2780 Filetrace - ok
00:13:28.0569 2780 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
00:13:28.0572 2780 flpydisk - ok
00:13:28.0656 2780 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
00:13:28.0661 2780 FltMgr - ok
00:13:28.0725 2780 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\windows\system32\FntCache.dll
00:13:28.0743 2780 FontCache - ok
00:13:28.0821 2780 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:13:28.0825 2780 FontCache3.0.0.0 - ok
00:13:28.0838 2780 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
00:13:28.0842 2780 FsDepends - ok
00:13:28.0866 2780 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
00:13:28.0878 2780 Fs_Rec - ok
00:13:28.0938 2780 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
00:13:28.0943 2780 fvevol - ok
00:13:28.0984 2780 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
00:13:29.0083 2780 FwLnk - ok
00:13:29.0117 2780 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
00:13:29.0123 2780 gagp30kx - ok
00:13:29.0195 2780 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
00:13:29.0216 2780 GameConsoleService - ok
00:13:29.0247 2780 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
00:13:29.0252 2780 GEARAspiWDM - ok
00:13:29.0303 2780 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
00:13:29.0309 2780 gpsvc - ok
00:13:29.0352 2780 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
00:13:29.0367 2780 hcw85cir - ok
00:13:29.0402 2780 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
00:13:29.0411 2780 HdAudAddService - ok
00:13:29.0453 2780 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
00:13:29.0455 2780 HDAudBus - ok
00:13:29.0460 2780 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
00:13:29.0469 2780 HidBatt - ok
00:13:29.0509 2780 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
00:13:29.0515 2780 HidBth - ok
00:13:29.0521 2780 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
00:13:31.0133 2780 HidIr - ok
00:13:31.0181 2780 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
00:13:31.0182 2780 hidserv - ok
00:13:31.0235 2780 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
00:13:31.0240 2780 HidUsb - ok
00:13:31.0305 2780 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36 C:\windows\system32\drivers\hitmanpro36.sys
00:13:31.0321 2780 hitmanpro36 - ok
00:13:31.0357 2780 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
00:13:31.0359 2780 hkmsvc - ok
00:13:31.0393 2780 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
00:13:31.0407 2780 HomeGroupListener - ok
00:13:31.0440 2780 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
00:13:31.0443 2780 HomeGroupProvider - ok
00:13:31.0551 2780 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
00:13:31.0553 2780 hpqcxs08 - ok
00:13:31.0572 2780 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
00:13:31.0577 2780 hpqddsvc - ok
00:13:31.0601 2780 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
00:13:31.0605 2780 HpSAMD - ok
00:13:31.0635 2780 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
00:13:31.0643 2780 HTTP - ok
00:13:31.0678 2780 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
00:13:31.0681 2780 hwpolicy - ok
00:13:31.0713 2780 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
00:13:31.0717 2780 i8042prt - ok
00:13:31.0766 2780 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
00:13:31.0768 2780 iaStor - ok
00:13:31.0819 2780 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\windows\system32\DRIVERS\iaStorV.sys
00:13:31.0828 2780 iaStorV - ok
00:13:31.0885 2780 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:13:31.0906 2780 idsvc - ok
00:13:32.0173 2780 [ 898AB5BFED7040D7AB07AF01885EB944 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
00:13:32.0397 2780 igfx - ok
00:13:32.0425 2780 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
00:13:32.0430 2780 iirsp - ok
00:13:32.0483 2780 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
00:13:32.0491 2780 IKEEXT - ok
00:13:32.0497 2780 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
00:13:32.0505 2780 intelide - ok
00:13:32.0542 2780 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
00:13:32.0543 2780 intelppm - ok
00:13:32.0576 2780 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
00:13:32.0581 2780 IPBusEnum - ok
00:13:32.0597 2780 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
00:13:32.0601 2780 IpFilterDriver - ok
00:13:32.0612 2780 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
00:13:32.0617 2780 iphlpsvc - ok
00:13:32.0643 2780 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
00:13:32.0660 2780 IPMIDRV - ok
00:13:32.0668 2780 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
00:13:32.0674 2780 IPNAT - ok
00:13:32.0738 2780 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:13:32.0768 2780 iPod Service - ok
00:13:32.0806 2780 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
00:13:32.0811 2780 IRENUM - ok
00:13:32.0837 2780 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
00:13:32.0840 2780 isapnp - ok
00:13:32.0859 2780 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
00:13:32.0877 2780 iScsiPrt - ok
00:13:32.0913 2780 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
00:13:32.0916 2780 kbdclass - ok
00:13:32.0957 2780 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
00:13:32.0965 2780 kbdhid - ok
00:13:32.0980 2780 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\windows\system32\lsass.exe
00:13:32.0982 2780 KeyIso - ok
00:13:33.0013 2780 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
00:13:33.0016 2780 KSecDD - ok
00:13:33.0040 2780 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
00:13:33.0046 2780 KSecPkg - ok
00:13:33.0077 2780 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
00:13:33.0085 2780 ksthunk - ok
00:13:33.0114 2780 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
00:13:33.0127 2780 KtmRm - ok
00:13:33.0155 2780 [ 48686C29856F46443952A831424F8D6F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
00:13:33.0159 2780 L1C - ok
00:13:33.0200 2780 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\windows\system32\srvsvc.dll
00:13:33.0204 2780 LanmanServer - ok
00:13:34.0853 2780 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
00:13:34.0856 2780 LanmanWorkstation - ok
00:13:34.0890 2780 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
00:13:34.0905 2780 lltdio - ok
00:13:34.0934 2780 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
00:13:34.0941 2780 lltdsvc - ok
00:13:34.0989 2780 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
00:13:34.0992 2780 lmhosts - ok
00:13:35.0082 2780 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
00:13:35.0087 2780 LSI_FC - ok
00:13:35.0097 2780 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
00:13:35.0102 2780 LSI_SAS - ok
00:13:35.0133 2780 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
00:13:35.0137 2780 LSI_SAS2 - ok
00:13:35.0162 2780 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
00:13:35.0169 2780 LSI_SCSI - ok
00:13:35.0186 2780 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
00:13:35.0189 2780 luafv - ok
00:13:35.0251 2780 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
00:13:35.0256 2780 Mcx2Svc - ok
00:13:35.0274 2780 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
00:13:35.0291 2780 megasas - ok
00:13:35.0340 2780 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
00:13:35.0347 2780 MegaSR - ok
00:13:35.0456 2780 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
00:13:35.0460 2780 Microsoft Office Groove Audit Service - ok
00:13:35.0531 2780 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
00:13:35.0533 2780 MMCSS - ok
00:13:35.0551 2780 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
00:13:35.0556 2780 Modem - ok
00:13:35.0604 2780 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
00:13:35.0606 2780 monitor - ok
00:13:35.0617 2780 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
00:13:35.0627 2780 mouclass - ok
00:13:35.0640 2780 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
00:13:35.0644 2780 mouhid - ok
00:13:35.0662 2780 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
00:13:35.0665 2780 mountmgr - ok
00:13:35.0736 2780 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:13:35.0740 2780 MozillaMaintenance - ok
00:13:35.0774 2780 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
00:13:35.0782 2780 mpio - ok
00:13:35.0797 2780 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
00:13:35.0800 2780 mpsdrv - ok
00:13:35.0835 2780 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
00:13:35.0841 2780 MpsSvc - ok
00:13:35.0867 2780 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
00:13:35.0879 2780 MRxDAV - ok
00:13:35.0899 2780 [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
00:13:35.0906 2780 mrxsmb - ok
00:13:35.0914 2780 [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
00:13:35.0919 2780 mrxsmb10 - ok
00:13:35.0939 2780 [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
00:13:35.0956 2780 mrxsmb20 - ok
00:13:35.0976 2780 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\windows\system32\DRIVERS\msahci.sys
00:13:35.0994 2780 msahci - ok
00:13:36.0029 2780 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
00:13:36.0040 2780 msdsm - ok
00:13:36.0052 2780 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
00:13:36.0058 2780 MSDTC - ok
00:13:36.0082 2780 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
00:13:36.0086 2780 Msfs - ok
00:13:36.0107 2780 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
00:13:36.0113 2780 mshidkmdf - ok
00:13:36.0125 2780 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
00:13:36.0131 2780 msisadrv - ok
00:13:36.0167 2780 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
00:13:36.0172 2780 MSiSCSI - ok
00:13:36.0179 2780 msiserver - ok
00:13:36.0214 2780 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
00:13:36.0217 2780 MSKSSRV - ok
00:13:36.0221 2780 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
00:13:36.0224 2780 MSPCLOCK - ok
00:13:36.0230 2780 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
00:13:36.0245 2780 MSPQM - ok
00:13:36.0269 2780 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
00:13:36.0273 2780 MsRPC - ok
00:13:36.0296 2780 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
00:13:36.0297 2780 mssmbios - ok
00:13:36.0313 2780 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
00:13:36.0325 2780 MSTEE - ok
00:13:36.0349 2780 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
00:13:36.0353 2780 MTConfig - ok
00:13:36.0373 2780 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
00:13:36.0377 2780 Mup - ok
00:13:36.0416 2780 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
00:13:36.0421 2780 napagent - ok
00:13:36.0453 2780 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
00:13:36.0457 2780 NativeWifiP - ok
00:13:36.0498 2780 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
00:13:36.0504 2780 NDIS - ok
00:13:36.0526 2780 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
00:13:36.0541 2780 NdisCap - ok
00:13:36.0576 2780 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
00:13:36.0580 2780 NdisTapi - ok
00:13:36.0598 2780 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
00:13:36.0602 2780 Ndisuio - ok
00:13:36.0619 2780 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
00:13:36.0626 2780 NdisWan - ok
00:13:36.0654 2780 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
00:13:36.0660 2780 NDProxy - ok
00:13:36.0752 2780 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
00:13:36.0760 2780 Nero BackItUp Scheduler 4.0 - ok
00:13:36.0793 2780 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
00:13:36.0796 2780 Net Driver HPZ12 - ok
00:13:36.0822 2780 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
00:13:36.0826 2780 NetBIOS - ok
00:13:36.0860 2780 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
00:13:36.0863 2780 NetBT - ok
00:13:36.0880 2780 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\windows\system32\lsass.exe
00:13:36.0882 2780 Netlogon - ok
00:13:36.0935 2780 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
00:13:36.0939 2780 Netman - ok
00:13:36.0948 2780 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
00:13:36.0954 2780 netprofm - ok
00:13:36.0986 2780 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:13:36.0993 2780 NetTcpPortSharing - ok
00:13:37.0023 2780 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
00:13:37.0042 2780 nfrd960 - ok
00:13:37.0073 2780 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
00:13:37.0076 2780 NlaSvc - ok
00:13:37.0090 2780 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
00:13:37.0094 2780 Npfs - ok
00:13:37.0103 2780 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
00:13:37.0106 2780 nsi - ok
00:13:37.0132 2780 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
00:13:37.0133 2780 nsiproxy - ok
00:13:37.0189 2780 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
00:13:37.0203 2780 Ntfs - ok
00:13:39.0052 2780 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
00:13:39.0055 2780 Null - ok
00:13:39.0104 2780 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\windows\system32\DRIVERS\nvraid.sys
00:13:39.0109 2780 nvraid - ok
00:13:39.0116 2780 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\windows\system32\DRIVERS\nvstor.sys
00:13:39.0132 2780 nvstor - ok
00:13:39.0138 2780 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
00:13:39.0154 2780 nv_agp - ok
00:13:39.0256 2780 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:13:39.0265 2780 odserv - ok
00:13:39.0297 2780 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
00:13:39.0301 2780 ohci1394 - ok
00:13:39.0344 2780 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:13:39.0350 2780 ose - ok
00:13:39.0414 2780 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
00:13:39.0418 2780 p2pimsvc - ok
00:13:39.0444 2780 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
00:13:39.0449 2780 p2psvc - ok
00:13:39.0494 2780 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
00:13:39.0498 2780 Parport - ok
00:13:39.0518 2780 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\windows\system32\drivers\partmgr.sys
00:13:39.0521 2780 partmgr - ok
00:13:39.0558 2780 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
00:13:39.0561 2780 PcaSvc - ok
00:13:39.0592 2780 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
00:13:39.0595 2780 pci - ok
00:13:39.0623 2780 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
00:13:39.0626 2780 pciide - ok
00:13:39.0644 2780 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
00:13:39.0650 2780 pcmcia - ok
00:13:39.0671 2780 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
00:13:39.0674 2780 pcw - ok
00:13:39.0694 2780 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
00:13:39.0707 2780 PEAUTH - ok
00:13:39.0767 2780 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
00:13:39.0771 2780 PerfHost - ok
00:13:39.0801 2780 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
00:13:39.0812 2780 PGEffect - ok
00:13:39.0871 2780 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
00:13:39.0892 2780 pla - ok
00:13:39.0927 2780 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\windows\system32\umpnpmgr.dll
00:13:39.0931 2780 PlugPlay - ok
00:13:39.0962 2780 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
00:13:39.0964 2780 Pml Driver HPZ12 - ok
00:13:39.0995 2780 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
00:13:39.0999 2780 PNRPAutoReg - ok
00:13:40.0006 2780 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
00:13:40.0011 2780 PNRPsvc - ok
00:13:40.0050 2780 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
00:13:40.0060 2780 PolicyAgent - ok
00:13:40.0086 2780 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
00:13:40.0090 2780 Power - ok
00:13:40.0137 2780 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
00:13:40.0141 2780 PptpMiniport - ok
00:13:40.0162 2780 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
00:13:40.0166 2780 Processor - ok
00:13:40.0206 2780 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\windows\system32\profsvc.dll
00:13:40.0210 2780 ProfSvc - ok
00:13:40.0225 2780 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\windows\system32\lsass.exe
00:13:40.0226 2780 ProtectedStorage - ok
00:13:40.0254 2780 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
00:13:40.0256 2780 Psched - ok
00:13:40.0305 2780 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
00:13:40.0335 2780 ql2300 - ok
00:13:40.0341 2780 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
00:13:40.0346 2780 ql40xx - ok
00:13:40.0379 2780 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
00:13:40.0386 2780 QWAVE - ok
00:13:40.0406 2780 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
00:13:40.0411 2780 QWAVEdrv - ok
00:13:40.0427 2780 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
00:13:40.0430 2780 RasAcd - ok
00:13:40.0457 2780 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
00:13:40.0462 2780 RasAgileVpn - ok
00:13:40.0491 2780 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
00:13:40.0498 2780 RasAuto - ok
00:13:40.0521 2780 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
00:13:40.0542 2780 Rasl2tp - ok
00:13:40.0565 2780 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
00:13:40.0575 2780 RasMan - ok
00:13:40.0598 2780 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
00:13:40.0602 2780 RasPppoe - ok
00:13:40.0620 2780 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
00:13:40.0625 2780 RasSstp - ok
00:13:40.0645 2780 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
00:13:40.0662 2780 rdbss - ok
00:13:40.0692 2780 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
00:13:40.0704 2780 rdpbus - ok
00:13:40.0725 2780 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
00:13:40.0726 2780 RDPCDD - ok
00:13:40.0759 2780 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
00:13:40.0760 2780 RDPENCDD - ok
00:13:40.0778 2780 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
00:13:40.0780 2780 RDPREFMP - ok
00:13:40.0798 2780 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
00:13:40.0804 2780 RDPWD - ok
00:13:40.0836 2780 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
00:13:40.0855 2780 rdyboost - ok
00:13:40.0874 2780 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
00:13:40.0879 2780 RemoteAccess - ok
00:13:40.0917 2780 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
00:13:40.0923 2780 RemoteRegistry - ok
00:13:40.0956 2780 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
00:13:40.0959 2780 RpcEptMapper - ok
00:13:40.0989 2780 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
00:13:40.0993 2780 RpcLocator - ok
00:13:41.0031 2780 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
00:13:41.0036 2780 RpcSs - ok
00:13:41.0059 2780 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
00:13:41.0063 2780 rspndr - ok
00:13:41.0099 2780 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
00:13:41.0104 2780 RSUSBSTOR - ok
00:13:41.0114 2780 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\windows\system32\lsass.exe
00:13:41.0118 2780 SamSs - ok
00:13:43.0018 2780 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
00:13:43.0036 2780 SBAMSvc - ok
00:13:43.0079 2780 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\windows\system32\DRIVERS\sbapifs.sys
00:13:43.0081 2780 sbapifs - ok
00:13:43.0118 2780 [ B671EEF468D13016B9286F5835A06AE1 ] sbhips C:\windows\system32\drivers\sbhips.sys
00:13:43.0124 2780 sbhips - ok
00:13:43.0155 2780 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
00:13:43.0161 2780 sbp2port - ok
00:13:43.0210 2780 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\windows\system32\drivers\SBREdrv.sys
00:13:43.0212 2780 SBRE - ok
00:13:43.0261 2780 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
00:13:43.0268 2780 SCardSvr - ok
00:13:43.0316 2780 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
00:13:43.0319 2780 scfilter - ok
00:13:43.0387 2780 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\windows\system32\schedsvc.dll
00:13:43.0395 2780 Schedule - ok
00:13:43.0443 2780 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
00:13:43.0444 2780 SCPolicySvc - ok
00:13:43.0472 2780 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
00:13:43.0480 2780 SDRSVC - ok
00:13:43.0570 2780 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
00:13:43.0576 2780 secdrv - ok
00:13:43.0600 2780 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
00:13:43.0603 2780 seclogon - ok
00:13:43.0607 2780 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
00:13:43.0610 2780 SENS - ok
00:13:43.0641 2780 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
00:13:43.0652 2780 SensrSvc - ok
00:13:43.0663 2780 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
00:13:43.0666 2780 Serenum - ok
00:13:43.0701 2780 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
00:13:43.0705 2780 Serial - ok
00:13:43.0710 2780 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
00:13:43.0715 2780 sermouse - ok
00:13:43.0750 2780 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
00:13:43.0752 2780 SessionEnv - ok
00:13:43.0767 2780 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
00:13:43.0770 2780 sffdisk - ok
00:13:43.0775 2780 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
00:13:43.0791 2780 sffp_mmc - ok
00:13:43.0801 2780 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
00:13:43.0804 2780 sffp_sd - ok
00:13:43.0809 2780 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
00:13:43.0828 2780 sfloppy - ok
00:13:43.0851 2780 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
00:13:43.0859 2780 SharedAccess - ok
00:13:43.0885 2780 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
00:13:43.0889 2780 ShellHWDetection - ok
00:13:43.0916 2780 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
00:13:43.0919 2780 SiSRaid2 - ok
00:13:43.0924 2780 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
00:13:43.0930 2780 SiSRaid4 - ok
00:13:44.0019 2780 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:13:44.0022 2780 SkypeUpdate - ok
00:13:44.0064 2780 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
00:13:44.0077 2780 Smb - ok
00:13:44.0128 2780 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
00:13:44.0132 2780 SNMPTRAP - ok
00:13:44.0147 2780 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
00:13:44.0159 2780 spldr - ok
00:13:44.0189 2780 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\windows\System32\spoolsv.exe
00:13:44.0194 2780 Spooler - ok
00:13:44.0296 2780 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
00:13:44.0321 2780 sppsvc - ok
00:13:44.0332 2780 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
00:13:44.0339 2780 sppuinotify - ok
00:13:44.0438 2780 sprtsvc_netxpert - ok
00:13:44.0475 2780 [ 43067A65522EAEC33D31A12D6FA8E3F4 ] srv C:\windows\system32\DRIVERS\srv.sys
00:13:44.0488 2780 srv - ok
00:13:44.0497 2780 [ 03715CF9C30B563DA35FC5F2B8F7B8E0 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
00:13:44.0505 2780 srv2 - ok
00:13:44.0520 2780 [ FBD09635227A8026C0F7790F604343C6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
00:13:44.0523 2780 srvnet - ok
00:13:44.0558 2780 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
00:13:44.0570 2780 SSDPSRV - ok
00:13:44.0590 2780 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
00:13:44.0594 2780 SstpSvc - ok
00:13:44.0606 2780 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
00:13:44.0620 2780 stexstor - ok
00:13:44.0662 2780 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
00:13:44.0668 2780 stisvc - ok
00:13:44.0694 2780 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
00:13:44.0704 2780 swenum - ok
00:13:44.0749 2780 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
00:13:44.0760 2780 swprv - ok
00:13:44.0826 2780 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
00:13:44.0838 2780 SynTP - ok
00:13:44.0890 2780 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
00:13:44.0902 2780 SysMain - ok
00:13:44.0921 2780 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
00:13:44.0931 2780 TabletInputService - ok
00:13:44.0951 2780 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
00:13:44.0958 2780 TapiSrv - ok
00:13:44.0973 2780 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
00:13:44.0979 2780 TBS - ok
00:13:45.0043 2780 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\windows\system32\drivers\tcpip.sys
00:13:45.0059 2780 Tcpip - ok
00:13:45.0121 2780 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
00:13:45.0132 2780 TCPIP6 - ok
00:13:45.0154 2780 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
00:13:45.0157 2780 tcpipreg - ok
00:13:45.0193 2780 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
00:13:45.0209 2780 tdcmdpst - ok
00:13:46.0830 2780 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
00:13:46.0834 2780 TDPIPE - ok
00:13:46.0839 2780 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
00:13:46.0844 2780 TDTCP - ok
00:13:46.0902 2780 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
00:13:46.0906 2780 tdx - ok
00:13:46.0916 2780 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
00:13:46.0919 2780 TermDD - ok
00:13:46.0985 2780 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
00:13:46.0991 2780 TermService - ok
00:13:46.0998 2780 tgsrvc_netxpert - ok
00:13:47.0024 2780 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
00:13:47.0026 2780 Themes - ok
00:13:47.0043 2780 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
00:13:47.0045 2780 THREADORDER - ok
00:13:47.0110 2780 [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
00:13:47.0121 2780 TMachInfo - ok
00:13:47.0167 2780 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\windows\system32\TODDSrv.exe
00:13:47.0188 2780 TODDSrv - ok
00:13:47.0285 2780 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
00:13:47.0302 2780 TosCoSrv - ok
00:13:47.0359 2780 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
00:13:47.0360 2780 TOSHIBA HDD SSD Alert Service - ok
00:13:47.0421 2780 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
00:13:47.0424 2780 TrkWks - ok
00:13:47.0477 2780 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
00:13:47.0487 2780 TrustedInstaller - ok
00:13:47.0531 2780 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
00:13:47.0535 2780 tssecsrv - ok
00:13:47.0577 2780 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
00:13:47.0581 2780 tunnel - ok
00:13:47.0620 2780 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
00:13:47.0626 2780 TVALZ - ok
00:13:47.0654 2780 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
00:13:47.0658 2780 uagp35 - ok
00:13:47.0715 2780 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\windows\system32\DRIVERS\udfs.sys
00:13:47.0722 2780 udfs - ok
00:13:47.0785 2780 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
00:13:47.0790 2780 UI0Detect - ok
00:13:47.0810 2780 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
00:13:47.0814 2780 uliagpkx - ok
00:13:47.0828 2780 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
00:13:47.0836 2780 umbus - ok
00:13:47.0840 2780 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
00:13:47.0846 2780 UmPass - ok
00:13:47.0874 2780 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
00:13:47.0892 2780 upnphost - ok
00:13:47.0936 2780 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
00:13:49.0536 2780 USBAAPL64 - ok
00:13:49.0581 2780 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
00:13:49.0586 2780 usbccgp - ok
00:13:49.0618 2780 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
00:13:49.0623 2780 usbcir - ok
00:13:49.0633 2780 [ CB490987A7F6928A04BB838E3BD8A936 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
00:13:49.0773 2780 usbehci - ok
00:13:49.0813 2780 [ 18124EF0A881A00EE222D02A3EE30270 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
00:13:49.0999 2780 usbhub - ok
00:13:50.0026 2780 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
00:13:50.0031 2780 usbohci - ok
00:13:50.0055 2780 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
00:13:50.0064 2780 usbprint - ok
00:13:50.0097 2780 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
00:13:50.0100 2780 usbscan - ok
00:13:50.0129 2780 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
00:13:50.0133 2780 USBSTOR - ok
00:13:50.0153 2780 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
00:13:50.0161 2780 usbuhci - ok
00:13:50.0199 2780 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
00:13:50.0210 2780 usbvideo - ok
00:13:50.0240 2780 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
00:13:50.0243 2780 UxSms - ok
00:13:50.0258 2780 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\windows\system32\lsass.exe
00:13:50.0260 2780 VaultSvc - ok
00:13:50.0302 2780 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
00:13:50.0306 2780 vdrvroot - ok
00:13:50.0338 2780 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
00:13:50.0352 2780 vds - ok
00:13:50.0395 2780 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
00:13:50.0403 2780 vga - ok
00:13:50.0418 2780 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
00:13:50.0422 2780 VgaSave - ok
00:13:50.0429 2780 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
00:13:50.0434 2780 vhdmp - ok
00:13:50.0440 2780 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
00:13:50.0461 2780 viaide - ok
00:13:50.0472 2780 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
00:13:50.0488 2780 volmgr - ok
00:13:50.0508 2780 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
00:13:50.0514 2780 volmgrx - ok
00:13:50.0527 2780 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
00:13:50.0531 2780 volsnap - ok
00:13:50.0556 2780 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
00:13:50.0578 2780 vsmraid - ok
00:13:50.0638 2780 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
00:13:50.0671 2780 VSS - ok
00:13:50.0687 2780 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
00:13:50.0692 2780 vwifibus - ok
00:13:50.0740 2780 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
00:13:50.0745 2780 vwififlt - ok
00:13:50.0783 2780 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
00:13:50.0787 2780 W32Time - ok
00:13:50.0802 2780 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
00:13:50.0805 2780 WacomPen - ok
00:13:50.0840 2780 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
00:13:50.0846 2780 WANARP - ok
00:13:50.0855 2780 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
00:13:50.0857 2780 Wanarpv6 - ok
00:13:50.0908 2780 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
00:13:50.0933 2780 wbengine - ok
00:13:50.0940 2780 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
00:13:50.0963 2780 WbioSrvc - ok
00:13:50.0971 2780 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\windows\System32\wcncsvc.dll
00:13:50.0991 2780 wcncsvc - ok
00:13:51.0001 2780 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
00:13:51.0006 2780 WcsPlugInService - ok
00:13:51.0039 2780 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
00:13:51.0043 2780 Wd - ok
00:13:51.0073 2780 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
00:13:51.0082 2780 Wdf01000 - ok
00:13:51.0098 2780 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
00:13:51.0101 2780 WdiServiceHost - ok
00:13:51.0105 2780 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
00:13:51.0108 2780 WdiSystemHost - ok
00:13:51.0131 2780 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\windows\System32\webclnt.dll
00:13:51.0141 2780 WebClient - ok
00:13:51.0162 2780 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
00:13:51.0171 2780 Wecsvc - ok
00:13:51.0189 2780 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
00:13:51.0192 2780 wercplsupport - ok
00:13:52.0852 2780 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
00:13:52.0855 2780 WerSvc - ok
00:13:52.0894 2780 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
00:13:52.0912 2780 WfpLwf - ok
00:13:52.0940 2780 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
00:13:52.0943 2780 WIMMount - ok
00:13:52.0999 2780 WinDefend - ok
00:13:53.0004 2780 WinHttpAutoProxySvc - ok
00:13:53.0058 2780 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
00:13:53.0061 2780 Winmgmt - ok
00:13:53.0122 2780 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
00:13:53.0143 2780 WinRM - ok
00:13:53.0195 2780 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] winusb C:\windows\system32\DRIVERS\WinUSB.SYS
00:13:53.0211 2780 winusb - ok
00:13:53.0288 2780 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
00:13:53.0298 2780 Wlansvc - ok
00:13:53.0482 2780 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:13:53.0506 2780 wlidsvc - ok
00:13:53.0518 2780 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
00:13:53.0521 2780 WmiAcpi - ok
00:13:53.0558 2780 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
00:13:53.0567 2780 wmiApSrv - ok
00:13:53.0607 2780 WMPNetworkSvc - ok
00:13:53.0632 2780 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
00:13:53.0637 2780 WPCSvc - ok
00:13:53.0666 2780 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
00:13:53.0669 2780 WPDBusEnum - ok
00:13:53.0689 2780 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
00:13:53.0706 2780 ws2ifsl - ok
00:13:53.0735 2780 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
00:13:53.0739 2780 wscsvc - ok
00:13:53.0747 2780 WSearch - ok
00:13:53.0813 2780 [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv C:\windows\system32\wuaueng.dll
00:13:53.0830 2780 wuauserv - ok
00:13:53.0861 2780 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
00:13:53.0872 2780 WudfPf - ok
00:13:53.0887 2780 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
00:13:53.0908 2780 WUDFRd - ok
00:13:53.0933 2780 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\windows\System32\WUDFSvc.dll
00:13:53.0936 2780 wudfsvc - ok
00:13:53.0954 2780 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
00:13:53.0970 2780 WwanSvc - ok
00:13:53.0990 2780 ================ Scan global ===============================
00:13:54.0027 2780 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
00:13:54.0059 2780 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\windows\system32\winsrv.dll
00:13:54.0068 2780 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\windows\system32\winsrv.dll
00:13:54.0088 2780 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
00:13:54.0123 2780 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
00:13:54.0127 2780 [Global] - ok
00:13:54.0127 2780 ================ Scan MBR ==================================
00:13:54.0146 2780 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
00:13:54.0302 2780 \Device\Harddisk0\DR0 - ok
00:13:54.0302 2780 ================ Scan VBR ==================================
00:13:54.0311 2780 [ E6D85492BE2E3BB85DAF2AC534278517 ] \Device\Harddisk0\DR0\Partition1
00:13:54.0312 2780 \Device\Harddisk0\DR0\Partition1 - ok
00:13:54.0312 2780 ============================================================
00:13:54.0312 2780 Scan finished
00:13:54.0312 2780 ============================================================
00:13:54.0341 5116 Detected object count: 0
00:13:54.0341 5116 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-11 19:25:09
-----------------------------
19:25:09.931 OS Version: Windows x64 6.1.7600
19:25:09.931 Number of processors: 2 586 0x170A
19:25:09.931 ComputerName: SHARELL-PC UserName: Sharell
19:25:12.224 Initialize success
19:25:25.079 AVAST engine defs: 12101000
19:25:32.769 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:25:32.769 Disk 0 Vendor: TOSHIBA_ GH10 Size: 476940MB BusType: 3
19:25:32.832 Disk 0 MBR read successfully
19:25:32.832 Disk 0 MBR scan
19:25:32.832 Disk 0 Windows VISTA default MBR code
19:25:32.879 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
19:25:32.910 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465867 MB offset 3074048
19:25:32.988 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 9572 MB offset 957169664
19:25:33.019 Disk 0 scanning C:\windows\system32\drivers
19:25:44.360 Service scanning
19:26:25.357 Modules scanning
19:26:25.357 Disk 0 trace - called modules:
19:26:26.012 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:26:26.527 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006f8d410]
19:26:26.527 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005e93050]
19:26:28.961 AVAST engine scan C:\windows
19:26:32.907 AVAST engine scan C:\windows\system32
19:28:55.616 AVAST engine scan C:\windows\system32\drivers
19:29:18.673 AVAST engine scan C:\Users\Sharell
19:54:06.323 AVAST engine scan C:\ProgramData
19:58:01.494 Scan finished successfully
19:58:50.306 Disk 0 MBR has been saved successfully to "C:\Users\Sharell\Documents\MBR.dat"
19:58:50.322 The log file has been saved successfully to "C:\Users\Sharell\Documents\aswMBR.txt"

#4 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 11 October 2012 - 01:17 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 MayaM

MayaM

    New Member

  • Members
  • Pip
  • 6 posts
  • Gender:Female

Posted 06 November 2012 - 02:20 PM

Sorry for the delay in posting these. I'm having some problems with the log for adware cleaner (my computer shut down). I'll try and post it asap.

Database version: v2012.11.06.08

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
6/11/2012 10:13:15 PM
mbam-log-2012-11-06 (22-13-15).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 417374
Time elapsed: 2 hour(s), 7 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 23-07-2012
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost




Farbar Service Scanner Version: 07-10-2012
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll
[2009-07-14 04:51] - [2009-07-14 07:10] - 0182272 ____A (Microsoft Corporation) 676108C4E3AA6F6B34633748BD0BEBD9

C:\Windows\System32\mpssvc.dll
[2009-07-14 05:39] - [2009-07-14 07:11] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 05:06] - [2009-07-14 07:11] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-14 06:06] - [2009-07-14 07:11] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

-----------------------------------------------------------


Junkware Removal Tool (JRT) by Thisisu
Version: 1.4.9 (10.12.2012)
OS: Windows 7 Home Premium x64
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\softonic"



*** Files:

Successfully deleted: [FILE] C:\ProgramData\application data\blekko toolbars\toolbar.txt
Successfully deleted: [FILE] C:\ProgramData\blekko toolbars\toolbar.txt
Successfully deleted: [FILE] C:\ProgramData\application data\blekko toolbars\toolbar.txt
Successfully deleted: [FILE] C:\ProgramData\blekko toolbars\toolbar.txt



*** Folders:

Failed to delete: [FOLDER-LOCKED!] "C:\ProgramData\blekko toolbars"
Failed to delete: [FOLDER-LOCKED!] "C:\ProgramData\installmate"
Failed to delete: [FOLDER-LOCKED!] "C:\ProgramData\premium"
Successfully deleted: [FOLDER] "C:\Users\Sharell\appdata\local\adawarebp"
Successfully deleted: [FOLDER] "C:\ProgramData\blekko toolbars"
Successfully deleted: [FOLDER] "C:\ProgramData\installmate"
Successfully deleted: [FOLDER] "C:\ProgramData\premium"



*** FireFox detected and repaired

Successfully deleted: [EXTENSION VALUE] hkey_current_user\software\mozilla\firefox\extensions\\smartwebprinting@hp.com
Successfully deleted: [EXTENSION VALUE] hkey_local_machine\software\mozilla\firefox\extensions\\smartwebprinting@hp.com


*** Event Viewer Logs - Cleared





**************************************************************

#6 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 06 November 2012 - 11:08 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 MayaM

MayaM

    New Member

  • Members
  • Pip
  • 6 posts
  • Gender:Female

Posted 07 November 2012 - 02:33 AM

Rkill 2.4.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/07/2012 12:49:16 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost
74.55.76.230 www.google-analytics.com.
74.55.76.230 ad-emea.doubleclick.net.
74.55.76.230 www.statcounter.com.
178.250.45.15 www.google-analytics.com.
178.250.45.15 ad-emea.doubleclick.net.
178.250.45.15 www.statcounter.com.

Program finished at: 11/07/2012 12:49:22 PM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)

-----------------------------------

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "00TCrdMain" "TOSHIBA Flash Cards" "TOSHIBA Corporation" "c:\program files\toshiba\flashcards\tcrdmain.exe"
+ "cAudioFilterAgent" "Conexant High Definition Audio Filter Agent" "Conexant Systems, Inc." "c:\program files\conexant\caudiofilteragent\caudiofilteragent64.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SmartAudio" "SAIICpl MFC Application" "" "c:\program files\conexant\saii\saiicpl.exe"
+ "SmartFaceVWatcher" "SmartFaceVWatcher" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevwatcher.exe"
+ "SmoothView" "SmoothView" "TOSHIBA Corporation" "c:\program files\toshiba\smoothview\smoothview.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "TosNC" "Message Center" "TOSHIBA Corporation" "c:\program files\toshiba\bulletinboard\tosnccore.exe"
+ "TosReelTimeMonitor" "Monitor of TOSHIBA ReelTime" "TOSHIBA Corporation" "c:\program files\toshiba\reeltime\tosreeltimemonitor.exe"
+ "TosSENotify" "" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\toswaitsrv.exe"
+ "TosVolRegulator" " Toshiba Volume Regulator" "TOSHIBA Corporation" "c:\program files\toshiba\tosvolregulator\tosvolregulator.exe"
+ "TPwrMain" "TOSHIBA Power Saver" "TOSHIBA Corporation" "c:\program files\toshiba\power saver\tpwrmain.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Ad-Aware Antivirus" "Ad-Aware Antivirus Launcher" "Lavasoft Limited" "c:\program files (x86)\ad-aware antivirus\adawarelauncher.exe"
+ "Ad-Aware Browsing Protection" "Ad-Aware Browsing Protection and Anti-Phishing" "Lavasoft" "c:\programdata\ad-aware browsing protection\adawarebp.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgtray.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\groovemonitor.exe"
+ "hpqSRMon" "HpqSRmon" "Hewlett-Packard" "c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "netxpert" "" "SupportSoft, Inc." "c:\program files (x86)\airtel netxpert\bin\sprtcmd.exe"
+ "ToshibaServiceStation" "TOSHIBA Service Station" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\toshibaservicestation.exe"
+ "TWebCamera" "" "TOSHIBA CORPORATION." "c:\program files (x86)\toshiba\toshiba web camera application\twebcamera.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ApplePhotoStreams" "ApplePhotoStreams.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\applephotostreams.exe"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\icloudservices.exe"
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\ubd.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgppa.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "Cover Designer" "Cover Designer" "Nero AG" "c:\program files (x86)\nero\nero 9\nero coverdesigner\coveredextension.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "AdAwareContextMenu64" "Ad-Aware Antivirus Shell Extension x64" "Lavasoft Limited" "c:\program files (x86)\ad-aware antivirus\adawareshellextension64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "AdAwareContextMenu" "Ad-Aware Antivirus Shell Extension" "Lavasoft Limited" "c:\program files (x86)\ad-aware antivirus\adawareshellextension.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssiea.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssie.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "TOSHIBA Media Controller Plug-in" "TOSHIBA Media Controller Plug-in " "<TOSHIBA>" "c:\program files (x86)\toshiba\toshiba media controller plug-in\toshibamediacontrollerie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "Launch WinHTTrack" "WinHTTrackIEBar Module" "" "c:\program files (x86)\winhttrack\winhttrackiebar.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Ad-Aware Service" "Ad-Aware Service" "Lavasoft Limited" "c:\program files (x86)\ad-aware antivirus\adawareservice.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cfWiMAXService" "This is WiMAX Control Service of ConfigFree. Please do not stop this servce when you are using ConfigFree with Intel WiMAX device." "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\configfree\cfiwmxsvcs64.exe"
+ "ConfigFree Service" "You can't stop this service, if you want to keep ConfigFree functionality fine." "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\configfree\cfsvcs.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files (x86)\toshiba games\toshiba game console\gameconsoleservice.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveauditservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "Nero BackItUp Scheduler 4.0" "Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "SBAMSvc" "Manages your antispyware and antivirus application" "GFI Software" "c:\program files (x86)\ad-aware antivirus\sbamsvc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "sprtsvc_netxpert" "SupportSoft Sprocket Service" "SupportSoft, Inc." "c:\program files (x86)\airtel netxpert\bin\sprtsvc.exe"
+ "tgsrvc_netxpert" "SupportSoft Repair Service" "SupportSoft, Inc." "c:\program files (x86)\airtel netxpert\bin\tgsrvc.exe"
+ "TMachInfo" "TOSHIBA Machine Information Service" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\tmachinfo.exe"
+ "TODDSrv" "TDCSrv Application" "TOSHIBA Corporation" "c:\windows\system32\toddsrv.exe"
+ "TosCoSrv" "TOSHIBA Power Saver manages power saving settings supported by TOSHIBA. These settings will not work if the service has stopped." "TOSHIBA Corporation" "c:\program files\toshiba\power saver\toscosrv.exe"
+ "TOSHIBA HDD SSD Alert Service" "TOSHIBA HDD SSD Alert" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\tossmartsrv.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "FwLnk" "TOSHIBA Firmware Linkage 64-bit Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\fwlnk.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hitmanpro36" "HitmanPro 3.6 Support Driver" "" "c:\windows\system32\drivers\hitmanpro36.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PGEffect" "TOSHIBA Universal Camera Filter Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\pgeffect.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "sbapifs" "GFI Active Protection Filter Driver" "GFI Software" "c:\windows\system32\drivers\sbapifs.sys"
+ "sbhips" "GFI Firewall SDK Host Intrusion Prevention System Driver" "GFI Software" "c:\windows\system32\drivers\sbhips.sys"
+ "SBRE" "GFI Anti-Rootkit Driver" "GFI Software" "c:\windows\system32\drivers\sbredrv.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "tdcmdpst" "TOSHIBA ODD Writing Driver for x64." "TOSHIBA Corporation." "c:\windows\system32\drivers\tdcmdpst.sys"
+ "TVALZ" "TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalz_o.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
+ "SFVCaptureFilter" "SmartFaceVCapt" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcapt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Image Effects" "TimeStam Dynamic Link Library" "" "c:\program files (x86)\toshiba\toshiba web camera application\pgtimefilter.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "TOSHIBA Progress Monitor" "TOSHIBA Progress Monitor" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\tprogmon.ax"
+ "TOSHIBA WAV Converter" "TOSHIBA Wav Converter" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\twavconv.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "SmartFaceVCP" "SmartFaceVCP" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzllw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpzllw71.dll"
"C:\Users\Sharell\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "AVG" "AVG" "AVG Technologies" "C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget\\Gadget.xml"

#8 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 07 November 2012 - 06:11 AM

Click on startmenu and type

cmd

right click on it and select run as administrator

Now copy following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f

Press Y

attrib -s -h -r hosts

After running these commands

Download

Hosts fixit

Run it,restart the PC

Now run mini toolbox again and post the new log

#9 MayaM

MayaM

    New Member

  • Members
  • Pip
  • 6 posts
  • Gender:Female

Posted 16 November 2012 - 01:07 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Sharell (administrator) on 16-11-2012 at 23:35:41
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Sharell-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-CA-AA-53
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 68-A3-C4-B5-2A-27
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c8d4:f492:5e32:f48a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, 16 November 2012 11:28:35 PM
Lease Expires . . . . . . . . . . : Monday, 19 November 2012 11:28:35 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 191407044
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-13-A5-E9-68-A3-C4-B5-2A-27
DNS Servers . . . . . . . . . . . : 202.149.208.92
202.149.208.91
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{1BE23863-598C-485F-96DE-4997C0A0E094}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C30A7204-3E3A-4AA1-AEF7-755BE61F7FD8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3004:31c1:3f57:fefb(Preferred)
Link-local IPv6 Address . . . . . : fe80::3004:31c1:3f57:fefb%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: smtp1.ttml.co.in
Address: 202.149.208.92

Name: google.com
Addresses: 2404:6800:4009:800::1005
74.125.236.104
74.125.236.105
74.125.236.110
74.125.236.96
74.125.236.97
74.125.236.98
74.125.236.99
74.125.236.100
74.125.236.101
74.125.236.102
74.125.236.103


Pinging google.com [74.125.236.110] with 32 bytes of data:
Reply from 74.125.236.110: bytes=32 time=99ms TTL=55
Reply from 74.125.236.110: bytes=32 time=99ms TTL=55

Ping statistics for 74.125.236.110:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 99ms, Maximum = 99ms, Average = 99ms
Server: smtp1.ttml.co.in
Address: 202.149.208.92

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=294ms TTL=45
Reply from 98.139.183.24: bytes=32 time=422ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 294ms, Maximum = 422ms, Average = 358ms
Server: smtp1.ttml.co.in
Address: 202.149.208.92

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 26 6c ca aa 53 ......Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
11...68 a3 c4 b5 2a 27 ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
192.168.1.4 255.255.255.255 On-link 192.168.1.4 281
192.168.1.255 255.255.255.255 On-link 192.168.1.4 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:3004:31c1:3f57:fefb/128
On-link
11 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::3004:31c1:3f57:fefb/128
On-link
11 281 fe80::c8d4:f492:5e32:f48a/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/16/2012 11:08:01 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (11/16/2012 10:47:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6521

Error: (11/16/2012 10:47:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6521

Error: (11/16/2012 10:47:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/16/2012 10:47:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5523

Error: (11/16/2012 10:47:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5523

Error: (11/16/2012 10:47:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/16/2012 10:47:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4524

Error: (11/16/2012 10:47:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4524

Error: (11/16/2012 10:47:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (11/14/2012 00:20:12 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR5.

Error: (11/14/2012 00:19:44 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (11/14/2012 11:16:48 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/14/2012 10:46:23 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:43:23 AM on ?14/?11/?2012 was unexpected.

Error: (11/11/2012 10:42:30 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR5.

Error: (11/09/2012 08:14:49 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{1BE23863-598C-485F-96DE-4997C0A0E094} because another computer on the network has the same name. The server could not start.

Error: (11/02/2012 00:45:42 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SBAMSvc service.

Error: (11/02/2012 00:45:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SBAMSvc service.

Error: (11/02/2012 03:10:41 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{1BE23863-598C-485F-96DE-4997C0A0E094} because another computer on the network has the same name. The server could not start.

Error: (10/31/2012 07:26:27 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer PRADEEP-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1BE23863-598C-485F-96DE-4997C0A0E094}.
The master browser is stopping or an election is being forced.


Microsoft Office Sessions:
=========================
Error: (10/09/2012 00:47:31 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2244716 seconds with 52020 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

"Nero SoundTrax Help (Version: 4.2.5.0)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Ad-Aware Antivirus (Version: 10.3.45.3935)
Ad-Aware Browsing Protection (Version: 1.0.1.41)
Adobe AIR (Version: 3.3.0.3670)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Reader 9.4.6 (Version: 9.4.6)
Advertising Center (Version: 0.0.0.1)
AIO_Scan (Version: 130.0.365.000)
Airtel NetXpert 3.0 (Version: 3.0)
Amazon Kindle For PC v1.1
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.27)
Atheros Driver Installation Program (Version: 5.2)
µTorrent (Version: 3.2.0)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2441)
AVG 2012 (Version: 2012.0.2221)
Azon Keyword Generator (Version: 2.0.0.0)
Azon Product Inspector (Version: 1.0.2.1)
Azon Top 100 Analyzer (Version: 1.0.1.9)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
Build-a-lot 2 (Version: 2.2.0.95)
CCleaner (Version: 3.23)
Chuzzle Deluxe (Version: 2.2.0.95)
Conexant HD Audio (Version: 4.119.0.61)
Copy (Version: 130.0.428.000)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DJ_AIO_ProductContext (Version: 130.0.365.000)
DJ_AIO_Software (Version: 130.0.365.000)
DJ_AIO_Software_min (Version: 130.0.365.000)
DolbyFiles (Version: 2.0)
e-tax 2012 (Version: 6.0.577)
ESET Online Scanner v3
F4100 (Version: 130.0.365.000)
F4100_Help (Version: 90.0.222.000)
FATE (Version: 2.2.0.95)
Free M4a to MP3 Converter 7.1
GIMP 2.6.11 (Version: 2.6.11)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
iCloud (Version: 1.1.0.40)
ImagXpress (Version: 7.0.74.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2086)
Intel® Matrix Storage Manager
iTunes (Version: 10.6.1.7)
Java™ 6 Update 17 (Version: 6.0.170)
Jewel Quest - Heritage (Version: 2.2.0.95)
Junk Mail filter update (Version: 14.0.8117.416)
Keyword Blaze (Version: 1.2.4)
LongTailPro - Version 1.3.18 (Version: 1.3.18)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 130.0.374.000)
Menu Templates - Starter Kit (Version: 9.0.4.0)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 3.0.40818.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Movie Templates - Starter Kit (Version: 9.0.4.0)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 14.0.1468.721)
Nero 9
Nero BurningROM (Version: 9.0.0.0)
Nero BurnRights (Version: 2.99.6.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.2.4.100)
Nero CoverDesigner Help (Version: 4.2.4.100)
Nero Disc Copy Gadget (Version: 2.2.7.0)
Nero Disc Copy Gadget Help (Version: 2.2.7.0)
Nero DiscSpeed (Version: 4.99.5.105)
Nero DriveSpeed (Version: 3.99.5.105)
Nero Express Help (Version: 9.2.6.100)
Nero InfoTool (Version: 5.99.5.105)
Nero Installer (Version: 2.0.0.1)
Nero Live (Version: 1.2.4.0)
Nero Live Help (Version: 1.2.4.0)
Nero PhotoSnap (Version: 1.53.2.0)
Nero PhotoSnap Help (Version: 1.53.2.0)
Nero Recode (Version: 3.53.0.0)
Nero Recode Help (Version: 3.53.0.0)
Nero Rescue Agent (Version: 1.99.0.1)
Nero RescueAgent Help (Version: 1.99.0.1)
Nero ShowTime (Version: 4.99.0.0)
Nero StartSmart (Version: 9.2.8.100)
Nero StartSmart Help (Version: 9.2.8.100)
Nero Vision (Version: 6.2.7.100)
Nero Vision (Version: 6.2.9.100)
Nero WaveEditor (Version: 5.2.5.0)
Nero WaveEditor Help (Version: 5.2.5.0)
NeroBurningROM (Version: 9.2.6.100)
NeroExpress (Version: 9.2.6.100)
NeroLiveGadget (Version: 1.0.8.100)
neroxml (Version: 1.0.0)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.95)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30111)
Scan (Version: 13.0.0.0)
SEO SpyGlass
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 130.0.457.000)
Snapseed (Version: 1.2.1)
SolutionCenter (Version: 130.0.373.000)
SoundTrax (Version: 4.2.5.0)
Status (Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Toolbox (Version: 130.0.648.000)
TOSHIBA Assist (Version: 3.00.11)
TOSHIBA Bulletin Board (Version: 1.6.07.64)
TOSHIBA ConfigFree (Version: 8.0.28)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Hardware Setup (Version: 2.00.06)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA Media Controller (Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.4.9)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.6.06.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Speech System Applications (Version: 1.00.2518)
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.03)
TOSHIBA Value Added Package (Version: 1.3.3.64)
TOSHIBA Web Camera Application (Version: 1.1.1.15)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WebReg (Version: 130.0.132.017)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.1.3)
WildTangent ORB Game Console
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
WinHTTrack Website Copier 3.46-1 (Version: 3.46.1)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
Zuma's Revenge (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 6011.97 MB
Available physical RAM: 4091.76 MB
Total Pagefile: 12022.08 MB
Available Pagefile: 10071.91 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.2 MB

========================= Partitions: =====================================

1 Drive c: (S3A8944D004) (Fixed) (Total:454.95 GB) (Free:312.99 GB) NTFS

========================= Users: ========================================

User accounts for \\SHARELL-PC

Administrator Guest Sharell

========================= Restore Points ==================================

03-07-2012 11:22:27 Installed AVG 2012
22-10-2012 05:32:33 Installed Snapseed
23-10-2012 12:24:47 Installed e-tax 2012
16-11-2012 17:55:29 Installed Microsoft Fix it 50267

**** End of log ****

#10 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 16 November 2012 - 01:39 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 MayaM

MayaM

    New Member

  • Members
  • Pip
  • 6 posts
  • Gender:Female

Posted 16 November 2012 - 01:46 PM

Thank you soooo much! You are just awesome and admirably knowledgeable. I don't know what was wrong or what you did to fix it but the problem has finally gone! I'm most grateful and relieved. I'll carry out the additional steps now. Thanks again. :thumbsup:

#12 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,365 posts
  • Gender:Male
  • Location:India

Posted 16 November 2012 - 01:49 PM

You're most welcome :)
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·