Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

my computer is slow AGAIN !!!!


  • Please log in to reply
11 replies to this topic

#1 dockami

dockami

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 14 October 2012 - 03:38 AM

my computer is all acting weird getting slow and showing pop ups and all !!!! plz help me !!!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:45 PM

Posted 14 October 2012 - 07:30 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 dockami

dockami
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 17 October 2012 - 06:22 PM

20:45:31.0408 4432 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
20:45:32.0838 4432 ============================================================
20:45:32.0838 4432 Current date / time: 2012/10/17 20:45:32.0838
20:45:32.0838 4432 SystemInfo:
20:45:32.0838 4432
20:45:32.0838 4432 OS Version: 6.1.7601 ServicePack: 1.0
20:45:32.0838 4432 Product type: Workstation
20:45:32.0838 4432 ComputerName: KAMI-PC
20:45:32.0838 4432 UserName: kami
20:45:32.0838 4432 Windows directory: C:\Windows
20:45:32.0838 4432 System windows directory: C:\Windows
20:45:32.0838 4432 Running under WOW64
20:45:32.0838 4432 Processor architecture: Intel x64
20:45:32.0838 4432 Number of processors: 2
20:45:32.0838 4432 Page size: 0x1000
20:45:32.0838 4432 Boot type: Normal boot
20:45:32.0838 4432 ============================================================
20:45:35.0290 4432 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:45:35.0350 4432 ============================================================
20:45:35.0350 4432 \Device\Harddisk0\DR0:
20:45:35.0350 4432 MBR partitions:
20:45:35.0350 4432 Initialize success
20:45:35.0350 4432 ============================================================
20:45:43.0342 4256 ============================================================
20:45:43.0342 4256 Scan started
20:45:43.0342 4256 Mode: Manual; TDLFS;
20:45:43.0342 4256 ============================================================
20:45:44.0192 4256 ================ Scan system memory ========================
20:45:44.0192 4256 System memory - ok
20:45:44.0192 4256 ================ Scan services =============================
20:45:44.0382 4256 1394ohci - ok
20:45:44.0462 4256 Accelerometer - ok
20:45:44.0482 4256 ACPI - ok
20:45:44.0542 4256 AcpiPmi - ok
20:45:44.0692 4256 AdobeARMservice - ok
20:45:44.0722 4256 adp94xx - ok
20:45:44.0772 4256 adpahci - ok
20:45:44.0772 4256 adpu320 - ok
20:45:44.0782 4256 AeLookupSvc - ok
20:45:44.0832 4256 AESTFilters - ok
20:45:44.0932 4256 AFD - ok
20:45:44.0952 4256 agp440 - ok
20:45:44.0962 4256 ALG - ok
20:45:44.0992 4256 aliide - ok
20:45:45.0002 4256 AMD External Events Utility - ok
20:45:45.0052 4256 AMD FUEL Service - ok
20:45:45.0062 4256 amdide - ok
20:45:45.0092 4256 amdiox64 - ok
20:45:45.0112 4256 AmdK8 - ok
20:45:45.0142 4256 amdkmdag - ok
20:45:45.0162 4256 amdkmdap - ok
20:45:45.0222 4256 AmdPPM - ok
20:45:45.0232 4256 amdsata - ok
20:45:45.0242 4256 amdsbs - ok
20:45:45.0252 4256 amdxata - ok
20:45:45.0302 4256 AODDriver4.01 - ok
20:45:45.0382 4256 AppID - ok
20:45:45.0392 4256 AppIDSvc - ok
20:45:45.0392 4256 Appinfo - ok
20:45:45.0502 4256 arc - ok
20:45:45.0512 4256 arcsas - ok
20:45:45.0642 4256 aswFsBlk - ok
20:45:45.0732 4256 aswMonFlt - ok
20:45:45.0942 4256 aswRdr - ok
20:45:45.0942 4256 aswSnx - ok
20:45:45.0952 4256 aswSP - ok
20:45:46.0112 4256 aswTdi - ok
20:45:46.0122 4256 AsyncMac - ok
20:45:46.0132 4256 atapi - ok
20:45:46.0163 4256 athr - ok
20:45:46.0284 4256 AtiHdmiService - ok
20:45:46.0324 4256 AtiPcie - ok
20:45:46.0364 4256 AudioEndpointBuilder - ok
20:45:46.0374 4256 AudioSrv - ok
20:45:46.0454 4256 avast! Antivirus - ok
20:45:46.0494 4256 AxInstSV - ok
20:45:46.0524 4256 b06bdrv - ok
20:45:46.0554 4256 b57nd60a - ok
20:45:46.0676 4256 BDESVC - ok
20:45:46.0696 4256 Beep - ok
20:45:46.0786 4256 BFE - ok
20:45:46.0856 4256 BingDesktopUpdate - ok
20:45:46.0886 4256 BITCOMET_HELPER_SERVICE - ok
20:45:46.0896 4256 BITS - ok
20:45:46.0956 4256 blbdrive - ok
20:45:47.0026 4256 bowser - ok
20:45:47.0056 4256 BrFiltLo - ok
20:45:47.0066 4256 BrFiltUp - ok
20:45:47.0086 4256 Browser - ok
20:45:47.0096 4256 Brserid - ok
20:45:47.0096 4256 BrSerWdm - ok
20:45:47.0106 4256 BrUsbMdm - ok
20:45:47.0116 4256 BrUsbSer - ok
20:45:47.0236 4256 BthEnum - ok
20:45:47.0246 4256 BTHMODEM - ok
20:45:47.0286 4256 BthPan - ok
20:45:47.0376 4256 BTHPORT - ok
20:45:47.0386 4256 bthserv - ok
20:45:47.0396 4256 BTHUSB - ok
20:45:47.0466 4256 cdfs - ok
20:45:47.0516 4256 cdrom - ok
20:45:47.0536 4256 CertPropSvc - ok
20:45:47.0666 4256 circlass - ok
20:45:47.0686 4256 CLFS - ok
20:45:47.0756 4256 clr_optimization_v2.0.50727_32 - ok
20:45:47.0776 4256 clr_optimization_v2.0.50727_64 - ok
20:45:47.0846 4256 clr_optimization_v4.0.30319_32 - ok
20:45:47.0876 4256 clr_optimization_v4.0.30319_64 - ok
20:45:47.0886 4256 CmBatt - ok
20:45:47.0896 4256 cmdide - ok
20:45:47.0896 4256 CNG - ok
20:45:47.0946 4256 Compbatt - ok
20:45:48.0036 4256 CompositeBus - ok
20:45:48.0076 4256 COMSysApp - ok
20:45:48.0086 4256 crcdisk - ok
20:45:48.0126 4256 CryptSvc - ok
20:45:48.0136 4256 DcomLaunch - ok
20:45:48.0146 4256 defragsvc - ok
20:45:48.0166 4256 DfsC - ok
20:45:48.0216 4256 Dhcp - ok
20:45:48.0226 4256 discache - ok
20:45:48.0256 4256 Disk - ok
20:45:48.0266 4256 Dnscache - ok
20:45:48.0306 4256 dot3svc - ok
20:45:48.0316 4256 DPS - ok
20:45:48.0316 4256 drmkaud - ok
20:45:48.0346 4256 DVMIO - ok
20:45:48.0396 4256 DvmMDES - ok
20:45:48.0396 4256 DXGKrnl - ok
20:45:48.0426 4256 EapHost - ok
20:45:48.0436 4256 ebdrv - ok
20:45:48.0446 4256 EFS - ok
20:45:48.0446 4256 ehRecvr - ok
20:45:48.0456 4256 ehSched - ok
20:45:48.0466 4256 elxstor - ok
20:45:48.0466 4256 ErrDev - ok
20:45:48.0506 4256 EventSystem - ok
20:45:48.0616 4256 exfat - ok
20:45:48.0626 4256 fastfat - ok
20:45:48.0656 4256 Fax - ok
20:45:48.0666 4256 fdc - ok
20:45:48.0676 4256 fdPHost - ok
20:45:48.0676 4256 FDResPub - ok
20:45:48.0686 4256 FileInfo - ok
20:45:48.0696 4256 Filetrace - ok
20:45:48.0696 4256 flpydisk - ok
20:45:48.0706 4256 FltMgr - ok
20:45:48.0726 4256 FontCache - ok
20:45:48.0736 4256 FontCache3.0.0.0 - ok
20:45:48.0826 4256 Freemake Improver - ok
20:45:48.0886 4256 FreemakeVideoCapture - ok
20:45:48.0906 4256 FsDepends - ok
20:45:48.0988 4256 fssfltr - ok
20:45:48.0998 4256 fsssvc - ok
20:45:49.0008 4256 Fs_Rec - ok
20:45:49.0078 4256 fvevol - ok
20:45:49.0088 4256 gagp30kx - ok
20:45:49.0108 4256 gpsvc - ok
20:45:49.0168 4256 gupdate - ok
20:45:49.0208 4256 gupdatem - ok
20:45:49.0218 4256 hcw85cir - ok
20:45:49.0238 4256 HdAudAddService - ok
20:45:49.0248 4256 HDAudBus - ok
20:45:49.0258 4256 HidBatt - ok
20:45:49.0268 4256 HidBth - ok
20:45:49.0278 4256 HidIr - ok
20:45:49.0278 4256 hidserv - ok
20:45:49.0321 4256 HidUsb - ok
20:45:49.0328 4256 hkmsvc - ok
20:45:49.0330 4256 HomeGroupListener - ok
20:45:49.0330 4256 HomeGroupProvider - ok
20:45:49.0410 4256 HP Support Assistant Service - ok
20:45:49.0460 4256 HP Wireless Assistant Service - ok
20:45:49.0470 4256 HPDrvMntSvc.exe - ok
20:45:49.0490 4256 hpdskflt - ok
20:45:49.0602 4256 hpqcxs08 - ok
20:45:49.0622 4256 hpqddsvc - ok
20:45:49.0852 4256 hpqwmiex - ok
20:45:49.0962 4256 HpSAMD - ok
20:45:49.0972 4256 hpsrv - ok
20:45:49.0982 4256 HPWMISVC - ok
20:45:50.0094 4256 hshld - ok
20:45:50.0244 4256 HssDRV6 - ok
20:45:50.0284 4256 HssTrayService - ok
20:45:50.0314 4256 HTTP - ok
20:45:50.0484 4256 hwdatacard - ok
20:45:50.0494 4256 hwpolicy - ok
20:45:50.0514 4256 hwusbdev - ok
20:45:50.0584 4256 i8042prt - ok
20:45:50.0634 4256 iaStorV - ok
20:45:50.0644 4256 idsvc - ok
20:45:50.0664 4256 igfx - ok
20:45:50.0664 4256 iirsp - ok
20:45:50.0674 4256 IKEEXT - ok
20:45:50.0694 4256 intelide - ok
20:45:50.0694 4256 intelppm - ok
20:45:50.0704 4256 IPBusEnum - ok
20:45:50.0714 4256 IpFilterDriver - ok
20:45:50.0714 4256 iphlpsvc - ok
20:45:50.0729 4256 IPMIDRV - ok
20:45:50.0735 4256 IPNAT - ok
20:45:50.0756 4256 IRENUM - ok
20:45:50.0766 4256 isapnp - ok
20:45:50.0776 4256 iScsiPrt - ok
20:45:50.0826 4256 kbdclass - ok
20:45:50.0856 4256 kbdhid - ok
20:45:50.0866 4256 KeyIso - ok
20:45:50.0876 4256 KSecDD - ok
20:45:50.0876 4256 KSecPkg - ok
20:45:50.0906 4256 ksthunk - ok
20:45:50.0916 4256 KtmRm - ok
20:45:50.0956 4256 LanmanServer - ok
20:45:50.0976 4256 LanmanWorkstation - ok
20:45:51.0056 4256 LightScribeService - ok
20:45:51.0096 4256 lltdio - ok
20:45:51.0106 4256 lltdsvc - ok
20:45:51.0106 4256 lmhosts - ok
20:45:51.0136 4256 LSI_FC - ok
20:45:51.0136 4256 LSI_SAS - ok
20:45:51.0146 4256 LSI_SAS2 - ok
20:45:51.0156 4256 LSI_SCSI - ok
20:45:51.0156 4256 luafv - ok
20:45:51.0166 4256 Mcx2Svc - ok
20:45:51.0176 4256 megasas - ok
20:45:51.0176 4256 MegaSR - ok
20:45:51.0206 4256 MMCSS - ok
20:45:51.0206 4256 Modem - ok
20:45:51.0216 4256 monitor - ok
20:45:51.0226 4256 mouclass - ok
20:45:51.0226 4256 mouhid - ok
20:45:51.0236 4256 mountmgr - ok
20:45:51.0236 4256 mpio - ok
20:45:51.0246 4256 mpsdrv - ok
20:45:51.0256 4256 MpsSvc - ok
20:45:51.0256 4256 MRxDAV - ok
20:45:51.0266 4256 mrxsmb - ok
20:45:51.0266 4256 mrxsmb10 - ok
20:45:51.0276 4256 mrxsmb20 - ok
20:45:51.0286 4256 msahci - ok
20:45:51.0286 4256 msdsm - ok
20:45:51.0296 4256 MSDTC - ok
20:45:51.0326 4256 Msfs - ok
20:45:51.0366 4256 mshidkmdf - ok
20:45:51.0366 4256 msisadrv - ok
20:45:51.0396 4256 MSiSCSI - ok
20:45:51.0396 4256 msiserver - ok
20:45:51.0426 4256 MSKSSRV - ok
20:45:51.0436 4256 MSPCLOCK - ok
20:45:51.0456 4256 MSPQM - ok
20:45:51.0456 4256 MsRPC - ok
20:45:51.0466 4256 mssmbios - ok
20:45:51.0476 4256 MSTEE - ok
20:45:51.0486 4256 MTConfig - ok
20:45:51.0526 4256 Mup - ok
20:45:51.0526 4256 napagent - ok
20:45:51.0636 4256 NativeWifiP - ok
20:45:51.0646 4256 NDIS - ok
20:45:51.0676 4256 NdisCap - ok
20:45:51.0716 4256 NdisTapi - ok
20:45:51.0936 4256 Ndisuio - ok
20:45:51.0946 4256 NdisWan - ok
20:45:51.0956 4256 NDProxy - ok
20:45:52.0136 4256 Net Driver HPZ12 - ok
20:45:52.0196 4256 NetBIOS - ok
20:45:52.0206 4256 NetBT - ok
20:45:52.0216 4256 Netlogon - ok
20:45:52.0256 4256 Netman - ok
20:45:52.0266 4256 netprofm - ok
20:45:52.0316 4256 netr28ux - ok
20:45:52.0326 4256 NetTcpPortSharing - ok
20:45:52.0476 4256 netw5v64 - ok
20:45:52.0486 4256 nfrd960 - ok
20:45:52.0516 4256 NlaSvc - ok
20:45:52.0546 4256 npf - ok
20:45:52.0556 4256 Npfs - ok
20:45:52.0566 4256 nsi - ok
20:45:52.0576 4256 nsiproxy - ok
20:45:52.0576 4256 Ntfs - ok
20:45:52.0586 4256 Null - ok
20:45:52.0613 4256 nvraid - ok
20:45:52.0618 4256 nvstor - ok
20:45:52.0618 4256 nv_agp - ok
20:45:52.0628 4256 odserv - ok
20:45:52.0638 4256 ohci1394 - ok
20:45:52.0648 4256 ose - ok
20:45:52.0658 4256 p2pimsvc - ok
20:45:52.0658 4256 p2psvc - ok
20:45:52.0668 4256 Parport - ok
20:45:52.0679 4256 partmgr - ok
20:45:52.0687 4256 PcaSvc - ok
20:45:52.0694 4256 pci - ok
20:45:52.0701 4256 pciide - ok
20:45:52.0709 4256 pcmcia - ok
20:45:52.0716 4256 pcw - ok
20:45:52.0724 4256 PEAUTH - ok
20:45:52.0735 4256 PerfHost - ok
20:45:52.0751 4256 pla - ok
20:45:52.0790 4256 PlugPlay - ok
20:45:52.0920 4256 Pml Driver HPZ12 - ok
20:45:52.0930 4256 PNRPAutoReg - ok
20:45:52.0930 4256 PNRPsvc - ok
20:45:52.0940 4256 PolicyAgent - ok
20:45:52.0950 4256 Power - ok
20:45:52.0982 4256 PptpMiniport - ok
20:45:52.0989 4256 Processor - ok
20:45:52.0997 4256 ProfSvc - ok
20:45:53.0004 4256 ProtectedStorage - ok
20:45:53.0011 4256 Psched - ok
20:45:53.0018 4256 ql2300 - ok
20:45:53.0025 4256 ql40xx - ok
20:45:53.0032 4256 QWAVE - ok
20:45:53.0040 4256 QWAVEdrv - ok
20:45:53.0047 4256 RasAcd - ok
20:45:53.0054 4256 RasAgileVpn - ok
20:45:53.0060 4256 RasAuto - ok
20:45:53.0067 4256 Rasl2tp - ok
20:45:53.0076 4256 RasMan - ok
20:45:53.0081 4256 RasPppoe - ok
20:45:53.0088 4256 RasSstp - ok
20:45:53.0095 4256 rdbss - ok
20:45:53.0102 4256 rdpbus - ok
20:45:53.0108 4256 RDPCDD - ok
20:45:53.0172 4256 RDPENCDD - ok
20:45:53.0182 4256 RDPREFMP - ok
20:45:53.0182 4256 RDPWD - ok
20:45:53.0192 4256 rdyboost - ok
20:45:53.0202 4256 RemoteAccess - ok
20:45:53.0202 4256 RemoteRegistry - ok
20:45:53.0212 4256 RFCOMM - ok
20:45:53.0226 4256 RpcEptMapper - ok
20:45:53.0232 4256 RpcLocator - ok
20:45:53.0238 4256 RpcSs - ok
20:45:53.0245 4256 rspndr - ok
20:45:53.0253 4256 RSUSBSTOR - ok
20:45:53.0284 4256 RTL8167 - ok
20:45:53.0284 4256 SamSs - ok
20:45:53.0294 4256 sbp2port - ok
20:45:53.0294 4256 SCardSvr - ok
20:45:53.0304 4256 scfilter - ok
20:45:53.0329 4256 Schedule - ok
20:45:53.0338 4256 SCPolicySvc - ok
20:45:53.0366 4256 sdbus - ok
20:45:53.0377 4256 SDRSVC - ok
20:45:53.0381 4256 secdrv - ok
20:45:53.0388 4256 seclogon - ok
20:45:53.0396 4256 SENS - ok
20:45:53.0405 4256 SensrSvc - ok
20:45:53.0406 4256 Serenum - ok
20:45:53.0416 4256 Serial - ok
20:45:53.0426 4256 sermouse - ok
20:45:53.0436 4256 SessionEnv - ok
20:45:53.0446 4256 sffdisk - ok
20:45:53.0446 4256 sffp_mmc - ok
20:45:53.0456 4256 sffp_sd - ok
20:45:53.0466 4256 sfloppy - ok
20:45:53.0466 4256 SharedAccess - ok
20:45:53.0476 4256 ShellHWDetection - ok
20:45:53.0486 4256 SiSRaid2 - ok
20:45:53.0486 4256 SiSRaid4 - ok
20:45:53.0676 4256 SkypeUpdate - ok
20:45:53.0716 4256 Smb - ok
20:45:53.0796 4256 SNMPTRAP - ok
20:45:53.0806 4256 spldr - ok
20:45:53.0816 4256 Spooler - ok
20:45:53.0826 4256 sppsvc - ok
20:45:53.0836 4256 sppuinotify - ok
20:45:53.0836 4256 srv - ok
20:45:53.0851 4256 srv2 - ok
20:45:53.0948 4256 SrvHsfHDA - ok
20:45:53.0958 4256 SrvHsfV92 - ok
20:45:53.0968 4256 SrvHsfWinac - ok
20:45:53.0978 4256 srvnet - ok
20:45:54.0118 4256 SSDPSRV - ok
20:45:54.0138 4256 SstpSvc - ok
20:45:54.0148 4256 STacSV - ok
20:45:54.0158 4256 stexstor - ok
20:45:54.0198 4256 STHDA - ok
20:45:54.0238 4256 stisvc - ok
20:45:54.0248 4256 swenum - ok
20:45:54.0258 4256 swprv - ok
20:45:54.0318 4256 SynTP - ok
20:45:54.0338 4256 SysMain - ok
20:45:54.0348 4256 TabletInputService - ok
20:45:54.0386 4256 taphss - ok
20:45:54.0389 4256 TapiSrv - ok
20:45:54.0396 4256 TBS - ok
20:45:54.0403 4256 Tcpip - ok
20:45:54.0429 4256 TCPIP6 - ok
20:45:54.0430 4256 tcpipreg - ok
20:45:54.0450 4256 TDPIPE - ok
20:45:54.0460 4256 TDTCP - ok
20:45:54.0480 4256 tdx - ok
20:45:54.0490 4256 TermDD - ok
20:45:54.0500 4256 TermService - ok
20:45:54.0500 4256 Themes - ok
20:45:54.0510 4256 THREADORDER - ok
20:45:54.0520 4256 TrkWks - ok
20:45:54.0520 4256 TrustedInstaller - ok
20:45:54.0530 4256 tssecsrv - ok
20:45:54.0567 4256 TsUsbFlt - ok
20:45:54.0579 4256 tunnel - ok
20:45:54.0582 4256 uagp35 - ok
20:45:54.0582 4256 udfs - ok
20:45:54.0622 4256 UDisk Monitor - ok
20:45:54.0642 4256 UI0Detect - ok
20:45:54.0672 4256 uliagpkx - ok
20:45:54.0682 4256 umbus - ok
20:45:54.0682 4256 UmPass - ok
20:45:54.0692 4256 upnphost - ok
20:45:54.0702 4256 usbccgp - ok
20:45:54.0722 4256 usbcir - ok
20:45:54.0732 4256 usbehci - ok
20:45:54.0732 4256 usbhub - ok
20:45:54.0742 4256 usbohci - ok
20:45:54.0762 4256 usbprint - ok
20:45:54.0772 4256 usbscan - ok
20:45:54.0782 4256 USBSTOR - ok
20:45:54.0782 4256 usbuhci - ok
20:45:54.0852 4256 usbvideo - ok
20:45:54.0872 4256 UxSms - ok
20:45:54.0882 4256 VaultSvc - ok
20:45:54.0892 4256 vdrvroot - ok
20:45:54.0902 4256 vds - ok
20:45:54.0916 4256 vga - ok
20:45:54.0923 4256 VgaSave - ok
20:45:54.0927 4256 vhdmp - ok
20:45:54.0933 4256 viaide - ok
20:45:54.0934 4256 volmgr - ok
20:45:54.0944 4256 volmgrx - ok
20:45:54.0944 4256 volsnap - ok
20:45:54.0954 4256 vsmraid - ok
20:45:54.0964 4256 VSS - ok
20:45:54.0964 4256 vwifibus - ok
20:45:55.0104 4256 vwififlt - ok
20:45:55.0154 4256 vwifimp - ok
20:45:55.0164 4256 W32Time - ok
20:45:55.0174 4256 WacomPen - ok
20:45:55.0284 4256 WANARP - ok
20:45:55.0294 4256 Wanarpv6 - ok
20:45:55.0314 4256 WatAdminSvc - ok
20:45:55.0314 4256 wbengine - ok
20:45:55.0324 4256 WbioSrvc - ok
20:45:55.0334 4256 wcncsvc - ok
20:45:55.0344 4256 WcsPlugInService - ok
20:45:55.0344 4256 Wd - ok
20:45:55.0354 4256 Wdf01000 - ok
20:45:55.0364 4256 WdiServiceHost - ok
20:45:55.0364 4256 WdiSystemHost - ok
20:45:55.0374 4256 WebClient - ok
20:45:55.0384 4256 Wecsvc - ok
20:45:55.0384 4256 wercplsupport - ok
20:45:55.0414 4256 WerSvc - ok
20:45:55.0424 4256 WfpLwf - ok
20:45:55.0424 4256 WIMMount - ok
20:45:55.0434 4256 WinDefend - ok
20:45:55.0444 4256 WinHttpAutoProxySvc - ok
20:45:55.0456 4256 Winmgmt - ok
20:45:55.0463 4256 WinRM - ok
20:45:55.0477 4256 Wlansvc - ok
20:45:55.0736 4256 wlcrasvc - ok
20:45:55.0946 4256 wlidsvc - ok
20:45:55.0956 4256 WmiAcpi - ok
20:45:55.0966 4256 wmiApSrv - ok
20:45:55.0976 4256 WMPNetworkSvc - ok
20:45:55.0986 4256 WPCSvc - ok
20:45:55.0986 4256 WPDBusEnum - ok
20:45:56.0001 4256 ws2ifsl - ok
20:45:56.0010 4256 wscsvc - ok
20:45:56.0017 4256 WSearch - ok
20:45:56.0028 4256 wuauserv - ok
20:45:56.0036 4256 WudfPf - ok
20:45:56.0067 4256 WUDFRd - ok
20:45:56.0075 4256 wudfsvc - ok
20:45:56.0080 4256 WwanSvc - ok
20:45:56.0093 4256 yukonw7 - ok
20:45:56.0139 4256 ztemtusbser - ok
20:45:56.0260 4256 ================ Scan global ===============================
20:45:56.0260 4256 [Global] - ok
20:45:56.0270 4256 ================ Scan MBR ==================================
20:45:56.0300 4256 [ 7CD43A74EEA9D4F30E997E26486B0019 ] \Device\Harddisk0\DR0
20:46:03.0990 4256 \Device\Harddisk0\DR0 - ok
20:46:04.0000 4256 ================ Scan VBR ==================================
20:46:04.0000 4256 ============================================================
20:46:04.0000 4256 Scan finished
20:46:04.0000 4256 ============================================================
20:46:04.0010 1612 Detected object count: 0
20:46:04.0010 1612 Actual detected object count: 0








aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-17 20:53:33
-----------------------------
20:53:33.411 OS Version: Windows x64 6.1.7601 Service Pack 1
20:53:33.411 Number of processors: 2 586 0x603
20:53:33.411 ComputerName: KAMI-PC UserName: kami
20:53:41.579 Initialize success
20:53:48.229 AVAST engine defs: 12101700
20:54:31.209 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:54:31.215 Disk 0 Vendor: ST9500325AS 0005HPM1 Size: 476940MB BusType: 11
20:54:31.224 Disk 0 MBR read successfully
20:54:31.230 Disk 0 MBR scan
20:54:31.332 Disk 0 unknown MBR code
20:54:31.354 Disk 0 Partition 1 80 (A) 42 SFS NTFS 199 MB offset 2048
20:54:31.406 Disk 0 Partition 2 00 42 SFS NTFS 231966 MB offset 409600
20:54:31.439 Disk 0 Partition 3 00 42 SFS NTFS 22022 MB offset 931459072
20:54:31.457 Disk 0 Partition 4 00 42 SFS MSDOS5.0 103 MB offset 976560128
20:54:31.463 Disk 0 scanning C:\Windows\system32\drivers
20:54:31.471 Service scanning
20:55:12.234 Modules scanning
20:55:12.235 Disk 0 trace - called modules:
20:55:12.303 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
20:55:12.303 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80046a3060]
20:55:12.304 3 CLASSPNP.SYS[fffff88000e7443f] -> nt!IofCallDriver -> [0xfffffa80046a2630]
20:55:12.304 5 hpdskflt.sys[fffff880014af189] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004629060]
20:55:13.369 AVAST engine scan C:\Windows
20:55:13.370 AVAST engine scan C:\Windows\system32
20:55:13.371 AVAST engine scan C:\Windows\system32\drivers
20:55:13.373 AVAST engine scan C:\Users\kami
20:55:13.374 AVAST engine scan C:\ProgramData
20:55:13.374 Scan finished successfully
21:26:00.606 Disk 0 MBR has been saved successfully to "C:\Users\kami\Documents\MBR.dat"
21:26:00.619 The log file has been saved successfully to "C:\Users\kami\Documents\aswMBR.txt"






C:\Downloads\NFS RUN\3.bin a variant of Win32/Packed.VMProtect.AAM trojan deleted - quarantined
C:\Downloads\NFS RUN\NFSRun.iso a variant of Win32/Packed.VMProtect.AAM trojan deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:45 PM

Posted 17 October 2012 - 07:00 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 dockami

dockami
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 18 October 2012 - 10:17 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.18.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
kami :: KAMI-PC [administrator]

10/19/2012 5:50:43 AM
mbam-log-2012-10-19 (05-50-43).txt

Scan type: Full scan (C:\|D:\|F:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 502289
Time elapsed: 1 hour(s), 40 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)





MiniToolBox by Farbar Version: 23-07-2012
Ran by kami (administrator) on 19-10-2012 at 05:36:02
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com

========================= IP Configuration: ================================

Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection* 17" address=10.210.136.75 mask=255.255.248.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : kami-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter ZTE Wireless Terminal:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : ZTE Wireless Terminal
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 119.154.198.50(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 8.8.8.8
203.128.7.10
NetBIOS over Tcpip. . . . . . . . : Disabled

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 2A-E4-00-D7-CF-76
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Anchorfree HSS Adapter
Physical Address. . . . . . . . . : 00-FF-70-C9-D4-7B
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 78-E4-00-D7-CF-76
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6C4C2394-441B-4F9E-BFA6-A1358EEA6F75}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{396FA8F7-4E84-4963-822B-50208591561D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:201f:178c:8865:39cd(Preferred)
Link-local IPv6 Address . . . . . : fe80::201f:178c:8865:39cd%13(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{260C67B7-BB14-4018-B948-F286552E63C2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{70C9D47B-FF95-4EEE-851C-8BF64B152108}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:779a:c632::779a:c632(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 8.8.8.8
203.128.7.10
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 8.8.8.8

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [74.125.236.46] with 32 bytes of data:
Reply from 74.125.236.46: bytes=32 time=679ms TTL=54
Reply from 74.125.236.46: bytes=32 time=642ms TTL=54

Ping statistics for 74.125.236.46:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 642ms, Maximum = 679ms, Average = 660ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=994ms TTL=43
Reply from 98.138.253.109: bytes=32 time=870ms TTL=44

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 870ms, Maximum = 994ms, Average = 932ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
42...........................ZTE Wireless Terminal
18...2a e4 00 d7 cf 76 ......Microsoft Virtual WiFi Miniport Adapter
17...00 ff 70 c9 d4 7b ......Anchorfree HSS Adapter
12...78 e4 00 d7 cf 76 ......Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
43...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
23...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 On-link 119.154.198.50 41
119.154.198.50 255.255.255.255 On-link 119.154.198.50 296
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 119.154.198.50 41
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 119.154.198.50 296
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
23 1140 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:5ef5:79fb:201f:178c:8865:39cd/128
On-link
23 1040 2002::/16 On-link
23 296 2002:779a:c632::779a:c632/128
On-link
13 306 fe80::/64 On-link
13 306 fe80::201f:178c:8865:39cd/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/19/2012 01:08:11 AM) (Source: RasClient) (User: )
Description: CoId={00B08D20-8E7D-4738-BE1A-2FAC008FA290}: The user kami-PC\kami dialed a connection named ZTE Wireless Terminal which has failed. The error code returned on failure is 633.

Error: (10/19/2012 01:02:45 AM) (Source: Application Hang) (User: )
Description: The program mpcstar.exe version 4.5.11.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11dc

Start Time: 01cdad6b488939bf

Termination Time: 11

Application Path: C:\Program Files (x86)\MpcStar\mpcstar.exe

Report Id: a15e6fb6-195e-11e2-b64f-001f81000250

Error: (10/18/2012 09:52:10 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (10/18/2012 09:52:10 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (10/18/2012 09:50:52 PM) (Source: RasClient) (User: )
Description: CoId={155CA3EE-A2E0-4E03-B92C-7F907110A2F4}: The user kami-PC\kami dialed a connection named ZTE Wireless Terminal which has failed. The error code returned on failure is 633.

Error: (10/18/2012 08:20:58 PM) (Source: Application Hang) (User: )
Description: The program mpcstar.exe version 4.5.11.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e20

Start Time: 01cdad441dece6e3

Termination Time: 22

Application Path: C:\Program Files (x86)\MpcStar\mpcstar.exe

Report Id: 64f06326-1937-11e2-b64f-001f81000250

Error: (10/18/2012 08:16:05 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (10/18/2012 08:16:05 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (10/18/2012 07:59:04 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (10/18/2012 07:59:04 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (10/18/2012 08:14:06 PM) (Source: BTHUSB) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Error: (10/18/2012 08:14:02 PM) (Source: BTHUSB) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Error: (10/18/2012 08:05:02 PM) (Source: BTHUSB) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (5c:57:c8:96:e2:8c) failed.

Error: (10/18/2012 07:55:19 PM) (Source: BTHUSB) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Error: (10/18/2012 07:55:15 PM) (Source: BTHUSB) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Error: (10/18/2012 07:55:17 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:50:28 PM on ?10/?18/?2012 was unexpected.

Error: (10/18/2012 01:53:40 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (10/17/2012 00:49:00 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Wireless Assistant Service service.

Error: (10/17/2012 00:35:49 PM) (Source: Service Control Manager) (User: )
Description: The Hotspot Shield Monitoring Service service failed to start due to the following error:
%%2

Error: (10/17/2012 00:35:49 PM) (Source: Service Control Manager) (User: )
Description: The Hotspot Shield Routing Service service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.0.0)
Adobe AIR (Version: 3.4.0.2710)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Adobe Shockwave Player (Version: 11.5.1.601)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
AMD Accelerated Video Transcoding (Version: 12.5.100.20704)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.877.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0704.122.388)
AMD Media Foundation Decoders (Version: 1.0.70704.0230)
AMD VISION Engine Control Center (Version: 2012.0704.122.388)
Atheros Driver Installation Program (Version: 5.0)
avast! Free Antivirus (Version: 7.0.1466.0)
Bing Desktop (Version: 1.0.45.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
BitComet 1.30 (Version: 1.30)
Broadband (Version: 16.001.06.00.172)
BufferChm (Version: 130.0.331.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0704.122.388)
Catalyst Control Center InstallProxy (Version: 2010.0416.541.8279)
Catalyst Control Center InstallProxy (Version: 2012.0704.122.388)
Catalyst Control Center Localization All (Version: 2012.0704.122.388)
ccc-utility64 (Version: 2012.0704.122.388)
CCC Help Chinese Standard (Version: 2012.0704.0121.388)
CCC Help Chinese Traditional (Version: 2012.0704.0121.388)
CCC Help Czech (Version: 2012.0704.0121.388)
CCC Help Danish (Version: 2012.0704.0121.388)
CCC Help Dutch (Version: 2012.0704.0121.388)
CCC Help English (Version: 2012.0704.0121.388)
CCC Help Finnish (Version: 2012.0704.0121.388)
CCC Help French (Version: 2012.0704.0121.388)
CCC Help German (Version: 2012.0704.0121.388)
CCC Help Greek (Version: 2012.0704.0121.388)
CCC Help Hungarian (Version: 2012.0704.0121.388)
CCC Help Italian (Version: 2012.0704.0121.388)
CCC Help Japanese (Version: 2012.0704.0121.388)
CCC Help Korean (Version: 2012.0704.0121.388)
CCC Help Norwegian (Version: 2012.0704.0121.388)
CCC Help Polish (Version: 2012.0704.0121.388)
CCC Help Portuguese (Version: 2012.0704.0121.388)
CCC Help Russian (Version: 2012.0704.0121.388)
CCC Help Spanish (Version: 2012.0704.0121.388)
CCC Help Swedish (Version: 2012.0704.0121.388)
CCC Help Thai (Version: 2012.0704.0121.388)
CCC Help Turkish (Version: 2012.0704.0121.388)
CCleaner (Version: 3.23)
CyberLink DVD Suite (Version: 7.0.2527)
D3DX10 (Version: 15.4.2368.0902)
D4100 (Version: 130.0.365.000)
D4100_Help (Version: 82.0.233.000)
DeviceDiscovery (Version: 130.0.465.000)
Driver Genius Professional Edition (Version: 11.0)
DVD Menu Pack for HP MediaSmart Video (Version: 4.0.3715)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
EVDO BROADBAND PTCL
Freemake Video Downloader (Version: 3.0.1)
Google Chrome (Version: 20.0.1132.57)
Google Talk (remove only)
Google Talk Plugin (Version: 3.3.2.8436)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Hotspot Shield 2.74 (Version: 2.74)
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet & Photosmart Printer Driver Software 13.0 Rel. A (Version: 13.0)
HP Deskjet 1050 J410 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
HP Deskjet 1050 J410 series Product Improvement Study (Version: 22.50.231.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart DVD (Version: 4.0.3822)
HP MediaSmart Movies and TV (Version: 1.0.0.10)
HP MediaSmart Music (Version: 4.0.3903)
HP MediaSmart Photo (Version: 4.0.3911)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.0.3911)
HP MediaSmart Webcam (Version: 4.0.2511)
HP Photo Creations (Version: 1.0.0.3781)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Power Plan Utility (Version: 1.0.6)
HP Quick Launch (Version: 1.0.18)
HP QuickWeb Installer (Version: 1.2.12.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Software Framework (Version: 3.5.17.1)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 6.1.12.1)
HP Tone Control (Version: 2.0.2)
HP Update (Version: 5.002.006.003)
HP User Guides 0193 (Version: 1.01.0001)
HP Wireless Assistant (Version: 4.0.4.2)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
IDT Audio (Version: 1.0.6269.0)
Itibiti RTC (Version: 0.0.1)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2515)
LightScribe System Software (Version: 1.18.11.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Movie Theme Pack for HP MediaSmart Video (Version: 4.0.3715)
Mozilla Firefox 10.0.2 (x86 en-US) (Version: 10.0.2)
MpcStar 5.4 (Version: 5.4)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PhotoNow! (Version: 1.1.6904)
Power2Go (Version: 6.1.3715)
PowerDirector (Version: 8.0.2514)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.11.1127.2009)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
Recovery Manager (Version: 5.5.2512)
SF_CDA_ProductContext (Version: 130.0.365.000)
SF_CDA_Software (Version: 130.0.396.000)
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
SPSS 16.0 (Version: 16.0.0)
Status (Version: 130.0.469.000)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
Toolbox (Version: 130.0.648.000)
Total Video Converter 3.71 100812
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB Disk Security
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR archiver
WinWrap Basic v9.1 (x86) Utility (Version: 1.0.0)
WOT for Internet Explorer (Version: 11.11.7.0)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 3834.9 MB
Available physical RAM: 1816.22 MB
Total Pagefile: 7668 MB
Available Pagefile: 5444.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.13 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:226.53 GB) (Free:120.05 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:21.51 GB) (Free:3.13 GB) NTFS
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
5 Drive g: (My Disc) (Fixed) (Total:217.43 GB) (Free:96.28 GB) NTFS

========================= Users: ========================================

User accounts for \\KAMI-PC

Administrator Guest kami

========================= Restore Points ==================================


**** End of log ****






Farbar Service Scanner Version: 07-10-2012
Ran by kami (administrator) on 19-10-2012 at 05:40:35
Running from "C:\Users\kami\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
WAN connected
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-09 23:52] - [2012-06-02 10:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



# AdwCleaner v2.005 - Logfile created 10/19/2012 at 05:44:11
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : kami - KAMI-PC
# Boot Mode : Normal
# Running from : C:\Users\kami\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\ProgramData\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.helperbar.com/?publisher=W3i&dpid=W3i&co=PK&range=72&searchtype=ds&isid=9860&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.helperbar.com/?publisher=W3i&dpid=W3i&co=PK&range=72&searchtype=ds&isid=9860&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.helperbar.com/?publisher=W3i&dpid=W3i&co=PK&range=72&searchtype=ds&isid=9860&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.helperbar.com/?publisher=W3i&dpid=W3i&co=PK&range=72&searchtype=ds&isid=9860&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v10.0.2 (en-US)

Profile name : default
File : C:\Users\kami\AppData\Roaming\Mozilla\Firefox\Profiles\ptezjclc.default\prefs.js

C:\Users\kami\AppData\Roaming\Mozilla\Firefox\Profiles\ptezjclc.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\kami\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [2813 octets] - [19/10/2012 05:44:11]

########## EOF - C:\AdwCleaner[S2].txt - [2873 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:45 PM

Posted 18 October 2012 - 10:27 PM

.

Edited by narenxp, 18 October 2012 - 11:05 PM.


#7 dockami

dockami
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 18 October 2012 - 11:04 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.7.6 (10.18.2012)
OS: Windows 7 Home Premium x64
Ran by kami on Fri 10/19/2012 at 8:15:51.95
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hss.ico
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\license.txt
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\Uninstall.exe
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\config.txt
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\config_srch.txt
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\HssIE.dll
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\HssIE_64.dll



*** Folders:

Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\hotspot shield"



*** FireFox detected and repaired

Successfully deleted: [EXTENSION VALUE] hkey_current_user\software\mozilla\firefox\extensions\\smartwebprinting@hp.com
Successfully deleted: [EXTENSION VALUE] hkey_local_machine\software\mozilla\firefox\extensions\\smartwebprinting@hp.com


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Fri 10/19/2012 at 8:51:06.37
End of Report

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:45 PM

Posted 18 October 2012 - 11:05 PM

my computer is all acting weird getting slow and showing pop ups and all !!!! plz help me !!!


Can you explain?


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#9 dockami

dockami
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 18 October 2012 - 11:33 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/19/2012 09:07:00 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com

Program finished at: 10/19/2012 09:07:29 AM
Execution time: 0 hours(s), 0 minute(s), and 29 seconds(s)




"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HPToneControl" "Tone Control" "Hewlett-Packard " "c:\program files\hewlett-packard\hptonecontrol\hptonectl.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AMD AVT" "" "" "File not found: start"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\alwil software\avast5\avastui.exe"
+ "hpqSRMon" "HpqSRmon" "Hewlett-Packard" "c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "USB Security" "USB Disk Security" "Zbshareware Lab" "c:\program files (x86)\usb disk security\usbguard.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "wot" "" "" "c:\program files\wot\wot.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashsha64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashsha64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "WOT Helper" "" "" "c:\program files\wot\wot.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "BitComet Helper" "BitCometBHO" "BitComet" "c:\program files (x86)\bitcomet\tools\bitcometbho_1.5.4.11.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "WOT Helper" "" "" "c:\program files (x86)\wot\wot.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "WOT" "" "" "c:\program files\wot\wot.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "WOT" "" "" "c:\program files (x86)\wot\wot.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "BitComet" "" "" "File not found: C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
"Task Scheduler" "" "" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\CLMLSvc" "" "" "File not found: c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe"
+ "\DVDAgent" "" "" "File not found: c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
X "\GoogleUpdateTaskUserS-1-5-21-3641410922-1315994638-354488526-1000Core" "Google Installer" "Google Inc." "c:\users\kami\appdata\local\google\update\googleupdate.exe"
X "\GoogleUpdateTaskUserS-1-5-21-3641410922-1315994638-354488526-1000UA" "Google Installer" "Google Inc." "c:\users\kami\appdata\local\google\update\googleupdate.exe"
+ "\HPCeeScheduleForkami" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\HPCustParticipation HP Deskjet 1050 J410 series" "HP Customer Participation." "Hewlett-Packard Co." "c:\program files\hp\hp deskjet 1050 j410 series\bin\hpcustpartic.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RecoveryCDWin7" "" "" "File not found: C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"
+ "\WebReg HP Deskjet D4100 series" "Product Registration" "Hewlett-Packard Company" "c:\program files (x86)\hp\digital imaging\bin\hpqwrg.exe"
+ "\{0DF2580B-253D-4CBC-BD75-F744EA0C0564}" "Google Chrome" "Google Inc." "c:\users\kami\appdata\local\google\chrome\application\chrome.exe"
+ "\{39473B43-B6A6-4139-B727-BF957824D2EF}" "Google Chrome" "Google Inc." "c:\users\kami\appdata\local\google\chrome\application\chrome.exe"
+ "\{60176353-D84A-4F6A-8E3E-4A66AB16CFCC}" "Google Chrome" "Google Inc." "c:\users\kami\appdata\local\google\chrome\application\chrome.exe"
+ "\{BFAA078B-D54A-42B7-834F-E71E4077AC5C}" "Google Chrome" "Google Inc." "c:\users\kami\appdata\local\google\chrome\application\chrome.exe"
+ "\{C12EAD58-EF74-432B-AC67-3B5DF3CF42DE}" "Google Chrome" "Google Inc." "c:\users\kami\appdata\local\google\chrome\application\chrome.exe"
+ "\{EC1620A6-BD81-4F30-9C9C-E9FCD976AF91}" "Google Chrome" "Google Inc." "c:\users\kami\appdata\local\google\chrome\application\chrome.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\aestsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AMD FUEL Service" "Provides FUEL Functionality" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\alwil software\avast5\avastsvc.exe"
+ "BingDesktopUpdate" "Bing Desktop Update Service" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe"
+ "BITCOMET_HELPER_SERVICE" "This service enhances disk IO performance of BitComet." "www.BitComet.com" "c:\program files (x86)\bitcomet\tools\bitcometservice.exe"
+ "DvmMDES" "Windows Metadata Export Service" "DeviceVM, Inc." "c:\swsetup\quickweb\qw.sys\config\dvmexportservice.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HP Wireless Assistant Service" "This service monitors the wireless devices in this computer and allows the HP Wireless Assistant application to turn devices on and off." "Hewlett-Packard" "c:\program files\hewlett-packard\hp wireless assistant\hpwa_service.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "HPWMISVC" "" "" "c:\program files\hewlett-packard\hp quick launch\hpwmisvc.exe"
+ "hshld" "" "AnchorFree Inc." "c:\program files (x86)\hotspot shield\bin\openvpnas.exe"
+ "HssTrayService" "" "" "File not found: C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\stacsv64.exe"
+ "UDisk Monitor" "" "" "c:\program files\evdo broadband ptcl\bin\monserviceudisk.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdiox64" "AMD IO Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdiox64.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AODDriver4.01" "AMD OverDrive Service Driver" "Advanced Micro Devices" "c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "athr" "Qualcomm Atheros Extensible Wireless LAN device driver" "Qualcomm Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "DVMIO" "DVMIO virtual device driver for 64bit" "DeviceVM, Inc." "c:\windows\system32\drivers\dvmio.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HssDRV6" "Hotspot Shield Routing Driver 6" "AnchorFree Inc." "c:\windows\system32\drivers\hssdrv6.sys"
+ "hwdatacard" "USB Modem/Serial Device Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbmdm.sys"
+ "hwusbdev" "USB Modem/Serial Device Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbdev.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "netr28ux" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28ux.sys"
+ "netw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "npf" "npf.sys (NT5/6 AMD64) Kernel Driver" "CACE Technologies, Inc." "c:\windows\system32\drivers\npf.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "taphss" "TAP-Win32 Virtual Network Driver" "AnchorFree Inc" "c:\windows\system32\drivers\taphss.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
+ "ztemtusbser" "USB Modem/Serial Device Driver" "ZTEMT Incorporated" "c:\windows\system32\drivers\ct_ztemt_u_usbser.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\program files (x86)\mpcstar\codecs\tscc\tsccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\total video converter\ac3filter.cpl"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claud.ax"
+ "CyberLink Audio Effect (HP)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "Cyberlink SubTitle(HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Tzan Filter (HP)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvsd.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\mpcstar\codecs\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\mpcstar\codecs\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax"
+ "FLV Source Filter" "FLV Source Filter" "SWiSHzone.com Pty Ltd" "c:\program files (x86)\total video converter\flv.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MPV Decoder Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files (x86)\total video converter\mpeg2decfilter.ax"
+ "MSDVD Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudwizard.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "Pmp Source" "Pmp Splitter" "cooleyes" "c:\program files (x86)\mpcstar\codecs\pmp\pmpsplitter.ax"
+ "Pmp Splitter" "Pmp Splitter" "cooleyes" "c:\program files (x86)\mpcstar\codecs\pmp\pmpsplitter.ax"
+ "QTSrc" "CLQTSrc" "Cyberlink" "c:\program files (x86)\total video converter\quicktime.ax"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\total video converter\realmediasplitter.ax"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files (x86)\total video converter\realmediasplitter.ax"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files (x86)\total video converter\realmediasplitter.ax"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\total video converter\realmediasplitter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "TigerPlayer H264 Decoder" "TigerPlayer Video Decoder Filter" "TigerPlayer.com" "c:\program files (x86)\mpcstar\codecs\tpvdecfilter.dll"
+ "TigerPlayer MPEG2 Decoder" "TigerPlayer Video Decoder Filter" "TigerPlayer.com" "c:\program files (x86)\mpcstar\codecs\tpvdecfilter.dll"
+ "VGM - Audio Decoder" "XVD Audio Decoder Filter" "DS USA, Inc." "c:\program files (x86)\mpcstar\codecs\vgm2\vgmaudiodecx.ax"
+ "VGM - BGR Converter" "Vgm BGR Converter Filter" "DS USA, Inc." "c:\program files (x86)\mpcstar\codecs\vgm2\vgmbgr.ax"
+ "VGM - Splitter" "XVD Demuxer Filter" "DS USA, Inc" "c:\program files (x86)\mpcstar\codecs\vgm2\vgmsplt.ax"
+ "VGM - Video Decoder" "XVD Video Decoder Filter" "DS USA, Inc" "c:\program files (x86)\mpcstar\codecs\vgm2\vgmv2k2dx.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
+ "HP 8911 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8911lm.dll"
+ "LIDIL hpzllw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpzllw71.dll"
"C:\Users\kami\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "HP Photo Print" "Drag and drop photos to print." "Hewlett-Packard Corp" "C:\Users\kami\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\Gadget.xml"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:45 PM

Posted 18 October 2012 - 11:34 PM

my computer is all acting weird getting slow and showing pop ups and all !!!! plz help me !!!


Can you explain?

#11 dockami

dockami
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 18 October 2012 - 11:35 PM

it gets stuck occasionally and several programmes like adobe and mpc star get hung frequently!!!!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:45 PM

Posted 18 October 2012 - 11:37 PM

There is nothing malicious i could see in your logs

Click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

chkdsk /r

Press Y to schedule it on next reboot

Restart the PC and allow chkdsk to run.Let me know how system behaves




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users