Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A LITTLE HELP.


  • Please log in to reply
12 replies to this topic

#1 brounsville

brounsville

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 March 2013 - 08:35 AM

Hi Guys,

 

I seem to have picked up a virus through internet explorer. Ocassionally when I try to go to a web address I get redirected to a website called anyfiledownloader.com. I've done some searching online and I didnt find much people complaining about this, so I'm assuming its fairly new. 1 website said it is a virus that can steal information, change settings, control my pc etc. I'd like to know the best ways of removing this virus.

 

Thank you in advanced.

 

I'm currently running on windows 7 64bit, if that helps.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:44 PM

Posted 05 March 2013 - 08:38 AM

    

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results


 



#3 brounsville

brounsville
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 March 2013 - 08:47 AM

Thank you Narenxp. I'll do those now.

Edit: Moved from Windows 7 to a More appropriate forum.
Roger


Edited by rotor123, 05 March 2013 - 09:29 AM.


#4 brounsville

brounsville
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 March 2013 - 02:09 PM

Hi Narenxp,

 

Here are the logs. TDSSkiller didn't find anything. ESET found 4 viruses.

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-05 14:06:55
-----------------------------
14:06:55.185    OS Version: Windows x64 6.1.7600
14:06:55.185    Number of processors: 4 586 0x2505
14:06:55.185    ComputerName: ABE-VAIO  UserName: Donovan
14:06:56.776    Initialize success
14:06:56.901    AVAST engine defs: 13030500
14:08:07.912    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:08:07.912    Disk 0 Vendor: ST950032 0006 Size: 476940MB BusType: 3
14:08:07.990    Disk 0 MBR read successfully
14:08:07.990    Disk 0 MBR scan
14:08:07.990    Disk 0 Windows 7 default MBR code
14:08:08.006    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        13734 MB offset 2048
14:08:08.021    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 28129280
14:08:08.037    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       463104 MB offset 28334080
14:08:08.037    Disk 0 scanning C:\Windows\system32\drivers
14:08:20.564    Service scanning
14:08:45.820    Modules scanning
14:08:45.820    Disk 0 trace - called modules:
14:08:45.898    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
14:08:46.413    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80063a5060]
14:08:46.413    3 CLASSPNP.SYS[fffff88001b6b43f] -> nt!IofCallDriver -> [0xfffffa800434d5d0]
14:08:46.429    5 ACPI.sys[fffff88000fab781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004350050]
14:08:47.677    AVAST engine scan C:\Windows
14:08:50.578    AVAST engine scan C:\Windows\system32
14:12:25.338    AVAST engine scan C:\Windows\system32\drivers
14:12:43.824    AVAST engine scan C:\Users\Donovan
15:12:42.893    AVAST engine scan C:\ProgramData
15:22:07.046    Scan finished successfully
15:32:45.649    Disk 0 MBR has been saved successfully to "C:\Users\Donovan\Desktop\MBR.dat"
15:32:45.681    The log file has been saved successfully to "C:\Users\Donovan\Desktop\aswMBR.txt"
 

 

 

 

 

 

ESET results.

 

 

C:\Users\Donovan\AppData\Local\Temp\AskSLib.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Users\Donovan\AppData\Local\Temp\NPP047st.exe.part    a variant of Win32/DirectDownloader.C application    cleaned by deleting - quarantined
C:\Users\Donovan\AppData\Local\Temp\_ir_sf_temp_0\flvinstaller.exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Donovan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\4a4bdb27-10b9162f    Java/Exploit.CVE-2012-1723.CB trojan    deleted - quarantined
 



#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:44 PM

Posted 05 March 2013 - 02:11 PM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log


 



#6 brounsville

brounsville
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 March 2013 - 03:56 PM

Here are the logs Malware didn't find anything and I couldn't find the run option for autorun.

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Donovan (administrator) on 05-03-2013 at 19:45:00
Running from "C:\Users\Donovan\Desktop"
Windows 7 Home Premium  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?($ subinterface=ethernet_6 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : ABE-VAIO
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 4A-0F-6E-E0-1B-49
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 4C-0F-6E-E0-1B-49
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f578:1ab6:4491:2404%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 05 March 2013 17:01:30
   Lease Expires . . . . . . . . . . : 08 March 2013 17:01:36
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 352331358
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A2-B6-FF-54-42-49-F0-F6-F9
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 54-42-49-F0-F6-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C3FA99C0-6D20-46D3-A571-87208C430CB4}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{196EACAA-AD69-48AA-8C4B-F986AC546F25}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BC863AAA-54E2-4F05-A57B-5B003D0368DB}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  2a00:1450:4009:805::100e
      173.194.41.133
      173.194.41.134
      173.194.41.135
      173.194.41.136
      173.194.41.137
      173.194.41.142
      173.194.41.128
      173.194.41.129
      173.194.41.130
      173.194.41.131
      173.194.41.132


Pinging google.com [173.194.34.167] with 32 bytes of data:
Reply from 173.194.34.167: bytes=32 time=22ms TTL=57
Reply from 173.194.34.167: bytes=32 time=22ms TTL=57

Ping statistics for 173.194.34.167:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 22ms, Maximum = 22ms, Average = 22ms
Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=364ms TTL=50
Reply from 98.139.183.24: bytes=32 time=605ms TTL=49

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 364ms, Maximum = 605ms, Average = 484ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...4a 0f 6e e0 1b 49 ......Microsoft Virtual WiFi Miniport Adapter
 12...4c 0f 6e e0 1b 49 ......Atheros AR9285 Wireless Network Adapter
 11...54 42 49 f0 f6 f9 ......Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 40...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.4     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.4    281
      192.168.0.4  255.255.255.255         On-link       192.168.0.4    281
    192.168.0.255  255.255.255.255         On-link       192.168.0.4    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.4    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.4    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::f578:1ab6:4491:2404/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/05/2013 03:34:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/05/2013 03:34:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/05/2013 03:34:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/05/2013 03:34:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/05/2013 03:34:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/05/2013 07:00:27 AM) (Source: Application Virtualization Client) (User: )
Description: {hap=13:app=Microsoft Word Starter 2010 9014006604090000:tid=1A70:usr=Donovan}
The client was unable to connect to an Application Virtualization Server (rc 16001E0A-000001D1)

Error: (03/05/2013 07:00:27 AM) (Source: Application Virtualization Client) (User: )
Description: {hap=13:app=Microsoft Word Starter 2010 9014006604090000:tid=1A70:usr=Donovan}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.6131.5001.sft' (rc 16001E0A-000001D1, original rc 16001E0A-000001D1).

Error: (03/05/2013 06:59:58 AM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=Microsoft Word Starter 2010 9014006604090000:tid=5F8:usr=Donovan}
The client was unable to connect to an Application Virtualization Server (rc 16001E0A-000001D1)

Error: (03/05/2013 06:59:58 AM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=Microsoft Word Starter 2010 9014006604090000:tid=5F8:usr=Donovan}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.6131.5001.sft' (rc 16001E0A-000001D1, original rc 16001E0A-000001D1).

Error: (03/04/2013 03:19:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b
Faulting module name: Flash32_11_6_602_171.ocx, version: 11.6.602.171, time stamp: 0x511ee97c
Exception code: 0xc0000005
Fault offset: 0x00006848
Faulting process id: 0x17ac
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (03/05/2013 02:01:58 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (03/05/2013 06:31:22 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (03/04/2013 10:38:47 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (03/03/2013 07:30:12 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (03/02/2013 07:14:08 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (03/02/2013 04:04:26 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (03/01/2013 06:32:19 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (02/28/2013 11:53:45 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (02/28/2013 06:24:44 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (02/27/2013 05:45:35 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004


Microsoft Office Sessions:
=========================
Error: (03/05/2013 03:34:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Donovan\Desktop\esetsmartinstaller_enu.exe

Error: (03/05/2013 03:34:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Donovan\Desktop\esetsmartinstaller_enu.exe

Error: (03/05/2013 03:34:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Donovan\Desktop\esetsmartinstaller_enu.exe

Error: (03/05/2013 03:34:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Donovan\Desktop\esetsmartinstaller_enu.exe

Error: (03/05/2013 03:34:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Donovan\Desktop\esetsmartinstaller_enu.exe

Error: (03/05/2013 07:00:27 AM) (Source: Application Virtualization Client)(User: )
Description: {hap=13:app=Microsoft Word Starter 2010 9014006604090000:tid=1A70:usr=Donovan}
16001E0A-000001D1

Error: (03/05/2013 07:00:27 AM) (Source: Application Virtualization Client)(User: )
Description: {hap=13:app=Microsoft Word Starter 2010 9014006604090000:tid=1A70:usr=Donovan}
http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.6131.5001.sft16001E0A-000001D116001E0A-000001D1

Error: (03/05/2013 06:59:58 AM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=Microsoft Word Starter 2010 9014006604090000:tid=5F8:usr=Donovan}
16001E0A-000001D1

Error: (03/05/2013 06:59:58 AM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=Microsoft Word Starter 2010 9014006604090000:tid=5F8:usr=Donovan}
http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.6131.5001.sft16001E0A-000001D116001E0A-000001D1

Error: (03/04/2013 03:19:47 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1646450ec971bFlash32_11_6_602_171.ocx11.6.602.171511ee97cc00000050000684817ac01ce1884cb85dbd4C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_171.ocx5d4f5f6b-847a-11e2-b19c-c0cb38ff3f14


CodeIntegrity Errors:
===================================
  Date: 2013-02-26 15:12:11.857
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-26 15:12:11.757
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-26 15:12:11.647
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-26 15:12:11.457
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-12-31 02:47:31.531
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-12-31 02:47:31.424
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-12-31 02:47:31.083
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-12-31 02:47:30.917
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-17 00:54:45.152
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-17 00:54:45.085
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

µTorrent (Version: 3.2.3.28705)
Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
Adobe Flash Player 11 Plugin (Version: 11.6.602.171)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Premiere Elements 8.0 (Version: 8.0)
Adobe Reader 9.5.3 (Version: 9.5.3)
Alps Pointing-device for VAIO
AnyDVD (Version: 6.7.3.0)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.115)
ArcSoft WebCam Companion 3 (Version: 3.0.21.390)
ATI Catalyst Install Manager (Version: 3.0.769.0)
avast! Internet Security (Version: 7.0.1474.0)
BBC iPlayer Desktop (Version: 2.1.21228)
Bing Bar (Version: 6.3.2291.0)
Bing Bar Platform (Version: 6.3.2291.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full Existing (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full New (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Light (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Common (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0920.2143.37117)
Catalyst Control Center InstallProxy (Version: 2010.0209.16.306)
Catalyst Control Center InstallProxy (Version: 2010.0920.2143.37117)
Catalyst Control Center Localization All (Version: 2010.0920.2143.37117)
CCC Help Chinese Standard (Version: 2010.0920.2142.37117)
CCC Help Chinese Traditional (Version: 2010.0920.2142.37117)
CCC Help Czech (Version: 2010.0920.2142.37117)
CCC Help Danish (Version: 2010.0920.2142.37117)
CCC Help Dutch (Version: 2010.0920.2142.37117)
CCC Help English (Version: 2010.0920.2142.37117)
CCC Help Finnish (Version: 2010.0920.2142.37117)
CCC Help French (Version: 2010.0920.2142.37117)
CCC Help German (Version: 2010.0920.2142.37117)
CCC Help Greek (Version: 2010.0920.2142.37117)
CCC Help Hungarian (Version: 2010.0920.2142.37117)
CCC Help Italian (Version: 2010.0920.2142.37117)
CCC Help Japanese (Version: 2010.0920.2142.37117)
CCC Help Korean (Version: 2010.0920.2142.37117)
CCC Help Norwegian (Version: 2010.0920.2142.37117)
CCC Help Polish (Version: 2010.0920.2142.37117)
CCC Help Portuguese (Version: 2010.0920.2142.37117)
CCC Help Russian (Version: 2010.0920.2142.37117)
CCC Help Spanish (Version: 2010.0920.2142.37117)
CCC Help Swedish (Version: 2010.0920.2142.37117)
CCC Help Thai (Version: 2010.0920.2142.37117)
CCC Help Turkish (Version: 2010.0920.2142.37117)
ccc-core-static (Version: 2010.0920.2143.37117)
ccc-utility64 (Version: 2010.0920.2143.37117)
Corel WinDVD 2010 (Version: 10.0.5.703)
Crystal Reports Basic Runtime for Visual Studio 2008 (Version: 10.5.0.0)
D3DX10 (Version: 15.4.2368.0902)
Debut Video Capture Software
Dropbox (Version: 1.6.11)
ESET Online Scanner v3
Evernote v. 4.1 (Version: 4.1.0.3431)
Express Burn Disc Burning Software
Feedback Tool (Version: 1.1.0)
Feedback Tool (Version: 1.2.0)
File Type Assistant (Version: 2012.11.29)
FLV Player (Version: 2.0.25)
FXCM Trading Station (Version: 011212)
Google Chrome (Version: 25.0.1364.152)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
HP Officejet Pro 8500 A910 Basic Device Software (Version: 22.50.231.0)
HP Officejet Pro 8500 A910 Help (Version: 140.0.2.2)
HP Officejet Pro 8500 A910 Product Improvement Study (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
I.R.I.S. OCR (Version: 12.3.4.0)
iCloud (Version: 1.0.2.17)
ImgBurn (Version: 2.5.6.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Intel® Turbo Boost Technology Driver (Version: 01.02.00.1002)
iTunes (Version: 11.0.2.25)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 39 (Version: 6.0.390)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Mega Codec Pack 7.0.0 (Version: 7.0.0)
League of Legends (Version: 1.3)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Marketmaker Spreadbet Client Live (Version: 5.0.0.0)
Marketsplash Shortcuts (Version: 1.0.1.7)
McAfee SiteAdvisor (Version: 3.0.1.165)
McAfee SiteAdvisor (Version: 3.6.187)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Maintenance Service (Version: 19.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nirvana RT Data (Version: 1.01.0007)
OT2011 (Version: 16.18.0018)
OT2011 (Version: 16.60.0060)
Pando Media Booster (Version: 2.6.0.8)
PKR
PMB (Version: 5.3.00.06040)
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00)
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.4.00.12020)
Prism Video File Converter
PunkBuster Services (Version: 0.986)
Quick Web Access (Version: 1.4.7.0)
QuickTime (Version: 7.73.80.64)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6034)
Realtek High Definition Audio Driver (Version: 6.0.1.6098)
RealUpgrade 1.1 (Version: 1.1.0)
Remote Keyboard with PlayStation 3 (Version: 1.0.2.06170)
Remote Play with PlayStation 3 (Version: 1.0.2.06210)
Remote Play with PlayStation®3 (Version: 1.0.2.06210)
Safari (Version: 5.33.20.27)
SignalTraderData
Skype™ 5.10 (Version: 5.10.116)
SmartSound Quicktracks for Premiere Elements 8.0 (Version: 3.11.3090)
System Requirements Lab
TeamViewer 7 (Version: 7.0.12313)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VAIO - PMB VAIO Edition Guide (Version: 1.5.00.03020)
VAIO - PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00.06180)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (Version: 1.4.00.12020)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.4.00.12130)
VAIO Care (Version: 6.4.2.11150)
VAIO Control Center (Version: 4.3.0.05310)
VAIO Data Restore Tool (Version: 1.4.0.05240)
VAIO DVD Menu Data (Version: 2.2.00.05120)
VAIO Gate (Version: 2.4.1.09230)
VAIO Gate Default (Version: 2.2.0.07020)
VAIO Hardware Diagnostics (Version: 4.0.0.06230)
VAIO Manual (Version: 1.1.0.05280)
VAIO Movie Story Template Data (Version: 2.3.00.06040)
VAIO Movie Story Template Data (Version: 2.4.00.12130)
VAIO Sample Contents (Version: 1.3.0.06041)
VAIO screensaver (Version: 1.0.0.0)
VAIO Smart Network (Version: 3.3.0.06080)
VAIO Transfer Support (Version: 1.2.0.06230)
VAIO Update (Version: 6.1.1.10250)
VirtualCloneDrive
VLC media player 1.1.11 (Version: 1.1.11)
VU5x64 (Version: 1.1.0)
VU5x86 (Version: 1.0.0)
VU5x86 (Version: 1.1.0)
WIDCOMM Bluetooth Software (Version: 6.3.0.5600)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
YouTube to ALLPlayer (Version: 1.7)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 3950.1 MB
Available physical RAM: 1624.23 MB
Total Pagefile: 7898.33 MB
Available Pagefile: 5321.67 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.83 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:452.25 GB) (Free:151.45 GB) NTFS

========================= Users: ========================================

User accounts for \\ABE-VAIO

Administrator            ASPNET                   Donovan                  
Guest                    


**** End of log ****
 

 

 

Farbar Service Scanner Version: 03-03-2013
Ran by Donovan (administrator) on 05-03-2013 at 20:04:37
Running from "C:\Users\Donovan\Desktop"
Windows 7 Home Premium  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-02-19 18:24] - [2013-01-04 05:41] - 1893224 ____A (Microsoft Corporation) 5CFB7AB8F9524D1A1E14369DE63B83CC

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

 

 

# AdwCleaner v2.114 - Logfile created 03/05/2013 at 20:06:31
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium  (64 bits)
# User : Donovan - ABE-VAIO
# Boot Mode : Normal
# Running from : C:\Users\Donovan\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Donovan\AppData\Roaming\Mozilla\Firefox\Profiles\ckjs1q90.default\searchplugins\web-search.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Donovan\AppData\Local\Conduit
Folder Deleted : C:\Users\Donovan\AppData\LocalLow\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\Donovan\AppData\Roaming\Mozilla\Firefox\Profiles\8rq93y8h.default-1339483626749\prefs.js

[OK] File is clean.

File : C:\Users\Donovan\AppData\Roaming\Mozilla\Firefox\Profiles\ckjs1q90.default\prefs.js

C:\Users\Donovan\AppData\Roaming\Mozilla\Firefox\Profiles\ckjs1q90.default\user.js ... Deleted !

Deleted : user_pref("CT3220468.InstallDate", "31/1/2013 18:20:44");
Deleted : user_pref("CT3220468.autoDisableScopes", -1);
Deleted : user_pref("browser.search.defaultenginename", "Web Search...");
Deleted : user_pref("extensions.vshare@toolbar.update.enabled", false);
Deleted : user_pref("keyword.URL", "hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=");

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Donovan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : icon_url ={"apps_promo_counter":11,"browser":{"check_default_browser":false,"clear_data":{"browsing_history":t[...]

*************************

AdwCleaner[S1].txt - [2586 octets] - [05/03/2013 20:06:31]

########## EOF - C:\AdwCleaner[S1].txt - [2646 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.8 (03.04.2013:1)
OS: Windows 7 Home Premium x64
Ran by Donovan on 05/03/2013 at 20:21:49.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Donovan\AppData\Roaming\mozilla\firefox\profiles\ckjs1q90.default\minidumps [34 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Donovan\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_current_user\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/03/2013 at 20:33:42.84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/05/2013 08:36:59 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Donovan\Desktop\rkill\rkill-03-05-2013-08-37-04.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 03/05/2013 08:37:16 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)


 

 

 


 



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:44 PM

Posted 05 March 2013 - 10:54 PM

Autoruns log?

 

Ignore run option.Can you launch it?

 

Allow the Autoruns to populate the entries and then do the nexr set of instructions.



#8 brounsville

brounsville
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 06 March 2013 - 06:50 AM

Autoruns log?

 

Ignore run option.Can you launch it?

 

Allow the Autoruns to populate the entries and then do the nexr set of instructions.

The options given are slightly different then the directions shown but I think I've done it.

 

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Apoint"    "Alps Pointing-device Driver"    "Alps Electric Co., Ltd."    "c:\program files\apoint\apoint.exe"
+ "RtHDVBg"    "HD Audio Background Process"    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\ravbg64.exe"
+ "RtHDVCpl"    "Realtek HD Audio Manager"    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AppleSyncNotifier"    "AppleSyncNotifier"    "Apple Inc."    "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "avast"    "avast! Antivirus"    "AVAST Software"    "c:\program files\avast software\avast\avastui.exe"
+ "HP Software Update"    "hpwuSchd Application"    "Hewlett-Packard"    "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "IAStorIcon"    "IAStorIcon"    "Intel Corporation"    "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "ISBMgr.exe"    ""    "Sony Corporation"    "c:\program files (x86)\sony\isb utility\isbmgr.exe"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Microsoft Default Manager"    "Microsoft Default Manager"    "Microsoft Corporation"    "c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe"
+ "PMBVolumeWatcher"    "Media Check Tool"    "Sony Corporation"    "c:\program files (x86)\sony\pmb\pmbvolumewatcher.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC"    "Catalyst® Control Center Launcher"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe"    "RealNetworks Scheduler"    "RealNetworks, Inc."    "c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "VirtualCloneDrive"    "Virtual CloneDrive Daemon"    "Elaborate Bytes AG"    "c:\program files (x86)\elaborate bytes\virtualclonedrive\vcddaemon.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "Bluetooth.lnk"    "Bluetooth Tray Application"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\bttray.exe"
+ "Evernote Clipper.lnk"    ""    ""    "c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\evernote.ico"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files (x86)\google\chrome\application\25.0.1364.152\installer\chrmstp.exe"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Messenger (Yahoo!)"    "Yahoo! Messenger"    "Yahoo! Inc."    "c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe"
+ "swg"    "GoogleToolbarNotifier"    "Google Inc."    "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "dssrequest"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "DropboxExt"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashsha64.dll"
+ "VirtualCloneDrive"    "CloseTray"    "Elaborate Bytes AG"    "c:\program files (x86)\elaborate bytes\virtualclonedrive\elbyvcdshell.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashsha64.dll"
+ "AddtoVAIOGate"    "VAIOGateShellExt"    "Sony Corporation"    "c:\program files\sony\vaio gate\vaiogateshellext.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "DropboxExt"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""
+ "Monitor"    "BTNCopy Module"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "DropboxExt"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "ACE"    "AMD Desktop Control Panel"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AddtoVAIOGate"    "VAIOGateShellExt"    "Sony Corporation"    "c:\program files\sony\vaio gate\vaiogateshellext.dll"
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashsha64.dll"
+ "DropboxExt1"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt2"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt3"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt4"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "DropboxExt1"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\donovan\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "avast! Ad Blocker"    "avast! Ad Blocker Module"    "AVAST Software"    "c:\program files (x86)\avast software\avast! ad blocker ie\adblocker64.dll"
+ "avast! WebRep"    "avast! WebRep Plugin"    "AVAST Software"    "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Google Toolbar Helper"    "Google Toolbar"    "Google Inc."    "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! Ad Blocker"    "avast! Ad Blocker Module"    "AVAST Software"    "c:\program files (x86)\avast software\avast! ad blocker ie\adblocker32.dll"
+ "avast! WebRep"    "avast! WebRep Plugin"    "AVAST Software"    "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Google Toolbar Helper"    "Google Toolbar"    "Google Inc."    "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "RealNetworks Download and Record Plugin for Internet Explorer"    "RealPlayer Download and Record Plugin"    "RealDownloader"    "c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll"
+ "Search Helper"    "Search Helper for Internet Explorer"    "Microsoft Corporation"    "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper"    "Windows Live Messenger Companion Core"    "Microsoft Corporation"    "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "YouTube To ALLPlayer"    "www.ALLPlayer.org"    "ALLPlayer.org"    "c:\program files (x86)\allplayer\youtubetoallplayer.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "avast! WebRep"    "avast! WebRep Plugin"    "AVAST Software"    "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Google Toolbar"    "Google Toolbar"    "Google Inc."    "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "McAfee SiteAdvisor"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "avast! WebRep"    "avast! WebRep Plugin"    "AVAST Software"    "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Google Toolbar"    "Google Toolbar"    "Google Inc."    "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "McAfee SiteAdvisor"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4"    ""    ""    "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
+ "Messenger Companion (Ctrl+Shift+C)"    "Windows Live Messenger Companion Core"    "Microsoft Corporation"    "c:\program files (x86)\windows live\companion\companioncore.dll"
"Task Scheduler"    ""    ""    ""
+ "\Adobe Flash Player Updater"    "Adobe® Flash® Player Update Service 11.6 r602"    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\avast! Emergency Update"    "avast! Emergency Update"    "AVAST Software"    "c:\program files\avast software\avast\avastemupdate.exe"
+ "\GoogleUpdateTaskMachineCore"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "\HPCustParticipation HP Officejet Pro 8500 A910"    "HP Customer Participation."    "Hewlett-Packard Co."    "c:\program files\hp\hp officejet pro 8500 a910\bin\hpcustpartic.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\ProgramRefresh-ATFST"    "File Type Assistant                                         "    "                                                            "    "c:\program files (x86)\file type assistant\tsasetup.exe"
+ "\ProgramUpdateCheck"    "Find software to open your files"    "Trusted Software ApS"    "c:\program files (x86)\file type assistant\tsassist.exe"
+ "\RealDownloaderDownloaderScheduledTaskS-1-5-21-3439493961-240927650-4041943324-1001"    "RealDownloader"    "RealNetworks, Inc."    "c:\program files (x86)\realnetworks\realdownloader\recordingmanager.exe"
+ "\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3439493961-240927650-4041943324-1001"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3439493961-240927650-4041943324-1001"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RealPlayerRealUpgradeLogonTaskS-1-5-21-3439493961-240927650-4041943324-1001"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3439493961-240927650-4041943324-1001"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-3439493961-240927650-4041943324-1001"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-3439493961-240927650-4041943324-1001"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\Sony Corporation\VAIO Care\VAIO Care"    "VAIO Care"    "Sony Corporation"    "c:\program files\sony\vaio care\vcsystray.exe"
+ "\Sony Corporation\VAIO Care\VCOneClick"    "VCOneClick"    "Sony Corporation"    "c:\program files\sony\vaio care\vconeclick.exe"
+ "\Sony Corporation\VAIO Gate\StartExecuteProxy"    "VAIO Gate"    "Sony Corporation"    "c:\program files\sony\vaio gate\executionproxy.exe"
+ "\Sony Corporation\VAIO Gate\VAIO Gate"    "VAIO Gate"    "Sony Corporation"    "c:\program files\sony\vaio gate\vaio gate.exe"
+ "\Sony Corporation\VAIO Gate\VAIO Gate Restart"    "VAIO Gate"    "Sony Corporation"    "c:\program files\sony\vaio gate\vaio gate.exe"
+ "\Sony Corporation\VAIO Update\VAIO Update"    "VAIOUpdt"    "Sony Corporation"    "c:\program files\sony\vaio update\vaioupdt.exe"
+ "\Sony Corporation\VAIO Update\VAIO Update Self Repair"    "VUSR"    "Sony Corporation"    "c:\program files\sony\vaio update\vusr.exe"
+ "\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3"    "Remote Keyboard with PlayStation®3"    "Sony Corporation"    "c:\program files\sony\remote keyboard with playstation 3\vbtkbutil.exe"
+ "\SONY\SUS-BCF\Level4Daily"    "WBCBatteryCare"    "Sony Corporation"    "c:\program files (x86)\sony\setting utility series\wbcbatterycare.exe"
+ "\SONY\SUS-BCF\Level4Month"    "WBCBatteryCare"    "Sony Corporation"    "c:\program files (x86)\sony\setting utility series\wbcbatterycare.exe"
+ "\SONY\VAIO Power Management\VPM Logon Start"    "SPM Module"    "Sony Corporation"    "c:\program files\sony\vaio power management\spmgr.exe"
+ "\SONY\VAIO Power Management\VPM Session Change"    "SPM Module"    "Sony Corporation"    "c:\program files\sony\vaio power management\spmgr.exe"
+ "\SONY\VAIO Power Management\VPM Unlock"    "SPM Module"    "Sony Corporation"    "c:\program files\sony\vaio power management\spmgr.exe"
+ "\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool"    ""    ""    "File not found: C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "ACDaemon"    "ArcSoft Connect Service"    "ArcSoft Inc."    "c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeActiveFileMonitor8.0"    "Tracks files that are managed by Elements Organizer"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\elements organizer 8.0\photoshopelementsfileagent.exe"
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility"    "AMD External Events Service Module"    "AMD"    "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "aspnet_state"    "Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start."    ""    "File not found: C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
+ "avast! Antivirus"    "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler."    "AVAST Software"    "c:\program files\avast software\avast\avastsvc.exe"
+ "avast! Firewall"    "Implements main functionality for avast! Firewall"    "AVAST Software"    "c:\program files\avast software\avast\afwserv.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins"    "Handles installation and removal of Bluetooth devices."    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "cvhsvc"    "Client Virtualization Handler Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "FLEXnet Licensing Service"    "This service performs licensing functions on behalf of FLEXnet enabled products."    "Acresso Software Inc."    "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "fsssvc"    "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work."    "Microsoft Corporation"    "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc"    "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work."    "Google"    "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HPSLPSVC"    "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable"    "Hewlett-Packard Co."    "c:\users\donovan\appdata\local\temp\7zs2669\hpslpsvc64.dll"
+ "IAStorDataMgrSvc"    "Provides storage event notification and manages communication between the storage driver and user space applications."    "Intel Corporation"    "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS"    "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces."    "Intel Corporation"    "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "McAfee SiteAdvisor Service"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"    "Office Software Protection Platform Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PMBDeviceInfoProvider"    "Enables PMB to communicate with the device."    "Sony Corporation"    "c:\program files (x86)\sony\pmb\pmbdeviceinfoprovider.exe"
+ "PnkBstrA"    "PunkBuster Service Component [v1029] http://www.evenbalance.com"    ""    "c:\windows\syswow64\pnkbstra.exe"
+ "PSI_SVC_2"    "This service provides Protexis licensing functionalty."    "Protexis Inc."    "c:\program files (x86)\common files\protexis\license service\psiservice_2.exe"
+ "RealNetworks Downloader Resolver Service"    "Manage different Downloader versions in RealNetworks' products."    ""    "c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe"
+ "SampleCollector"    "Checks the systems performance for VAIO Care."    "Sony Corporation"    "c:\program files\sony\vaio care\vcperfservice.exe"
+ "SeaPort"    "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly."    "Microsoft Corporation"    "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "sftlist"    "Streams and manages applications."    "Microsoft Corporation"    "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa"    "Monitors global service events and launches virtual services."    "Microsoft Corporation"    "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files (x86)\skype\updater\updater.exe"
+ "SpfService"    "VAIO Entertainment Common Service"    "Sony Corporation"    "c:\program files\common files\sony shared\vaio entertainment platform\spf\spfservice64.exe"
+ "TeamViewer7"    "TeamViewer Remote Software"    "TeamViewer GmbH"    "c:\program files (x86)\teamviewer\version7\teamviewer_service.exe"
+ "uCamMonitor"    "Monitor the status of the webcam on PC startup."    "ArcSoft, Inc."    "c:\program files (x86)\arcsoft\magic-i visual effects 2\ucammonitor.exe"
+ "UNS"    "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device."    "Intel Corporation"    "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "VAIO Event Service"    "Provides the hardware event managing service for VAIO. During termination of this service, some fuctions such as Special button ,Hotkey ,and VAIO original powermanagement are limited."    "Sony Corporation"    "c:\program files (x86)\sony\vaio event service\vesmgr.exe"
+ "VAIO Power Management"    "Provides power management service for VAIO. If this service is stopped or disabled,  power management functions for VAIO will not be available."    "Sony Corporation"    "c:\program files\sony\vaio power management\spmservice.exe"
+ "VCFw"    "VAIO Content Folder Watcher"    "Sony Corporation"    "c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfw.exe"
+ "VcmIAlzMgr"    "Provides the content analysis function used with VAIO original software."    "Sony Corporation"    "c:\program files\sony\vcm intelligent analyzing manager\vcmialzmgr.exe"
+ "VcmXmlIfHelper"    "VcmXml Helper Interface"    "Sony Corporation"    "c:\program files\common files\sony shared\vcmxml\vcmxmlifhelper64.exe"
+ "VCService"    "Provides important VAIO Care functionality.  If this service is stopped or disabled, VAIO Care may not function correctly."    "Sony Corporation"    "c:\program files\sony\vaio care\vcservice.exe"
+ "VSNService"    "VAIO Smart Network Service"    "Sony Corporation"    "c:\program files\sony\vaio smart network\vsnservice.exe"
+ "VUAgent"    "Agent for VAIO Update."    "Sony Corporation"    "c:\program files\sony\vaio update\vuagent.exe"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService"    "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements."    "Yahoo! Inc."    "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag"    "ATI Radeon Kernel Mode Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap"    "AMD multi-vendor Miniport Driver"    "Advanced Micro Devices, Inc."    "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "AnyDVD"    "AnyDVD Filter Driver"    "SlySoft, Inc."    "c:\windows\system32\drivers\anydvd.sys"
+ "ApfiltrService"    "Alps Touch Pad Driver"    "Alps Electric Co., Ltd."    "c:\windows\system32\drivers\apfiltr.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "ArcSoftKsUFilter"    "For X64"    "ArcSoft, Inc."    "c:\windows\system32\drivers\arcsoftksufilter.sys"
+ "aswFsBlk"    "avast! mini-filter driver (aswFsBlk)"    "AVAST Software"    "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswFW"    "avast! TDI Firewall driver"    "AVAST Software"    "c:\windows\system32\drivers\aswfw.sys"
+ "aswKbd"    "avast! keyboard filter driver (aswKbd)"    "AVAST Software"    "c:\windows\system32\drivers\aswkbd.sys"
+ "aswMonFlt"    "avast! mini-filter driver (aswMonFlt)"    "AVAST Software"    "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswNdis"    "avast! Filtering NDIS driver"    "ALWIL Software"    "c:\windows\system32\drivers\aswndis.sys"
+ "aswNdis2"    "avast! Firewall Core Firewall Service"    "AVAST Software"    "c:\windows\system32\drivers\aswndis2.sys"
+ "aswRdr"    "avast! WFP Redirect driver"    "AVAST Software"    "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswRvrt"    "avast! Revert"    ""    "c:\windows\system32\drivers\aswrvrt.sys"
+ "aswSnx"    "avast! virtualization driver (aswSnx)"    "AVAST Software"    "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP"    "avast! Self Protection"    "AVAST Software"    "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi"    "avast! Network Shield TDI driver"    "AVAST Software"    "c:\windows\system32\drivers\aswtdi.sys"
+ "aswVmm"    "avast! VM Monitor"    ""    "c:\windows\system32\drivers\aswvmm.sys"
+ "athr"    "Atheros Extensible Wireless LAN device driver"    "Atheros Communications, Inc."    "c:\windows\system32\drivers\athrx.sys"
+ "atikmdag"    "ATI Radeon Kernel Mode Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "btwampfl"    "Broadcom Bluetooth USB AMP Filter for Windows Vista"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwampfl.sys"
+ "btwaudio"    "Bluetooth Audio Device"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt"    "Broadcom Bluetooth AVDT Service"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap"    "Broadcom Bluetooth L2CAP Service"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid"    "Bluetooth Remote Control HID Minidriver"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwrchid.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "ElbyCDIO"    "ElbyCD Windows x64 I/O driver"    "Elaborate Bytes AG"    "c:\windows\system32\drivers\elbycdio.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64"    "Intel® Management Engine Interface"    "Intel Corporation"    "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor"    "Intel Rapid Storage Technology driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "igfx"    "Intel Graphics Kernel Mode Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd"    "Intel® Turbo Boost Technology Driver"    "Intel Corporation"    "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud"    "Intel® Display Audio Driver"    "Intel® Corporation"    "c:\windows\system32\drivers\intcdaud.sys"
+ "libusb0"    ""    ""    "File not found: system32\drivers\libusb0.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "MotioninJoyXFilter"    "MotioninJoy DS3 driver"    "MotioninJoy"    "c:\windows\system32\drivers\mijxfilt.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64"    "Px Engine Device Driver for 64-bit Windows"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "regi"    "regi driver"    "InterVideo"    "c:\windows\system32\drivers\regi.sys"
+ "rimspci"    "RICOH MS Driver"    "REDC"    "c:\windows\system32\drivers\rimssne64.sys"
+ "RimUsb"    "BlackBerry Device Driver"    "Research In Motion Limited"    "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "risdsnpe"    "RICOH PCIe SD/MMC Driver"    "REDC"    "c:\windows\system32\drivers\risdsne64.sys"
+ "RTHDMIAzAudService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rthdmivx.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "SFEP"    "Sony Firmware Extension Parser driver"    "Sony Corporation"    "c:\windows\system32\drivers\sfep.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl64.sys"
+ "VClone"    "VirtualCloneCD Driver"    "Elaborate Bytes AG"    "c:\windows\system32\drivers\vclone.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7"    "NDIS6.20 Miniport Driver for Marvell Yukon Ethernet Controller"    "Marvell"    "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.ac3acm"    "AC-3 ACM Codec"    "fccHandler"    "c:\windows\syswow64\ac3acm.acm"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3fhg"    "MPEG Audio Layer-3 Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\mp3fhg.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FFDS"    ""    ""    "c:\windows\syswow64\ff_vfw.dll"
+ "VIDC.XVID"    ""    ""    "c:\windows\syswow64\xvidvfw.dll"
+ "VIDC.YV12"    "Helix YV12 YUV Codec"    "www.helixcommunity.org"    "c:\windows\syswow64\yv12vfw.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder"    "AVC/H.264 Video Encoder DirectShow Filter"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer"    "MPEG Push Demultiplexer"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "AC3File"    ""    ""    "c:\program files (x86)\k-lite codec pack\filters\ac3file.ax"
+ "ATI Ticker"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "DC-Bass Source"    "DirectShow™ Audio Decoder"    "http://www.dsp-worx.de"    "c:\program files (x86)\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "Gabest"    "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "Gabest"    "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)"    ""    ""    "c:\program files (x86)\k-lite codec pack\filters\monkeysource.ax"
+ "Haali Matroska Muxer"    "Haali Media Splitter"    ""    "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter"    "Haali Media Splitter"    ""    "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)"    "Haali Media Splitter"    ""    "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter"    "Haali Media Splitter"    ""    "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer"    ""    ""    "c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink"    "Haali Media Splitter"    ""    "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "madFlac Decoder"    "DirectShow FLAC Decoder"    "www.madshi.net"    "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source"    "DirectShow FLAC Decoder"    "www.madshi.net"    "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "MainConcept (Adobe2) AAC Decoder"    "AAC audio decoder filter"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2daac.ax"
+ "MainConcept (Adobe2) AAC Encoder"    "AAC audio encoder filter"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2eaac.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Decoder"    "AVC/H.264 Video Decoder"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2avcvd.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder"    "AVC/H.264 Video Encoder DirectShow Filter"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) DV Video Decoder"    "DirectShow DV Video Encoder and Decoder"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) DV Video Encoder"    "DirectShow DV Video Encoder and Decoder"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) MPEG Audio Decoder"    "MPEG Video and Audio Decoder"    "MainConcept AG"    "c:\program files (x86)\common files\adobe\dva\com\rel1\ad2mcdsmpeg.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer"    "MPEG Push Demultiplexer"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) MPEG Video Decoder"    "MPEG Video and Audio Decoder"    "MainConcept AG"    "c:\program files (x86)\common files\adobe\dva\com\rel1\ad2mcdsmpeg.ax"
+ "MainConcept (Adobe2) Stream Parser"    "MPEG-1/2 Demultiplexer"    "MainConcept AG"    "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MMACE Deinterlace"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MONOGRAM AMR Decoder"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Mux"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM Musepack Decoder"    "mmmpcdec"    ""    "c:\program files (x86)\k-lite codec pack\filters\mmmpcdec.ax"
+ "MONOGRAM Musepack Splitter"    "mmmpcdmx"    ""    "c:\program files (x86)\k-lite codec pack\filters\mmmpcdmx.ax"
+ "MPC - FLV Source (Gabest)"    "FLV Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)"    "FLV Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - MP4 Source"    "MP4 Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MP4 Splitter"    "MP4 Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG Audio Source"    "Mpa Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\mpasplitter.ax"
+ "MPC - MPEG Audio Splitter"    "Mpa Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\mpasplitter.ax"
+ "MPC - Mpeg Source (Gabest)"    "Mpeg Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)"    "Mpeg Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - MPEG4 Video Source"    "MP4 Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Splitter"    "MP4 Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - RealAudio Decoder"    "RealMedia Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\realmediasplitter.ax"
+ "MPC - RealMedia Source"    "RealMedia Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\realmediasplitter.ax"
+ "MPC - RealMedia Splitter"    "RealMedia Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\realmediasplitter.ax"
+ "MPC - RealVideo Decoder"    "RealMedia Splitter"    "MPC-HC Team"    "c:\program files (x86)\k-lite codec pack\filters\realmediasplitter.ax"
+ "RealPlayer Audio Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Mp3 Transform Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer MPEG4 Transform Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SmartSound SDS Reader"    "SDS Media File Reader Filter"    "SmartSound Software Inc."    "c:\program files (x86)\smartsound software\quicktracks\sdsreader.dll"
+ "SmartSound Soundtrack"    "Quicktracks Soundtrack source filter"    "SmartSound Software Inc."    "c:\program files (x86)\smartsound software\quicktracks\directqx.dll"
+ "T"    "VP7 Decompression Filter"    "On2.com Inc."    "c:\program files (x86)\k-lite codec pack\filters\vp7dec.ax"
+ "Track1Filter"    "Adobe Photoshop Elements 8.0 (component)"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\elements organizer 8.0\track1filter.dll"
+ "Track2Filter"    "Adobe Photoshop Elements 8.0 (component)"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\elements organizer 8.0\track2filter.dll"
+ "VAIO Content Metadata Univ Filter"    "DirectShow Filter for VCM Intelligent Analyzing Manager"    "Sony Corporation"    "c:\program files\sony\vcm intelligent analyzing manager\vcmsmplcapflt.ax"
+ "WavPack Audio Decoder"    "WavPack Audio DirectShow Decoder"    "-"    "c:\program files (x86)\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter"    "WavPack Audio DirectShow Splitter"    "-"    "c:\program files (x86)\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "BtwCredentialProvider"    "BtwCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "igfxcui"    "igfxdev Module"    "Intel Corporation"    "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "HP 5312 Status Monitor"    "Print Status Language Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpinksts5312lm.dll"
+ "HP Discovery Port Monitor (HP Officejet Pro 8500 A910)"    "HP Discovery Port Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpdiscopm5312.dll"
"C:\Users\Donovan\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""
+ "Avast! antivirus monitor"    "Avast! antivirus sidebar gadget."    "AVAST Software"    "C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\Gadget.xml"


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:44 PM

Posted 06 March 2013 - 06:55 AM

Current issues?



#10 brounsville

brounsville
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 06 March 2013 - 04:13 PM

Current issues?


I haven't been redirected to the website yet. So far so good. Thank you :-) I do have another small issue though. Windows auto update isnt giving me the option to download windows service pack 1. I tried to download the new internet explorer yesterday and I couldn't because of the missing service pack. I tried to download it directly from their website but theirs about 7 or 8 links. im confused about which one is for my machine.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:44 PM

Posted 06 March 2013 - 08:09 PM

:welcome:

 

Service pack link for your version

 

http://download.microsoft.com/download/0/A/F/0AFB5316-3062-494A-AB78-7FB0D4461357/windows6.1-KB976932-X64.exe

 

Good luck



#12 brounsville

brounsville
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 07 March 2013 - 04:55 PM

Thank you so much narenxp. I appreciate all the help. You're amazing! :-D

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:44 PM

Posted 07 March 2013 - 04:56 PM

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users