Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows firewall cannot run


  • Please log in to reply
13 replies to this topic

#1 shahir

shahir

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 26 March 2013 - 12:46 PM

Mod Edit;  Split from http://www.bleepingcomputer.com/forums/t/464864/windows-firewall/ - Hamluis.

 

Farbar Service Scanner Version: 03-03-2013
Ran by chira (administrator) on 26-03-2013 at 14:02:33
Running from "C:\Users\chira\Downloads\Programs"
Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.


Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-02-19 18:10] - [2013-01-03 13:05] - 1293672 ____A (Microsoft Corporation) 7C0507D2391AF5933600CBCED799F277

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

what should i do..??

please help..

thanks


Edited by hamluis, 27 March 2013 - 04:22 PM.
PM sent new OP, merged topics - Hamluis.


BC AdBot (Login to Remove)

 


#2 shahir

shahir
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 27 March 2013 - 10:32 AM

please help me on this.. i can't even update my firewall.. it affect my network too i think.. when i click 'use recommended setting' on windows firewall, it loading for a while but nothing change.. can somebody help me please..?

 

Mod Edit: Moved topic from Windows 7 to a more appropriate forum. ~bloopie


Edited by bloopie, 27 March 2013 - 10:45 AM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:33 PM

Posted 27 March 2013 - 10:35 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules and Detect TDLFS file system. Do not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run
  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg
  • Click Reboot computer
  • Please post the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply
  • Due to forum upgrade you may face issues posting the TDSSkiller log.Just last few lines of log is sufficient

===================================================

RKILL
  • Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another.) and save it to your desktop:
  • Link 1
  • Link 2

  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================

ESET Online Scanner

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    esetsmartinstaller_enu.png

    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button

===================================================

Junkware Removal Tool by thisisu
  • Please download Junkware Removal Tool
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply.

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • TDSSKiller log
  • RKILL log
  • ESET log
  • Junkware removal tool log

 
 



#4 shahir

shahir
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 27 March 2013 - 10:51 AM

13:48:28.0387 4036  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:48:30.0399 4036  ============================================================
13:48:30.0399 4036  Current date / time: 2013/03/26 13:48:30.0399
13:48:30.0399 4036  SystemInfo:
13:48:30.0399 4036  
13:48:30.0399 4036  OS Version: 6.1.7601 ServicePack: 1.0
13:48:30.0399 4036  Product type: Workstation
13:48:30.0399 4036  ComputerName: CHIRA-PC
13:48:30.0399 4036  UserName: chira
13:48:30.0399 4036  Windows directory: C:\Windows
13:48:30.0399 4036  System windows directory: C:\Windows
13:48:30.0399 4036  Processor architecture: Intel x86
13:48:30.0399 4036  Number of processors: 2
13:48:30.0399 4036  Page size: 0x1000
13:48:30.0399 4036  Boot type: Normal boot
13:48:30.0399 4036  ============================================================
13:48:35.0001 4036  BG loaded
13:48:38.0855 4036  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:48:38.0870 4036  ============================================================
13:48:38.0870 4036  \Device\Harddisk0\DR0:
13:48:38.0886 4036  MBR partitions:
13:48:38.0886 4036  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x61A8000
13:48:38.0886 4036  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A8800, BlocksNum 0x1F285000
13:48:38.0886 4036  ============================================================
13:48:39.0213 4036  C: <-> \Device\Harddisk0\DR0\Partition1
13:48:40.0664 4036  D: <-> \Device\Harddisk0\DR0\Partition2
13:48:40.0664 4036  ============================================================
13:48:40.0664 4036  Initialize success
13:48:40.0664 4036  ============================================================
 

 

pls conduct me if this is not the one you want.. btw, thank you very much.. :) i'm stillongoing with all the step above..


Edited by shahir, 27 March 2013 - 10:54 AM.


#5 shahir

shahir
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 27 March 2013 - 10:58 AM

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/26/2013 01:55:44 PM in x86 mode.
Windows Version: Windows 7 Enterprise Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\chira\AppData\Local\Temp\28700BBA-30FA-466F-8BCE-DD4226D74B52.exe (PID: 3940) [T-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Automatic

 * BITS [Missing Service]
 * iphlpsvc [Missing Service]
 * wuauserv [Missing Service]

 * WinDefend [Missing ImagePath]

Searching for Missing Digital Signatures:

 * C:\Windows\System32\user32.dll [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll : 811,520 : 07/14/2009 00:16 AM : 34b7e222e81fafa885f0c5f2cfa56861 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll : 811,520 : 11/20/2010 08:21 PM : f1dd3acaee5e6b4bbc69bc6df75cef66 [Pos Repl]

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1 tonec.com
  127.0.0.1 www.tonec.com
  127.0.0.1 registeridm.com
  127.0.0.1 www.registeridm.com
  127.0.0.1 secure.registeridm.com
  127.0.0.1 internetdownloadmanager.com
  127.0.0.1 www.internetdownloadmanager.com
  127.0.0.1 secure.internetdownloadmanager.com
  127.0.0.1 www.secure.internetdownloadmanager.com
  127.0.0.1 mirror.internetdownloadmanager.com
  127.0.0.1 www.mirror.internetdownloadmanager.com
  127.0.0.1 mirror2.internetdownloadmanager.com
  127.0.0.1 www.mirror2.internetdownloadmanager.com
  127.0.0.1 mirror3.internetdownloadmanager.com
  127.0.0.1 www.mirror3.internetdownloadmanager.com
  127.0.0.1 174.133.70.98

Program finished at: 03/26/2013 01:57:26 PM
Execution time: 0 hours(s), 1 minute(s), and 41 seconds(s)

 here's the Rkill report..



#6 shahir

shahir
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 28 March 2013 - 12:52 PM

no report from esset...



#7 shahir

shahir
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 28 March 2013 - 01:03 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.3 (03.23.2013:1)
OS: Windows 7 Enterprise x86
Ran by chira on 26/03/2013 at 13:55:56.44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\bprotectordefaultscope
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2001733173-1985479684-2221586275-1000\software\microsoft\internet explorer\main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] hkey_current_user\software\1clickdownload
Successfully deleted: [Registry Key] hkey_local_machine\software\babylon
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Failed to delete: [Registry Key] hkey_current_user\software\datamngr
Failed to delete: [Registry Key] hkey_local_machine\software\datamngr
Failed to delete: [Registry Key] hkey_current_user\software\datamngr_toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\filescout
Successfully deleted: [Registry Key] hkey_local_machine\software\iminent
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\tarma installer
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\1clicktorrentfile
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\1clicktorrentfile1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\scripthelper.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\viprotocol.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\oneclick
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\oneclickmg
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\s
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3080215
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3279141
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{2eecd738-5844-4a99-b4b6-146bf802613b}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{33524c00-63fb-43db-a6bf-0a4e14b24649}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{e46c8196-b634-44a1-af6e-957c64278ab1}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{eee6c360-6118-11dc-9c72-001320c79847}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{eee6c360-6118-11dc-9c72-001320c79847}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files

Successfully deleted: [File] "C:\Windows\system32\roboot.exe"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\chira\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\chira\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\chira\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\chira\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\chira\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\chira\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\chira\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\chira\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\chira\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\file scout"
Successfully deleted: [Folder] "C:\Program Files\goforfiles"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\web search.xml"
Failed to delete: [Folder] "C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com"
Emptied folder: C:\Users\chira\AppData\Roaming\mozilla\firefox\profiles\r44dy94t.default\minidumps [13 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\chira\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_current_user\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\pmlghpafmmnmmkjdhacccolfgnkiboco



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26/03/2013 at 14:00:05.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

hi narenxp, this is the last one...



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:33 PM

Posted 28 March 2013 - 01:06 PM

Malwarebytes

Please download Malwarebytes Anti-Malware and save it to your desktop. If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

===================================================

Farbar's MiniToolBox
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.

  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

===================================================

Farbar's Service Scanner

Please download Farbar Service Scanner, save it to your desktop, and run it.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services

  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================

AdwCleaner by Xplode - Search for Adware
  • Please download AdwCleaner by Xplode onto your desktop.
  • Security softwares may flag it as malicious.This is a false positive and can be ignored.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • Click YES if you receive a warning for reboot
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================

Autoruns
 
  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply



  • Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Autoruns log

 



#9 shahir

shahir
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 29 March 2013 - 07:36 AM

malwarebytes log :

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.28.13

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
chira :: CHIRA-PC [administrator]

Protection: Disabled

26/03/2013 14:43:33
mbam-log-2013-03-26 (14-43-33).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 230970
Time elapsed: 17 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

minitoolbox log :

MiniToolBox by Farbar  Version:05-03-2013
Ran by chira (administrator) on 26-03-2013 at 14:06:08
Running from "C:\Users\chira\Downloads\Programs"
Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 174.133.70.98
127.0.0.1 tonec.com
127.0.0.1 www.tonec.com
127.0.0.1 registeridm.com
127.0.0.1 www.registeridm.com
127.0.0.1 secure.registeridm.com
127.0.0.1 internetdownloadmanager.com
127.0.0.1 www.internetdownloadmanager.com
127.0.0.1 secure.internetdownloadmanager.com
127.0.0.1 www.secure.internetdownloadmanager.com
127.0.0.1 mirror.internetdownloadmanager.com
127.0.0.1 www.mirror.internetdownloadmanager.com
127.0.0.1 mirror2.internetdownloadmanager.com
127.0.0.1 www.mirror2.internetdownloadmanager.com
127.0.0.1 mirror3.internetdownloadmanager.com
127.0.0.1 www.mirror3.internetdownloadmanager.com
127.0.0.1 174.133.70.98

========================= IP Configuration: ================================

Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : chira-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-21-00-BA-93-73
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 00-24-7E-4B-CF-98
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-23-5A-3A-98-FF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
   Physical Address. . . . . . . . . : 00-21-00-BA-93-73
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d5aa:a3d8:e9:53b%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 26 Mac 2013 13:52:19
   Lease Expires . . . . . . . . . . : 26 Mac 2013 19:52:19
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 184557824
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-1D-B6-BE-00-23-5A-3A-98-FF
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2637A9DE-0AD1-44E2-AB9A-84737ECFAC68}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {B90FA4A3-D86C-4E10-B32A-0E55A1C78FE6}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5590D9CE-DC04-4FB2-ACEC-BC11EF9A767D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    google.com
Addresses:  2404:6800:4005:c00::8b
      74.125.128.138
      74.125.128.102
      74.125.128.100
      74.125.128.113
      74.125.128.139
      74.125.128.101


Pinging google.com [74.125.128.138] with 32 bytes of data:
Reply from 74.125.128.138: bytes=32 time=62ms TTL=50
Reply from 74.125.128.138: bytes=32 time=68ms TTL=50

Ping statistics for 74.125.128.138:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 62ms, Maximum = 68ms, Average = 65ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    yahoo.com
Addresses:  206.190.36.45
      98.139.183.24
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=267ms TTL=52
Reply from 206.190.36.45: bytes=32 time=254ms TTL=52

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 254ms, Maximum = 267ms, Average = 260ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...00 21 00 ba 93 73 ......Microsoft Virtual WiFi Miniport Adapter
 13...00 24 7e 4b cf 98 ......Bluetooth Device (Personal Area Network)
 11...00 23 5a 3a 98 ff ......Realtek PCIe FE Family Controller
 10...00 21 00 ba 93 73 ......Broadcom 802.11g Network Adapter
  1...........................Software Loopback Interface 1
 23...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    281
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    281 fe80::/64                On-link
 10    281 fe80::d5aa:a3d8:e9:53b/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File not found] ()
Catalog9 02 mswsock.dll [File not found] ()
Catalog9 03 mswsock.dll [File not found] ()
Catalog9 04 mswsock.dll [File not found] ()
Catalog9 05 mswsock.dll [File not found] ()
Catalog9 06 mswsock.dll [File not found] ()
Catalog9 07 mswsock.dll [File not found] ()
Catalog9 08 mswsock.dll [File not found] ()
Catalog9 09 mswsock.dll [File not found] ()
Catalog9 10 mswsock.dll [File not found] ()
Catalog9 11 mswsock.dll [File not found] ()
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 mswsock.dll [File not found] ()
Catalog9 15 mswsock.dll [File not found] ()
Catalog9 16 mswsock.dll [File not found] ()
Catalog9 17 mswsock.dll [File not found] ()
Catalog9 18 mswsock.dll [File not found] ()
Catalog9 19 mswsock.dll [File not found] ()
Catalog9 20 mswsock.dll [File not found] ()
Catalog9 21 mswsock.dll [File not found] ()
Catalog9 22 mswsock.dll [File not found] ()
Catalog9 23 mswsock.dll [File not found] ()
Catalog9 24 mswsock.dll [File not found] ()
Catalog9 25 mswsock.dll [File not found] ()
Catalog9 26 mswsock.dll [File not found] ()
Catalog9 27 mswsock.dll [File not found] ()
Catalog9 28 mswsock.dll [File not found] ()
Catalog9 29 mswsock.dll [File not found] ()
Catalog9 30 mswsock.dll [File not found] ()
Catalog9 31 mswsock.dll [File not found] ()
Catalog9 32 mswsock.dll [File not found] ()
Catalog9 33 mswsock.dll [File not found] ()
Catalog9 34 mswsock.dll [File not found] ()
Catalog9 35 mswsock.dll [File not found] ()
Catalog9 36 mswsock.dll [File not found] ()
Catalog9 37 mswsock.dll [File not found] ()
Catalog9 38 mswsock.dll [File not found] ()
Catalog9 39 mswsock.dll [File not found] ()
Catalog9 40 mswsock.dll [File not found] ()
Catalog9 41 mswsock.dll [File not found] ()
Catalog9 42 mswsock.dll [File not found] ()
Catalog9 43 mswsock.dll [File not found] ()
Catalog9 44 mswsock.dll [File not found] ()
Catalog9 45 mswsock.dll [File not found] ()
Catalog9 46 mswsock.dll [File not found] ()
Catalog9 47 mswsock.dll [File not found] ()
Catalog9 48 mswsock.dll [File not found] ()
Catalog9 49 mswsock.dll [File not found] ()
Catalog9 50 mswsock.dll [File not found] ()
Catalog9 51 mswsock.dll [File not found] ()
Catalog9 52 mswsock.dll [File not found] ()
Catalog9 53 mswsock.dll [File not found] ()

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============
Error: (03/26/2013 01:50:06 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.147.142.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.2.0223.00

    Source Path: 4.2.0223.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (03/26/2013 02:20:07 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.147.142.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.2.0223.00

    Source Path: 4.2.0223.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

µTorrent (Version: 3.2.0)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Alarm Clock version 1.0 (Version: 1.0)
Alps Touch Pad Driver
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
ArtMoney SE v7.37.1 (Version: 7.37)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Autorun Eater v2.5 (Version: 2.5)
AVG 2013 (Version: 13.0.3161)
AVG 2013 (Version: 13.0.3267)
AVG 2013 (Version: 2013.0.3267)
AVG Security Toolbar (Version: 14.2.0.1)
BitTorrent (Version: 7.7.0)
BlueStacks (Version: 0.7.3.2605)
Celcom Broadband Manager (Version: 15.001.05.03.91)
Codecs for Windows 7 Pack 4.0.5 (Version: 4.0.5)
Condition Zero (Version: 1.2)
DriverIdentifier 4.2.3
ESET Online Scanner v3
Google Chrome (Version: 25.0.1364.172)
Google Update Helper (Version: 1.3.21.135)
HitmanPro 3.7 (Version: 3.7.0.185)
IDT Audio (Version: 1.0.6225.0)
ImgBurn (Version: 2.4.4.0)
Internet Download Manager
iTunes (Version: 10.5.0.142)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
K-Lite Codec Pack 5.0.5 (Full) (Version: 5.0.5)
LSI HDA Modem (Version: 2.2.100)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
Norton Security Scan (Version: 3.1.2.9)
NVIDIA 3D Vision Video Player (Version: 1.7.2)
PhotoScape
Prism Video File Converter
Pro Evolution Soccer 2011 (Version: 1.01.0000)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Realtek High Definition Audio Driver (Version: 6.0.1.6602)
RealUpgrade 1.1 (Version: 1.1.0)
RocketDock 1.3.5
Samsung Kies (Version: 2.3.2.12064_10)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.6.0)
Updater Service (Version: 15,9,28,27)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.5 (Version: 2.0.5)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
WinZip 17.0 (Version: 17.0.10381)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Devices: ================================

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Disk Virtual Machine Bus Acceleration Filter Driver
Description: Disk Virtual Machine Bus Acceleration Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: storflt

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Microsoft Network Inspection System
Description: Microsoft Network Inspection System
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NisDrv

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: IDT High Definition Audio CODEC
Description: IDT High Definition Audio CODEC
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: IDT
Service: STHDA

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: Microsoft Bluetooth Enumerator
Description: Microsoft Bluetooth Enumerator
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthEnum

Name: Standard Serial over Bluetooth link (COM32)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Offline Files Driver
Description: Offline Files Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSC

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard Modem over Bluetooth link #2
Description: Standard Modem over Bluetooth link
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard Cell Phones
Service: Modem

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Standard Modem over Bluetooth link #6
Description: Standard Modem over Bluetooth link
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard Cell Phones
Service: Modem

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Description: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: IDE Channel
Description: IDE Channel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atapi

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Alps Pointing-device (2-way) for 14-Inch Wide LCD
Description: Alps Pointing-device (2-way) for 14-Inch Wide LCD
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Alps Electric
Service: i8042prt

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw

Name: MpKsl3ff04e40
Description: MpKsl3ff04e40
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl3ff04e40

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Standard Serial over Bluetooth link (COM24)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Description: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Virtual Machine Bus
Description: Virtual Machine Bus
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vmbus

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: AVGIDSDriver
Description: AVGIDSDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSDriver

Name: ATA Channel 4
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Optiarc DVD RW AD-7561S ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Standard Modem over Bluetooth link #5
Description: Standard Modem over Bluetooth link
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard Cell Phones
Service: Modem

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: LSI HDA Modem
Description: LSI HDA Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: LSI
Service: Modem

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: AVGIDSHX
Description: AVGIDSHX
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSHX

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ATA Channel 5
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Bluetooth HID Device
Description: Bluetooth HID Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidBth

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Description: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: AVGIDSShim
Description: AVGIDSShim
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSShim

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel® Core™2 Duo CPU     T6400  @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Virtual WiFi Filter Driver
Description: Virtual WiFi Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vwififlt

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: AVG AVI Loader Driver
Description: AVG AVI Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgldx86

Name: WDC WD3200BEVT-60ZCT1 ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Standard Serial over Bluetooth link (COM15)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: Standard Serial over Bluetooth link (COM11)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: Standard Modem over Bluetooth link #4
Description: Standard Modem over Bluetooth link
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard Cell Phones
Service: Modem

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Intel® ICH9M LPC Interface Controller - 2919
Description: Intel® ICH9M LPC Interface Controller - 2919
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: AVG Logging Driver
Description: AVG Logging Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avglogx

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Description: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel® Core™2 Duo CPU     T6400  @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp

Name: Reliable Multicast Protocol
Description: Reliable Multicast Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RMCAST

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standard AHCI 1.0 Serial ATA Controller
Description: Standard AHCI 1.0 Serial ATA Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard AHCI 1.0 Serial ATA Controller
Service: msahci

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy

Name: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Description: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: ACPI x86-based PC
Description: ACPI x86-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP

Name: AVG TDI Driver
Description: AVG TDI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgtdix

Name: Standard Serial over Bluetooth link (COM10)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: Standard Serial over Bluetooth link (COM16)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: IDMWFP
Description: IDMWFP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IDMWFP

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Standard Modem over Bluetooth link #3
Description: Standard Modem over Bluetooth link
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard Cell Phones
Service: Modem

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: avgtp
Description: avgtp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: avgtp

Name: Broadcom 802.11g Network Adapter
Description: Broadcom 802.11g Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPNAT

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Description: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: Bluetooth HID Device
Description: Bluetooth HID Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidBth

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: Compbatt

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: HP Integrated Bluetooth module
Description: HP Integrated Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: HP
Service: BTHUSB

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standard Serial over Bluetooth link (COM25)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: BlueStacks Hypervisor
Description: BlueStacks Hypervisor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BstHdDrv

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Standard Serial over Bluetooth link (COM31)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor

Name: Standard Modem over Bluetooth link
Description: Standard Modem over Bluetooth link
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard Cell Phones
Service: Modem


========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 3002.96 MB
Available physical RAM: 1429.84 MB
Total Pagefile: 6004.2 MB
Available Pagefile: 4117.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.78 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:48.83 GB) (Free:5.22 GB) NTFS
2 Drive d: (chaer&fyra) (Fixed) (Total:249.26 GB) (Free:82.43 GB) NTFS

========================= Users: ========================================

User accounts for \\CHIRA-PC

Administrator            chira                    Guest                    

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================


**** End of log ****

 

farbar service scanner :

 

Farbar Service Scanner Version: 03-03-2013
Ran by chira (administrator) on 26-03-2013 at 14:16:29
Running from "C:\Users\chira\Downloads\Programs"
Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.


Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-02-19 18:10] - [2013-01-03 13:05] - 1293672 ____A (Microsoft Corporation) 7C0507D2391AF5933600CBCED799F277

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

adwcleaner log :

 

# AdwCleaner v2.115 - Logfile created 03/26/2013 at 14:20:04
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Enterprise Service Pack 1 (32 bits)
# User : chira - CHIRA-PC
# Boot Mode : Normal
# Running from : C:\Users\chira\Downloads\Programs\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
Deleted on reboot : C:\Users\chira\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
File Deleted : C:\END
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\chira\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\chira\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Web Search.xml
Folder Deleted : C:\Program Files\1ClickDownload
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Red Sky
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\chira\AppData\Local\APN
Folder Deleted : C:\Users\chira\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\chira\AppData\Local\Google\Chrome\User Data\Default\Extensions\figdphohhlffelolcabcjpikobidapnk
Folder Deleted : C:\Users\chira\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Folder Deleted : C:\Users\chira\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\chira\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\chira\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\chira\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\chira\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\e68fdab068be17
Key Deleted : HKCU\Software\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\e68fdab068be17
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\figdphohhlffelolcabcjpikobidapnk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\chira\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js

C:\Users\chira\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={9E99E964-BF51-4025-98E2-91E07E69[...]
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={9E99E964-BF51-4025-98E2-91E07E69865B}&m[...]

File : C:\Users\chira\AppData\Roaming\Mozilla\Firefox\Profiles\r44dy94t.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.172

File : C:\Users\chira\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [9984 octets] - [26/03/2013 14:20:04]

########## EOF - C:\AdwCleaner[S1].txt - [10044 octets] ##########

 

autoruns log :

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "19/02/2013 18:07"
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"    "03/12/2012 15:34"
+ "Apoint"    "Alps Pointing-device Driver"    "Alps Electric Co., Ltd."    "c:\program files\apoint2k\apoint.exe"    "14/05/2009 18:25"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files\common files\apple\apple application support\apsdaemon.exe"    "15/09/2011 15:28"
+ "AVG_UI"    "AVG User Interface"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgui.exe"    "13/03/2013 23:11"
+ "BlueStacks Agent"    "BlueStacks Agent"    "BlueStack Systems, Inc."    "c:\program files\bluestacks\hd-agent.exe"    "29/08/2012 20:38"
+ "DivXMediaServer"    ""    ""    "File not found: C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe"    ""
+ "GrooveMonitor"    "GrooveMonitor Utility"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\groovemonitor.exe"    "27/10/2006 14:53"
+ "HotKeysCmds"    "hkcmd Module"    "Intel Corporation"    "c:\windows\system32\hkcmd.exe"    "26/08/2010 2:59"
+ "IgfxTray"    "igfxTray Module"    "Intel Corporation"    "c:\windows\system32\igfxtray.exe"    "26/08/2010 3:00"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files\itunes\ituneshelper.exe"    "10/10/2011 8:13"
+ "KiesTrayAgent"    "Kies TrayAgent Application"    "Samsung Electronics Co., Ltd."    "c:\program files\samsung\kies\kiestrayagent.exe"    "25/06/2012 15:28"
+ "MSC"    "Microsoft Security Client User Interface"    "Microsoft Corporation"    "c:\program files\microsoft security client\msseces.exe"    "25/01/2013 12:27"
+ "Persistence"    "persistence Module"    "Intel Corporation"    "c:\windows\system32\igfxpers.exe"    "26/08/2010 2:59"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files\common files\java\java update\jusched.exe"    "04/07/2012 0:04"
+ "SysTrayApp"    "IDT PC Audio"    "IDT, Inc."    "c:\program files\idt\wdm\sttray.exe"    "22/07/2009 6:59"
+ "TkBellExe"    "RealNetworks Scheduler"    "RealNetworks, Inc."    "c:\program files\real\realplayer\update\realsched.exe"    "01/12/2012 7:17"
+ "vProt"    ""    ""    "File not found: C:\Program Files\AVG Secure Search\vprot.exe"    ""
+ "Zune Launcher"    "Zune Auto-Launcher"    "Microsoft Corporation"    "c:\program files\zune\zunelauncher.exe"    "06/08/2011 3:21"
"C:\Users\chira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""    "08/12/2012 15:09"
+ "OneNote 2007 Screen Clipper and Launcher.lnk"    "Microsoft Office OneNote Quick Launcher"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\onenotem.exe"    "27/10/2006 11:17"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "25/03/2011 11:26"
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files\google\chrome\application\25.0.1364.172\installer\chrmstp.exe"    "11/03/2013 6:19"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "14/07/2009 7:42"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "19/02/2013 17:53"
+ "IDMan"    "Internet Download Manager (IDM)"    "Tonec Inc."    "c:\program files\internet download manager\idman.exe"    "01/03/2013 19:47"
+ "KiesAirMessage"    ""    ""    "File not found: C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup"    ""
+ "KiesPDLR"    "KiesPDLR"    ""    "c:\program files\samsung\kies\external\firmwareupdate\kiespdlr.exe"    "21/06/2012 4:43"
+ "KiesPreload"    "Kies"    "Samsung"    "c:\program files\samsung\kies\kies.exe"    "12/07/2012 17:14"
+ "Messenger (Yahoo!)"    "Yahoo! Messenger"    "Yahoo! Inc."    "c:\program files\yahoo!\messenger\yahoomessenger.exe"    "22/08/2011 16:15"
+ "RocketDock"    ""    ""    "File not found: C:\Program Files\RocketDock\RocketDock.exe"    ""
+ "Sidebar"    "Windows Desktop Gadgets"    "Microsoft Corporation"    "c:\program files\windows sidebar\sidebar.exe"    "20/11/2010 17:40"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""    "14/07/2009 12:41"
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"    "27/10/2006 12:31"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""    "14/07/2009 12:41"
+ "grooveLocalGWS"    "GrooveSystemServices Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\groovesystemservices.dll"    "27/10/2006 15:20"
+ "ms-help"    "Microsoft® Help Data Services Module"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\help\hxds.dll"    "19/08/2006 16:23"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""    "26/03/2013 13:54"
+ "Groove GFS Stub Execution Hook"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 12:41"
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgse.dll"    "19/02/2013 11:00"
+ "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"    "25/01/2013 12:26"
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files\winrar\rarext.dll"    "09/06/2012 21:20"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "15/01/2013 15:28"
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 12:41"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"    "15/12/2012 4:52"
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""    "08/01/2013 18:14"
+ "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"    "25/01/2013 12:26"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "15/01/2013 15:28"
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""    "08/01/2013 18:14"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "15/01/2013 15:28"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 12:41"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"    "14/07/2009 9:09"
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"    "26/08/2010 2:59"
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "13/02/2013 6:45"
+ "Haali Column Provider"    ""    ""    "c:\program files\mega codec pack\filters\haali\mmfinfo.dll"    "11/01/2009 6:15"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"    "19/12/2012 2:06"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "13/02/2013 6:45"
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgse.dll"    "19/02/2013 11:00"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"    "15/12/2012 4:52"
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files\winrar\rarext.dll"    "09/06/2012 21:20"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "15/01/2013 15:28"
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""    "13/02/2013 6:45"
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files\winrar\rarext.dll"    "09/06/2012 21:20"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "15/01/2013 15:28"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "26/03/2013 13:54"
+ "0MediaIconsOerlay"    "Online files icon's overlay"    "Microsoft"    "c:\program files\mega codec pack\filters\haali\mmdinfo.dll"    "09/12/2012 17:47"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
+ "IDM Shell Extension"    "Internet Download Manager module"    "Tonec Inc."    "c:\program files\internet download manager\idmshellext.dll"    "15/11/2012 21:07"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "26/03/2013 13:54"
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"    "24/09/2012 10:24"
+ "Groove GFS Browser Helper"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveshellextensions.dll"    "27/10/2006 15:20"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"    "25/09/2012 14:04"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"    "25/09/2012 14:03"
+ "RealNetworks Download and Record Plugin for Internet Explorer"    "RealPlayer Download and Record Plugin"    "RealDownloader"    "c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll"    "30/11/2012 12:33"
+ "SingleInstance Class"    "Yahoo! Single Instance for Mail"    "Yahoo! Inc"    "c:\program files\yahoo!\companion\installs\cpn0\ytsingleinstance.dll"    "16/03/2011 10:45"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks"    ""    ""    ""    "08/01/2013 18:18"
+ "YTNavAssistPlugin Class"    "Yahoo! Toolbar"    "Yahoo! Inc."    "c:\program files\yahoo!\companion\installs\cpn2\yt.dll"    "26/11/2012 19:13"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "08/01/2013 18:20"
+ "S&end to OneNote"    "Microsoft Office OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\onbttnie.dll"    "27/10/2006 11:32"
"Task Scheduler"    ""    ""    ""    ""
+ "\Adobe Flash Player Updater"    "Adobe® Flash® Player Update Service 11.6 r602"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"    "01/03/2013 10:40"
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"    "02/06/2011 8:46"
+ "\Escolade"    ""    ""    "File not found: C:\Users\chira\AppData\Roaming\iPumper\Updater.exe"    ""
+ "\Go for FilesUpdate"    ""    ""    "File not found: C:\Program Files\GoforFiles\GFFUpdater.exe"    ""
+ "\GoogleUpdateTaskMachineCore"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "16/02/2012 10:43"
+ "\GoogleUpdateTaskMachineUA"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "16/02/2012 10:43"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\microsoft security client\mpcmdrun.exe"    "25/01/2013 12:25"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"    "11/06/2009 5:19"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"    "14/07/2009 8:09"
+ "\NCH Software\prismShakeIcon"    "Prism Video File Converter"    "NCH Software"    "c:\program files\nch software\prism\prism.exe"    "27/07/2010 10:28"
+ "\Norton Security Scan for chira"    "Norton Security Scan"    "Symantec Corporation"    "c:\program files\norton security scan\engine\3.1.2.9\nss.exe"    "03/10/2012 18:27"
+ "\RealDownloaderDownloaderScheduledTaskS-1-5-21-2001733173-1985479684-2221586275-1000"    "RealDownloader"    "RealNetworks, Inc."    "c:\program files\realnetworks\realdownloader\recordingmanager.exe"    "30/11/2012 12:33"
+ "\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2001733173-1985479684-2221586275-1000"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\realnetworks\realdownloader\realupgrade.exe"    "30/11/2012 12:31"
+ "\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2001733173-1985479684-2221586275-1000"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\realnetworks\realdownloader\realupgrade.exe"    "30/11/2012 12:31"
+ "\RealPlayerRealUpgradeLogonTaskS-1-5-21-2001733173-1985479684-2221586275-1000"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"    "01/12/2012 7:30"
+ "\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2001733173-1985479684-2221586275-1000"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"    "01/12/2012 7:30"
+ "\RealUpgradeLogonTaskS-1-5-21-2001733173-1985479684-2221586275-1000"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"    "01/12/2012 7:30"
+ "\RealUpgradeScheduledTaskS-1-5-21-2001733173-1985479684-2221586275-1000"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"    "01/12/2012 7:30"
+ "\ReclaimerUpdateFiles_chira"    "RealNetworks Installer"    "RealNetworks, Inc."    "c:\users\chira\appdata\roaming\real\update\upgradehelper\realplayer\10.40\agent\rnupgagent.exe"    "14/02/2013 7:31"
+ "\ReclaimerUpdateXML_chira"    "RealNetworks Installer"    "RealNetworks, Inc."    "c:\users\chira\appdata\roaming\real\update\upgradehelper\realplayer\10.40\agent\rnupgagent.exe"    "14/02/2013 7:31"
+ "\RNUpgradeHelperLogonPrompt_chira"    "RealNetworks Installer"    "RealNetworks, Inc."    "c:\users\chira\appdata\roaming\real\update\upgradehelper\realplayer\10.40\agent\rnupgagent.exe"    "14/02/2013 7:31"
+ "\RNUpgradeHelperResumePrompt_chira"    "RealNetworks Installer"    "RealNetworks, Inc."    "c:\users\chira\appdata\roaming\real\update\upgradehelper\realplayer\10.40\agent\rnupgagent.exe"    "14/02/2013 7:31"
+ "\SidebarExecute"    "Windows Desktop Gadgets"    "Microsoft Corporation"    "c:\program files\windows sidebar\sidebar.exe"    "20/11/2010 17:40"
+ "\{DBC65F21-F06F-4183-8871-1F36690D4DD5}"    ""    ""    "File not found: E:\Angry Birds (PC)\AngryBirds.exe"    ""
+ "\{E7AAD6C0-1B19-42ED-A82C-DFD76FFF591B}"    ""    ""    "File not found: E:\Angry Birds (PC)\AngryBirds.exe"    ""
+ "\{EB6B43DB-44D7-47DB-8D1B-43300E26112D}"    ""    ""    "File not found: E:\Angry Birds (PC)\AngryBirds.exe"    ""
+ "\{EE5779D2-71C4-4C69-847C-99167EC64CDA}"    ""    ""    "File not found: E:\Angry Birds (PC)\AngryBirds.exe"    ""
+ "\{FA7139D1-46E5-45EE-B75C-09AD7C19ABB9}"    ""    ""    "File not found: E:\Angry Birds (PC)\AngryBirds.exe"    ""
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "19/02/2013 18:00"
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\armsvc.exe"    "03/12/2012 15:34"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"    "01/03/2013 10:40"
+ "AESTFilters"    "Andrea filters APO access service (32-bit)"    "Andrea Electronics Corporation"    "c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe"    "03/03/2009 3:43"
+ "AgereModemAudio"    "LSI Soft Modem Call Progress Service"    "LSI Corporation"    "c:\program files\lsi softmodem\agrsmsvc.exe"    "28/03/2009 6:07"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"    "07/09/2011 9:55"
+ "AVGIDSAgent"    "Provides Identity Protection Against Cyber Crime."    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgidsagent.exe"    "28/02/2013 5:36"
+ "avgwd"    "AVG Watchdog Service"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgwdsvc.exe"    "19/02/2013 9:47"
+ "BstHdAndroidSvc"    "BlueStacks Service"    "BlueStack Systems, Inc."    "c:\program files\bluestacks\hd-service.exe"    "29/08/2012 20:37"
+ "BstHdLogRotatorSvc"    "BlueStacks Log Rotator Service"    "BlueStack Systems, Inc."    "c:\program files\bluestacks\hd-logrotatorservice.exe"    "29/08/2012 20:38"
+ "gupdate"    "Memastikan perisian Google anda sentiasa terkini. Jika perkhidmatan ini dilumpuhkan atau diberhentikan, perisian Google anda tidak akan dikemas kini, bermakna kerentanan keselamatan yang mungkin timbul tidak boleh dibetulkan dan ciri mungkin tidak berfungsi. Perkhidmatan ini dinyahpasang dengan sendirinya apabila tiada perisian Google menggunakannya."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "16/02/2012 10:43"
+ "gupdatem"    "Memastikan perisian Google anda sentiasa terkini. Jika perkhidmatan ini dilumpuhkan atau diberhentikan, perisian Google anda tidak akan dikemas kini, bermakna kerentanan keselamatan yang mungkin timbul tidak boleh dibetulkan dan ciri mungkin tidak berfungsi. Perkhidmatan ini dinyahpasang dengan sendirinya apabila tiada perisian Google menggunakannya."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "16/02/2012 10:43"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"    "10/10/2011 8:13"
+ "MBAMScheduler"    "Malwarebytes Anti-Malware scheduler"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"    "15/12/2012 4:51"
+ "MBAMService"    "Malwarebytes Anti-Malware service"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamservice.exe"    "15/12/2012 4:51"
+ "Microsoft Office Groove Audit Service"    "Groove Audit Service"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\grooveauditservice.exe"    "27/10/2006 14:44"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"    "07/03/2013 20:32"
+ "MsMpSvc"    "Helps protect users from malware and other potentially unwanted software"    "Microsoft Corporation"    "c:\program files\microsoft security client\msmpeng.exe"    "25/01/2013 12:25"
+ "NisSrv"    "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols"    "Microsoft Corporation"    "c:\program files\microsoft security client\nissrv.exe"    "25/01/2013 12:25"
+ "odserv"    "Run portions of Microsoft Office Diagnostics."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\odserv.exe"    "27/10/2006 10:48"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"    "27/10/2006 5:00"
+ "RealNetworks Downloader Resolver Service"    "Manage different Downloader versions in RealNetworks' products."    ""    "c:\program files\realnetworks\realdownloader\rndlresolversvc.exe"    "30/11/2012 12:31"
+ "STacSV"    "Manages audio jack configurations."    "IDT, Inc."    "c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe"    "22/07/2009 6:58"
+ "vToolbarUpdater14.2.0"    "ToolbarU Application"    ""    "c:\program files\common files\avg secure search\vtoolbarupdater\14.2.0\toolbarupdater.exe"    "05/02/2013 0:49"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"    "20/11/2010 18:36"
+ "WMZuneComm"    "Zune Connectivity for Windows Mobile devices"    "Microsoft Corporation"    "c:\program files\zune\wmzunecomm.exe"    "06/08/2011 3:20"
+ "YahooAUService"    "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements."    "Yahoo! Inc."    "c:\program files\yahoo!\softwareupdate\yahooauservice.exe"    "10/11/2008 4:47"
+ "ZuneNetworkSvc"    "Shares Zune media libraries to Zune devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\zune\zunenss.exe"    "06/08/2011 3:26"
+ "ZuneWlanCfgSvc"    "Configures Zune for wireless syncing"    "Microsoft Corporation"    "c:\program files\zune\zunewlancfgsvc.exe"    "06/08/2011 3:21"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "19/02/2013 18:00"
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"    "06/12/2008 7:59"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"    "02/05/2007 1:29"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"    "28/02/2007 8:03"
+ "AgereSoftModem"    "SoftModem Device Driver"    "LSI Corporation"    "c:\windows\system32\drivers\agrsm.sys"    "27/01/2010 1:38"
+ "aic78xx"    "Adaptec Ultra SCSI miniport"    "Adaptec, Inc."    "c:\windows\system32\drivers\djsvs.sys"    "12/04/2006 8:20"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"    "14/07/2009 7:11"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"    "19/03/2010 9:08"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows family"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"    "21/03/2009 2:35"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"    "20/03/2010 0:19"
+ "ApfiltrService"    "Alps Touch Pad Driver"    "Alps Electric Co., Ltd."    "c:\windows\system32\drivers\apfiltr.sys"    "12/05/2009 17:35"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"    "25/05/2007 5:31"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"    "15/01/2009 3:26"
+ "AVGIDSDriver"    "AVG Technologies IDS Application Activity Monitor Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgidsdriverx.sys"    "27/02/2013 6:25"
+ "AVGIDSHX"    "AVG Technologies IDS Application Activity Monitor Helper Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgidshx.sys"    "08/02/2013 11:13"
+ "AVGIDSShim"    "AVG Technologies IDS Application Activity Monitor Shim Loader Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgidsshimx.sys"    "01/03/2013 17:22"
+ "Avgldx86"    "AVG AVI Loader Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgldx86.sys"    "08/02/2013 11:13"
+ "Avglogx"    "AVG Logging Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avglogx.sys"    "08/02/2013 11:13"
+ "Avgmfx86"    "AVG Resident Shield Minifilter Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgmfx86.sys"    "08/02/2013 11:13"
+ "Avgrkx86"    "AVG Anti-Rootkit Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgrkx86.sys"    "08/02/2013 11:12"
+ "Avgtdix"    "AVG Network connection watcher"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgtdix.sys"    "14/02/2013 10:37"
+ "avgtp"    ""    "AVG Technologies"    "c:\windows\system32\drivers\avgtpx86.sys"    "29/01/2013 18:44"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbdx.sys"    "14/02/2009 6:10"
+ "b57nd60x"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60x.sys"    "26/04/2009 19:15"
+ "BCM43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwl6.sys"    "27/03/2009 8:58"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"    "07/08/2006 5:33"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"    "07/08/2006 5:33"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"    "07/08/2006 5:33"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"    "07/08/2006 5:33"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"    "07/08/2006 5:33"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"    "09/08/2006 20:02"
+ "BstHdDrv"    "BlueStacks Hypervisor for x86"    "BlueStack Systems"    "c:\program files\bluestacks\hd-hypervisor-x86.sys"    "29/08/2012 20:38"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"    "14/07/2009 7:11"
+ "dg_ssudbus"    "SAMSUNG USB Composite Device Driver (MSS Ver.3)"    "DEVGURU Co., LTD.(www.devguru.co.kr)"    "c:\windows\system32\drivers\ssudbus.sys"    "11/05/2012 15:31"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbdx.sys"    "01/01/2009 0:06"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"    "04/02/2009 6:09"
+ "ewusbnet"    "USB NDIS Miniport Driver"    "Huawei Technologies Co., Ltd."    "c:\windows\system32\drivers\ewusbnet.sys"    "07/12/2009 19:34"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"    "18/05/2009 20:16"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"    "11/05/2009 15:22"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"    "19/05/2009 7:42"
+ "hwdatacard"    "USB Modem/Serial Device Driver"    "Huawei Technologies Co., Ltd."    "c:\windows\system32\drivers\ewusbmdm.sys"    "07/12/2009 19:53"
+ "hwusbdev"    "USB Modem/Serial Device Driver"    "Huawei Technologies Co., Ltd."    "c:\windows\system32\drivers\ewusbdev.sys"    "12/10/2009 15:22"
+ "iaStorV"    "Intel Matrix Storage Manager driver - ia32"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"    "11/06/2010 8:45"
+ "IDMWFP"    "Internet Download Manager WFP Driver"    "Tonec Inc."    "c:\windows\system32\drivers\idmwfp.sys"    "21/11/2012 22:42"
+ "igfx"    "Intel Graphics Kernel Mode Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igdkmd32.sys"    "26/08/2010 3:31"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"    "14/12/2005 5:48"
+ "JMCR"    "JMicron JMB38X Flash Media Controller Driver"    "JMicron Technology Corporation"    "c:\windows\system32\drivers\jmcr.sys"    "26/05/2010 17:58"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"    "10/12/2008 6:28"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"    "19/05/2009 8:19"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"    "19/05/2009 8:31"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"    "17/04/2009 6:14"
+ "MBAMProtector"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbam.sys"    "21/08/2012 0:49"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7 for x86"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"    "19/05/2009 9:09"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"    "19/05/2009 9:25"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"    "07/06/2006 5:12"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"    "20/03/2010 5:00"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"    "20/03/2010 4:51"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"    "23/01/2009 7:28"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"    "19/05/2009 9:17"
+ "RTL8167"    "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver                "    "Realtek                                            "    "c:\windows\system32\drivers\rt86win7.sys"    "22/05/2009 22:52"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"    "13/09/2006 21:18"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"    "25/09/2008 2:19"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"    "02/10/2008 5:52"
+ "ssudmdm"    "SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)"    "DEVGURU Co., LTD.(www.devguru.co.kr)"    "c:\windows\system32\drivers\ssudmdm.sys"    "11/05/2012 15:32"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"    "18/02/2009 7:03"
+ "STHDA"    "IDT PC Audio"    "IDT, Inc."    "c:\windows\system32\drivers\stwrt.sys"    "22/07/2009 6:41"
+ "Synth3dVsc"    ""    ""    "File not found: System32\drivers\synth3dvsc.sys"    ""
+ "tsusbhub"    "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2"    ""    "File not found: system32\drivers\tsusbhub.sys"    ""
+ "USBAAPL"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl.sys"    "29/04/2011 2:25"
+ "VGPU"    ""    ""    "File not found: System32\drivers\rdvgkmd.sys"    ""
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"    "14/07/2009 7:11"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"    "31/01/2009 9:13"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "19/02/2013 17:49"
+ "msacm.ac3acm"    "AC-3 ACM Codec"    "fccHandler"    "c:\windows\system32\ac3acm.acm"    "21/09/2007 14:52"
+ "msacm.divxa32"    "DivX;-) Audio Codec"    "Packed With Joy !"    "c:\windows\system32\divxa32.acm"    "12/01/2000 10:19"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "14/07/2009 9:06"
+ "msacm.lameacm"    "Lame MP3 codec engine"    "http://www.mp3dev.org/"    "c:\windows\system32\lameacm.acm"    "25/09/2008 3:41"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"    "20/11/2010 19:59"
+ "vidc.lags"    "Lagarith"    " "    "c:\windows\system32\lagarith.dll"    "08/12/2011 8:32"
+ "VIDC.XVID"    ""    ""    "c:\windows\system32\xvidvfw.dll"    "30/05/2011 21:42"
"HKLM\Software\Classes\Filter"    ""    ""    ""    "26/03/2013 14:20"
+ "MainConcept MPEG Demultiplexer"    ""    ""    "File not found: C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"    ""
+ "MainConcept MPEG Demultiplexer"    ""    ""    "File not found: C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"    ""
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "14/07/2009 12:41"
+ "AC3File"    ""    ""    "c:\program files\k-lite codec pack\filters\ac3file.ax"    "04/08/2009 13:09"
+ "CoreVorbis Audio Decoder"    "CoreVorbis"    "-"    "c:\program files\k-lite codec pack\filters\corevorbis.ax"    "13/08/2005 19:25"
+ "DC-Bass Source"    "DirectShow™ Audio Decoder"    "http://www.dsp-worx.de"    "c:\windows\system32\dcbasssource.ax"    "20/06/1992 6:22"
+ "DirectVobSub"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "xy-VSFilter Team"    "c:\program files\mega codec pack\filters\vsfilter.dll"    "13/08/2012 22:10"
+ "DirectVobSub (auto-loading version)"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "xy-VSFilter Team"    "c:\program files\mega codec pack\filters\vsfilter.dll"    "13/08/2012 22:10"
+ "ffdshow DXVA Video Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\mega codec pack\filters\ffdshow\ffdshow.ax"    "22/08/2012 20:18"
+ "File Source (Monkey Audio)"    ""    ""    "c:\program files\k-lite codec pack\filters\monkeysource.ax"    "20/06/1992 6:22"
+ "FLV4 Video Decoder"    "FLV Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\flvsplitter.ax"    "28/04/2009 19:44"
+ "LAV Audio Decoder"    "LAV Audio Decoder - DirectShow Audio Decoder"    "1f0.de - Hendrik Leppkes"    "c:\windows\system32\lavaudio.ax"    "20/07/2012 1:56"
+ "LAV Splitter"    "LAV Splitter - DirectShow Media Splitter"    "1f0.de - Hendrik Leppkes"    "c:\windows\system32\lavsplitter.ax"    "20/07/2012 1:56"
+ "LAV Splitter Source"    "LAV Splitter - DirectShow Media Splitter"    "1f0.de - Hendrik Leppkes"    "c:\windows\system32\lavsplitter.ax"    "20/07/2012 1:56"
+ "LAV Video Decoder"    "LAV Video Decoder - DirectShow Video Decoder"    "1f0.de - Hendrik Leppkes"    "c:\windows\system32\lavvideo.ax"    "20/07/2012 1:56"
+ "MACSReaderMP3 Filter"    "MACSReaderMP3 Filter"    ""    "c:\program files\samsung\kies\external\mediamodules\macsreaderavi.ax"    "09/10/2007 13:42"
+ "madFlac Decoder"    "DirectShow FLAC Decoder"    "www.madshi.net"    "c:\program files\k-lite codec pack\filters\madflac.ax"    "20/06/1992 6:22"
+ "madFlac Source"    "DirectShow FLAC Decoder"    "www.madshi.net"    "c:\program files\k-lite codec pack\filters\madflac.ax"    "20/06/1992 6:22"
+ "MainConcept MPEG Demultiplexer"    ""    ""    "File not found: C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"    ""
+ "MainConcept Stream Parser"    ""    ""    "File not found: C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"    ""
+ "Microsoft Zune H.264 Video Decoder"    "Microsoft Zune H.264 Video Decoder"    "Microsoft Corporation"    "c:\program files\zune\zuneh264dec.dll"    "06/08/2011 3:20"
+ "MONOGRAM AMR Decoder"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files\k-lite codec pack\filters\mmamr.ax"    "16/03/2008 21:30"
+ "MONOGRAM AMR Encoder"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files\k-lite codec pack\filters\mmamr.ax"    "16/03/2008 21:30"
+ "MONOGRAM AMR Mux"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files\k-lite codec pack\filters\mmamr.ax"    "16/03/2008 21:30"
+ "MONOGRAM AMR Splitter"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files\k-lite codec pack\filters\mmamr.ax"    "16/03/2008 21:30"
+ "MONOGRAM Musepack Decoder"    "mmmpcdec"    ""    "c:\program files\k-lite codec pack\filters\mmmpcdec.ax"    "18/01/2009 19:03"
+ "MONOGRAM Musepack Splitter"    "mmmpcdmx"    ""    "c:\program files\k-lite codec pack\filters\mmmpcdmx.ax"    "19/01/2009 0:15"
+ "MP4 Source"    "MP4 Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mp4splitter.ax"    "10/12/2008 22:53"
+ "MP4 Splitter"    "MP4 Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mp4splitter.ax"    "10/12/2008 22:53"
+ "MPC - FLV Source (Gabest)"    "FLV Splitter"    "Gabest"    "c:\program files\mega codec pack\filters\flvsplitter.ax"    "31/08/2009 14:44"
+ "MPC - FLV Splitter (Gabest)"    "FLV Splitter"    "Gabest"    "c:\program files\mega codec pack\filters\flvsplitter.ax"    "31/08/2009 14:44"
+ "MPC - Mpeg Source (Gabest)"    "Mpeg Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"    "03/08/2009 0:19"
+ "MPC - Mpeg Splitter (Gabest)"    "Mpeg Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"    "03/08/2009 0:19"
+ "MPC - MPEG-2 Video Decoder (Gabest)"    "MPEG-2 Decoder Filter for DirectShow"    "Gabest"    "c:\program files\mega codec pack\filters\mpeg2decfilter.ax"    "31/08/2009 14:47"
+ "MPC CDXA Reader"    "CDXA Reader Filter"    "MPC-HC Team"    "c:\windows\system32\cdxareader.ax"    "26/05/2012 22:15"
+ "MPEG4 Video Source"    "MP4 Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mp4splitter.ax"    "10/12/2008 22:53"
+ "MPEG4 Video Splitter"    "MP4 Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mp4splitter.ax"    "10/12/2008 22:53"
+ "MusicCity MPEG Splitter"    "PCube MPEG Splitter Filter"    "© MusicCity"    "c:\windows\system32\muzmpgsp.ax"    "11/09/2007 9:15"
+ "MusicCity OGG Splitter"    "OGG Splitter"    "© PeeringPortal"    "c:\windows\system32\muzoggsp.ax"    "10/02/2006 20:10"
+ "NEDFilter4Samsung Filter"    "MACSReaderMP3 Filter"    "L544™ Technology"    "c:\program files\samsung\kies\external\mediamodules\nedfilter4samsung.ax"    "15/12/2009 14:25"
+ "P3Audio"    "PCube Audio Decoder Filter"    "© MusicCity"    "c:\windows\system32\muzdecode.ax"    "10/02/2006 20:02"
+ "P3AudioEffect"    "P3AudioEffect Filter"    "© MUSICCITY"    "c:\windows\system32\muzeffect.ax"    "10/02/2006 20:38"
+ "P3MP4Splitter"    "P3MP4Splitter Filter"    "© MusicCity"    "c:\windows\system32\muzmp4sp.ax"    "10/02/2006 23:25"
+ "P3Sourcer"    "AOD Sourcer Filter"    "Musiccity Co.Ltd."    "c:\windows\system32\muzaf1.dll"    "10/04/2006 19:26"
+ "P3WMTSplitter"    "P3WMTSplitter Filter"    " © MusicCity"    "c:\windows\system32\muzwmts.dll"    "10/02/2006 20:14"
+ "RealPlayer Audio Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"    "01/12/2012 7:23"
+ "RealPlayer Mp3 Transform Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"    "01/12/2012 7:23"
+ "RealPlayer MPEG4 Transform Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"    "01/12/2012 7:23"
+ "RealPlayer Transcode Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"    "01/12/2012 7:23"
+ "RealPlayer Video Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"    "01/12/2012 7:23"
+ "SelfMusicVideo Dump Filter"    "SelfMusicVideo Dump Filter (DShow)"    "ENJsoft Corporation"    "c:\program files\samsung\kies\external\transmodules\tg_dump0708.dll"    "24/07/2008 2:45"
+ "SpatialStereo Filter"    ""    ""    "c:\windows\system32\3daudio.ax"    "14/04/2008 19:58"
+ "T"    "VP7 Decompression Filter"    "On2.com Inc."    "c:\program files\k-lite codec pack\filters\vp7dec.ax"    "25/03/2006 6:09"
+ "WavPack Audio Decoder"    "WavPack Audio DirectShow Decoder"    "-"    "c:\program files\mega codec pack\filters\wavpackdsdecoder.ax"    "04/03/2007 17:50"
+ "WavPack Audio Splitter"    "WavPack Audio DirectShow Splitter"    "-"    "c:\program files\mega codec pack\filters\wavpackdssplitter.ax"    "03/10/2007 6:09"
+ "WMEnc Screen Capture Filter"    "ZuneSrcWrp Module"    "Microsoft Corporation"    "c:\program files\zune\zunesrcwrp.dll"    "06/08/2011 3:26"
+ "Zune Enhanced Video Renderer"    "Enhanced Video Renderer DLL"    "Microsoft Corporation"    "c:\program files\zune\zuneevr.dll"    "06/08/2011 3:19"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""    "26/03/2013 13:47"
+ "igfxcui"    "igfxdev Module"    "Intel Corporation"    "c:\windows\system32\igfxdev.dll"    "26/08/2010 2:59"
"C:\Users\chira\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""    "26/03/2013 13:58"
+ "AVG"    "AVG"    "AVG Technologies"    "C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget\\Gadget.xml"    "08/02/2013 2:36"
+ "Clock"    "Watch the clock in your own time zone or any city in the world."    "Microsoft Corporation"    "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml"    "14/07/2009 10:07"
 

hi narenxp, pls advise if above not the log that you want..



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:33 PM

Posted 29 March 2013 - 08:19 AM

Click on startmenu and type

 

cmd

 

Right click on it and select run as administrator and run this command

 

sfc /scanfile=c:\windows\system32\user32.dll

 

Allow the scan to finish

 

 

Download Services repair tool from here

ServicesRepair

  • Double-click ServicesRepair.exe
  • If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed.
  • Once the tool is finished you will be prompted to restart your computer. Click Yes to restart.

Run Farbar service scanner again and post the new log



#11 shahir

shahir
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 29 March 2013 - 08:36 AM

Farbar Service Scanner Version: 03-03-2013
Ran by chira (administrator) on 26-03-2013 at 13:51:51
Running from "C:\Users\chira\Downloads\Programs"
Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-02-19 18:10] - [2013-01-03 13:05] - 1293672 ____A (Microsoft Corporation) 7C0507D2391AF5933600CBCED799F277

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

this is it...



#12 shahir

shahir
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 29 March 2013 - 09:09 AM

thanks you very much naren... it's work now... u are superb.. :)



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:33 PM

Posted 29 March 2013 - 09:49 AM

Grt :)
 
Boot into safemode.Download windefend.reg from here
 
http://download.bleepingcomputer.com/win-services/7/WinDefend.reg
 
Launch it and click YES,restart the PC in normal mode

Remove temporary and junk files

Download Temp file cleaner from HERE.Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode
 

Create a new restore point

Follow this guide to turn off and turn on your restore points

Windows XP

Vista & windows 7

Windows 8

Turn off your system restore-It deletes old infected restore points.Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old versions of java and flash player from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/ & http://www.adobe.com/support/flashplayer/downloads.html

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

Best Practices for Safe Computing - Prevention of Malware Infection

Simple and easy ways to keep your computer safe and secure on the Internet


Safe surfing :)



#14 shahir

shahir
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 01 April 2013 - 07:42 AM

thanks for the advise naren.. you guys are great!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users