Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spigot infection? Homepage reset to a yahoo site


  • Please log in to reply
21 replies to this topic

#1 sanghoonalee

sanghoonalee

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 08:14 PM

 

  • Internet seems much slower, and oftentimes I cannot reach webpages ('webpage is not available').

 

  • I am using Windows 7.

 

  • I have since uninstalled utorrent and deleted the files I obtained via utorrent.

 

  • In my attempt to solve the problem, I uninstalled a suspicious program (the name of which I cannot remember, but had the words 'spigot' and 'search' in the name, and was downloaded the same day I started using utorrent), via 'control panel- uninstall program'. I also foolishly downloaded adwcleaner, and used it to scan and clean and restart my computer (of which I have the text file that appeared after cleaning).

 

Hope I described my situation decently and that you can help.


Edited by sanghoonalee, 04 January 2014 - 08:29 PM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:22 AM

Posted 04 January 2014 - 08:34 PM

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

 


Download Security Check by screen317 from here.


  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

 

 


Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Post the log here,

 

 

 

  • Please download Adware cleaner from the link below.
  • http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
  • Save it to your desktop.
  • Right click run as admin.
  • Hit the scan button.
  • Allow completion.
  • Make sure all items are ticked.
  • Hit the clean button.
  • Even if no items are displayed to be ticked hit the clean button anyway.
  • The machine will reboot this is normal.
  • Post the log in your next reply.

 

Please download JRT from here & double click to start the program.

  1. Hit any key when prompted and allow it to run through it's process.

    H2HaYv4.png
  2. Post the log when it's finished.


#3 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 08:42 PM

I'll start it right now. Thanks for the quick reply.

#4 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 08:51 PM

Minitoolbox result:

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Andrew Lee (administrator) on 04-01-2014 at 20:43:59
Running from "C:\Users\Andrew Lee\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Dell Wireless 1702 802.11b/g/n = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : AndrewPC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.nj.comcast.net.
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 5A-59-F9-96-C7-6D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lynet.no
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 14-FE-B5-C4-5A-0E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : hsd1.nj.comcast.net.
   Description . . . . . . . . . . . : Dell Wireless 1702 802.11b/g/n
   Physical Address. . . . . . . . . : 38-59-F9-96-C7-6D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4167:3283:6b0a:6e3c%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.101(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, January 04, 2014 19:23:55
   Lease Expires . . . . . . . . . . : Saturday, January 11, 2014 19:23:55
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 188242425
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-F1-82-5C-14-FE-B5-C4-5A-0E
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.lynet.no:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{0053A8F7-6B95-4879-85C4-F0894C7D4208}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.nj.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.nj.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:fb:ea2:ba07:18d6(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::fb:ea2:ba07:18d6%15(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2607:f8b0:4006:801::1006
 74.125.226.224
 74.125.226.232
 74.125.226.230
 74.125.226.228
 74.125.226.238
 74.125.226.226
 74.125.226.225
 74.125.226.233
 74.125.226.227
 74.125.226.231
 74.125.226.229
 
 
Pinging google.com [74.125.226.224] with 32 bytes of data:
Reply from 74.125.226.224: bytes=32 time=98ms TTL=53
Reply from 74.125.226.224: bytes=32 time=118ms TTL=53
 
Ping statistics for 74.125.226.224:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 98ms, Maximum = 118ms, Average = 108ms
Server:  UnKnown
Address:  192.168.0.1
 
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=913ms TTL=44
Request timed out.
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 913ms, Maximum = 913ms, Average = 913ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...5a 59 f9 96 c7 6d ......Microsoft Virtual WiFi Miniport Adapter
 12...14 fe b5 c4 5a 0e ......Realtek PCIe FE Family Controller
 11...38 59 f9 96 c7 6d ......Dell Wireless 1702 802.11b/g/n
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.101    281
    192.168.0.101  255.255.255.255         On-link     192.168.0.101    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.101    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.101    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.101    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:5ef5:79fb:fb:ea2:ba07:18d6/128
                                    On-link
 11    281 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::fb:ea2:ba07:18d6/128
                                    On-link
 11    281 fe80::4167:3283:6b0a:6e3c/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/04/2014 07:27:26 PM) (Source: IDVault) (User: )
Description: IsIDVaultRunning failed Only part of a ReadProcessMemory or WriteProcessMemory request was completed   at System.Diagnostics.NtProcessManager.GetModuleInfos(Int32 processId, Boolean firstModuleOnly)
   at System.Diagnostics.NtProcessManager.GetFirstModuleInfo(Int32 processId)
   at System.Diagnostics.Process.get_MainModule()
   at IDVaultSvc.IDVaultExecutionController.IsIDVaultRunning()
 
Error: (01/04/2014 07:25:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/04/2014 07:24:01 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27071837
 
Error: (01/04/2014 07:24:01 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27071837
 
Error: (01/04/2014 07:24:01 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/03/2014 11:52:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9236
 
Error: (01/03/2014 11:52:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9236
 
Error: (01/03/2014 11:52:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/03/2014 11:52:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8222
 
Error: (01/03/2014 11:52:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8222
 
 
System errors:
=============
Error: (01/04/2014 07:24:56 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (01/03/2014 07:53:51 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (01/02/2014 11:24:40 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (01/01/2014 06:38:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (12/31/2013 01:58:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (12/31/2013 00:11:43 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (12/30/2013 08:37:06 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer NAVITAS-ISLEE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{E2D21AA1-4667-4A89-AE6E-C8D2ABF85D19}.
The master browser is stopping or an election is being forced.
 
Error: (12/29/2013 07:44:33 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (12/29/2013 07:44:26 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (12/29/2013 07:44:18 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (01/04/2014 07:27:26 PM) (Source: IDVault)(User: )
Description: IsIDVaultRunning failed Only part of a ReadProcessMemory or WriteProcessMemory request was completed   at System.Diagnostics.NtProcessManager.GetModuleInfos(Int32 processId, Boolean firstModuleOnly)
   at System.Diagnostics.NtProcessManager.GetFirstModuleInfo(Int32 processId)
   at System.Diagnostics.Process.get_MainModule()
   at IDVaultSvc.IDVaultExecutionController.IsIDVaultRunning()
 
Error: (01/04/2014 07:25:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/04/2014 07:24:01 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27071837
 
Error: (01/04/2014 07:24:01 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27071837
 
Error: (01/04/2014 07:24:01 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/03/2014 11:52:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9236
 
Error: (01/03/2014 11:52:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9236
 
Error: (01/03/2014 11:52:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/03/2014 11:52:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8222
 
Error: (01/03/2014 11:52:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8222
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader X (10.1.1) MUI (Version: 10.1.1)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Advanced Audio FX Engine (Version: 1.12.05)
AhnLab V3 365 Clinic (Version: 2.8.13.743)
AntiLogger SDK version 1.6.6.296 (Version: 1.6.6.296)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Audacity 2.0.3 (Version: 2.0.3)
Bluetooth Win7 Suite (64) (Version: 7.2.0.45)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-8480DN (Version: 1.0.5.0)
Constant Guard Protection Suite (Version: 1.13.1211.1)
CoreAAC Audio Decoder (remove only)
Cozi (Version: 1.0.6505.38692)
D3DX10 (Version: 15.4.2368.0902)
DC++ 0.791 (Version: 0.791)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell Marketplace Webslice IE8 (Version: 8.0)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Stage (Version: 1.5.201.0)
Dell Touchpad (Version: 15.3.2.1)
Dell VideoStage  (Version: 1.2.0.1712)
Dell Webcam Central (Version: 2.00.44)
Dell WLAN and Bluetooth Client Installation (Version: 9.0)
DirectX 9 Runtime (Version: 1.00.0000)
DivX Setup (Version: 2.6.0.34)
DTS+AC3 Filter
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
ffdshow v1.1.3425 [2010-05-08] (Version: 1.1.3425.0)
GOM Player (Version: 2.2.53.5169)
Google Chrome (Version: 31.0.1650.63)
gretl version 1.9.9 (Version: 1.9.9)
Haali Media Splitter
iCloud (Version: 3.1.0.40)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2345)
Internet Explorer (Version: 8)
iTunes (Version: 11.1.3.8)
Java 7 Update 25 (Version: 7.0.250)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.5)
Java SE Development Kit 7 Update 7 (64-bit) (Version: 1.7.0.70)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Junk Mail filter update (Version: 15.4.3502.0922)
LEGO MINDSTORMS NXT - English Language Pack (Version: 2.0.100.0)
LEGO MINDSTORMS NXT Software v2.0 (Version: 2.0.132.0)
LEGO MINDSTORMS NXT x64 Driver (Version: 1.20.115.0)
LEGO MINDSTORMS NXT x64 Driver Support (Version: 1.20.7.0)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MotionPro! Video Analysis Software(remove only)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MPEG2 Codec(libmpeg2/mad)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Dell (Version: 3.4.6422.14)
NI VC2008MSMs x64 (Version: 9.0.201)
NI VC2008MSMs x86 (Version: 9.0.201)
Pharos
PhotoShowExpress (Version: 2.0.063)
Quickset64 (Version: 11.0.15)
QuickTime (Version: 7.74.80.86)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6312)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
RUWireless_Secure Installer version 1.0 (Version: 1.0)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype™ 6.9 (Version: 6.9.106)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spotify (Version: 0.9.6.81.gd359a796)
swMSM (Version: 12.0.0.1)
TrustedID (Version: 5.0)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Veetle TV (Version: 0.9.19)
vShare.tv plugin 1.3 (Version: 1.3)
VshareComplete
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zshare Addon
 
========================= Devices: ================================
 
Name: Dell Wireless 1702 Bluetooth v3.0+HS
Description: Dell Wireless 1702 Bluetooth v3.0+HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 38%
Total physical RAM: 6038.17 MB
Available physical RAM: 3702.17 MB
Total Pagefile: 12074.52 MB
Available Pagefile: 8984.36 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.7 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:107.7 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ANDREWPC
 
Administrator            Andrew Lee               Guest                    
 
 
**** End of log ****


#5 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 08:53 PM

Security Check Result:

 

 Results of screen317's Security Check version 0.99.78  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AhnLab V3 365 Clinic   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 25  
 Java version out of Date! 
 Adobe Flash Player 11.9.900.170  
 Adobe Reader 10.1.1 Adobe Reader out of Date!  
 Mozilla Firefox 20.0.1 Firefox out of Date!  
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#6 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 09:25 PM

How do I upload and attach autoruns.txt file to this post?

 

Also, I downloaded malwarebytes am, message pops up saying 'the database is outdated 275 days', its still uploading just fyi.



#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:22 AM

Posted 04 January 2014 - 10:15 PM

You can just copy and paste the autoruns log.

Also you need to update malwarebytes prior to scanning as per the instructions.



#8 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 10:25 PM

Ok thanks.
 
Autoruns:
 
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "7/13/2009 23:49"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "12/5/2013 10:22"
+ "AhnLab Tray Process" "V3 365 Clinic Tray" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\v3ltray.exe" "12/12/2013 03:42"
+ "AthBtTray" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\dell wireless\bluetooth suite\athbttray.exe" "12/17/2010 01:42"
+ "AtherosBtStack" "Bluetooth Stack Server" "Atheros Commnucations" "c:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe" "12/17/2010 01:43"
+ "DellStage" "Dell Stage" "" "c:\program files (x86)\dell stage\dell stage\stage_primary.exe" "4/29/2011 01:15"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe" "3/26/2011 17:42"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe" "3/26/2011 17:43"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe" "3/26/2011 17:42"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe" "3/10/2011 22:10"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkngui64.exe" "2/18/2011 02:47"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe" "4/22/2011 19:55"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "1/4/2014 19:23"
+ "AccuWeatherWidget" "AccuWeather.com desktop weather widget" "" "c:\program files (x86)\dell stage\dell stage\accuweather\accuweather.exe" "4/29/2011 01:18"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe" "3/30/2011 12:27"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 10.0\reader\reader_sl.exe" "9/5/2011 10:06"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe" "4/16/2013 22:13"
+ "BrMfcWnd" "Brother Status Monitor Application" "Brother Industries, Ltd." "c:\program files (x86)\brother\brmfcmon\brmfcwnd.exe" "5/26/2009 02:46"
+ "ControlCenter3" "ControlCenter Program" "Brother Industries, Ltd." "c:\program files (x86)\brother\controlcenter3\brctrcen.exe" "12/23/2008 20:26"
+ "Dell Webcam Central" "Webcam Central" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe" "4/12/2011 21:39"
+ "Desktop Disc Tool" "Roxio Burn Launcher" "" "c:\program files (x86)\roxio\oem\roxio burn\roxioburnlauncher.exe" "11/17/2010 13:31"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe" "7/28/2011 18:07"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe" "11/2/2013 01:56"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe" "5/1/2013 05:42"
+ "RoxWatchTray" "RoxMMTrayApp Module" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatchtray12oem.exe" "11/25/2010 08:07"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Oracle Corporation" "c:\program files (x86)\common files\java\java update\jusched.exe" "3/12/2013 10:32"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" "" "1/4/2014 19:29"
+ "Constant Guard.lnk" "Constant Guard Protection Suite" "White Sky, Inc." "c:\program files (x86)\constant guard protection suite\idvault.exe" "12/11/2013 14:16"
"C:\Users\Andrew Lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" "" "10/28/2013 20:18"
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe" "6/25/2013 16:46"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "2/10/2011 11:02"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "7/13/2009 18:58"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "2/10/2011 11:02"
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe" "7/13/2009 18:42"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "9/3/2013 20:43"
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\andrew lee\appdata\local\facebook\update\facebookupdate.exe" "7/6/2012 14:50"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\andrew lee\appdata\local\google\update\googleupdate.exe" "3/9/2010 01:10"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\icloudservices.exe" "4/16/2013 22:13"
+ "Spotify Web Helper" "SpotifyWebHelper" "Spotify Ltd" "c:\users\andrew lee\appdata\roaming\spotify\data\spotifywebhelper.exe" "11/28/2013 11:45"
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" "" "" "" "9/3/2013 20:43"
+ "Application Restart #1" "Google Chrome" "Google Inc." "c:\users\andrew lee\appdata\local\google\chrome\application\chrome.exe" "12/3/2013 20:54"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "7/13/2009 23:53"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll" "2/28/2010 04:24"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 23:53"
+ "Atheros" "Bluetooth Application Extension" "Atheros Commnucations" "c:\program files (x86)\dell wireless\bluetooth suite\btvappext.dll" "12/17/2010 01:42"
+ "PhotoStreamsExt" "Apple Photostreams UI Shell Extension" "Apple Inc." "c:\program files\common files\apple\internet services\shellstreams64.dll" "11/11/2013 21:12"
+ "Roxio Burn" "TODO: <File description>" "TODO: <Company name>" "c:\program files\roxio\roxio burn\rb_contextmenu64.dll" "11/11/2010 01:53"
+ "V3LShellExt" "V3LShlEx Module" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\v3lshlex.dll" "12/15/2010 03:39"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 23:53"
+ "PhotoStreamsExt" "Apple Photostreams UI Shell Extension" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll" "11/19/2013 21:22"
+ "Roxio Burn" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\roxio\oem\roxio burn\rb_contextmenu.dll" "11/17/2010 13:32"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 23:53"
+ "FTShellContext" "ShellContextExt Module" "Atheros Commnucations" "c:\program files (x86)\dell wireless\bluetooth suite\shellcontextext.dll" "12/17/2010 01:40"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 23:53"
+ "V3LShellExt" "V3LShlEx Module" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\v3lshlex.dll" "12/15/2010 03:39"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" "" "7/13/2009 23:53"
+ "Ath_CopyHook" "AthCopyHook Dynamic Link Library" "Atheros Commnucations" "c:\program files (x86)\dell wireless\bluetooth suite\athcopyhook.dll" "12/17/2010 01:40"
+ "NBA" "File Explorer Extension DLL" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\nbashellext.dll" "8/8/2010 22:34"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 23:53"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "7/13/2009 20:32"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll" "3/26/2011 17:42"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 23:53"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll" "7/13/2009 20:09"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "12/21/2012 19:45"
+ "Haali Column Provider" "" "" "c:\program files (x86)\haali\matroskasplitter\mmfinfo.dll" "3/29/2008 10:42"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "9/5/2011 10:12"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "12/21/2012 19:45"
+ "V3LShellExt" "V3LShlEx Module" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\v3lshlex.dll" "12/15/2010 03:39"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "12/15/2013 11:54"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll" "9/7/2012 04:18"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll" "9/7/2012 04:17"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll" "3/6/2013 02:39"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "9/21/2010 16:47"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "1/4/2014 19:23"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll" "9/5/2011 08:53"
+ "CIESpeechBHO Class" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\dell wireless\bluetooth suite\ieplugin.dll" "12/17/2010 01:38"
+ "Constant Guard Protection Suite" "Browser helper" "WhiteSky" "c:\programdata\white sky, inc\id vault\iebho1.13.1211.1\nativebho.dll" "12/11/2013 14:16"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll" "9/7/2011 06:06"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll" "6/21/2013 15:51"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll" "6/21/2013 15:50"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll" "3/6/2013 02:38"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll" "9/21/2010 16:01"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" "" "12/13/2013 16:17"
+ "Zshare Add-on" "Zshare" "" "c:\program files (x86)\zshare addon\zshare.dll" "9/8/2011 16:24"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "12/13/2013 16:17"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll" "3/6/2013 04:37"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll" "4/22/2013 06:38"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" "" "12/13/2013 16:17"
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll" "11/10/2010 05:03"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll" "3/6/2013 04:25"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll" "4/22/2013 06:26"
+ "Send by Bluetooth to" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\dell wireless\bluetooth suite\ieplugin.dll" "12/17/2010 01:38"
"Task Scheduler" "" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe" "6/1/2011 19:46"
+ "\FacebookUpdateTaskUserS-1-5-21-3424201357-3487157794-3459907578-1001Core" "Facebook Installer" "Facebook Inc." "c:\users\andrew lee\appdata\local\facebook\update\facebookupdate.exe" "7/6/2012 14:50"
+ "\FacebookUpdateTaskUserS-1-5-21-3424201357-3487157794-3459907578-1001UA" "Facebook Installer" "Facebook Inc." "c:\users\andrew lee\appdata\local\facebook\update\facebookupdate.exe" "7/6/2012 14:50"
+ "\GoogleUpdateTaskUserS-1-5-21-3424201357-3487157794-3459907578-1001Core" "Google Installer" "Google Inc." "c:\users\andrew lee\appdata\local\google\update\googleupdate.exe" "3/9/2010 01:10"
+ "\GoogleUpdateTaskUserS-1-5-21-3424201357-3487157794-3459907578-1001UA" "Google Installer" "Google Inc." "c:\users\andrew lee\appdata\local\google\update\googleupdate.exe" "3/9/2010 01:10"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe" "7/13/2009 18:53"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll" "11/10/2010 05:02"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "6/10/2009 15:36"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "7/13/2009 19:24"
+ "\PCDEventLauncherTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\my dell\sessionchecker.exe" "11/30/2013 02:02"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\my dell\uaclauncher.exe" "9/4/2013 01:04"
+ "\SecureW2 Task" "" "" "File not found: C:\Program Files (x86)\SecureW2\sw2_tray.exe" ""
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "12/15/2013 11:54"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe" "3/30/2011 12:27"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "12/1/2013 13:09"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe" "11/17/2009 11:17"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe" "5/17/2012 22:06"
+ "Atheros Bt&Wlan Coex Agent" "Co-existence Coordinator Service between 11a/b/g/n Wireless LAN and Bluetooth." "Atheros" "c:\program files (x86)\dell wireless\ath_coexagent.exe" "10/1/2010 14:49"
+ "AtherosSvc" "Atheros BT Stack Service Agent" "Atheros Commnucations" "c:\program files (x86)\dell wireless\bluetooth suite\adminservice.exe" "12/17/2010 01:41"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe" "8/31/2011 00:52"
+ "IDVaultSvc" "Constant Guard Protection Suite process monitoring service." "White Sky, Inc." "c:\program files (x86)\constant guard protection suite\idvaultsvc.exe" "12/11/2013 14:16"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe" "11/2/2013 01:57"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe" "12/20/2010 21:10"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe" "4/9/2013 23:51"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe" "1/9/2010 23:16"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe" "8/11/2009 21:00"
+ "Pharos Systems ComTaskMaster" "Pharos Systems ComTaskMaster" "Pharos Systems International" "c:\program files (x86)\pharossystems\core\ctskmstr.exe" "1/13/2010 23:04"
+ "RoxMediaDB12OEM" "Roxio RoxMediaDB12OEM Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxmediadb12oem.exe" "11/25/2010 07:57"
+ "RoxWatch12" "RoxWatch12 Module" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatch12oem.exe" "11/25/2010 07:55"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe" "8/12/2011 10:41"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe" "9/5/2013 04:31"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe" "3/14/2009 00:19"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe" "12/20/2010 21:15"
+ "V3 365 Clinic Service" "Provides plugin hosting for main features such as Real-time Scan, Scheduled Scan, and update." "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\v3lsvc.exe" "5/13/2013 02:44"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "5/27/2013 00:51"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "9/21/2010 16:46"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "11/20/2010 06:18"
"HKLM\System\CurrentControlSet\Services" "" "" "" "12/15/2013 11:54"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "12/5/2008 18:54"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "5/1/2007 12:30"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "2/27/2007 19:04"
+ "AhnFlt2k" "File System Common Filter Driver for Ahnlab Product (AMD64)" "AhnLab, Inc." "c:\windows\system32\drivers\ahnflt2k.sys" "2/15/2013 05:03"
+ "AhnRec2k" "File System Recognizer for Ahnlab Product (AMD64)" "AhnLab, Inc." "c:\windows\system32\drivers\ahnrec2k.sys" "2/15/2013 05:03"
+ "AhnRghNt" "AhnLab Common Registry Hook Driver (AMD64)" "AhnLab, Inc." "c:\windows\system32\drivers\ahnrghnt.sys" "8/23/2013 01:57"
+ "AhnSZE" "AhnLab SpyZero Engine Driver(AMD64)" "AhnLab, Inc." "c:\windows\system32\drivers\ahnsze.sys" "12/11/2013 22:42"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "7/13/2009 18:19"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "3/18/2010 19:45"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "3/20/2009 13:36"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "3/19/2010 11:18"
+ "AMonLWLH" "Ahnlab Light Weight Filter" "AhnLab, Inc." "c:\windows\system32\drivers\amonlwlh.sys" "9/9/2012 21:11"
+ "AMonTDLH" "AhnLab Network Filter Driver, Level 2 (AMD64)" "AhnLab, Inc." "c:\windows\system32\drivers\amontdlh.sys" "9/14/2012 02:47"
+ "AntiLog32" "Zemana AntiLogger Driver" "Zemana Ltd." "c:\windows\system32\drivers\antilog64.sys" "10/16/2013 04:59"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "5/24/2007 16:27"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "1/14/2009 14:27"
+ "ASZFltNt" "ASZFltNt mini-filter driver" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\aszfltnt.sys" "8/15/2013 23:04"
+ "ATamptNt_V3365_ALK_EN_US_X64" "ATamptNt_V3365_ALK_EN_US_X64 mini-filter driver" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\atamptnt.sys" "8/15/2013 23:04"
+ "AthBTPort" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_flt.sys" "6/24/2010 01:17"
+ "AthDfu" "BulkUsb Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\athdfu.sys" "3/22/2010 01:43"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys" "11/24/2010 14:33"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys" "2/13/2009 17:18"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys" "4/26/2009 06:14"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "8/6/2006 20:51"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "8/6/2006 20:51"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "8/6/2006 20:51"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "8/6/2006 20:51"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "8/6/2006 20:51"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "8/9/2006 07:11"
+ "BTATH_A2DP" "Atheros A2DP driver" "Atheros" "c:\windows\system32\drivers\btath_a2dp.sys" "9/16/2010 06:34"
+ "BTATH_BUS" "Atheros BUS driver" "Atheros" "c:\windows\system32\drivers\btath_bus.sys" "6/24/2010 01:17"
+ "BTATH_HCRP" "Atheros HCRP driver" "Atheros" "c:\windows\system32\drivers\btath_hcrp.sys" "6/29/2010 04:30"
+ "BTATH_LWFLT" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_lwflt.sys" "9/13/2010 03:26"
+ "BTATH_RCP" "Atheros AVRCP driver" "Atheros" "c:\windows\system32\drivers\btath_rcp.sys" "6/24/2010 01:17"
+ "BtFilter" "BtFilter Driver" "Atheros" "c:\windows\system32\drivers\btfilter.sys" "11/22/2010 21:43"
+ "CdmDrvNt" "ACDM I/O Driver (AMD64)" "AhnLab, Inc." "c:\windows\system32\drivers\cdmdrvnt.sys" "7/20/2009 20:00"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "7/13/2009 18:19"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys" "1/19/2011 22:20"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys" "12/31/2008 11:29"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "2/3/2009 17:52"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys" "5/3/2012 14:56"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "5/11/2009 03:26"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "4/20/2010 13:32"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys" "1/12/2011 20:50"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "6/10/2010 19:46"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys" "3/26/2011 18:19"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "12/13/2005 16:47"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys" "2/26/2010 18:32"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys" "2/18/2011 04:55"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys" "10/15/2010 03:28"
+ "ISFWEnt" "Firewall Driver (AMD64)" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\isfwent.sys" "10/6/2011 01:18"
+ "ISIPSEnt" "IPS Driver (AMD64)" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\isipsent.sys" "10/6/2011 01:18"
+ "keycrypt" "Zemana AntiLogger SDK" "Zemana Ltd." "c:\windows\system32\drivers\keycrypt64.sys" "7/24/2013 03:24"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "12/9/2008 17:46"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "5/18/2009 19:20"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "5/18/2009 19:31"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "4/16/2009 17:13"
+ "MeDCoreD_V3365_ALK_EN_US_X64" "MeD Engine Core Driver(AMD64)" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\medcored.sys" "11/18/2013 07:44"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "5/18/2009 20:09"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "5/18/2009 20:25"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys" "10/19/2010 18:33"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "6/6/2006 16:11"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys" "2/10/2011 00:52"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys" "2/10/2011 00:52"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "3/19/2010 15:59"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "3/19/2010 15:45"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys" "10/20/2009 13:08"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "1/22/2009 18:05"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "5/18/2009 20:18"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys" "12/1/2010 02:46"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys" "11/30/2010 01:01"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys" "9/13/2006 08:18"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "9/24/2008 13:28"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "10/1/2008 16:56"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "2/17/2009 18:03"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys" "4/22/2011 19:20"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys" "11/27/2012 18:38"
+ "v3engine" "AhnLab V3 Engine Driver(AMD64)" "AhnLab, Inc." "c:\windows\system32\drivers\v3engine.sys" "12/11/2013 22:41"
+ "V3Flt2K" "V3Flt2K mini-filter driver" "AhnLab, Inc." "c:\program files\ahnlab\v3 365 clinic\v3flt2k.sys" "12/20/2012 03:21"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "7/13/2009 18:19"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "1/30/2009 20:18"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "10/12/2013 14:14"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "7/13/2009 20:28"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "1/4/2014 19:23"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm" "7/13/2009 20:06"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm" "7/13/2009 20:06"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll" "11/20/2010 06:59"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll" "2/19/2010 14:26"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll" "5/9/2010 00:57"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll" "2/19/2010 14:26"
"HKLM\Software\Classes\Filter" "" "" "" "1/4/2014 19:30"
+ "Ligos MPEG Splitter" "MPEG Parser Filter" "Ligos Corporation" "c:\windows\syswow64\mpeg2parser.ax" "3/29/2000 17:17"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 23:53"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 05:21"
+ "CoreAAC Audio Decoder" "CoreAAC" "" "c:\windows\syswow64\coreaac.ax" "8/16/2006 09:53"
+ "Creative Correct TimeStamp Filter" "Creative Correct TimeStamp Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctfrfix.ax" "7/22/2010 20:24"
+ "Creative H264 No Quality Control Filter" "Creative No Quality Control  Filter" "Creative Technology Ltd." "c:\program files (x86)\dell webcam\dell webcam central\cth264noqc.ax" "6/7/2010 01:58"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax" "7/27/2009 21:20"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax" "1/5/2009 22:42"
+ "DENNY's DTS/AC3Filter" "DENNY's DTS/AC3 필터" "" "c:\program files (x86)\dtsfilter\dtsfilter.ax" "1/22/2009 04:00"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax" "3/5/2011 12:28"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax" "7/26/2011 13:51"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll" "12/21/2010 05:46"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll" "12/21/2010 05:46"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax" "4/2/2010 16:00"
+ "DXVA Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files (x86)\gretech\gomplayer\codecs\mpeg2decfilter.ax" "6/5/2004 03:09"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax" "5/9/2010 00:33"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax" "5/9/2010 00:33"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax" "5/9/2010 00:33"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax" "5/9/2010 00:33"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax" "5/9/2010 00:33"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax" "5/9/2010 00:33"
+ "Gretech AAC Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech ASF Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech AsfEx Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech Audio Filter" "Gretech Audio Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gaf.ax" "8/5/2013 21:15"
+ "Gretech AVI Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech FLV Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech MKV Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech MP3 Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech MP4 Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech MPEG Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech MPEG Source Filter2" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech Network(AVI) Filter" "Gretech Corp." "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gnf.ax" "6/17/2013 20:17"
+ "Gretech Network(FLV) Filter" "Gretech Corp." "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gnf.ax" "6/17/2013 20:17"
+ "Gretech Network(GOM) Filter" "Gretech Corp." "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gnf.ax" "6/17/2013 20:17"
+ "Gretech Network(MP4) Filter" "Gretech Corp." "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gnf.ax" "6/17/2013 20:17"
+ "Gretech Network(OGG) Filter" "Gretech Corp." "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gnf.ax" "6/17/2013 20:17"
+ "Gretech Network(SHOUTcast) Filter" "Gretech Corp." "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gnf.ax" "6/17/2013 20:17"
+ "Gretech OGG Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech OGG Source Filter2" "Gretech Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomplayer\gsfu.ax" "8/28/2013 20:10"
+ "Gretech Video Filter" "Gretech Video Filter" "Gretech" "c:\program files (x86)\gretech\gomplayer\gvf.ax" "8/30/2013 03:22"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax" "3/29/2008 10:42"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax" "3/29/2008 10:42"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax" "3/29/2008 10:42"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax" "3/29/2008 10:42"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\haali\matroskasplitter\dxr.dll" "3/29/2008 10:42"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax" "3/29/2008 10:42"
+ "Half Size to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "Ligos MPEG2 Video Decoder" "MPEG Decoder Filter" "Ligos Corporation" "c:\windows\syswow64\mpeg2decoder.ax" "3/29/2000 17:17"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmwriter.ax" "11/25/2010 10:28"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mediaanalyser.ax" "11/25/2010 10:04"
+ "MPEG Audio Decoder (MAD)" "Mpeg Audio Decoder for DirectShow, based on libmad" "Gabest" "c:\program files (x86)\gretech\gomplayer\codecs\mpadecfilter.ax" "5/17/2004 23:06"
+ "Mpeg2Dec Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files (x86)\gretech\gomplayer\codecs\mpeg2decfilter.ax" "6/5/2004 03:09"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "QIC1802 Demux" "QIC1802 Demux" "Quanta Computer Inc." "c:\program files (x86)\dell webcam\dell webcam central\qicdemux.ax" "4/29/2010 03:19"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 05:21"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax" "11/25/2010 10:03"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiosource.ax" "11/25/2010 06:20"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamreader.ax" "11/25/2010 06:19"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamwriter.ax" "11/25/2010 06:20"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax" "11/25/2010 10:03"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax" "11/25/2010 10:03"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax" "11/25/2010 10:03"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO BDAV Smart Render 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\cpuregulator.ax" "11/25/2010 10:16"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll" "11/25/2010 09:51"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll" "11/25/2010 09:51"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll" "11/25/2010 09:51"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll" "11/25/2010 09:51"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll" "11/25/2010 09:51"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll" "11/25/2010 09:51"
+ "roxio DCFilters MPEG Transcoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll" "11/25/2010 09:51"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll" "11/25/2010 09:51"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll" "11/25/2010 09:51"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "Roxio File Writer Wrapper" "Roxio File Writer Wrapper" "Sonic" "c:\program files (x86)\roxio\oem\videocore 12\roxfilewriterwrapper.ax" "11/25/2010 10:16"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\lpcmsyncfilter.dll" "11/24/2010 17:34"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmasync.ax" "11/25/2010 10:31"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsmp3encoder.ax" "11/25/2010 06:23"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegprop.dll" "11/24/2010 17:29"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpegstreamanalyzer.dll" "11/24/2010 17:37"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxioaudioenc.dll" "11/24/2010 17:38"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1vidcodec.dll" "11/24/2010 17:33"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1muxer.dll" "11/24/2010 17:32"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegdemuxer.dll" "11/24/2010 17:36"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll" "11/24/2010 17:40"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2muxer.dll" "11/24/2010 17:32"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll" "11/24/2010 17:40"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax" "11/25/2010 10:35"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax" "11/25/2010 10:35"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mgirawwriter.dll" "11/24/2010 17:34"
+ "Roxio RealD to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\repackfilter.dll" "11/24/2010 17:35"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll" "11/24/2010 17:40"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll" "11/24/2010 17:40"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mginullip.ax" "11/25/2010 10:14"
+ "Roxio StereoSource Cropper" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\tsmpegsource.dll" "11/24/2010 17:35"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax" "11/25/2010 10:03"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\dvrsupportfilt.ax" "11/25/2010 10:14"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO VCFHDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax" "11/25/2010 10:03"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax" "11/25/2010 10:03"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax" "11/25/2010 10:03"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO Video Integrate" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "Roxio Video Rotater," "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobformatter.ax" "11/25/2010 10:18"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobloader.ax" "11/25/2010 10:19"
+ "ROXIO WAV Dest 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax" "11/25/2010 10:03"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mvwcdsutil.dll" "11/25/2010 10:01"
+ "Sonic Audio Resampler" "Audio Resampler Direct Show Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_trans_audio_samplerate_ds.ax" "5/10/2010 07:53"
+ "Sonic Cinemaster® Audio Decoder 4.3 (No Dolby)" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemasteraudiond.dll" "7/22/2010 03:21"
+ "Sonic Cinemaster® VideoDecoder 4.3 (EMC12)" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemastervideo.dll" "7/22/2010 03:33"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\oem\common\sonichddemuxer.dll" "7/22/2010 04:01"
+ "Sonic MPEG Multiplexer" "MPEG Multiplexer-Plus DS Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_mux_mp2_ds.ax" "5/10/2010 07:40"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files (x86)\common files\sonic shared\sonicmc02\c12oem_dec_mp2v_ds.ax" "5/10/2010 07:38"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\subpictenc.dll" "11/24/2010 17:34"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax" "11/25/2010 10:39"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax" "11/25/2010 10:39"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax" "11/25/2010 10:39"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax" "11/25/2010 10:39"
+ "Vorbis Decode Filter" "ogg DShow filters" "" "c:\program files (x86)\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll" "7/21/2008 09:16"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "VW Input Selector 2" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax" "11/25/2010 10:13"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 05:21"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 05:21"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 05:21"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 05:21"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 05:21"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 05:21"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" "" "9/8/2013 22:31"
+ "C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL" "Zemana AntiLogger SDK" "Zemana Ltd." "c:\program files (x86)\keycryptsdk\keycrypt64(3).dll" "7/24/2013 03:24"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" "" "9/8/2013 22:31"
+ "C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL" "Zemana AntiLogger SDK" "Zemana Ltd." "c:\program files (x86)\keycryptsdk\keycrypt32(3).dll" "7/24/2013 03:24"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "7/13/2009 23:53"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "9/21/2010 16:47"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" "" "1/4/2014 19:23"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll" "3/26/2011 17:41"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "10/26/2012 23:43"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll" "8/31/2011 00:44"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "9/21/2010 16:00"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "9/21/2010 16:00"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "10/26/2012 23:43"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll" "8/31/2011 00:53"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "9/21/2010 16:45"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "9/21/2010 16:45"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "1/4/2014 19:24"
+ "Pharos Systems Popup Port Monitor" "Print Router for Win64" "Pharos Systems International" "c:\windows\system32\psr4b1c8.dll" "1/13/2010 23:08"


#9 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 10:26 PM

Malwarebytes:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.04.08
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Andrew Lee :: ANDREWPC [administrator]
 
Protection: Enabled
 
1/4/2014 21:34:58
mbam-log-2014-01-04 (21-34-58).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213634
Time elapsed: 8 minute(s), 24 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 4
HKCR\CLSID\{C168EDBB-264E-455D-A95D-05F551E33AB8} (Redir.ZWink) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C168EDBB-264E-455D-A95D-05F551E33AB8} (Redir.ZWink) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C168EDBB-264E-455D-A95D-05F551E33AB8} (Redir.ZWink) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zshare Addon (Redir.ZWink) -> Quarantined and deleted successfully.
 
Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{C168EDBB-264E-455D-A95D-05F551E33AB8} (Redir.ZWink) -> Data:  -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{C168EDBB-264E-455D-A95D-05F551E33AB8} (Redir.ZWink) -> Data:  -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 3
C:\Program Files (x86)\Zshare Addon\zshare.dll (Redir.ZWink) -> Quarantined and deleted successfully.
C:\Users\Andrew Lee\Downloads\development_economics_by_debraj_ray_free_download_downloader_no_227.exe (PUP.Optional.GoForFiles.A) -> Quarantined and deleted successfully.
C:\Users\Andrew Lee\Downloads\veetle-0.9.19.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
 
(end)


#10 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 10:30 PM

Adware Cleaner:
 
# AdwCleaner v3.016 - Report created 04/01/2014 at 21:56:02
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Andrew Lee - ANDREWPC
# Running from : C:\Users\Andrew Lee\Desktop\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v20.0.1 (en-US)
 
[ File : C:\Users\Andrew Lee\AppData\Roaming\Mozilla\Firefox\Profiles\i638bu2h.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Andrew Lee\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [7861 octets] - [04/01/2014 19:18:48]
AdwCleaner[R1].txt - [1027 octets] - [04/01/2014 19:32:25]
AdwCleaner[R2].txt - [1088 octets] - [04/01/2014 20:08:35]
AdwCleaner[R3].txt - [1146 octets] - [04/01/2014 21:29:15]
AdwCleaner[R4].txt - [1207 octets] - [04/01/2014 21:54:44]
AdwCleaner[S0].txt - [7806 octets] - [04/01/2014 19:22:01]
AdwCleaner[S1].txt - [1128 octets] - [04/01/2014 21:56:02]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1188 octets] ##########


#11 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 10:31 PM

JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Andrew Lee on Sat 01/04/2014 at 22:04:11.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5EC5DE3A-9036-4E75-ABAD-09C3C8C058DF}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Andrew Lee\appdata\local\{33BE88A9-87C8-4DF8-B229-3C0777A4E3E4}
Successfully deleted: [Empty Folder] C:\Users\Andrew Lee\appdata\local\{9E79716D-F874-404F-A1A3-DB47928EC9F5}
Successfully deleted: [Empty Folder] C:\Users\Andrew Lee\appdata\local\{C9317848-7E47-48EC-B49E-5B933AF613E3}
Successfully deleted: [Empty Folder] C:\Users\Andrew Lee\appdata\local\{D38AAD62-41F5-414E-95F6-6F1BCE1F47C2}
Successfully deleted: [Empty Folder] C:\Users\Andrew Lee\appdata\local\{D7456C0F-5C16-4A8A-A8A0-2AA1C54E11CE}
Successfully deleted: [Empty Folder] C:\Users\Andrew Lee\appdata\local\{F755FBFC-A79C-4668-B44F-19898A0F02A9}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/04/2014 at 22:18:45.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#12 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 11:17 PM

Hmm... was just looking through the forums and found this.

 

http://www.bleepingcomputer.com/forums/t/182397/am-i-infected-what-do-i-do-how-do-i-get-help-who-is-helping-me/

 

Should I have posted my problem in the virus trojan spyware and malware removal logs? InadequateInfirmity, it also doesn't say that you are part of the malware response team...

 

I appreciate your help, and am awaiting further instruction, but was just curious since this is my first time on the bleeping computer forums.



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:22 AM

Posted 04 January 2014 - 11:47 PM

I have helped many people here if you choose to continue see below.

 

Please download FarbarServiceScanner and run it on the computer with the issue.


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

 

___________________-

 

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin xp users double click . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

 

___________________________________________-
 

 

Download, & save & then run the MS Safety scanner
Run a Full Scan
http://www.microsoft.com/security/scanner/en-us/default.aspx
Post. the result.

The safety scanner log should be called msert.txt
It should be located in the same folder as where you had msert.exe
If not there, then look for it under c:\windows

 

 

 

____________________________________________-

 

Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


Tell me how the machine is running now.



#14 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 04 January 2014 - 11:58 PM

Farbar Service Scanner Version: 05-12-2013 Ran by Andrew Lee (administrator) on 04-01-2014 at 23:57:27 Running from "C:\Users\Andrew Lee\Downloads" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Attempt to access Google.com returned error: Google.com is offline Attempt to access Yahoo.com returned error: Yahoo.com is offline Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****

#15 sanghoonalee

sanghoonalee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 05 January 2014 - 12:02 AM

check that. I'm not sure whether the information under connection status is relevant, but I ran FSS again and here is the new log.

 

Farbar Service Scanner Version: 05-12-2013
Ran by Andrew Lee (administrator) on 04-01-2014 at 23:59:24
Running from "C:\Users\Andrew Lee\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users