Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Excessive svchost.exe Running

svchost.exe

  • Please log in to reply

#1
TigerCRNA

TigerCRNA

    New Member

  • Member
  • Pip
  • 8 posts

My computer has become very slow to respond, and due to excessive svchost.exe processes running, great than 50% CPU usage is occurring. Sometimes as high as over 90%. Thus, everything bogs down, and web pages do not load when scrolling. They simply smear like paint running perfectly. I have used geekstogo in the past with great success, and here I am again seeking assistance. Here are my FRST scan results.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-10-2016
Ran by Owner (administrator) on OWNER-PC (02-10-2016 16:33:29)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_60\bin\java.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TWebCamera] => C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2513472 2009-04-16] (TOSHIBA)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-03-24] (TOSHIBA Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1318912 2009-04-14] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6965792 2009-03-12] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [nmctxth] => C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [642856 2008-12-12] (Cisco Systems, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_60\bin\jusched.exe"
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-683582700-94011501-2919801602-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [135680 2008-07-03] (Microsoft Corporation)
HKU\S-1-5-21-683582700-94011501-2919801602-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-683582700-94011501-2919801602-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [119296 2009-05-03] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-10-07] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Tcpip\..\Interfaces\{567E820E-FC70-4E70-9D2F-F0A5FCF12E16}: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Tcpip\..\Interfaces\{6B5000AA-FF92-48A3-A5FD-27C3B6EDA01C}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
HKU\S-1-5-21-683582700-94011501-2919801602-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
SearchScopes: HKLM -> {70FBE933-F278-4707-8DE6-326990C04BC1} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
SearchScopes: HKU\S-1-5-21-683582700-94011501-2919801602-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-683582700-94011501-2919801602-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-683582700-94011501-2919801602-1000 -> {70FBE933-F278-4707-8DE6-326990C04BC1} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll => No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0060-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://intranet.lvh.com/dana-cached/sc/JuniperSetupClient.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll [2009-02-20] (Cisco Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\7lg9x54g.default [2016-10-02]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\7lg9x54g.default -> Google
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\7lg9x54g.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\7lg9x54g.default -> google.com
FF Extension: (Firefox Hotfix) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\7lg9x54g.default\Extensions\[email protected] [2016-08-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-26] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\[email protected] => not found
FF HKU\S-1-5-21-683582700-94011501-2919801602-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Owner\AppData\Roaming\Move Networks
FF Extension: (Move Media Player) - C:\Users\Owner\AppData\Roaming\Move Networks [2010-02-07] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-18] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-20] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-07-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-683582700-94011501-2919801602-1000: @movenetworks.com/Quantum Media Player -> C:\Users\Owner\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll [2010-02-07] (Move Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll [2012-10-19] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll [2012-10-19] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-01-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-01-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-01-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-01-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-01-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-01-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-01-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\cgpcfg.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\CgpCore.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\confmgr.dll [2009-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\ctxlogging.dll [2009-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\ctxmui.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\icafile.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\icalogon.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\msvcm80.dll [2007-03-16] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\msvcp80.dll [2007-03-16] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\msvcr80.dll [2007-03-16] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npicaN.dll [2009-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\sslsdk_b.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\TcpPServ.dll [2009-08-14] (Citrix Systems, Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\ab.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 camsvc; C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-16] (TOSHIBA)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [688240 2014-04-09] (Juniper Networks)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel® Corporation) [File not signed]
S3 GoogleDesktopManager-092308-165331; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-05-03] (Google)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed]
R2 LinksysUpdater; C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [204800 2008-11-13] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [642856 2008-12-12] (Cisco Systems, Inc.)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel® Corporation) [File not signed]
R2 RSELSVC; C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe [57344 2009-02-19] (TOSHIBA Corporation) [File not signed]
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [176128 2009-04-14] (TOSHIBA Corporation) [File not signed]
R2 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [73728 2009-03-17] (TOSHIBA Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdpt.sys [27648 2013-11-21] (Juniper Networks)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
S3 PalmUSBD; C:\Windows\System32\drivers\PalmUSBD.sys [16640 2007-12-04] (PalmSource, Inc.)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [22272 2009-03-18] (TOSHIBA Corporation)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [24880 2008-12-12] (Cisco Systems, Inc.)
R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [26416 2008-12-12] (Cisco Systems, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-02 16:33 - 2016-10-02 16:34 - 00019028 _____ C:\Users\Owner\Downloads\FRST.txt
2016-10-02 16:33 - 2016-10-02 16:33 - 00000000 ____D C:\FRST
2016-10-02 16:29 - 2016-10-02 16:29 - 01754624 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2016-09-30 10:50 - 2016-09-30 10:50 - 49927392 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\Windows-KB890830-V5.40.exe
2016-09-30 08:48 - 2016-09-30 10:28 - 00000000 ____D C:\ProgramData\Avg
2016-09-30 08:48 - 2016-09-30 09:09 - 00000000 ____D C:\Users\Owner\AppData\Local\AvgSetupLog
2016-09-30 08:48 - 2016-09-30 08:48 - 00000000 ____D C:\Users\Owner\AppData\Local\Avg
2016-09-30 08:47 - 2016-09-30 08:47 - 03213568 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Owner\Downloads\AVG_Protection_Free_1647.exe
2016-09-27 21:04 - 2016-09-27 21:04 - 00261248 _____ C:\Users\Owner\Downloads\Meadowlands Oct 1 Cancellation.xps
2016-09-27 21:04 - 2016-09-27 21:04 - 00261248 _____ C:\Users\Owner\Documents\Meadowlands Oct 1 Cancellation.xps
2016-09-27 20:57 - 2016-09-27 20:57 - 00261718 _____ C:\Users\Owner\Downloads\Meadowlands Sept 30 Cancellation.xps
2016-09-27 20:57 - 2016-09-27 20:57 - 00261718 _____ C:\Users\Owner\Documents\Meadowlands Sept 30 Cancellation.xps
2016-09-26 21:45 - 2016-09-29 19:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-26 21:31 - 2016-09-26 21:31 - 00094006 _____ C:\Users\Owner\Downloads\Shellpoint October 2016.xps
2016-09-26 21:31 - 2016-09-26 21:31 - 00094006 _____ C:\Users\Owner\Documents\Shellpoint October 2016.xps

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-02 16:27 - 2006-11-02 08:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-02 16:27 - 2006-11-02 08:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-02 16:19 - 2011-03-08 21:24 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-02 14:51 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\tracing
2016-10-01 17:55 - 2011-03-08 21:24 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-30 10:52 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\inf
2016-09-30 10:52 - 2006-11-02 06:33 - 00759582 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-30 10:50 - 2006-11-02 06:24 - 141747376 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-09-30 10:46 - 2013-07-07 21:12 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-09-30 10:46 - 2009-12-12 09:14 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-09-30 10:46 - 2006-11-02 09:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-30 10:46 - 2006-11-02 08:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-09-30 10:43 - 2006-11-02 09:01 - 00032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-29 19:28 - 2012-04-25 07:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-09-27 19:19 - 2010-02-25 21:47 - 00001746 _____ C:\Users\Owner\AppData\Roaming\wklnhst.dat
2016-09-18 18:09 - 2014-08-21 16:14 - 00000000 ____D C:\Users\Owner\AppData\Local\Adobe
2016-09-18 18:09 - 2012-04-05 22:01 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-09-18 18:09 - 2011-05-20 08:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-09-18 18:09 - 2009-05-03 23:25 - 00000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2010-02-25 21:47 - 2016-09-27 19:19 - 0001746 _____ () C:\Users\Owner\AppData\Roaming\wklnhst.dat
2011-12-24 22:54 - 2011-12-25 11:21 - 0000680 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2009-10-03 22:09 - 2011-05-01 18:41 - 0006656 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-17 11:05 - 2011-12-17 11:05 - 0017408 _____ () C:\Users\Owner\AppData\Local\WebpageIcons.db
2011-07-09 18:25 - 2011-07-09 18:25 - 0000000 _____ () C:\Users\Owner\AppData\Local\{1A02E6BD-DF29-4138-B3D6-FB94941775DC}

Files to move or delete:
====================
C:\Users\Owner\tc10017700a.exe


Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Owner\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Owner\AppData\Local\Temp\JREInstall160_29.exe
C:\Users\Owner\AppData\Local\Temp\JuniperSetupClientInstaller.exe
C:\Users\Owner\AppData\Local\Temp\MSN72C1.exe
C:\Users\Owner\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Owner\AppData\Local\Temp\_is5E7D.exe
C:\Users\Owner\AppData\Local\Temp\{84C99189-4A9C-4703-89CA-ED4D7A4960DB}-GoogleUpdateSetup.exe
C:\Users\Owner\AppData\Local\Temp\{E9488889-D427-41DF-9259-72C388D7F5A1}-GoogleUpdateSetup.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-02 11:05

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-10-2016
Ran by Owner (02-10-2016 16:34:47)
Running from C:\Users\Owner\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2009-07-03 06:27:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-683582700-94011501-2919801602-500 - Administrator - Disabled)
Guest (S-1-5-21-683582700-94011501-2919801602-501 - Limited - Enabled)
Owner (S-1-5-21-683582700-94011501-2919801602-1000 - Administrator - Enabled) => C:\Users\Owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Amazon Links (HKLM\...\{224821ED-CADA-4A8A-AC8D-3734CC0F0931}) (Version: 1.0 - TOSHIBA Corporation)
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{308B6AEA-DE50-4666-996D-0FA461719D6B}) (Version: 3.3.0.69 - Apple Inc.)
Apple Software Update (HKLM\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.)
Citrix XenApp Web Plugin (HKLM\...\{C0B165DC-F037-483F-B1C9-D89D91529CEB}) (Version: 11.0.150.5357 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.2) (Version: 5.0.0.2 - Coupons.com Incorporated)
Direct DiscRecorder (Version: 1.00.0000 - Corel Corporation) Hidden
DVD MovieFactory for TOSHIBA (HKLM\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
DVD MovieFactory for TOSHIBA (Version: 7.0.0 - Corel Corporation) Hidden
Google Desktop (HKLM\...\Google Desktop) (Version: 5.8.0809.23506 - Google)
Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{3AE5A1B4-D6AE-48D4-A07F-46A806CD53E6}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Help (HKLM\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8500 A910 Product Improvement Study (HKLM\...\{3759CC1E-8259-4B0D-862A-078EABFFD97F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{35C0A1E4-D02A-412C-841F-266DBB116ABB}) (Version: 12.02.0000 - Intel® Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Juniper Networks Network Connect 7.4.0 (HKLM\...\Juniper Network Connect 7.4.0) (Version: 7.4.0.30611 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 1.3.1.6 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-683582700-94011501-2919801602-1000\...\Juniper_Setup_Client) (Version: 7.4.9.44981 - Juniper Networks, Inc.)
LightScribe  1.4.124.1 (Version: 1.4.124.1 - hxxp://www.lightscribe.com) Hidden
Linksys EasyLink Advisor (HKLM\...\Linksys EasyLink Advisor) (Version:  - Linksys By Cisco Systems)
Linksys EasyLink Advisor (Version: 3.11.9139.94 - Linksys By Cisco Systems) Hidden
Marketsplash Shortcuts (HKLM\...\{16FCDD97-AE09-476B-88CD-261D852BD34C}) (Version: 1.0.1.7 - Hewlett-Packard)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Move Media Player (HKU\S-1-5-21-683582700-94011501-2919801602-1000\...\Move Media Player) (Version:  - Move Networks)
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Netzero Internet Access Installer (HKLM\...\{5FFF9453-7B94-462A-B8F7-AC6D8D9EB1B5}) (Version: 1.0.Q1.09 - TOSHIBA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
partypoker (HKLM\...\PartyPoker) (Version: 137 - PartyGaming)
Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.)
PlayReady PC runtime (HKLM\...\{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}) (Version: 1 - Microsoft Corporation)
Pure Networks Platform (Version: 11.1.9051.0 - Pure Networks) Hidden
QuickBooks Financial Center (HKLM\...\{890EF3F8-742F-46BD-9E8E-084B3A1F4364}) (Version: 1.10.0000 - Intuit Inc.)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0004 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5809 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20130 - Realtek Semiconductor Corp.)
Skype Launcher (HKLM\...\{BF5A20B4-55F7-49B8-9302-FAC7C459AF3D}) (Version: 1.0 - TOSHIBA Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.2.10.0 - Synaptics Incorporated)
TOSHIBA Agreement Notification Utility (HKLM\...\InstallShield_{83892653-9EB8-4192-803E-D987A85CDD23}) (Version: 1.0.11.0 - TOSHIBA Corporation)
Toshiba Application and Driver Installer (HKLM\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 8.0.0.4 - Toshiba)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.10 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}) (Version: 7.4.8 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.1.3 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.00.1.04-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.0.2.0 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.0.4.32 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM\...\{D0387727-C89D-4774-B643-B9333EAA09DE}) (Version: 2.00.03 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.0.0.0 - TOSHIBA Corporation)
TOSHIBA Internal Modem Region Select Utility (HKLM\...\InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}) (Version: 2.3.0.00 - TOSHIBA Corporation)
Toshiba Quality Application (HKLM\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.001.0000 - Toshiba)
TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 - TOSHIBA Corporation)
Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
Toshiba Resources Page (HKLM\...\{21526716-DFD8-4B90-86D9-EF9F47057B3E}) (Version: 1.0.2.1 - TOSHIBA Corporation)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.6_Vista32 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version:  - Agere Systems)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version:  - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version:  - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version:  - )
TOSHIBA Supervisor Password (HKLM\...\{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}) (Version: 2.00.02 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.8 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.0.1.8 - TOSHIBA Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebEx Support Manager for Internet Explorer (HKLM\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
WildTangent Games (HKLM\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.66 - WildTangent)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{1FFD7892-06E4-4A0A-941E-BC966900C883}\InprocServer32 -> C:\PROGRA~1\Palm\PHOTOD~1\media.ocx => No File
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Owner\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Owner\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{3CF39B9A-0CF8-4792-A918-67573260BDBE}\InprocServer32 -> C:\PROGRA~1\Palm\PHOTOD~1\media.ocx => No File
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{496038FA-3891-4827-AFCD-A7B13B9FF75A}\InprocServer32 -> C:\Program Files\Palm\PhotoDesktop\PhotosPlugIn.dll => No File
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{74531205-74DC-48FF-953B-3B6DC988424F}\InprocServer32 -> C:\Program Files\Palm\VoiceMemoExt.ocx => No File
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{868C6D64-8B98-11D5-8209-00C04FA03755}\InprocServer32 -> C:\Program Files\Palm\NotePadExt.ocx => No File
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{868C6D65-8B98-11D5-8209-00C04FA03755}\InprocServer32 -> C:\Program Files\Palm\NotePadExt.ocx => No File
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{87001487-8B8A-4C40-BFEF-036F5BD5BAA3}\InprocServer32 -> C:\Program Files\Palm\PhotoDesktop\PhotosPlugIn.dll => No File
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{9D3B3E2B-1789-4A83-8050-5ED8307B02E5}\InprocServer32 -> C:\Program Files\Palm\VoiceMemoExt.ocx => No File
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-683582700-94011501-2919801602-1000_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4445D46F-F71D-4502-8DFA-F999DE7C2E3B} - System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910 => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {BD4865B3-1686-4949-BB60-A1A8F6791767} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C03475ED-73B9-4914-96A7-1440D36DE74D} - System32\Tasks\{AD69A0AA-41ED-4FDA-A500-33B5441D1822} => pcalua.exe -a "C:\Program Files\Palm\QuickInstall.exe" -d C:\Users\Owner\Desktop
Task: {DDF72267-A293-48C2-9B24-9301E0A14761} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2008-10-16 19:57 - 2008-10-16 19:57 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2008-12-12 18:11 - 2008-12-12 18:11 - 00148480 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2008-12-12 18:11 - 2008-12-12 18:11 - 00097280 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2008-11-13 15:43 - 2008-11-13 15:43 - 00204800 _____ () C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
2008-11-13 15:43 - 2008-11-13 15:43 - 00081920 _____ () C:\Program Files\Linksys\Linksys Updater\lib\wrapper.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-683582700-94011501-2919801602-1000\...\lvh.com -> hxxps://intranet.lvh.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 06:23 - 2016-09-21 08:08 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-683582700-94011501-2919801602-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\img24.jpg
DNS Servers: 208.59.247.45 - 208.59.247.46
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: cfFncEnabler.exe => "C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe"
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TANU => %ProgramFiles%\TOSHIBA\TANU\TANU.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{9AEB11C1-76B3-4ACE-8310-A27C5DB94F1C}] => (Allow) LPort=67
FirewallRules: [{51E34FF6-98D0-41F7-B0EC-D9D7163600BE}] => (Allow) LPort=67
FirewallRules: [TCP Query User{FBCD9455-945E-42F8-AD71-82CBD45D4571}C:\program files\palm\hotsync.exe] => (Block) C:\program files\palm\hotsync.exe
FirewallRules: [UDP Query User{00982067-17B1-4AC4-BA04-1EB8D20031E3}C:\program files\palm\hotsync.exe] => (Block) C:\program files\palm\hotsync.exe
FirewallRules: [{7326B6FD-BC30-4553-9ECB-0040329849E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{712BC0DB-5C0C-4DEC-BE8A-23F9C574827F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{792DDA84-572A-456B-B718-F5ED00FC815C}] => (Allow) LPort=80
FirewallRules: [{AE310AE3-7F97-467A-B0B0-CE531277430C}] => (Allow) LPort=80
FirewallRules: [{9ADAB875-F6BF-48B9-97F5-8C071BEF038C}] => (Allow) LPort=80
FirewallRules: [TCP Query User{A30BAB68-18BC-4B6D-86A3-53A598D4F20E}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{D0E4C3B7-098A-4AB6-88AF-20ECF6DA34C5}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{42D82B6F-F8A3-4094-830B-8629EC62ADED}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{89D2033E-1C85-4B7C-AD4A-573CE9CAEE67}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{C2E9310A-136F-4F1E-AB4B-BDE76CE935F0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C196E302-6FFF-4BE5-ABCD-0A01C6A3ACD4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{8894F5EB-969E-440D-A781-35FE013F6B44}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{2147AB6B-C290-4E19-B11A-2F749510F9E0}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{57EC259C-9334-4069-91C1-00FC3BA1EE31}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E98BBAB2-749A-4E44-9278-EA2839E30161}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{EFCEEBC2-301F-43D9-9E56-CC94D23BB8CA}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{87CB18EF-8A5F-4E89-B1B1-71F96C9FE1A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7A66FC15-2F8B-445D-9AE5-5F3EF7779749}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{36B20AC0-24E2-42D4-BC58-33CFF4602137}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4707B9DE-861D-4AC2-AF62-4E82FFC6CB0F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{5E0C370E-FDF4-4363-8676-9CAEC771A6D8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F05DEDE5-E8DF-46C6-AB8F-88A0045FAA5B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5106CAD3-74A9-4A18-8A04-1943637200E6}] => (Allow) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{04527024-F221-4DD2-9FD9-8F786ACA9228}] => (Allow) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{8D908592-5B19-4EE4-A8F9-545A2CE077B3}] => (Allow) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{E6420AEA-6A9B-4AA5-90E4-7457DEF38019}] => (Allow) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

==================== Restore Points =========================

23-06-2016 21:12:16 Windows Update
24-06-2016 03:00:12 Windows Update
27-06-2016 08:27:42 Windows Update
04-07-2016 20:09:36 Windows Update
05-07-2016 20:17:55 Scheduled Checkpoint
10-07-2016 03:00:09 Scheduled Checkpoint
10-07-2016 07:17:01 Windows Update
14-07-2016 03:00:24 Windows Update
17-07-2016 05:50:20 Windows Update
20-07-2016 17:24:51 Windows Update
24-07-2016 18:33:07 Windows Update
31-07-2016 03:01:06 Scheduled Checkpoint
31-07-2016 05:50:55 Windows Update
03-08-2016 03:00:32 Scheduled Checkpoint
04-08-2016 03:00:10 Scheduled Checkpoint
05-08-2016 17:39:53 Windows Update
27-08-2016 16:02:25 Windows Update
28-08-2016 03:00:23 Windows Update
28-08-2016 14:42:29 Windows Update
03-09-2016 09:20:57 Windows Update
05-09-2016 10:17:07 Scheduled Checkpoint
06-09-2016 13:15:47 Windows Update
09-09-2016 17:38:55 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/02/2016 10:01:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: WSARecvMsg failed (10022)

Error: (10/02/2016 10:01:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: WSARecvMsg failed (10022)

Error: (09/30/2016 04:56:00 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LG9X54G.DEFAULT\SAFEBROWSING-BACKUP> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (09/30/2016 04:55:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10318436

Error: (09/30/2016 04:55:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10318436

Error: (09/30/2016 04:55:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/30/2016 01:56:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "PNRPsvc" in DLL "C:\Windows\system32\pnrpperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (09/30/2016 01:56:29 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.

Error: (09/30/2016 10:46:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/30/2016 10:46:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: WSARecvMsg failed (10022)


System errors:
=============
Error: (09/30/2016 05:02:59 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JOSEPH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{567E820E-FC70-4E70-9D2F-F0A5FCF1.
The master browser is stopping or an election is being forced.

Error: (09/30/2016 04:55:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (09/30/2016 10:47:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (09/30/2016 10:33:48 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
An instance of the service is already running.

Error: (09/30/2016 10:33:48 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error:
An instance of the service is already running.

Error: (09/30/2016 10:33:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:
After starting, the service hung in a start-pending state.

Error: (09/30/2016 10:33:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Remote Access Connection Manager service hung on starting.

Error: (09/30/2016 10:32:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Extensible Authentication Protocol service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (09/30/2016 10:32:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Computer Browser service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (09/30/2016 10:32:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2014-09-30 09:37:47.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLKBDFLTX86\klkbdflt.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 09:37:47.344
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLKBDFLTX86\klkbdflt.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 09:37:46.876
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLKBDFLTX86\klkbdflt.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 09:37:46.439
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLKBDFLTX86\klkbdflt.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 09:37:46.065
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLMOUFLTX86\klmouflt.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 09:37:45.628
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLMOUFLTX86\klmouflt.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 09:37:45.254
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLMOUFLTX86\klmouflt.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 09:37:44.879
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLMOUFLTX86\klmouflt.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 09:37:44.396
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLTDIX86\kltdi.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 09:37:43.974
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLTDIX86\kltdi.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 65%
Total physical RAM: 2939.24 MB
Available physical RAM: 1028.55 MB
Total Virtual: 6092.57 MB
Available Virtual: 4026.93 MB

==================== Drives ================================

Drive c: (TI100712V0E) (Fixed) (Total:287.79 GB) (Free:198.75 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 93C5EB0E)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=287.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8.8 GB) - (Type=17)

==================== End of Addition.txt ============================


  • 0

Advertisements







Similar Topics


Also tagged with one or more of these keywords: svchost.exe

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP