Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

iSecurity Attack


  • Please log in to reply
6 replies to this topic

#1 AWojcik

AWojcik

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 20 March 2012 - 12:21 PM

AVG did not catch it, iSecurity program has attacked me. How does one remove it from your computer better yet how the hell did I get it!?!?!?!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:40 PM

Posted 20 March 2012 - 12:56 PM

Welcome!!

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.



Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



Last....
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 AWojcik

AWojcik
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 20 March 2012 - 01:25 PM

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.18.04

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Alan Wojcik :: ALANWOJCIK-PC [administrator]

Protection: Disabled

3/20/2012 2:18:49 PM
mbam-log-2012-03-20 (14-18-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 195453
Time elapsed: 5 minute(s), 10 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 2720 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)Have to reboot after Malware...ah maybe not. Be back with the other scan results.

#4 AWojcik

AWojcik
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 20 March 2012 - 01:31 PM

14:27:12.0314 3860 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
14:27:13.0971 3860 ============================================================
14:27:13.0971 3860 Current date / time: 2012/03/20 14:27:13.0971
14:27:13.0971 3860 SystemInfo:
14:27:13.0971 3860
14:27:13.0971 3860 OS Version: 6.1.7601 ServicePack: 1.0
14:27:13.0971 3860 Product type: Workstation
14:27:13.0971 3860 ComputerName: ALANWOJCIK-PC
14:27:13.0971 3860 UserName: Alan Wojcik
14:27:13.0971 3860 Windows directory: C:\windows
14:27:13.0971 3860 System windows directory: C:\windows
14:27:13.0971 3860 Running under WOW64
14:27:13.0971 3860 Processor architecture: Intel x64
14:27:13.0971 3860 Number of processors: 4
14:27:13.0971 3860 Page size: 0x1000
14:27:13.0971 3860 Boot type: Safe boot with network
14:27:13.0971 3860 ============================================================
14:27:14.0430 3860 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:27:14.0433 3860 \Device\Harddisk0\DR0:
14:27:14.0434 3860 MBR used
14:27:14.0434 3860 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48D59800
14:27:14.0496 3860 Initialize success
14:27:14.0496 3860 ============================================================
14:27:24.0801 1804 ============================================================
14:27:24.0801 1804 Scan started
14:27:24.0801 1804 Mode: Manual;
14:27:24.0801 1804 ============================================================
14:27:25.0882 1804 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
14:27:25.0885 1804 1394ohci - ok
14:27:26.0118 1804 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
14:27:26.0122 1804 ACPI - ok
14:27:26.0275 1804 acpials (12c5274cd87449a2a37a607cdb321922) C:\windows\system32\DRIVERS\acpials.sys
14:27:26.0276 1804 acpials - ok
14:27:26.0462 1804 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
14:27:26.0463 1804 AcpiPmi - ok
14:27:26.0670 1804 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
14:27:26.0675 1804 adp94xx - ok
14:27:26.0839 1804 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
14:27:26.0843 1804 adpahci - ok
14:27:26.0877 1804 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
14:27:26.0879 1804 adpu320 - ok
14:27:27.0051 1804 AFD (d5b031c308a409a0a576bff4cf083d30) C:\windows\system32\drivers\afd.sys
14:27:27.0056 1804 AFD - ok
14:27:27.0212 1804 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
14:27:27.0213 1804 agp440 - ok
14:27:27.0399 1804 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
14:27:27.0399 1804 aliide - ok
14:27:27.0446 1804 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
14:27:27.0446 1804 amdide - ok
14:27:27.0494 1804 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
14:27:27.0495 1804 AmdK8 - ok
14:27:27.0632 1804 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
14:27:27.0633 1804 AmdPPM - ok
14:27:27.0794 1804 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
14:27:27.0796 1804 amdsata - ok
14:27:27.0956 1804 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
14:27:27.0959 1804 amdsbs - ok
14:27:28.0233 1804 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
14:27:28.0233 1804 amdxata - ok
14:27:28.0711 1804 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
14:27:28.0712 1804 AppID - ok
14:27:29.0373 1804 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
14:27:29.0374 1804 arc - ok
14:27:29.0519 1804 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
14:27:29.0521 1804 arcsas - ok
14:27:29.0681 1804 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
14:27:29.0681 1804 AsyncMac - ok
14:27:29.0828 1804 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
14:27:29.0829 1804 atapi - ok
14:27:30.0024 1804 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
14:27:30.0027 1804 AVGIDSDriver - ok
14:27:30.0196 1804 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
14:27:30.0197 1804 AVGIDSEH - ok
14:27:30.0342 1804 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
14:27:30.0343 1804 AVGIDSFilter - ok
14:27:30.0729 1804 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\windows\system32\DRIVERS\avgldx64.sys
14:27:30.0732 1804 Avgldx64 - ok
14:27:30.0912 1804 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\windows\system32\DRIVERS\avgmfx64.sys
14:27:30.0913 1804 Avgmfx64 - ok
14:27:31.0086 1804 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\windows\system32\DRIVERS\avgrkx64.sys
14:27:31.0087 1804 Avgrkx64 - ok
14:27:31.0245 1804 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\windows\system32\DRIVERS\avgtdia.sys
14:27:31.0249 1804 Avgtdia - ok
14:27:31.0969 1804 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
14:27:31.0974 1804 b06bdrv - ok
14:27:32.0163 1804 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
14:27:32.0166 1804 b57nd60a - ok
14:27:32.0290 1804 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
14:27:32.0291 1804 Beep - ok
14:27:32.0563 1804 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
14:27:32.0564 1804 blbdrive - ok
14:27:32.0593 1804 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
14:27:32.0594 1804 bowser - ok
14:27:32.0761 1804 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\windows\system32\DRIVERS\bpenum.sys
14:27:32.0762 1804 bpenum - ok
14:27:32.0935 1804 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\windows\system32\DRIVERS\bpmp.sys
14:27:32.0937 1804 bpmp - ok
14:27:33.0111 1804 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\windows\system32\Drivers\bpusb.sys
14:27:33.0112 1804 bpusb - ok
14:27:33.0290 1804 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:27:33.0291 1804 BrFiltLo - ok
14:27:33.0444 1804 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:27:33.0444 1804 BrFiltUp - ok
14:27:33.0588 1804 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
14:27:33.0591 1804 Brserid - ok
14:27:33.0613 1804 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
14:27:33.0614 1804 BrSerWdm - ok
14:27:33.0781 1804 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
14:27:33.0781 1804 BrUsbMdm - ok
14:27:33.0935 1804 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
14:27:33.0935 1804 BrUsbSer - ok
14:27:34.0101 1804 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
14:27:34.0102 1804 BTHMODEM - ok
14:27:34.0990 1804 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
14:27:34.0991 1804 cdfs - ok
14:27:35.0341 1804 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
14:27:35.0343 1804 cdrom - ok
14:27:36.0373 1804 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
14:27:36.0374 1804 circlass - ok
14:27:36.0984 1804 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
14:27:36.0988 1804 CLFS - ok
14:27:37.0650 1804 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
14:27:37.0651 1804 CmBatt - ok
14:27:37.0926 1804 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
14:27:37.0927 1804 cmdide - ok
14:27:38.0593 1804 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
14:27:38.0598 1804 CNG - ok
14:27:38.0796 1804 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
14:27:38.0797 1804 Compbatt - ok
14:27:38.0953 1804 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
14:27:38.0953 1804 CompositeBus - ok
14:27:39.0286 1804 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
14:27:39.0287 1804 crcdisk - ok
14:27:39.0489 1804 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
14:27:39.0490 1804 DfsC - ok
14:27:39.0647 1804 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
14:27:39.0647 1804 discache - ok
14:27:40.0796 1804 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
14:27:40.0797 1804 Disk - ok
14:27:41.0952 1804 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
14:27:41.0952 1804 drmkaud - ok
14:27:42.0757 1804 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
14:27:42.0765 1804 DXGKrnl - ok
14:27:43.0065 1804 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
14:27:43.0124 1804 ebdrv - ok
14:27:43.0334 1804 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
14:27:43.0339 1804 elxstor - ok
14:27:43.0516 1804 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
14:27:43.0516 1804 ErrDev - ok
14:27:43.0781 1804 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
14:27:43.0783 1804 exfat - ok
14:27:43.0939 1804 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
14:27:43.0941 1804 fastfat - ok
14:27:44.0342 1804 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
14:27:44.0343 1804 fdc - ok
14:27:44.0463 1804 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
14:27:44.0464 1804 FileInfo - ok
14:27:44.0584 1804 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
14:27:44.0585 1804 Filetrace - ok
14:27:44.0820 1804 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
14:27:44.0821 1804 flpydisk - ok
14:27:45.0309 1804 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
14:27:45.0313 1804 FltMgr - ok
14:27:45.0979 1804 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
14:27:45.0980 1804 FsDepends - ok
14:27:46.0185 1804 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
14:27:46.0186 1804 Fs_Rec - ok
14:27:46.0546 1804 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
14:27:46.0548 1804 fvevol - ok
14:27:47.0160 1804 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
14:27:47.0161 1804 gagp30kx - ok
14:27:47.0300 1804 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
14:27:47.0301 1804 hcw85cir - ok
14:27:47.0660 1804 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
14:27:47.0664 1804 HdAudAddService - ok
14:27:47.0834 1804 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
14:27:47.0835 1804 HDAudBus - ok
14:27:47.0999 1804 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
14:27:48.0000 1804 HECIx64 - ok
14:27:48.0254 1804 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
14:27:48.0255 1804 HidBatt - ok
14:27:48.0384 1804 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
14:27:48.0386 1804 HidBth - ok
14:27:49.0189 1804 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
14:27:49.0190 1804 HidIr - ok
14:27:49.0431 1804 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
14:27:49.0432 1804 HidUsb - ok
14:27:50.0147 1804 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
14:27:50.0148 1804 HpSAMD - ok
14:27:50.0471 1804 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
14:27:50.0478 1804 HTTP - ok
14:27:51.0330 1804 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
14:27:51.0330 1804 hwpolicy - ok
14:27:52.0142 1804 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
14:27:52.0143 1804 i8042prt - ok
14:27:52.0758 1804 iaStor (85977cd13fc16069ce0af7943a811775) C:\windows\system32\DRIVERS\iaStor.sys
14:27:52.0761 1804 iaStor - ok
14:27:53.0200 1804 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
14:27:53.0205 1804 iaStorV - ok
14:27:53.0989 1804 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\windows\system32\DRIVERS\igdkmd64.sys
14:27:54.0202 1804 igfx - ok
14:27:54.0970 1804 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
14:27:54.0970 1804 iirsp - ok
14:27:55.0436 1804 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
14:27:55.0438 1804 Impcd - ok
14:27:55.0788 1804 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\windows\system32\drivers\RTKVHD64.sys
14:27:55.0833 1804 IntcAzAudAddService - ok
14:27:56.0498 1804 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\windows\system32\DRIVERS\IntcDAud.sys
14:27:56.0501 1804 IntcDAud - ok
14:27:56.0686 1804 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
14:27:56.0687 1804 intelide - ok
14:27:56.0802 1804 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
14:27:56.0804 1804 intelppm - ok
14:27:56.0868 1804 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:27:56.0869 1804 IpFilterDriver - ok
14:27:56.0954 1804 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
14:27:56.0955 1804 IPMIDRV - ok
14:27:57.0074 1804 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
14:27:57.0075 1804 IPNAT - ok
14:27:57.0245 1804 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
14:27:57.0246 1804 IRENUM - ok
14:27:57.0408 1804 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
14:27:57.0409 1804 isapnp - ok
14:27:57.0794 1804 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
14:27:57.0798 1804 iScsiPrt - ok
14:27:58.0072 1804 JMCR (19496fe93696c929392f1595ed1f8bb3) C:\windows\system32\DRIVERS\jmcr.sys
14:27:58.0074 1804 JMCR - ok
14:27:58.0763 1804 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
14:27:58.0764 1804 kbdclass - ok
14:27:59.0019 1804 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
14:27:59.0020 1804 kbdhid - ok
14:27:59.0518 1804 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
14:27:59.0520 1804 KSecDD - ok
14:28:00.0510 1804 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
14:28:00.0514 1804 KSecPkg - ok
14:28:01.0060 1804 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
14:28:01.0060 1804 ksthunk - ok
14:28:01.0502 1804 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
14:28:01.0513 1804 lltdio - ok
14:28:01.0739 1804 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys
14:28:01.0740 1804 LPCFilter - ok
14:28:01.0968 1804 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
14:28:01.0970 1804 LSI_FC - ok
14:28:02.0720 1804 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
14:28:02.0721 1804 LSI_SAS - ok
14:28:03.0064 1804 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:28:03.0065 1804 LSI_SAS2 - ok
14:28:03.0336 1804 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:28:03.0337 1804 LSI_SCSI - ok
14:28:03.0448 1804 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
14:28:03.0449 1804 luafv - ok
14:28:03.0565 1804 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\windows\system32\drivers\mbam.sys
14:28:03.0565 1804 MBAMProtector - ok
14:28:03.0686 1804 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
14:28:03.0687 1804 megasas - ok
14:28:03.0806 1804 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
14:28:03.0809 1804 MegaSR - ok
14:28:03.0926 1804 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
14:28:03.0927 1804 Modem - ok
14:28:04.0040 1804 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
14:28:04.0041 1804 monitor - ok
14:28:04.0139 1804 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
14:28:04.0140 1804 mouclass - ok
14:28:04.0252 1804 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
14:28:04.0253 1804 mouhid - ok
14:28:04.0364 1804 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
14:28:04.0365 1804 mountmgr - ok
14:28:04.0482 1804 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
14:28:04.0484 1804 mpio - ok
14:28:04.0658 1804 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
14:28:04.0660 1804 mpsdrv - ok
14:28:04.0697 1804 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
14:28:04.0699 1804 MRxDAV - ok
14:28:04.0837 1804 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
14:28:04.0838 1804 mrxsmb - ok
14:28:05.0045 1804 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:28:05.0048 1804 mrxsmb10 - ok
14:28:05.0093 1804 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:28:05.0095 1804 mrxsmb20 - ok
14:28:05.0433 1804 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
14:28:05.0434 1804 msahci - ok
14:28:05.0613 1804 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
14:28:05.0614 1804 msdsm - ok
14:28:05.0666 1804 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
14:28:05.0667 1804 Msfs - ok
14:28:05.0777 1804 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
14:28:05.0778 1804 mshidkmdf - ok
14:28:05.0922 1804 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
14:28:05.0922 1804 msisadrv - ok
14:28:06.0081 1804 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
14:28:06.0082 1804 MSKSSRV - ok
14:28:06.0234 1804 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
14:28:06.0235 1804 MSPCLOCK - ok
14:28:06.0262 1804 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
14:28:06.0263 1804 MSPQM - ok
14:28:06.0421 1804 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
14:28:06.0425 1804 MsRPC - ok
14:28:06.0703 1804 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
14:28:06.0703 1804 mssmbios - ok
14:28:06.0826 1804 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
14:28:06.0827 1804 MSTEE - ok
14:28:06.0973 1804 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
14:28:06.0974 1804 MTConfig - ok
14:28:07.0002 1804 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
14:28:07.0004 1804 Mup - ok
14:28:07.0201 1804 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
14:28:07.0205 1804 NativeWifiP - ok
14:28:07.0391 1804 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
14:28:07.0400 1804 NDIS - ok
14:28:07.0537 1804 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
14:28:07.0538 1804 NdisCap - ok
14:28:07.0689 1804 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
14:28:07.0690 1804 NdisTapi - ok
14:28:08.0332 1804 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
14:28:08.0334 1804 Ndisuio - ok
14:28:09.0557 1804 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
14:28:09.0559 1804 NdisWan - ok
14:28:09.0822 1804 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
14:28:09.0823 1804 NDProxy - ok
14:28:09.0971 1804 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
14:28:09.0972 1804 NetBIOS - ok
14:28:10.0025 1804 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
14:28:10.0027 1804 NetBT - ok
14:28:10.0646 1804 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\windows\system32\DRIVERS\NETwNs64.sys
14:28:10.0808 1804 NETwNs64 - ok
14:28:11.0155 1804 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
14:28:11.0156 1804 nfrd960 - ok
14:28:11.0292 1804 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
14:28:11.0293 1804 Npfs - ok
14:28:11.0339 1804 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
14:28:11.0339 1804 nsiproxy - ok
14:28:11.0468 1804 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
14:28:11.0484 1804 Ntfs - ok
14:28:11.0593 1804 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
14:28:11.0595 1804 Null - ok
14:28:11.0887 1804 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
14:28:11.0889 1804 nvraid - ok
14:28:12.0446 1804 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
14:28:12.0448 1804 nvstor - ok
14:28:12.0691 1804 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
14:28:12.0693 1804 nv_agp - ok
14:28:12.0957 1804 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
14:28:12.0958 1804 ohci1394 - ok
14:28:13.0431 1804 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
14:28:13.0433 1804 Parport - ok
14:28:13.0597 1804 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
14:28:13.0598 1804 partmgr - ok
14:28:13.0772 1804 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
14:28:13.0775 1804 pci - ok
14:28:13.0977 1804 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
14:28:13.0978 1804 pciide - ok
14:28:14.0151 1804 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
14:28:14.0154 1804 pcmcia - ok
14:28:14.0307 1804 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
14:28:14.0308 1804 pcw - ok
14:28:14.0467 1804 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
14:28:14.0474 1804 PEAUTH - ok
14:28:14.0888 1804 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
14:28:14.0889 1804 PGEffect - ok
14:28:15.0040 1804 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
14:28:15.0042 1804 PptpMiniport - ok
14:28:15.0066 1804 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
14:28:15.0067 1804 Processor - ok
14:28:15.0401 1804 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
14:28:15.0403 1804 Psched - ok
14:28:15.0508 1804 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
14:28:15.0522 1804 ql2300 - ok
14:28:16.0154 1804 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
14:28:16.0155 1804 ql40xx - ok
14:28:16.0307 1804 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
14:28:16.0308 1804 QWAVEdrv - ok
14:28:16.0333 1804 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
14:28:16.0334 1804 RasAcd - ok
14:28:16.0492 1804 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
14:28:16.0493 1804 RasAgileVpn - ok
14:28:16.0788 1804 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
14:28:16.0790 1804 Rasl2tp - ok
14:28:16.0901 1804 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
14:28:16.0902 1804 RasPppoe - ok
14:28:17.0013 1804 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
14:28:17.0014 1804 RasSstp - ok
14:28:17.0116 1804 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
14:28:17.0120 1804 rdbss - ok
14:28:17.0254 1804 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
14:28:17.0255 1804 rdpbus - ok
14:28:17.0361 1804 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
14:28:17.0361 1804 RDPCDD - ok
14:28:17.0424 1804 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
14:28:17.0424 1804 RDPENCDD - ok
14:28:17.0492 1804 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
14:28:17.0493 1804 RDPREFMP - ok
14:28:17.0551 1804 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
14:28:17.0554 1804 RDPWD - ok
14:28:17.0670 1804 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
14:28:17.0672 1804 rdyboost - ok
14:28:17.0796 1804 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
14:28:17.0797 1804 rspndr - ok
14:28:17.0910 1804 RTL8167 (ba3e57c89e6f63808d3f2b11e1a2ad3c) C:\windows\system32\DRIVERS\Rt64win7.sys
14:28:17.0914 1804 RTL8167 - ok
14:28:18.0011 1804 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
14:28:18.0012 1804 sbp2port - ok
14:28:18.0118 1804 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
14:28:18.0119 1804 scfilter - ok
14:28:18.0243 1804 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
14:28:18.0244 1804 sdbus - ok
14:28:18.0965 1804 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
14:28:18.0966 1804 secdrv - ok
14:28:19.0028 1804 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
14:28:19.0029 1804 Serenum - ok
14:28:19.0162 1804 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
14:28:19.0164 1804 Serial - ok
14:28:19.0223 1804 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
14:28:19.0224 1804 sermouse - ok
14:28:19.0350 1804 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
14:28:19.0351 1804 sffdisk - ok
14:28:19.0393 1804 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
14:28:19.0393 1804 sffp_mmc - ok
14:28:19.0511 1804 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
14:28:19.0512 1804 sffp_sd - ok
14:28:19.0660 1804 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
14:28:19.0661 1804 sfloppy - ok
14:28:19.0831 1804 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:28:19.0832 1804 SiSRaid2 - ok
14:28:19.0939 1804 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
14:28:19.0940 1804 SiSRaid4 - ok
14:28:20.0099 1804 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
14:28:20.0100 1804 Smb - ok
14:28:20.0159 1804 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
14:28:20.0160 1804 spldr - ok
14:28:20.0352 1804 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
14:28:20.0357 1804 srv - ok
14:28:20.0498 1804 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
14:28:20.0503 1804 srv2 - ok
14:28:20.0695 1804 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
14:28:20.0697 1804 srvnet - ok
14:28:20.0836 1804 ssmirrdr (1100066057fbf612b573efd3b21383f1) C:\windows\system32\DRIVERS\ssmirrdr.sys
14:28:20.0837 1804 ssmirrdr - ok
14:28:20.0878 1804 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
14:28:20.0879 1804 stexstor - ok
14:28:21.0540 1804 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
14:28:21.0541 1804 StillCam - ok
14:28:22.0159 1804 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
14:28:22.0160 1804 swenum - ok
14:28:22.0286 1804 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
14:28:22.0290 1804 SynTP - ok
14:28:22.0507 1804 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\drivers\tcpip.sys
14:28:22.0524 1804 Tcpip - ok
14:28:22.0685 1804 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\DRIVERS\tcpip.sys
14:28:22.0694 1804 TCPIP6 - ok
14:28:22.0908 1804 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
14:28:22.0909 1804 tcpipreg - ok
14:28:23.0072 1804 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
14:28:23.0073 1804 tdcmdpst - ok
14:28:23.0155 1804 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
14:28:23.0156 1804 TDPIPE - ok
14:28:23.0313 1804 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
14:28:23.0314 1804 TDTCP - ok
14:28:23.0436 1804 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
14:28:23.0438 1804 tdx - ok
14:28:23.0589 1804 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
14:28:23.0590 1804 TermDD - ok
14:28:23.0718 1804 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
14:28:23.0719 1804 Thpdrv - ok
14:28:23.0868 1804 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
14:28:23.0869 1804 Thpevm - ok
14:28:23.0995 1804 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\windows\system32\DRIVERS\tmactmon.sys
14:28:23.0997 1804 tmactmon - ok
14:28:24.0183 1804 tmcomm (360e61217d4e1e333583d0c721057f70) C:\windows\system32\DRIVERS\tmcomm.sys
14:28:24.0185 1804 tmcomm - ok
14:28:24.0757 1804 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\windows\system32\DRIVERS\tmevtmgr.sys
14:28:24.0758 1804 tmevtmgr - ok
14:28:24.0989 1804 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\windows\system32\DRIVERS\tmtdi.sys
14:28:24.0991 1804 tmtdi - ok
14:28:25.0217 1804 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
14:28:25.0222 1804 tos_sps64 - ok
14:28:25.0855 1804 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
14:28:25.0856 1804 tssecsrv - ok
14:28:27.0317 1804 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
14:28:27.0319 1804 TsUsbFlt - ok
14:28:27.0503 1804 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
14:28:27.0504 1804 tunnel - ok
14:28:27.0655 1804 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:28:27.0656 1804 TVALZ - ok
14:28:28.0181 1804 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
14:28:28.0182 1804 TVALZFL - ok
14:28:28.0646 1804 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
14:28:28.0647 1804 uagp35 - ok
14:28:29.0822 1804 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
14:28:29.0825 1804 udfs - ok
14:28:31.0098 1804 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
14:28:31.0099 1804 uliagpkx - ok
14:28:31.0263 1804 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
14:28:31.0265 1804 umbus - ok
14:28:31.0423 1804 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
14:28:31.0423 1804 UmPass - ok
14:28:31.0599 1804 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
14:28:31.0600 1804 usbccgp - ok
14:28:31.0708 1804 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
14:28:31.0710 1804 usbcir - ok
14:28:31.0867 1804 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
14:28:31.0868 1804 usbehci - ok
14:28:32.0051 1804 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
14:28:32.0055 1804 usbhub - ok
14:28:32.0205 1804 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
14:28:32.0206 1804 usbohci - ok
14:28:32.0406 1804 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
14:28:32.0407 1804 usbprint - ok
14:28:32.0492 1804 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
14:28:32.0494 1804 USBSTOR - ok
14:28:32.0657 1804 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
14:28:32.0658 1804 usbuhci - ok
14:28:32.0839 1804 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
14:28:32.0842 1804 usbvideo - ok
14:28:33.0012 1804 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
14:28:33.0014 1804 vdrvroot - ok
14:28:33.0451 1804 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
14:28:33.0451 1804 vga - ok
14:28:33.0941 1804 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
14:28:33.0941 1804 VgaSave - ok
14:28:34.0141 1804 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
14:28:34.0144 1804 vhdmp - ok
14:28:34.0382 1804 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
14:28:34.0382 1804 viaide - ok
14:28:34.0402 1804 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
14:28:34.0403 1804 volmgr - ok
14:28:34.0558 1804 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
14:28:34.0562 1804 volmgrx - ok
14:28:34.0708 1804 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
14:28:34.0711 1804 volsnap - ok
14:28:34.0997 1804 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
14:28:34.0999 1804 vsmraid - ok
14:28:35.0021 1804 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
14:28:35.0022 1804 vwifibus - ok
14:28:35.0294 1804 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
14:28:35.0295 1804 vwififlt - ok
14:28:35.0577 1804 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
14:28:35.0578 1804 vwifimp - ok
14:28:35.0863 1804 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
14:28:35.0864 1804 WacomPen - ok
14:28:36.0033 1804 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:28:36.0035 1804 WANARP - ok
14:28:36.0051 1804 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:28:36.0052 1804 Wanarpv6 - ok
14:28:36.0860 1804 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
14:28:36.0861 1804 Wd - ok
14:28:37.0652 1804 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
14:28:37.0659 1804 Wdf01000 - ok
14:28:38.0086 1804 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\windows\system32\DRIVERS\WDKMD.sys
14:28:38.0087 1804 wdkmd - ok
14:28:38.0389 1804 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
14:28:38.0390 1804 WfpLwf - ok
14:28:38.0671 1804 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
14:28:38.0672 1804 WIMMount - ok
14:28:38.0870 1804 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
14:28:38.0871 1804 WinUsb - ok
14:28:39.0036 1804 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
14:28:39.0037 1804 WmiAcpi - ok
14:28:39.0335 1804 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
14:28:39.0336 1804 ws2ifsl - ok
14:28:39.0457 1804 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
14:28:39.0458 1804 WudfPf - ok
14:28:39.0606 1804 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
14:28:39.0608 1804 WUDFRd - ok
14:28:39.0665 1804 MBR (0x1B8) (849e52748aab5959bc8000cb4974bc13) \Device\Harddisk0\DR0
14:28:39.0719 1804 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
14:28:39.0719 1804 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
14:28:39.0770 1804 Boot (0x1200) (7435fd853944c7870b9c51121f2d5bbd) \Device\Harddisk0\DR0\Partition0
14:28:39.0771 1804 \Device\Harddisk0\DR0\Partition0 - ok
14:28:39.0771 1804 ============================================================
14:28:39.0771 1804 Scan finished
14:28:39.0771 1804 ============================================================
14:28:39.0779 2984 Detected object count: 1
14:28:39.0779 2984 Actual detected object count: 1
14:30:33.0912 2984 \Device\Harddisk0\DR0\# - copied to quarantine
14:30:33.0913 2984 \Device\Harddisk0\DR0 - copied to quarantine
14:30:34.0333 2984 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
14:30:34.0335 2984 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
14:30:34.0337 2984 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
14:30:34.0340 2984 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
14:30:34.0390 2984 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
14:30:34.0395 2984 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
14:30:34.0396 2984 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
14:30:34.0397 2984 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
14:30:34.0397 2984 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
14:30:34.0398 2984 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
14:30:34.0400 2984 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
14:30:34.0400 2984 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
14:30:34.0464 2984 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
14:30:34.0464 2984 \Device\Harddisk0\DR0 - ok
14:30:34.0588 2984 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

#5 AWojcik

AWojcik
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 20 March 2012 - 01:34 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Alan Wojcik (administrator) on 20-03-2012 at 14:33:20
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


87.229.126.54 www.google.com
87.229.126.55 www.bing.com


========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6250 AGN = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled
set interface interface="Loopback Pseudo-Interface 1" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection 2" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection 3" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : AlanWojcik-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-23-15-B3-25-ED
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6250 AGN
Physical Address. . . . . . . . . : 00-23-15-B3-25-EC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4901:2b83:10b7:8803%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, March 20, 2012 2:10:15 PM
Lease Expires . . . . . . . . . . : Tuesday, March 20, 2012 3:10:19 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 318776085
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-D3-9B-8F-1C-75-08-7F-EC-E1
DNS Servers . . . . . . . . . . . : 65.32.5.111
65.32.5.112
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 1C-75-08-7F-EC-E1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{77D7251B-24CE-438A-905D-9A948A593F9B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: google.com
Addresses: 74.125.47.100
74.125.47.101
74.125.47.102
74.125.47.113
74.125.47.138
74.125.47.139


Pinging google.com [74.125.47.100] with 32 bytes of data:
Reply from 74.125.47.100: bytes=32 time=56ms TTL=51
Reply from 74.125.47.100: bytes=32 time=61ms TTL=51

Ping statistics for 74.125.47.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 61ms, Average = 58ms
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=98ms TTL=54
Reply from 209.191.122.70: bytes=32 time=104ms TTL=54

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 98ms, Maximum = 104ms, Average = 101ms
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 23 15 b3 25 ed ......Microsoft Virtual WiFi Miniport Adapter #2
12...00 23 15 b3 25 ec ......Intel® Centrino® Advanced-N 6250 AGN
10...1c 75 08 7f ec e1 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.10 281
192.168.0.10 255.255.255.255 On-link 192.168.0.10 281
192.168.0.255 255.255.255.255 On-link 192.168.0.10 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.10 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.10 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::4901:2b83:10b7:8803/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/20/2012 01:09:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: iFrmewrk.exe, version: 13.3.0.0, time stamp: 0x4c44f29f
Faulting module name: PanApi.dll, version: 13.3.0.1, time stamp: 0x4c44f57f
Exception code: 0xc000041d
Fault offset: 0x0000000000018820
Faulting process id: 0x744
Faulting application start time: 0xiFrmewrk.exe0
Faulting application path: iFrmewrk.exe1
Faulting module path: iFrmewrk.exe2
Report Id: iFrmewrk.exe3

Error: (03/20/2012 00:44:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: skypePM.exe, version: 3.0.0.5, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e211319
Exception code: 0x0eedfade
Fault offset: 0x0000b9bc
Faulting process id: 0x20e4
Faulting application start time: 0xskypePM.exe0
Faulting application path: skypePM.exe1
Faulting module path: skypePM.exe2
Report Id: skypePM.exe3

Error: (03/20/2012 00:19:42 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/20/2012 11:59:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: iFrmewrk.exe, version: 13.3.0.0, time stamp: 0x4c44f29f
Faulting module name: PanApi.dll, version: 13.3.0.1, time stamp: 0x4c44f57f
Exception code: 0xc000041d
Fault offset: 0x0000000000018820
Faulting process id: 0x70c
Faulting application start time: 0xiFrmewrk.exe0
Faulting application path: iFrmewrk.exe1
Faulting module path: iFrmewrk.exe2
Report Id: iFrmewrk.exe3

Error: (03/19/2012 06:03:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: iFrmewrk.exe, version: 13.3.0.0, time stamp: 0x4c44f29f
Faulting module name: PanApi.dll, version: 13.3.0.1, time stamp: 0x4c44f57f
Exception code: 0xc000041d
Fault offset: 0x0000000000018820
Faulting process id: 0x8dc
Faulting application start time: 0xiFrmewrk.exe0
Faulting application path: iFrmewrk.exe1
Faulting module path: iFrmewrk.exe2
Report Id: iFrmewrk.exe3

Error: (03/19/2012 06:03:23 PM) (Source: TOSHIBA Service Station) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (03/19/2012 05:40:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: iFrmewrk.exe, version: 13.3.0.0, time stamp: 0x4c44f29f
Faulting module name: PanApi.dll, version: 13.3.0.1, time stamp: 0x4c44f57f
Exception code: 0xc000041d
Fault offset: 0x0000000000018820
Faulting process id: 0x828
Faulting application start time: 0xiFrmewrk.exe0
Faulting application path: iFrmewrk.exe1
Faulting module path: iFrmewrk.exe2
Report Id: iFrmewrk.exe3

Error: (03/19/2012 03:47:57 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/19/2012 00:47:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: winamp.exe, version: 5.6.1.3133, time stamp: 0x4d8267a1
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0xc0000417
Fault offset: 0x0002fc96
Faulting process id: 0x16fc
Faulting application start time: 0xwinamp.exe0
Faulting application path: winamp.exe1
Faulting module path: winamp.exe2
Report Id: winamp.exe3

Error: (03/18/2012 09:27:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16437, time stamp: 0x4e5eef87
Exception code: 0xc0000005
Fault offset: 0x001d948e
Faulting process id: 0xf84
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (03/20/2012 02:33:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2012 02:33:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2012 02:33:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2012 02:31:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2012 02:31:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2012 02:31:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2012 02:31:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2012 02:31:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2012 02:31:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2012 02:26:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.2.1)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 Plugin (Version: 10.1.82.76)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.62)
Adobe Reader X (10.1.2) (Version: 10.1.2)
AIM 7
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2114)
AVG 2012 (Version: 2012.0.1913)
Best Buy pc app (Version: 3.0.0.0)
Best Buy pc app (Version: 3.2.420.5)
BufferChm (Version: 140.0.212.000)
Coupon Printer for Windows (Version: 5.0.0.0)
D110 (Version: 140.0.283.000)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
Download Updater (AOL LLC)
Final Draft 5
Final Draft 7 (Version: 7.1.2.34)
Google Chrome (Version: 17.0.963.79)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.99)
GPBaseService2 (Version: 140.0.211.000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.003.001.001)
HPAppStudio (Version: 140.0.95.000)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Intel PROSet Wireless
Intel WiMAX Tutorial (Version: 1.5.3.1)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2189)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.03.0000)
Intel® Rapid Storage Technology (Version: 9.5.7.1002)
Intel® PROSet/Wireless WiMAX Software (Version: 2.03.2000)
Intel® Wireless Display (Version: 1.2.20.0)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
JMicron Flash Media Controller Driver (Version: 1.0.44.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
Magic ISO Maker v5.5 (build 0281)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MarketResearch (Version: 140.0.212.000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 2.0.269.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSN Toolbar (Version: 4.0.0357.1)
MSN Toolbar Platform (Version: 4.0.0357.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Office Depot PC Support Agent (Version: 12.0.212.4)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
PS_AIO_07_D110_SW_Min (Version: 140.0.142.000)
QuickTime (Version: 7.71.80.42)
QuickTransfer (Version: 140.0.98.000)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.20.503.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6069)
Scan (Version: 140.0.80.000)
Shop for HP Supplies (Version: 14.0)
Skype™ 5.1 (Version: 5.1.112)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.214.000)
Status (Version: 140.0.256.000)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Toolbox (Version: 140.0.428.000)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 3.00.11)
Toshiba Book Place (Version: 2.0.5271)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA DVD PLAYER (Version: 3.01.2.12-A)
TOSHIBA eco Utility (Version: 1.2.18.64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.6C)
TOSHIBA Hardware Setup (Version: 1.63.0.26C)
TOSHIBA HDD Protection (Version: 2.2.0.4)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA Media Controller (Version: 1.0.80.8.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.5.11)
TOSHIBA PC Health Monitor (Version: 1.7.1.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.7.16.64)
TOSHIBA Service Station (Version: 2.2.9)
TOSHIBA Sleep Utility (Version: 1.4.1.2)
TOSHIBA Supervisor Password (Version: 1.63.0.9C)
TOSHIBA Value Added Package (Version: 1.3.19.64)
TOSHIBA Web Camera Application (Version: 1.1.1.16)
ToshibaRegistration (Version: 1.0.4)
TrayApp (Version: 140.0.212.000)
Trend Micro Titanium (Version: 3.1.1109)
Trend Micro™ Titanium™ (Version: 3.00)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Utility Common Driver (Version: 1.0.52.1C)
Veetle TV (Version: 0.9.18)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.11 (Version: 1.1.11)
WebReg (Version: 140.0.212.017)
Winamp (Version: 5.61 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3890.67 MB
Available physical RAM: 2404.7 MB
Total Pagefile: 7779.54 MB
Available Pagefile: 6322.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.98 MB

========================= Partitions: =====================================

1 Drive c: (TI106045W0C) (Fixed) (Total:582.67 GB) (Free:479.6 GB) NTFS

========================= Users: ========================================

User accounts for \\ALANWOJCIK-PC

Administrator Alan Wojcik Guest


**** End of log ****

#6 AWojcik

AWojcik
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 20 March 2012 - 01:35 PM

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Alan Wojcik on 03/20/2012 at 14:34:52.


Processes terminated by Rkill or while it was running:


\\.\globalroot\systemroot\svchost.exe
C:\Users\Alan Wojcik\Downloads\rkill.com


Rkill completed on 03/20/2012 at 14:34:58.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:40 PM

Posted 20 March 2012 - 01:52 PM

Ok, good you needed to reboot after all were done. Do tat now if you hav not.
How is it running ,it looks like we killed the redirect.. Lets get what ever is left on here and then we can mop up.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users