Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect


  • Please log in to reply
9 replies to this topic

#1 peabo

peabo

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 17 May 2012 - 01:56 PM

hello,

Example: I google Sears. 1st result is sears.com. When I clicked the link, I was re directed to the below link......


http://www.reply.com/portal/default.asp?ng=14_y&type=Additions%20and%20Remodels&filter=Additions%20-%20To%20Existing%20Structure&HL=Compare%20Home%20Addition%20Prices&adid=80292&subid=4a2085d3d8b0f2c9e303752aab84da5c

1. Avast,Malwarebytes, and Ad-ware scans have not detected anything
2. Spybot s&d detected various cookies
3. Spyhunter detected, whazit and 90 other threats....since i haven't purchased Spyhunter I can't clean with it.


Win7, 64bit, firefox 12.0 primary

Thanks

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 17 May 2012 - 02:02 PM

Lets do this next please.


Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.




Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.




Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

[color="#008000"] Note:
When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 peabo

peabo
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 17 May 2012 - 04:23 PM

Hi boopme,

here's the results



16:23:37.0155 4940 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
16:23:37.0513 4940 ============================================================
16:23:37.0513 4940 Current date / time: 2012/05/17 16:23:37.0513
16:23:37.0513 4940 SystemInfo:
16:23:37.0513 4940
16:23:37.0513 4940 OS Version: 6.1.7601 ServicePack: 1.0
16:23:37.0513 4940 Product type: Workstation
16:23:37.0513 4940 ComputerName: JOY-PC
16:23:37.0513 4940 UserName: Joy
16:23:37.0513 4940 Windows directory: C:\windows
16:23:37.0513 4940 System windows directory: C:\windows
16:23:37.0513 4940 Running under WOW64
16:23:37.0513 4940 Processor architecture: Intel x64
16:23:37.0513 4940 Number of processors: 2
16:23:37.0513 4940 Page size: 0x1000
16:23:37.0513 4940 Boot type: Normal boot
16:23:37.0513 4940 ============================================================
16:23:38.0169 4940 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:23:38.0184 4940 ============================================================
16:23:38.0184 4940 \Device\Harddisk0\DR0:
16:23:38.0184 4940 MBR partitions:
16:23:38.0184 4940 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38887800
16:23:38.0184 4940 ============================================================
16:23:38.0200 4940 C: <-> \Device\Harddisk0\DR0\Partition0
16:23:38.0200 4940 ============================================================
16:23:38.0200 4940 Initialize success
16:23:38.0200 4940 ============================================================
16:23:42.0677 4616 ============================================================
16:23:42.0677 4616 Scan started
16:23:42.0677 4616 Mode: Manual;
16:23:42.0677 4616 ============================================================
16:23:45.0641 4616 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
16:23:45.0641 4616 1394ohci - ok
16:23:45.0672 4616 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
16:23:45.0688 4616 ACPI - ok
16:23:45.0719 4616 acpials (12c5274cd87449a2a37a607cdb321922) C:\windows\system32\DRIVERS\acpials.sys
16:23:45.0719 4616 acpials - ok
16:23:45.0766 4616 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
16:23:45.0766 4616 AcpiPmi - ok
16:23:45.0859 4616 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:23:45.0859 4616 AdobeARMservice - ok
16:23:45.0937 4616 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
16:23:45.0953 4616 adp94xx - ok
16:23:46.0015 4616 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
16:23:46.0031 4616 adpahci - ok
16:23:46.0062 4616 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
16:23:46.0078 4616 adpu320 - ok
16:23:46.0109 4616 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
16:23:46.0125 4616 AeLookupSvc - ok
16:23:46.0171 4616 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
16:23:46.0203 4616 AFD - ok
16:23:46.0249 4616 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
16:23:46.0249 4616 agp440 - ok
16:23:46.0281 4616 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
16:23:46.0281 4616 ALG - ok
16:23:46.0327 4616 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
16:23:46.0327 4616 aliide - ok
16:23:46.0343 4616 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
16:23:46.0343 4616 amdide - ok
16:23:46.0390 4616 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
16:23:46.0390 4616 AmdK8 - ok
16:23:46.0405 4616 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
16:23:46.0405 4616 AmdPPM - ok
16:23:46.0452 4616 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
16:23:46.0452 4616 amdsata - ok
16:23:46.0468 4616 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
16:23:46.0483 4616 amdsbs - ok
16:23:46.0499 4616 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
16:23:46.0499 4616 amdxata - ok
16:23:46.0546 4616 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
16:23:46.0546 4616 AppID - ok
16:23:46.0561 4616 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
16:23:46.0561 4616 AppIDSvc - ok
16:23:46.0608 4616 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
16:23:46.0608 4616 Appinfo - ok
16:23:46.0655 4616 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
16:23:46.0655 4616 arc - ok
16:23:46.0671 4616 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
16:23:46.0671 4616 arcsas - ok
16:23:46.0733 4616 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\windows\system32\drivers\aswFsBlk.sys
16:23:46.0733 4616 aswFsBlk - ok
16:23:46.0764 4616 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\windows\system32\drivers\aswMonFlt.sys
16:23:46.0764 4616 aswMonFlt - ok
16:23:46.0827 4616 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\windows\System32\Drivers\aswrdr2.sys
16:23:46.0827 4616 aswRdr - ok
16:23:47.0248 4616 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\windows\system32\drivers\aswSnx.sys
16:23:47.0263 4616 aswSnx - ok
16:23:47.0310 4616 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\windows\system32\drivers\aswSP.sys
16:23:47.0310 4616 aswSP - ok
16:23:47.0326 4616 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\windows\system32\drivers\aswTdi.sys
16:23:47.0326 4616 aswTdi - ok
16:23:47.0373 4616 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
16:23:47.0373 4616 AsyncMac - ok
16:23:47.0404 4616 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
16:23:47.0404 4616 atapi - ok
16:23:47.0482 4616 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
16:23:47.0513 4616 AudioEndpointBuilder - ok
16:23:47.0529 4616 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
16:23:47.0544 4616 AudioSrv - ok
16:23:47.0607 4616 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:23:47.0607 4616 avast! Antivirus - ok
16:23:47.0685 4616 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
16:23:47.0685 4616 AxInstSV - ok
16:23:47.0747 4616 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
16:23:47.0763 4616 b06bdrv - ok
16:23:47.0809 4616 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
16:23:47.0825 4616 b57nd60a - ok
16:23:47.0887 4616 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
16:23:47.0887 4616 BDESVC - ok
16:23:47.0919 4616 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
16:23:47.0919 4616 Beep - ok
16:23:47.0997 4616 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
16:23:48.0028 4616 BFE - ok
16:23:48.0090 4616 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
16:23:48.0137 4616 BITS - ok
16:23:48.0184 4616 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
16:23:48.0184 4616 blbdrive - ok
16:23:48.0231 4616 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
16:23:48.0231 4616 bowser - ok
16:23:48.0277 4616 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
16:23:48.0277 4616 BrFiltLo - ok
16:23:48.0277 4616 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
16:23:48.0277 4616 BrFiltUp - ok
16:23:48.0324 4616 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
16:23:48.0324 4616 Browser - ok
16:23:48.0371 4616 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
16:23:48.0387 4616 Brserid - ok
16:23:48.0433 4616 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
16:23:48.0433 4616 BrSerWdm - ok
16:23:48.0433 4616 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
16:23:48.0433 4616 BrUsbMdm - ok
16:23:48.0449 4616 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
16:23:48.0449 4616 BrUsbSer - ok
16:23:48.0465 4616 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
16:23:48.0480 4616 BTHMODEM - ok
16:23:48.0511 4616 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
16:23:48.0527 4616 bthserv - ok
16:23:48.0543 4616 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
16:23:48.0543 4616 cdfs - ok
16:23:48.0589 4616 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
16:23:48.0605 4616 cdrom - ok
16:23:48.0636 4616 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
16:23:48.0636 4616 CertPropSvc - ok
16:23:48.0667 4616 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
16:23:48.0667 4616 circlass - ok
16:23:48.0714 4616 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
16:23:48.0745 4616 CLFS - ok
16:23:48.0948 4616 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:23:48.0964 4616 clr_optimization_v2.0.50727_32 - ok
16:23:49.0167 4616 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:23:49.0182 4616 clr_optimization_v2.0.50727_64 - ok
16:23:49.0276 4616 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:23:49.0291 4616 clr_optimization_v4.0.30319_32 - ok
16:23:49.0323 4616 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:23:49.0323 4616 clr_optimization_v4.0.30319_64 - ok
16:23:49.0369 4616 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
16:23:49.0369 4616 CmBatt - ok
16:23:49.0401 4616 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
16:23:49.0416 4616 cmdide - ok
16:23:49.0463 4616 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
16:23:49.0479 4616 CNG - ok
16:23:49.0525 4616 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
16:23:49.0525 4616 Compbatt - ok
16:23:49.0572 4616 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
16:23:49.0572 4616 CompositeBus - ok
16:23:49.0588 4616 COMSysApp - ok
16:23:49.0603 4616 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
16:23:49.0603 4616 crcdisk - ok
16:23:49.0666 4616 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
16:23:49.0681 4616 CryptSvc - ok
16:23:49.0728 4616 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
16:23:49.0744 4616 DcomLaunch - ok
16:23:49.0791 4616 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
16:23:49.0806 4616 defragsvc - ok
16:23:49.0853 4616 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
16:23:49.0853 4616 DfsC - ok
16:23:49.0915 4616 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
16:23:49.0931 4616 Dhcp - ok
16:23:49.0962 4616 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
16:23:49.0962 4616 discache - ok
16:23:49.0993 4616 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
16:23:49.0993 4616 Disk - ok
16:23:50.0040 4616 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
16:23:50.0056 4616 Dnscache - ok
16:23:50.0103 4616 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
16:23:50.0118 4616 dot3svc - ok
16:23:50.0165 4616 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
16:23:50.0165 4616 DPS - ok
16:23:50.0212 4616 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
16:23:50.0212 4616 drmkaud - ok
16:23:50.0290 4616 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
16:23:50.0305 4616 DXGKrnl - ok
16:23:50.0352 4616 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
16:23:50.0352 4616 EapHost - ok
16:23:50.0571 4616 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
16:23:50.0664 4616 ebdrv - ok
16:23:50.0805 4616 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
16:23:50.0805 4616 EFS - ok
16:23:51.0039 4616 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
16:23:51.0101 4616 ehRecvr - ok
16:23:51.0132 4616 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
16:23:51.0132 4616 ehSched - ok
16:23:51.0226 4616 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
16:23:51.0241 4616 elxstor - ok
16:23:51.0273 4616 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
16:23:51.0273 4616 ErrDev - ok
16:23:51.0366 4616 esgiguard - ok
16:23:51.0429 4616 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
16:23:51.0444 4616 EventSystem - ok
16:23:51.0491 4616 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
16:23:51.0507 4616 exfat - ok
16:23:51.0553 4616 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
16:23:51.0569 4616 fastfat - ok
16:23:51.0647 4616 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
16:23:51.0678 4616 Fax - ok
16:23:51.0709 4616 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
16:23:51.0709 4616 fdc - ok
16:23:51.0756 4616 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
16:23:51.0756 4616 fdPHost - ok
16:23:51.0772 4616 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
16:23:51.0772 4616 FDResPub - ok
16:23:51.0787 4616 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
16:23:51.0787 4616 FileInfo - ok
16:23:51.0819 4616 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
16:23:51.0819 4616 Filetrace - ok
16:23:51.0850 4616 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
16:23:51.0850 4616 flpydisk - ok
16:23:51.0897 4616 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
16:23:51.0912 4616 FltMgr - ok
16:23:52.0021 4616 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
16:23:52.0053 4616 FontCache - ok
16:23:52.0115 4616 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:23:52.0115 4616 FontCache3.0.0.0 - ok
16:23:52.0162 4616 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
16:23:52.0162 4616 FsDepends - ok
16:23:52.0209 4616 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
16:23:52.0209 4616 Fs_Rec - ok
16:23:52.0255 4616 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
16:23:52.0271 4616 fvevol - ok
16:23:52.0302 4616 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
16:23:52.0318 4616 gagp30kx - ok
16:23:52.0427 4616 GameConsoleService (1fda0df739234c4023851a282dd28704) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
16:23:52.0443 4616 GameConsoleService - ok
16:23:52.0521 4616 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
16:23:52.0567 4616 gpsvc - ok
16:23:52.0630 4616 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:23:52.0630 4616 gupdate - ok
16:23:52.0645 4616 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:23:52.0645 4616 gupdatem - ok
16:23:52.0692 4616 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:23:52.0708 4616 gusvc - ok
16:23:52.0739 4616 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
16:23:52.0739 4616 hcw85cir - ok
16:23:52.0864 4616 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
16:23:52.0879 4616 HdAudAddService - ok
16:23:52.0926 4616 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
16:23:52.0926 4616 HDAudBus - ok
16:23:52.0957 4616 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
16:23:52.0957 4616 HECIx64 - ok
16:23:52.0989 4616 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
16:23:52.0989 4616 HidBatt - ok
16:23:53.0004 4616 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
16:23:53.0020 4616 HidBth - ok
16:23:53.0020 4616 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
16:23:53.0035 4616 HidIr - ok
16:23:53.0051 4616 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
16:23:53.0051 4616 hidserv - ok
16:23:53.0098 4616 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
16:23:53.0098 4616 HidUsb - ok
16:23:53.0160 4616 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
16:23:53.0160 4616 hkmsvc - ok
16:23:53.0223 4616 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
16:23:53.0254 4616 HomeGroupListener - ok
16:23:53.0285 4616 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
16:23:53.0301 4616 HomeGroupProvider - ok
16:23:53.0332 4616 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
16:23:53.0332 4616 HpSAMD - ok
16:23:53.0410 4616 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
16:23:53.0457 4616 HTTP - ok
16:23:53.0488 4616 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
16:23:53.0488 4616 hwpolicy - ok
16:23:53.0535 4616 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
16:23:53.0535 4616 i8042prt - ok
16:23:53.0597 4616 iaStor (85977cd13fc16069ce0af7943a811775) C:\windows\system32\DRIVERS\iaStor.sys
16:23:53.0613 4616 iaStor - ok
16:23:53.0675 4616 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
16:23:53.0691 4616 iaStorV - ok
16:23:53.0815 4616 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:23:53.0862 4616 idsvc - ok
16:23:54.0533 4616 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\windows\system32\DRIVERS\igdkmd64.sys
16:23:54.0751 4616 igfx - ok
16:23:55.0157 4616 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
16:23:55.0157 4616 iirsp - ok
16:23:55.0235 4616 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
16:23:55.0282 4616 IKEEXT - ok
16:23:55.0329 4616 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
16:23:55.0344 4616 Impcd - ok
16:23:55.0531 4616 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\windows\system32\drivers\RTKVHD64.sys
16:23:55.0547 4616 IntcAzAudAddService - ok
16:23:55.0719 4616 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\windows\system32\DRIVERS\IntcDAud.sys
16:23:55.0734 4616 IntcDAud - ok
16:23:55.0765 4616 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
16:23:55.0781 4616 intelide - ok
16:23:55.0828 4616 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
16:23:55.0828 4616 intelppm - ok
16:23:55.0843 4616 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
16:23:55.0859 4616 IPBusEnum - ok
16:23:55.0890 4616 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
16:23:55.0890 4616 IpFilterDriver - ok
16:23:55.0953 4616 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
16:23:56.0015 4616 iphlpsvc - ok
16:23:56.0046 4616 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
16:23:56.0046 4616 IPMIDRV - ok
16:23:56.0093 4616 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
16:23:56.0093 4616 IPNAT - ok
16:23:56.0124 4616 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
16:23:56.0124 4616 IRENUM - ok
16:23:56.0140 4616 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
16:23:56.0140 4616 isapnp - ok
16:23:56.0187 4616 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
16:23:56.0187 4616 iScsiPrt - ok
16:23:56.0249 4616 JMCR (19496fe93696c929392f1595ed1f8bb3) C:\windows\system32\DRIVERS\jmcr.sys
16:23:56.0249 4616 JMCR - ok
16:23:56.0296 4616 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
16:23:56.0296 4616 kbdclass - ok
16:23:56.0327 4616 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
16:23:56.0343 4616 kbdhid - ok
16:23:56.0358 4616 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:23:56.0374 4616 KeyIso - ok
16:23:56.0389 4616 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
16:23:56.0389 4616 KSecDD - ok
16:23:56.0421 4616 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
16:23:56.0421 4616 KSecPkg - ok
16:23:56.0467 4616 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
16:23:56.0467 4616 ksthunk - ok
16:23:56.0514 4616 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
16:23:56.0545 4616 KtmRm - ok
16:23:56.0592 4616 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
16:23:56.0608 4616 LanmanServer - ok
16:23:56.0655 4616 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
16:23:56.0670 4616 LanmanWorkstation - ok
16:23:56.0701 4616 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
16:23:56.0701 4616 lltdio - ok
16:23:56.0748 4616 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
16:23:56.0764 4616 lltdsvc - ok
16:23:56.0779 4616 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
16:23:56.0795 4616 lmhosts - ok
16:23:56.0935 4616 LMS (23de5b62b0445a6f874be633c95b483e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:23:56.0951 4616 LMS - ok
16:23:56.0998 4616 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys
16:23:56.0998 4616 LPCFilter - ok
16:23:57.0045 4616 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
16:23:57.0060 4616 LSI_FC - ok
16:23:57.0076 4616 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
16:23:57.0076 4616 LSI_SAS - ok
16:23:57.0091 4616 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
16:23:57.0107 4616 LSI_SAS2 - ok
16:23:57.0123 4616 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
16:23:57.0123 4616 LSI_SCSI - ok
16:23:57.0154 4616 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
16:23:57.0169 4616 luafv - ok
16:23:57.0201 4616 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
16:23:57.0201 4616 Mcx2Svc - ok
16:23:57.0216 4616 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
16:23:57.0232 4616 megasas - ok
16:23:57.0263 4616 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
16:23:57.0279 4616 MegaSR - ok
16:23:57.0310 4616 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
16:23:57.0310 4616 MMCSS - ok
16:23:57.0325 4616 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
16:23:57.0325 4616 Modem - ok
16:23:57.0357 4616 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
16:23:57.0357 4616 monitor - ok
16:23:57.0403 4616 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
16:23:57.0403 4616 mouclass - ok
16:23:57.0435 4616 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
16:23:57.0450 4616 mouhid - ok
16:23:57.0481 4616 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
16:23:57.0481 4616 mountmgr - ok
16:23:57.0606 4616 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:23:57.0606 4616 MozillaMaintenance - ok
16:23:57.0637 4616 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
16:23:57.0637 4616 mpio - ok
16:23:57.0669 4616 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
16:23:57.0669 4616 mpsdrv - ok
16:23:57.0747 4616 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
16:23:57.0793 4616 MpsSvc - ok
16:23:57.0840 4616 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
16:23:57.0856 4616 MRxDAV - ok
16:23:57.0887 4616 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
16:23:57.0887 4616 mrxsmb - ok
16:23:57.0934 4616 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
16:23:57.0949 4616 mrxsmb10 - ok
16:23:57.0981 4616 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
16:23:57.0981 4616 mrxsmb20 - ok
16:23:58.0012 4616 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
16:23:58.0012 4616 msahci - ok
16:23:58.0043 4616 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
16:23:58.0074 4616 msdsm - ok
16:23:58.0105 4616 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
16:23:58.0121 4616 MSDTC - ok
16:23:58.0168 4616 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
16:23:58.0168 4616 Msfs - ok
16:23:58.0183 4616 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
16:23:58.0183 4616 mshidkmdf - ok
16:23:58.0215 4616 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
16:23:58.0215 4616 msisadrv - ok
16:23:58.0277 4616 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
16:23:58.0293 4616 MSiSCSI - ok
16:23:58.0293 4616 msiserver - ok
16:23:58.0339 4616 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
16:23:58.0339 4616 MSKSSRV - ok
16:23:58.0339 4616 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
16:23:58.0355 4616 MSPCLOCK - ok
16:23:58.0355 4616 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
16:23:58.0355 4616 MSPQM - ok
16:23:58.0417 4616 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
16:23:58.0433 4616 MsRPC - ok
16:23:58.0464 4616 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
16:23:58.0464 4616 mssmbios - ok
16:23:58.0495 4616 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
16:23:58.0495 4616 MSTEE - ok
16:23:58.0495 4616 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
16:23:58.0495 4616 MTConfig - ok
16:23:58.0542 4616 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
16:23:58.0542 4616 Mup - ok
16:23:58.0589 4616 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
16:23:58.0620 4616 napagent - ok
16:23:58.0667 4616 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
16:23:58.0698 4616 NativeWifiP - ok
16:23:58.0776 4616 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
16:23:58.0839 4616 NDIS - ok
16:23:59.0010 4616 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
16:23:59.0041 4616 NdisCap - ok
16:23:59.0057 4616 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
16:23:59.0057 4616 NdisTapi - ok
16:23:59.0088 4616 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
16:23:59.0088 4616 Ndisuio - ok
16:23:59.0119 4616 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
16:23:59.0135 4616 NdisWan - ok
16:23:59.0151 4616 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
16:23:59.0151 4616 NDProxy - ok
16:23:59.0197 4616 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
16:23:59.0213 4616 NetBIOS - ok
16:23:59.0244 4616 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
16:23:59.0260 4616 NetBT - ok
16:23:59.0291 4616 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:23:59.0291 4616 Netlogon - ok
16:23:59.0353 4616 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
16:23:59.0369 4616 Netman - ok
16:23:59.0400 4616 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
16:23:59.0416 4616 netprofm - ok
16:23:59.0509 4616 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:23:59.0509 4616 NetTcpPortSharing - ok
16:23:59.0556 4616 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
16:23:59.0556 4616 nfrd960 - ok
16:23:59.0650 4616 NitroDriverReadSpool2 (bdeac523d8d5d4da63523c7251bb9066) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
16:23:59.0665 4616 NitroDriverReadSpool2 - ok
16:23:59.0712 4616 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
16:23:59.0743 4616 NlaSvc - ok
16:23:59.0821 4616 nlsX86cc (9a5f53b55e09ecc2dab8c74e4dd18b8d) C:\windows\SysWOW64\NLSSRV32.EXE
16:23:59.0821 4616 nlsX86cc - ok
16:23:59.0884 4616 Norton PC Checkup Application Launcher - ok
16:23:59.0946 4616 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
16:23:59.0946 4616 Npfs - ok
16:23:59.0977 4616 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
16:23:59.0977 4616 nsi - ok
16:23:59.0993 4616 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
16:23:59.0993 4616 nsiproxy - ok
16:24:00.0133 4616 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
16:24:00.0180 4616 Ntfs - ok
16:24:00.0321 4616 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
16:24:00.0336 4616 Null - ok
16:24:00.0367 4616 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
16:24:00.0383 4616 nvraid - ok
16:24:00.0414 4616 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
16:24:00.0430 4616 nvstor - ok
16:24:00.0445 4616 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
16:24:00.0445 4616 nv_agp - ok
16:24:00.0477 4616 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
16:24:00.0477 4616 ohci1394 - ok
16:24:00.0523 4616 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
16:24:00.0555 4616 p2pimsvc - ok
16:24:00.0586 4616 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
16:24:00.0617 4616 p2psvc - ok
16:24:00.0648 4616 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
16:24:00.0648 4616 Parport - ok
16:24:00.0679 4616 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
16:24:00.0695 4616 partmgr - ok
16:24:00.0726 4616 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
16:24:00.0726 4616 PcaSvc - ok
16:24:00.0882 4616 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe
16:24:00.0882 4616 PCCUJobMgr - ok
16:24:00.0929 4616 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
16:24:00.0929 4616 pci - ok
16:24:00.0945 4616 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
16:24:00.0945 4616 pciide - ok
16:24:00.0991 4616 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
16:24:01.0007 4616 pcmcia - ok
16:24:01.0023 4616 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
16:24:01.0023 4616 pcw - ok
16:24:01.0069 4616 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
16:24:01.0101 4616 PEAUTH - ok
16:24:01.0194 4616 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
16:24:01.0210 4616 PerfHost - ok
16:24:01.0257 4616 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
16:24:01.0257 4616 PGEffect - ok
16:24:01.0366 4616 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
16:24:01.0428 4616 pla - ok
16:24:01.0491 4616 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
16:24:01.0522 4616 PlugPlay - ok
16:24:01.0553 4616 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
16:24:01.0553 4616 PNRPAutoReg - ok
16:24:01.0600 4616 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
16:24:01.0600 4616 PNRPsvc - ok
16:24:01.0662 4616 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
16:24:01.0678 4616 PolicyAgent - ok
16:24:01.0709 4616 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
16:24:01.0725 4616 Power - ok
16:24:01.0771 4616 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
16:24:01.0787 4616 PptpMiniport - ok
16:24:01.0803 4616 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
16:24:01.0803 4616 Processor - ok
16:24:01.0849 4616 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
16:24:01.0865 4616 ProfSvc - ok
16:24:01.0896 4616 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:24:01.0912 4616 ProtectedStorage - ok
16:24:01.0943 4616 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
16:24:01.0943 4616 Psched - ok
16:24:02.0068 4616 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
16:24:02.0130 4616 ql2300 - ok
16:24:02.0317 4616 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
16:24:02.0317 4616 ql40xx - ok
16:24:02.0349 4616 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
16:24:02.0380 4616 QWAVE - ok
16:24:02.0395 4616 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
16:24:02.0411 4616 QWAVEdrv - ok
16:24:02.0427 4616 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
16:24:02.0427 4616 RasAcd - ok
16:24:02.0473 4616 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
16:24:02.0473 4616 RasAgileVpn - ok
16:24:02.0505 4616 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
16:24:02.0520 4616 RasAuto - ok
16:24:02.0536 4616 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
16:24:02.0536 4616 Rasl2tp - ok
16:24:02.0583 4616 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
16:24:02.0614 4616 RasMan - ok
16:24:02.0629 4616 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
16:24:02.0645 4616 RasPppoe - ok
16:24:02.0645 4616 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
16:24:02.0661 4616 RasSstp - ok
16:24:02.0692 4616 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
16:24:02.0707 4616 rdbss - ok
16:24:02.0723 4616 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
16:24:02.0723 4616 rdpbus - ok
16:24:02.0739 4616 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
16:24:02.0739 4616 RDPCDD - ok
16:24:02.0770 4616 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
16:24:02.0770 4616 RDPENCDD - ok
16:24:02.0785 4616 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
16:24:02.0785 4616 RDPREFMP - ok
16:24:02.0879 4616 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
16:24:02.0910 4616 RDPWD - ok
16:24:02.0957 4616 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
16:24:02.0973 4616 rdyboost - ok
16:24:03.0004 4616 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
16:24:03.0004 4616 RemoteAccess - ok
16:24:03.0051 4616 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
16:24:03.0066 4616 RemoteRegistry - ok
16:24:03.0082 4616 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
16:24:03.0097 4616 RpcEptMapper - ok
16:24:03.0113 4616 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
16:24:03.0113 4616 RpcLocator - ok
16:24:03.0175 4616 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
16:24:03.0175 4616 RpcSs - ok
16:24:03.0222 4616 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
16:24:03.0222 4616 rspndr - ok
16:24:03.0269 4616 RTL8167 (ba3e57c89e6f63808d3f2b11e1a2ad3c) C:\windows\system32\DRIVERS\Rt64win7.sys
16:24:03.0285 4616 RTL8167 - ok
16:24:03.0409 4616 RTL8192Ce (ffc748d848740d1bc8f330a8879c2674) C:\windows\system32\DRIVERS\rtl8192Ce.sys
16:24:03.0425 4616 RTL8192Ce - ok
16:24:03.0472 4616 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:24:03.0472 4616 SamSs - ok
16:24:03.0519 4616 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\sbfwim.sys
16:24:03.0534 4616 SBFWIMCL - ok
16:24:03.0550 4616 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\windows\system32\DRIVERS\SBFWIM.sys
16:24:03.0550 4616 SBFWIMCLMP - ok
16:24:03.0597 4616 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
16:24:03.0597 4616 sbp2port - ok
16:24:03.0612 4616 SBRE - ok
16:24:03.0659 4616 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
16:24:03.0675 4616 SCardSvr - ok
16:24:03.0690 4616 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
16:24:03.0690 4616 scfilter - ok
16:24:03.0784 4616 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
16:24:03.0831 4616 Schedule - ok
16:24:03.0862 4616 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
16:24:03.0862 4616 SCPolicySvc - ok
16:24:03.0909 4616 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
16:24:03.0909 4616 sdbus - ok
16:24:03.0955 4616 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
16:24:03.0971 4616 SDRSVC - ok
16:24:04.0143 4616 SDScannerService (8dcd2c2aa1debe7edaac90e398765976) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
16:24:04.0189 4616 SDScannerService - ok
16:24:04.0299 4616 SDUpdateService (5de1be0423c8cc00e8c47dbf4f987dd4) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:24:04.0314 4616 SDUpdateService - ok
16:24:04.0345 4616 SDWSCService (92c58389ecab46b7a47c7fb6a8cf5526) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
16:24:04.0345 4616 SDWSCService - ok
16:24:04.0486 4616 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
16:24:04.0486 4616 secdrv - ok
16:24:04.0517 4616 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
16:24:04.0533 4616 seclogon - ok
16:24:04.0548 4616 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
16:24:04.0548 4616 SENS - ok
16:24:04.0595 4616 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
16:24:04.0595 4616 SensrSvc - ok
16:24:04.0626 4616 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
16:24:04.0626 4616 Serenum - ok
16:24:04.0673 4616 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
16:24:04.0673 4616 Serial - ok
16:24:04.0720 4616 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
16:24:04.0720 4616 sermouse - ok
16:24:04.0767 4616 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
16:24:04.0782 4616 SessionEnv - ok
16:24:04.0798 4616 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
16:24:04.0813 4616 sffdisk - ok
16:24:04.0860 4616 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
16:24:04.0860 4616 sffp_mmc - ok
16:24:04.0876 4616 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
16:24:04.0876 4616 sffp_sd - ok
16:24:04.0907 4616 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
16:24:04.0907 4616 sfloppy - ok
16:24:04.0954 4616 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
16:24:04.0969 4616 SharedAccess - ok
16:24:05.0032 4616 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
16:24:05.0032 4616 ShellHWDetection - ok
16:24:05.0079 4616 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
16:24:05.0079 4616 SiSRaid2 - ok
16:24:05.0094 4616 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
16:24:05.0094 4616 SiSRaid4 - ok
16:24:05.0125 4616 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
16:24:05.0125 4616 Smb - ok
16:24:05.0172 4616 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
16:24:05.0172 4616 SNMPTRAP - ok
16:24:05.0203 4616 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
16:24:05.0203 4616 spldr - ok
16:24:05.0250 4616 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
16:24:05.0266 4616 Spooler - ok
16:24:05.0515 4616 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
16:24:05.0625 4616 sppsvc - ok
16:24:05.0734 4616 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
16:24:05.0749 4616 sppuinotify - ok
16:24:05.0843 4616 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
16:24:05.0859 4616 srv - ok
16:24:05.0890 4616 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
16:24:05.0921 4616 srv2 - ok
16:24:05.0937 4616 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
16:24:05.0952 4616 srvnet - ok
16:24:05.0999 4616 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
16:24:06.0015 4616 SSDPSRV - ok
16:24:06.0030 4616 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
16:24:06.0030 4616 SstpSvc - ok
16:24:06.0077 4616 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
16:24:06.0077 4616 stexstor - ok
16:24:06.0139 4616 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
16:24:06.0186 4616 stisvc - ok
16:24:06.0217 4616 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
16:24:06.0217 4616 swenum - ok
16:24:06.0264 4616 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
16:24:06.0327 4616 swprv - ok
16:24:06.0373 4616 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
16:24:06.0373 4616 SynTP - ok
16:24:06.0514 4616 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
16:24:06.0607 4616 SysMain - ok
16:24:06.0748 4616 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
16:24:06.0763 4616 TabletInputService - ok
16:24:06.0873 4616 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
16:24:06.0888 4616 TapiSrv - ok
16:24:06.0919 4616 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
16:24:06.0919 4616 TBS - ok
16:24:07.0091 4616 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
16:24:07.0169 4616 Tcpip - ok
16:24:07.0419 4616 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
16:24:07.0434 4616 TCPIP6 - ok
16:24:07.0575 4616 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
16:24:07.0575 4616 tcpipreg - ok
16:24:07.0621 4616 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
16:24:07.0621 4616 tdcmdpst - ok
16:24:07.0653 4616 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
16:24:07.0653 4616 TDPIPE - ok
16:24:07.0684 4616 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
16:24:07.0684 4616 TDTCP - ok
16:24:07.0731 4616 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
16:24:07.0731 4616 tdx - ok
16:24:07.0762 4616 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
16:24:07.0762 4616 TermDD - ok
16:24:07.0840 4616 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
16:24:07.0871 4616 TermService - ok
16:24:07.0902 4616 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
16:24:07.0902 4616 Themes - ok
16:24:07.0949 4616 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
16:24:07.0949 4616 Thpdrv - ok
16:24:07.0980 4616 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
16:24:07.0980 4616 Thpevm - ok
16:24:08.0027 4616 Thpsrv (f6927bba3b09aff26a53a9191f7378f9) C:\windows\system32\ThpSrv.exe
16:24:08.0043 4616 Thpsrv - ok
16:24:08.0058 4616 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
16:24:08.0058 4616 THREADORDER - ok
16:24:08.0136 4616 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:24:08.0152 4616 TMachInfo - ok
16:24:08.0167 4616 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
16:24:08.0183 4616 TODDSrv - ok
16:24:08.0292 4616 TosCoSrv (db9719688c08f42705feb3f6a0c98b91) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:24:08.0308 4616 TosCoSrv - ok
16:24:08.0386 4616 TOSHIBA eco Utility Service (152da63a2843e7e63eca8ae90d853763) C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:24:08.0386 4616 TOSHIBA eco Utility Service - ok
16:24:08.0448 4616 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:24:08.0448 4616 TOSHIBA HDD SSD Alert Service - ok
16:24:08.0526 4616 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
16:24:08.0557 4616 tos_sps64 - ok
16:24:08.0635 4616 TPCHSrv (6f9e17819bfa53cff67cb1e16669500f) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:24:08.0651 4616 TPCHSrv - ok
16:24:08.0776 4616 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
16:24:08.0791 4616 TrkWks - ok
16:24:08.0947 4616 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
16:24:08.0979 4616 TrustedInstaller - ok
16:24:09.0119 4616 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
16:24:09.0119 4616 tssecsrv - ok
16:24:09.0181 4616 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
16:24:09.0181 4616 TsUsbFlt - ok
16:24:09.0213 4616 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
16:24:09.0228 4616 tunnel - ok
16:24:09.0259 4616 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
16:24:09.0259 4616 TVALZ - ok
16:24:09.0275 4616 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
16:24:09.0275 4616 TVALZFL - ok
16:24:09.0306 4616 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
16:24:09.0306 4616 uagp35 - ok
16:24:09.0369 4616 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
16:24:09.0384 4616 udfs - ok
16:24:09.0431 4616 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
16:24:09.0431 4616 UI0Detect - ok
16:24:09.0462 4616 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
16:24:09.0478 4616 uliagpkx - ok
16:24:09.0509 4616 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
16:24:09.0509 4616 umbus - ok
16:24:09.0540 4616 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
16:24:09.0540 4616 UmPass - ok
16:24:09.0805 4616 UNS (cc3775100aba633984f73dfae1f55cae) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:24:09.0868 4616 UNS - ok
16:24:10.0008 4616 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
16:24:10.0024 4616 upnphost - ok
16:24:10.0055 4616 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
16:24:10.0071 4616 usbccgp - ok
16:24:10.0086 4616 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
16:24:10.0102 4616 usbcir - ok
16:24:10.0117 4616 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
16:24:10.0117 4616 usbehci - ok
16:24:10.0149 4616 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
16:24:10.0180 4616 usbhub - ok
16:24:10.0195 4616 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
16:24:10.0195 4616 usbohci - ok
16:24:10.0227 4616 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
16:24:10.0227 4616 usbprint - ok
16:24:10.0258 4616 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
16:24:10.0258 4616 USBSTOR - ok
16:24:10.0273 4616 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
16:24:10.0273 4616 usbuhci - ok
16:24:10.0320 4616 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
16:24:10.0320 4616 usbvideo - ok
16:24:10.0351 4616 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
16:24:10.0367 4616 UxSms - ok
16:24:10.0398 4616 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:24:10.0398 4616 VaultSvc - ok
16:24:10.0445 4616 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
16:24:10.0445 4616 vdrvroot - ok
16:24:10.0523 4616 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
16:24:10.0570 4616 vds - ok
16:24:10.0601 4616 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
16:24:10.0601 4616 vga - ok
16:24:10.0617 4616 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
16:24:10.0632 4616 VgaSave - ok
16:24:10.0664 4616 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
16:24:10.0679 4616 vhdmp - ok
16:24:10.0695 4616 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
16:24:10.0695 4616 viaide - ok
16:24:10.0726 4616 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
16:24:10.0742 4616 volmgr - ok
16:24:10.0773 4616 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
16:24:10.0788 4616 volmgrx - ok
16:24:10.0866 4616 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
16:24:10.0898 4616 volsnap - ok
16:24:10.0929 4616 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
16:24:10.0929 4616 vsmraid - ok
16:24:11.0054 4616 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
16:24:11.0132 4616 VSS - ok
16:24:11.0288 4616 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
16:24:11.0303 4616 vwifibus - ok
16:24:11.0319 4616 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
16:24:11.0319 4616 vwififlt - ok
16:24:11.0350 4616 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
16:24:11.0350 4616 vwifimp - ok
16:24:11.0397 4616 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
16:24:11.0412 4616 W32Time - ok
16:24:11.0444 4616 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
16:24:11.0444 4616 WacomPen - ok
16:24:11.0506 4616 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:24:11.0522 4616 WANARP - ok
16:24:11.0537 4616 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:24:11.0537 4616 Wanarpv6 - ok
16:24:11.0724 4616 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
16:24:11.0787 4616 WatAdminSvc - ok
16:24:11.0912 4616 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
16:24:12.0005 4616 wbengine - ok
16:24:12.0130 4616 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
16:24:12.0161 4616 WbioSrvc - ok
16:24:12.0208 4616 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
16:24:12.0239 4616 wcncsvc - ok
16:24:12.0255 4616 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
16:24:12.0255 4616 WcsPlugInService - ok
16:24:12.0302 4616 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
16:24:12.0302 4616 Wd - ok
16:24:12.0364 4616 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
16:24:12.0426 4616 Wdf01000 - ok
16:24:12.0458 4616 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
16:24:12.0458 4616 WdiServiceHost - ok
16:24:12.0473 4616 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
16:24:12.0473 4616 WdiSystemHost - ok
16:24:12.0520 4616 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
16:24:12.0551 4616 WebClient - ok
16:24:12.0582 4616 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
16:24:12.0598 4616 Wecsvc - ok
16:24:12.0614 4616 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
16:24:12.0614 4616 wercplsupport - ok
16:24:12.0645 4616 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
16:24:12.0645 4616 WerSvc - ok
16:24:12.0707 4616 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
16:24:12.0707 4616 WfpLwf - ok
16:24:12.0723 4616 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
16:24:12.0723 4616 WIMMount - ok
16:24:12.0785 4616 WinDefend - ok
16:24:12.0801 4616 WinHttpAutoProxySvc - ok
16:24:12.0863 4616 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
16:24:12.0879 4616 Winmgmt - ok
16:24:13.0035 4616 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
16:24:13.0144 4616 WinRM - ok
16:24:13.0394 4616 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
16:24:13.0456 4616 Wlansvc - ok
16:24:13.0518 4616 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:24:13.0534 4616 wlcrasvc - ok
16:24:13.0721 4616 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:24:13.0799 4616 wlidsvc - ok
16:24:13.0940 4616 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
16:24:13.0940 4616 WmiAcpi - ok
16:24:14.0018 4616 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
16:24:14.0033 4616 wmiApSrv - ok
16:24:14.0096 4616 WMPNetworkSvc - ok
16:24:14.0111 4616 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
16:24:14.0127 4616 WPCSvc - ok
16:24:14.0158 4616 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
16:24:14.0158 4616 WPDBusEnum - ok
16:24:14.0189 4616 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
16:24:14.0189 4616 ws2ifsl - ok
16:24:14.0205 4616 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
16:24:14.0220 4616 wscsvc - ok
16:24:14.0220 4616 WSearch - ok
16:24:14.0392 4616 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
16:24:14.0501 4616 wuauserv - ok
16:24:14.0626 4616 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
16:24:14.0626 4616 WudfPf - ok
16:24:14.0657 4616 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
16:24:14.0673 4616 WUDFRd - ok
16:24:14.0704 4616 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
16:24:14.0720 4616 wudfsvc - ok
16:24:14.0751 4616 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
16:24:14.0782 4616 WwanSvc - ok
16:24:14.0860 4616 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
16:24:15.0219 4616 \Device\Harddisk0\DR0 - ok
16:24:15.0219 4616 Boot (0x1200) (c4364970cddc59895c751893682f34ca) \Device\Harddisk0\DR0\Partition0
16:24:15.0234 4616 \Device\Harddisk0\DR0\Partition0 - ok
16:24:15.0234 4616 ============================================================
16:24:15.0234 4616 Scan finished
16:24:15.0234 4616 ============================================================
16:24:15.0250 0992 Detected object count: 0
16:24:15.0250 0992 Actual detected object count: 0
16:44:30.0255 3632 Deinitialize success
================================================================================================================================================================

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 05/17/2012 at 17:07:48.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:



Rkill completed on 05/17/2012 at 17:08:16.

================================================================================================================================================================


MiniToolBox by Farbar Version: 18-01-2012
Ran by Joy (administrator) on 17-05-2012 at 17:14:52
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "localhost,127.0.0.1"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Joy-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 74-31-70-5F-76-B0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 74-31-70-5F-76-B0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::91a8:6a3e:fb62:121c%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.144(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, May 17, 2012 5:01:51 PM
Lease Expires . . . . . . . . . . : Friday, May 18, 2012 5:01:54 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 359936368
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-34-8E-11-B8-70-F4-57-E2-F8
DNS Servers . . . . . . . . . . . : 70.60.17.20
70.60.17.22
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{34D52572-D034-4AE3-A884-2F181ABA7A87}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c2b:278:3f57:fe6f(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c2b:278:3f57:fe6f%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: rrcs-70-60-17-20.central.biz.rr.com
Address: 70.60.17.20

Name: google.com
Addresses: 74.125.228.3
74.125.228.5
74.125.228.14
74.125.228.8
74.125.228.1
74.125.228.0
74.125.228.7
74.125.228.9
74.125.228.2
74.125.228.4
74.125.228.6


Pinging google.com [74.125.228.6] with 32 bytes of data:
Reply from 74.125.228.6: bytes=32 time=38ms TTL=53
Reply from 74.125.228.6: bytes=32 time=36ms TTL=53

Ping statistics for 74.125.228.6:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 38ms, Average = 37ms
Server: rrcs-70-60-17-20.central.biz.rr.com
Address: 70.60.17.20

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=72ms TTL=48
Reply from 98.139.183.24: bytes=32 time=79ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 72ms, Maximum = 79ms, Average = 75ms
Server: rrcs-70-60-17-20.central.biz.rr.com
Address: 70.60.17.20

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...74 31 70 5f 76 b0 ......Microsoft Virtual WiFi Miniport Adapter
14...74 31 70 5f 76 b0 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.144 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.144 281
192.168.1.144 255.255.255.255 On-link 192.168.1.144 281
192.168.1.255 255.255.255.255 On-link 192.168.1.144 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.144 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.144 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:1c2b:278:3f57:fe6f/128
On-link
14 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1c2b:278:3f57:fe6f/128
On-link
14 281 fe80::91a8:6a3e:fb62:121c/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/17/2012 05:03:31 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (05/17/2012 04:06:09 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (05/17/2012 07:30:37 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (05/16/2012 09:39:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: SDTray.exe, version: 2.0.7.126, time stamp: 0x4f314f1e
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002ecd8
Faulting process id: 0xf2c
Faulting application start time: 0xSDTray.exe0
Faulting application path: SDTray.exe1
Faulting module path: SDTray.exe2
Report Id: SDTray.exe3

Error: (05/16/2012 08:56:05 PM) (Source: Google Update) (User: Joy)Joy
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (05/16/2012 08:09:42 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (05/16/2012 08:01:22 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1704. An installation for Ad-Aware Antivirus is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (05/16/2012 07:49:04 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (05/16/2012 05:56:07 PM) (Source: Google Update) (User: Joy)Joy
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (05/16/2012 05:39:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: SDTray.exe, version: 2.0.7.126, time stamp: 0x4f314f1e
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002ecd8
Faulting process id: 0x11b4
Faulting application start time: 0xSDTray.exe0
Faulting application path: SDTray.exe1
Faulting module path: SDTray.exe2
Report Id: SDTray.exe3


System errors:
=============
Error: (05/17/2012 05:02:03 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (05/17/2012 04:05:10 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (05/17/2012 04:05:07 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error:
%%1053

Error: (05/17/2012 04:05:07 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.

Error: (05/16/2012 08:56:58 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/16/2012 08:56:58 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/16/2012 08:56:57 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/16/2012 08:56:57 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/16/2012 08:56:56 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/16/2012 07:47:40 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.


Microsoft Office Sessions:
=========================
Error: (05/17/2012 05:03:31 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (05/17/2012 04:06:09 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (05/17/2012 07:30:37 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (05/16/2012 09:39:16 PM) (Source: Application Error)(User: )
Description: SDTray.exe2.0.7.1264f314f1entdll.dll6.1.7601.177254ec49b8fc00000050002ecd8f2c01cd33c146ac5e06C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exeC:\windows\SysWOW64\ntdll.dll1c4bb9d1-9fc1-11e1-9682-b870f457e2f8

Error: (05/16/2012 08:56:05 PM) (Source: Google Update)(User: Joy)Joy
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (05/16/2012 08:09:42 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (05/16/2012 08:01:22 PM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1704. An installation for Ad-Aware Antivirus is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/16/2012 07:49:04 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (05/16/2012 05:56:07 PM) (Source: Google Update)(User: Joy)Joy
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (05/16/2012 05:39:33 PM) (Source: Application Error)(User: )
Description: SDTray.exe2.0.7.1264f314f1entdll.dll6.1.7601.177254ec49b8fc00000050002ecd811b401cd33a8bf9bafceC:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exeC:\windows\SysWOW64\ntdll.dll9fa0891d-9f9f-11e1-a215-b870f457e2f8


=========================== Installed Programs ============================

Ad-Aware Browsing Protection (Version: 1.0.0.5)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.63)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Amazon Links (Version: 2.02)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 7.0.1426.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Cake Mania - Lights, Camera, Action!™ (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Content Manager (Version: 0.5)
D3DX10 (Version: 15.4.2368.0902)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
FATE - The Traitor Soul (Version: 2.2.0.95)
Google Chrome (Version: 19.0.1084.46)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 2.9.8.7308)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
iLivid (Version: 1.92)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2189)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.5.7.1002)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
Jewel Quest - Heritage (Version: 2.2.0.95)
JMicron Flash Media Controller Driver (Version: 1.0.44.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
Magellan Device Driver (Version: 1.05.0010)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
Network Stumbler 0.4.0 (remove only)
Nitro Pro 7 (Version: 7.0.2.8)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.95)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.20.503.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6069)
Realtek WLAN Driver (Version: 2.00.0013)
Skype Launcher (Version: 2.01)
Slingo Supreme (Version: 2.2.0.95)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 3.00.11)
Toshiba Book Place (Version: 2.0.5271)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA DVD PLAYER (Version: 3.01.2.12-A)
TOSHIBA eco Utility (Version: 1.2.18.64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.6C)
TOSHIBA Hardware Setup (Version: 1.63.0.26C)
TOSHIBA HDD Protection (Version: 2.2.0.4)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
Toshiba Laptop Checkup (Version: 2.0.6.22)
TOSHIBA Media Controller (Version: 1.0.80.8.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.5.11)
Toshiba Online Backup (Version: 2.0.0.25)
TOSHIBA PC Health Monitor (Version: 1.7.1.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.7.16.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Sleep Utility (Version: 1.4.1.2)
TOSHIBA Supervisor Password (Version: 1.63.0.9C)
TOSHIBA Value Added Package (Version: 1.3.19.64)
TOSHIBA Web Camera Application (Version: 1.1.1.16)
ToshibaRegistration (Version: 1.0.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Utility Common Driver (Version: 1.0.52.1C)
VantagePoint (Version: 2.17.0000)
WildTangent Games (Version: 1.0.1.5)
WildTangent ORB Game Console
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 3890.67 MB
Available physical RAM: 2611.82 MB
Total Pagefile: 7779.54 MB
Available Pagefile: 6399.72 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.47 MB

========================= Partitions: =====================================

1 Drive c: (TI106045W0C) (Fixed) (Total:452.26 GB) (Free:406.34 GB) NTFS

========================= Users: ========================================

User accounts for \\JOY-PC

Administrator Guest Joy


**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 17 May 2012 - 07:30 PM

Hello. I take the issue still persists.

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 peabo

peabo
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 18 May 2012 - 06:59 PM

GooredFix by jpshortstuff (03.07.10.1)
Log created at 19:53 on 18/05/2012 (Joy)
Firefox version 12.0 (en-US)


Hello boopme

Are you on a router?................... YES
Are other machines on it,if so are they redirecting?..........NO
Do you use Firefox?..............YES


....i'll be back with the ESET scan result
=============================================================================================================================



========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [23:40 01/02/2012]

C:\Users\Joy\Application Data\Mozilla\Firefox\Profiles\x1xk9hxf.default\extensions\
jid1-yZwVFzbsyfMrqQ@jetpack [19:58 15/05/2012]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23:17 25/01/2012]

---------- Old Logs ----------
GooredFix[23.51.48_18-05-2012].txt

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 18 May 2012 - 08:45 PM

Ok let me know how it is after ESEt and reset.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 peabo

peabo
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 18 May 2012 - 08:46 PM

ESet scan positive for trojan. Should I delete quarantined file before I finish?




C:\Users\Joy\AppData\Roaming\Mozilla\Firefox\Profiles\x1xk9hxf.default\extensions\vgifpuxctr@vgifpuxctr.org.xpi JS/Redirector.NBX trojan deleted - quarantined

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 18 May 2012 - 09:06 PM

OK, yes you can remove it. That should be the problem. Most likely it came thru your outdated Java.

See if the redirect is gone/



Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u4-windows-i586.exe (or jre-7u4-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 peabo

peabo
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 19 May 2012 - 11:31 AM

boopme

I think your expertize cured my "redirects"......appreciate all ur effort :clapping:

I believe it was the last Firefox update that disabled java, i'll keep a close watch on that.

Thanks again!!!!!!!!!!!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:47 PM

Posted 19 May 2012 - 08:44 PM

Excellent!!

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users