Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus


  • Please log in to reply
25 replies to this topic

#1 ktmrider31

ktmrider31

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 04 August 2012 - 05:39 PM

I am now having redirect issues like a couple other very recent posters.

It happens in Internet Explorer and Firefox

Malwarebytes quarantined happili earlier today and and now Rkill shows clean.

What is the best procedure of tackling this? I'd like to just start over and go step by step.

Thanks for your help! It is driving me crazy

BC AdBot (Login to Remove)

 


#2 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 04 August 2012 - 06:01 PM

Here is what is happening:

The redirect usually only happens with the first couple results, and does not happen every time, but most.

Clicking a link redirects to an ad site that appears related to what was searched for.

Any help would be very greatly appreciated.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:42 PM

Posted 05 August 2012 - 12:10 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 06 August 2012 - 01:08 PM

I'm working on it. Thanks for your help!

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:42 PM

Posted 06 August 2012 - 01:21 PM

:thumbup2:

#6 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 07 August 2012 - 03:40 PM

16:37:33.0502 5548 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:37:33.0858 5548 ============================================================
16:37:33.0858 5548 Current date / time: 2012/08/07 16:37:33.0858
16:37:33.0858 5548 SystemInfo:
16:37:33.0859 5548
16:37:33.0859 5548 OS Version: 6.1.7601 ServicePack: 1.0
16:37:33.0859 5548 Product type: Workstation
16:37:33.0859 5548 ComputerName: RICHARD-PC
16:37:33.0859 5548 UserName: Richard
16:37:33.0860 5548 Windows directory: C:\windows
16:37:33.0860 5548 System windows directory: C:\windows
16:37:33.0860 5548 Running under WOW64
16:37:33.0860 5548 Processor architecture: Intel x64
16:37:33.0860 5548 Number of processors: 2
16:37:33.0860 5548 Page size: 0x1000
16:37:33.0860 5548 Boot type: Normal boot
16:37:33.0860 5548 ============================================================
16:37:35.0774 5548 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:37:35.0779 5548 ============================================================
16:37:35.0779 5548 \Device\Harddisk0\DR0:
16:37:35.0779 5548 MBR partitions:
16:37:35.0779 5548 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23D1B800
16:37:35.0779 5548 ============================================================
16:37:35.0804 5548 C: <-> \Device\Harddisk0\DR0\Partition0
16:37:35.0804 5548 ============================================================
16:37:35.0804 5548 Initialize success
16:37:35.0804 5548 ============================================================
16:37:58.0101 5632 ============================================================
16:37:58.0101 5632 Scan started
16:37:58.0101 5632 Mode: Manual; TDLFS;
16:37:58.0101 5632 ============================================================
16:37:59.0675 5632 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
16:37:59.0683 5632 1394ohci - ok
16:37:59.0767 5632 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
16:37:59.0774 5632 ACPI - ok
16:37:59.0828 5632 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
16:37:59.0831 5632 AcpiPmi - ok
16:37:59.0998 5632 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:38:00.0004 5632 AdobeFlashPlayerUpdateSvc - ok
16:38:00.0086 5632 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
16:38:00.0098 5632 adp94xx - ok
16:38:00.0130 5632 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
16:38:00.0134 5632 adpahci - ok
16:38:00.0147 5632 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
16:38:00.0150 5632 adpu320 - ok
16:38:00.0180 5632 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
16:38:00.0181 5632 AeLookupSvc - ok
16:38:00.0266 5632 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
16:38:00.0276 5632 AFD - ok
16:38:00.0337 5632 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
16:38:00.0341 5632 agp440 - ok
16:38:00.0384 5632 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
16:38:00.0388 5632 ALG - ok
16:38:00.0442 5632 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
16:38:00.0445 5632 aliide - ok
16:38:00.0497 5632 AMD External Events Utility (57b773d82e8cc3c6d7e02cc8a6632043) C:\windows\system32\atiesrxx.exe
16:38:00.0502 5632 AMD External Events Utility - ok
16:38:00.0552 5632 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
16:38:00.0556 5632 amdide - ok
16:38:00.0601 5632 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
16:38:00.0605 5632 AmdK8 - ok
16:38:01.0013 5632 amdkmdag (aefaf27f1b7e52c705df4fb6c96732f6) C:\windows\system32\DRIVERS\atipmdag.sys
16:38:01.0145 5632 amdkmdag - ok
16:38:01.0291 5632 amdkmdap (8149db73be27950ec72767a1193153a6) C:\windows\system32\DRIVERS\atikmpag.sys
16:38:01.0297 5632 amdkmdap - ok
16:38:01.0338 5632 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
16:38:01.0340 5632 AmdPPM - ok
16:38:01.0391 5632 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
16:38:01.0395 5632 amdsata - ok
16:38:01.0425 5632 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
16:38:01.0430 5632 amdsbs - ok
16:38:01.0451 5632 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
16:38:01.0453 5632 amdxata - ok
16:38:01.0529 5632 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
16:38:01.0532 5632 AppID - ok
16:38:01.0567 5632 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
16:38:01.0570 5632 AppIDSvc - ok
16:38:01.0629 5632 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
16:38:01.0632 5632 Appinfo - ok
16:38:01.0781 5632 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:38:01.0785 5632 Apple Mobile Device - ok
16:38:01.0858 5632 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
16:38:01.0862 5632 arc - ok
16:38:01.0875 5632 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
16:38:01.0878 5632 arcsas - ok
16:38:01.0903 5632 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
16:38:01.0905 5632 AsyncMac - ok
16:38:01.0942 5632 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
16:38:01.0942 5632 atapi - ok
16:38:02.0000 5632 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
16:38:02.0001 5632 AtiPcie - ok
16:38:02.0095 5632 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
16:38:02.0105 5632 AudioEndpointBuilder - ok
16:38:02.0114 5632 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
16:38:02.0119 5632 AudioSrv - ok
16:38:02.0340 5632 AVG Security Toolbar Service (080d4fe1435401a370f122614ea514cd) C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
16:38:02.0408 5632 AVG Security Toolbar Service - ok
16:38:02.0807 5632 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:38:02.0937 5632 AVGIDSAgent - ok
16:38:03.0102 5632 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
16:38:03.0105 5632 AVGIDSDriver - ok
16:38:03.0151 5632 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
16:38:03.0153 5632 AVGIDSFilter - ok
16:38:03.0210 5632 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
16:38:03.0213 5632 AVGIDSHA - ok
16:38:03.0244 5632 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
16:38:03.0252 5632 Avgldx64 - ok
16:38:03.0329 5632 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
16:38:03.0331 5632 Avgmfx64 - ok
16:38:03.0407 5632 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
16:38:03.0410 5632 Avgrkx64 - ok
16:38:03.0485 5632 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
16:38:03.0494 5632 Avgtdia - ok
16:38:03.0647 5632 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:38:03.0653 5632 avgwd - ok
16:38:03.0719 5632 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
16:38:03.0724 5632 AxInstSV - ok
16:38:03.0792 5632 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
16:38:03.0800 5632 b06bdrv - ok
16:38:03.0841 5632 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
16:38:03.0845 5632 b57nd60a - ok
16:38:03.0894 5632 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
16:38:03.0897 5632 BDESVC - ok
16:38:03.0930 5632 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
16:38:03.0932 5632 Beep - ok
16:38:04.0072 5632 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
16:38:04.0086 5632 BFE - ok
16:38:04.0207 5632 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
16:38:04.0221 5632 BITS - ok
16:38:04.0282 5632 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
16:38:04.0286 5632 blbdrive - ok
16:38:04.0440 5632 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:38:04.0450 5632 Bonjour Service - ok
16:38:04.0514 5632 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
16:38:04.0518 5632 bowser - ok
16:38:04.0558 5632 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
16:38:04.0561 5632 BrFiltLo - ok
16:38:04.0588 5632 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
16:38:04.0589 5632 BrFiltUp - ok
16:38:04.0617 5632 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
16:38:04.0620 5632 BridgeMP - ok
16:38:04.0675 5632 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
16:38:04.0677 5632 Browser - ok
16:38:04.0711 5632 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
16:38:04.0716 5632 Brserid - ok
16:38:04.0723 5632 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
16:38:04.0726 5632 BrSerWdm - ok
16:38:04.0755 5632 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
16:38:04.0757 5632 BrUsbMdm - ok
16:38:04.0763 5632 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
16:38:04.0765 5632 BrUsbSer - ok
16:38:04.0775 5632 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
16:38:04.0777 5632 BTHMODEM - ok
16:38:04.0815 5632 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
16:38:04.0818 5632 bthserv - ok
16:38:04.0846 5632 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
16:38:04.0848 5632 cdfs - ok
16:38:04.0916 5632 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
16:38:04.0922 5632 cdrom - ok
16:38:04.0986 5632 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
16:38:04.0990 5632 CertPropSvc - ok
16:38:05.0041 5632 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
16:38:05.0043 5632 circlass - ok
16:38:05.0111 5632 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
16:38:05.0119 5632 CLFS - ok
16:38:05.0193 5632 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:38:05.0197 5632 clr_optimization_v2.0.50727_32 - ok
16:38:05.0275 5632 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:38:05.0279 5632 clr_optimization_v2.0.50727_64 - ok
16:38:05.0397 5632 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:38:05.0401 5632 clr_optimization_v4.0.30319_32 - ok
16:38:05.0475 5632 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:38:05.0479 5632 clr_optimization_v4.0.30319_64 - ok
16:38:05.0526 5632 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
16:38:05.0529 5632 CmBatt - ok
16:38:05.0578 5632 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
16:38:05.0581 5632 cmdide - ok
16:38:05.0652 5632 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
16:38:05.0663 5632 CNG - ok
16:38:05.0759 5632 CnxtHdAudService (e10c47a06efdcd635940b6849f3654b4) C:\windows\system32\drivers\CHDRT64.sys
16:38:05.0774 5632 CnxtHdAudService - ok
16:38:05.0804 5632 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
16:38:05.0806 5632 Compbatt - ok
16:38:05.0871 5632 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
16:38:05.0895 5632 CompositeBus - ok
16:38:05.0913 5632 COMSysApp - ok
16:38:05.0950 5632 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
16:38:05.0952 5632 crcdisk - ok
16:38:06.0003 5632 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
16:38:06.0006 5632 CryptSvc - ok
16:38:06.0094 5632 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
16:38:06.0108 5632 DcomLaunch - ok
16:38:06.0153 5632 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
16:38:06.0158 5632 defragsvc - ok
16:38:06.0215 5632 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
16:38:06.0218 5632 DfsC - ok
16:38:06.0315 5632 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
16:38:06.0322 5632 Dhcp - ok
16:38:06.0354 5632 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
16:38:06.0355 5632 discache - ok
16:38:06.0389 5632 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
16:38:06.0391 5632 Disk - ok
16:38:06.0466 5632 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
16:38:06.0471 5632 Dnscache - ok
16:38:06.0544 5632 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
16:38:06.0552 5632 dot3svc - ok
16:38:06.0585 5632 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
16:38:06.0590 5632 DPS - ok
16:38:06.0634 5632 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
16:38:06.0636 5632 drmkaud - ok
16:38:06.0751 5632 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
16:38:06.0767 5632 DXGKrnl - ok
16:38:06.0791 5632 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
16:38:06.0794 5632 EapHost - ok
16:38:06.0970 5632 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
16:38:07.0016 5632 ebdrv - ok
16:38:07.0151 5632 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
16:38:07.0154 5632 EFS - ok
16:38:07.0268 5632 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
16:38:07.0279 5632 ehRecvr - ok
16:38:07.0307 5632 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
16:38:07.0311 5632 ehSched - ok
16:38:07.0394 5632 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
16:38:07.0402 5632 elxstor - ok
16:38:07.0451 5632 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
16:38:07.0453 5632 ErrDev - ok
16:38:07.0508 5632 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
16:38:07.0514 5632 EventSystem - ok
16:38:07.0551 5632 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
16:38:07.0556 5632 exfat - ok
16:38:07.0584 5632 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
16:38:07.0588 5632 fastfat - ok
16:38:07.0685 5632 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
16:38:07.0695 5632 Fax - ok
16:38:07.0717 5632 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
16:38:07.0719 5632 fdc - ok
16:38:07.0752 5632 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
16:38:07.0754 5632 fdPHost - ok
16:38:07.0765 5632 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
16:38:07.0767 5632 FDResPub - ok
16:38:07.0795 5632 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
16:38:07.0798 5632 FileInfo - ok
16:38:07.0807 5632 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
16:38:07.0809 5632 Filetrace - ok
16:38:07.0830 5632 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
16:38:07.0832 5632 flpydisk - ok
16:38:07.0900 5632 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
16:38:07.0905 5632 FltMgr - ok
16:38:07.0999 5632 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
16:38:08.0014 5632 FontCache - ok
16:38:08.0099 5632 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:38:08.0102 5632 FontCache3.0.0.0 - ok
16:38:08.0147 5632 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
16:38:08.0151 5632 FsDepends - ok
16:38:08.0209 5632 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
16:38:08.0212 5632 Fs_Rec - ok
16:38:08.0284 5632 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
16:38:08.0290 5632 fvevol - ok
16:38:08.0340 5632 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
16:38:08.0344 5632 gagp30kx - ok
16:38:08.0410 5632 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
16:38:08.0413 5632 GEARAspiWDM - ok
16:38:08.0518 5632 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
16:38:08.0532 5632 gpsvc - ok
16:38:08.0629 5632 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:38:08.0633 5632 gupdate - ok
16:38:08.0671 5632 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:38:08.0674 5632 gupdatem - ok
16:38:08.0734 5632 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:38:08.0737 5632 gusvc - ok
16:38:08.0767 5632 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
16:38:08.0770 5632 hcw85cir - ok
16:38:08.0854 5632 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
16:38:08.0863 5632 HdAudAddService - ok
16:38:08.0899 5632 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
16:38:08.0902 5632 HDAudBus - ok
16:38:08.0932 5632 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
16:38:08.0934 5632 HidBatt - ok
16:38:08.0944 5632 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
16:38:08.0947 5632 HidBth - ok
16:38:08.0963 5632 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
16:38:08.0965 5632 HidIr - ok
16:38:09.0099 5632 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
16:38:09.0103 5632 hidserv - ok
16:38:09.0178 5632 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
16:38:09.0180 5632 HidUsb - ok
16:38:09.0236 5632 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
16:38:09.0241 5632 hkmsvc - ok
16:38:09.0302 5632 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
16:38:09.0310 5632 HomeGroupListener - ok
16:38:09.0373 5632 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
16:38:09.0379 5632 HomeGroupProvider - ok
16:38:09.0450 5632 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
16:38:09.0454 5632 HpSAMD - ok
16:38:09.0565 5632 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
16:38:09.0580 5632 HTTP - ok
16:38:09.0627 5632 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
16:38:09.0628 5632 hwpolicy - ok
16:38:09.0710 5632 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
16:38:09.0714 5632 i8042prt - ok
16:38:09.0790 5632 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
16:38:09.0800 5632 iaStorV - ok
16:38:09.0896 5632 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:38:09.0900 5632 IDriverT - ok
16:38:10.0042 5632 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:38:10.0054 5632 idsvc - ok
16:38:10.0185 5632 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
16:38:10.0188 5632 iirsp - ok
16:38:10.0343 5632 IJPLMSVC (ad5df6f4fbbc798636edc66bfec7d0de) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
16:38:10.0347 5632 IJPLMSVC - ok
16:38:10.0647 5632 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
16:38:10.0663 5632 IKEEXT - ok
16:38:10.0707 5632 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
16:38:10.0709 5632 intelide - ok
16:38:10.0742 5632 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
16:38:10.0744 5632 intelppm - ok
16:38:10.0898 5632 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
16:38:10.0900 5632 IntuitUpdateService - ok
16:38:11.0001 5632 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
16:38:11.0002 5632 IntuitUpdateServiceV4 - ok
16:38:11.0046 5632 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
16:38:11.0051 5632 IPBusEnum - ok
16:38:11.0109 5632 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
16:38:11.0113 5632 IpFilterDriver - ok
16:38:11.0236 5632 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
16:38:11.0248 5632 iphlpsvc - ok
16:38:11.0323 5632 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
16:38:11.0327 5632 IPMIDRV - ok
16:38:11.0376 5632 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
16:38:11.0381 5632 IPNAT - ok
16:38:11.0506 5632 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
16:38:11.0518 5632 iPod Service - ok
16:38:11.0561 5632 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
16:38:11.0565 5632 IRENUM - ok
16:38:11.0615 5632 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
16:38:11.0618 5632 isapnp - ok
16:38:11.0688 5632 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
16:38:11.0696 5632 iScsiPrt - ok
16:38:11.0754 5632 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
16:38:11.0757 5632 kbdclass - ok
16:38:11.0825 5632 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
16:38:11.0828 5632 kbdhid - ok
16:38:11.0885 5632 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:38:11.0888 5632 KeyIso - ok
16:38:11.0945 5632 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
16:38:11.0949 5632 KSecDD - ok
16:38:12.0015 5632 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
16:38:12.0020 5632 KSecPkg - ok
16:38:12.0074 5632 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
16:38:12.0077 5632 ksthunk - ok
16:38:12.0138 5632 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
16:38:12.0152 5632 KtmRm - ok
16:38:12.0202 5632 L1C (55480b9c63f3f91a8ebbadcbf28fe581) C:\windows\system32\DRIVERS\L1C62x64.sys
16:38:12.0204 5632 L1C - ok
16:38:12.0274 5632 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
16:38:12.0282 5632 LanmanServer - ok
16:38:12.0338 5632 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
16:38:12.0345 5632 LanmanWorkstation - ok
16:38:12.0387 5632 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
16:38:12.0390 5632 lltdio - ok
16:38:12.0438 5632 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
16:38:12.0444 5632 lltdsvc - ok
16:38:12.0466 5632 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
16:38:12.0468 5632 lmhosts - ok
16:38:12.0499 5632 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
16:38:12.0501 5632 LSI_FC - ok
16:38:12.0528 5632 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
16:38:12.0531 5632 LSI_SAS - ok
16:38:12.0538 5632 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
16:38:12.0540 5632 LSI_SAS2 - ok
16:38:12.0551 5632 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
16:38:12.0553 5632 LSI_SCSI - ok
16:38:12.0590 5632 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
16:38:12.0593 5632 luafv - ok
16:38:12.0648 5632 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
16:38:12.0653 5632 Mcx2Svc - ok
16:38:12.0684 5632 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
16:38:12.0688 5632 megasas - ok
16:38:12.0729 5632 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
16:38:12.0735 5632 MegaSR - ok
16:38:12.0771 5632 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
16:38:12.0773 5632 MMCSS - ok
16:38:12.0791 5632 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
16:38:12.0793 5632 Modem - ok
16:38:12.0830 5632 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
16:38:12.0831 5632 monitor - ok
16:38:12.0877 5632 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
16:38:12.0879 5632 mouclass - ok
16:38:12.0904 5632 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
16:38:12.0906 5632 mouhid - ok
16:38:12.0951 5632 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
16:38:12.0952 5632 mountmgr - ok
16:38:13.0005 5632 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
16:38:13.0010 5632 mpio - ok
16:38:13.0048 5632 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
16:38:13.0052 5632 mpsdrv - ok
16:38:13.0114 5632 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
16:38:13.0119 5632 MRxDAV - ok
16:38:13.0182 5632 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
16:38:13.0201 5632 mrxsmb - ok
16:38:13.0259 5632 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
16:38:13.0274 5632 mrxsmb10 - ok
16:38:13.0339 5632 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
16:38:13.0343 5632 mrxsmb20 - ok
16:38:13.0392 5632 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
16:38:13.0395 5632 msahci - ok
16:38:13.0446 5632 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
16:38:13.0452 5632 msdsm - ok
16:38:13.0487 5632 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
16:38:13.0494 5632 MSDTC - ok
16:38:13.0546 5632 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
16:38:13.0548 5632 Msfs - ok
16:38:13.0564 5632 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
16:38:13.0566 5632 mshidkmdf - ok
16:38:13.0608 5632 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
16:38:13.0610 5632 msisadrv - ok
16:38:13.0651 5632 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
16:38:13.0655 5632 MSiSCSI - ok
16:38:13.0660 5632 msiserver - ok
16:38:13.0700 5632 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
16:38:13.0702 5632 MSKSSRV - ok
16:38:13.0717 5632 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
16:38:13.0719 5632 MSPCLOCK - ok
16:38:13.0740 5632 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
16:38:13.0741 5632 MSPQM - ok
16:38:13.0805 5632 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
16:38:13.0813 5632 MsRPC - ok
16:38:13.0869 5632 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
16:38:13.0871 5632 mssmbios - ok
16:38:13.0914 5632 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
16:38:13.0917 5632 MSTEE - ok
16:38:13.0929 5632 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
16:38:13.0931 5632 MTConfig - ok
16:38:13.0957 5632 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
16:38:13.0959 5632 Mup - ok
16:38:14.0027 5632 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
16:38:14.0035 5632 napagent - ok
16:38:14.0092 5632 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
16:38:14.0098 5632 NativeWifiP - ok
16:38:14.0196 5632 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
16:38:14.0207 5632 NDIS - ok
16:38:14.0250 5632 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
16:38:14.0252 5632 NdisCap - ok
16:38:14.0273 5632 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
16:38:14.0274 5632 NdisTapi - ok
16:38:14.0325 5632 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
16:38:14.0328 5632 Ndisuio - ok
16:38:14.0396 5632 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
16:38:14.0401 5632 NdisWan - ok
16:38:14.0459 5632 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
16:38:14.0463 5632 NDProxy - ok
16:38:14.0509 5632 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
16:38:14.0511 5632 NetBIOS - ok
16:38:14.0579 5632 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
16:38:14.0585 5632 NetBT - ok
16:38:14.0641 5632 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:38:14.0643 5632 Netlogon - ok
16:38:14.0701 5632 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
16:38:14.0711 5632 Netman - ok
16:38:14.0746 5632 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
16:38:14.0754 5632 netprofm - ok
16:38:14.0826 5632 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:38:14.0831 5632 NetTcpPortSharing - ok
16:38:14.0873 5632 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
16:38:14.0876 5632 nfrd960 - ok
16:38:14.0965 5632 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
16:38:14.0973 5632 NlaSvc - ok
16:38:14.0986 5632 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
16:38:14.0988 5632 Npfs - ok
16:38:15.0014 5632 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
16:38:15.0016 5632 nsi - ok
16:38:15.0047 5632 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
16:38:15.0048 5632 nsiproxy - ok
16:38:15.0179 5632 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
16:38:15.0197 5632 Ntfs - ok
16:38:15.0324 5632 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
16:38:15.0327 5632 Null - ok
16:38:15.0394 5632 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
16:38:15.0399 5632 nvraid - ok
16:38:15.0447 5632 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
16:38:15.0453 5632 nvstor - ok
16:38:15.0508 5632 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
16:38:15.0513 5632 nv_agp - ok
16:38:15.0561 5632 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
16:38:15.0565 5632 ohci1394 - ok
16:38:15.0613 5632 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
16:38:15.0619 5632 p2pimsvc - ok
16:38:15.0671 5632 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
16:38:15.0679 5632 p2psvc - ok
16:38:15.0708 5632 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
16:38:15.0711 5632 Parport - ok
16:38:15.0756 5632 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
16:38:15.0758 5632 partmgr - ok
16:38:15.0787 5632 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
16:38:15.0792 5632 PcaSvc - ok
16:38:15.0846 5632 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
16:38:15.0849 5632 pci - ok
16:38:15.0889 5632 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
16:38:15.0891 5632 pciide - ok
16:38:15.0924 5632 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
16:38:15.0929 5632 pcmcia - ok
16:38:15.0948 5632 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
16:38:15.0951 5632 pcw - ok
16:38:15.0997 5632 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
16:38:16.0006 5632 PEAUTH - ok
16:38:16.0083 5632 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
16:38:16.0086 5632 PerfHost - ok
16:38:16.0122 5632 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
16:38:16.0124 5632 PGEffect - ok
16:38:16.0242 5632 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
16:38:16.0259 5632 pla - ok
16:38:16.0334 5632 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
16:38:16.0345 5632 PlugPlay - ok
16:38:16.0376 5632 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
16:38:16.0381 5632 PNRPAutoReg - ok
16:38:16.0421 5632 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
16:38:16.0425 5632 PNRPsvc - ok
16:38:16.0499 5632 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
16:38:16.0508 5632 PolicyAgent - ok
16:38:16.0582 5632 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
16:38:16.0589 5632 Power - ok
16:38:16.0683 5632 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
16:38:16.0685 5632 PptpMiniport - ok
16:38:16.0711 5632 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
16:38:16.0713 5632 Processor - ok
16:38:16.0775 5632 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
16:38:16.0782 5632 ProfSvc - ok
16:38:16.0841 5632 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:38:16.0844 5632 ProtectedStorage - ok
16:38:16.0917 5632 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
16:38:16.0921 5632 Psched - ok
16:38:16.0965 5632 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\windows\system32\DRIVERS\QIOMem.sys
16:38:16.0969 5632 QIOMem - ok
16:38:17.0106 5632 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
16:38:17.0128 5632 ql2300 - ok
16:38:17.0261 5632 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
16:38:17.0266 5632 ql40xx - ok
16:38:17.0324 5632 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
16:38:17.0333 5632 QWAVE - ok
16:38:17.0360 5632 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
16:38:17.0364 5632 QWAVEdrv - ok
16:38:17.0388 5632 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
16:38:17.0390 5632 RasAcd - ok
16:38:17.0437 5632 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
16:38:17.0439 5632 RasAgileVpn - ok
16:38:17.0479 5632 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
16:38:17.0483 5632 RasAuto - ok
16:38:17.0545 5632 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
16:38:17.0548 5632 Rasl2tp - ok
16:38:17.0626 5632 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
16:38:17.0637 5632 RasMan - ok
16:38:17.0681 5632 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
16:38:17.0684 5632 RasPppoe - ok
16:38:17.0707 5632 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
16:38:17.0710 5632 RasSstp - ok
16:38:17.0765 5632 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
16:38:17.0769 5632 rdbss - ok
16:38:17.0794 5632 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
16:38:17.0797 5632 rdpbus - ok
16:38:17.0813 5632 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
16:38:17.0814 5632 RDPCDD - ok
16:38:17.0867 5632 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
16:38:17.0868 5632 RDPENCDD - ok
16:38:17.0906 5632 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
16:38:17.0907 5632 RDPREFMP - ok
16:38:18.0191 5632 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
16:38:18.0215 5632 RDPWD - ok
16:38:18.0291 5632 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
16:38:18.0294 5632 rdyboost - ok
16:38:18.0331 5632 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
16:38:18.0334 5632 RemoteAccess - ok
16:38:18.0368 5632 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
16:38:18.0371 5632 RemoteRegistry - ok
16:38:18.0390 5632 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
16:38:18.0393 5632 RpcEptMapper - ok
16:38:18.0431 5632 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
16:38:18.0433 5632 RpcLocator - ok
16:38:18.0535 5632 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
16:38:18.0541 5632 RpcSs - ok
16:38:18.0912 5632 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
16:38:18.0953 5632 rspndr - ok
16:38:19.0110 5632 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\windows\system32\Drivers\RtsUStor.sys
16:38:19.0170 5632 RSUSBSTOR - ok
16:38:19.0265 5632 rtl8192se (a8ed9726734d403217a4861a6788b144) C:\windows\system32\DRIVERS\rtl8192se.sys
16:38:19.0276 5632 rtl8192se - ok
16:38:19.0341 5632 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:38:19.0344 5632 SamSs - ok
16:38:19.0392 5632 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
16:38:19.0396 5632 sbp2port - ok
16:38:19.0446 5632 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
16:38:19.0455 5632 SCardSvr - ok
16:38:19.0507 5632 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
16:38:19.0511 5632 scfilter - ok
16:38:19.0636 5632 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
16:38:19.0651 5632 Schedule - ok
16:38:19.0707 5632 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
16:38:19.0708 5632 SCPolicySvc - ok
16:38:19.0731 5632 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
16:38:19.0734 5632 SDRSVC - ok
16:38:19.0775 5632 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
16:38:19.0777 5632 secdrv - ok
16:38:19.0823 5632 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
16:38:19.0827 5632 seclogon - ok
16:38:19.0862 5632 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
16:38:19.0867 5632 SENS - ok
16:38:19.0889 5632 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
16:38:19.0894 5632 SensrSvc - ok
16:38:19.0910 5632 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
16:38:19.0912 5632 Serenum - ok
16:38:19.0928 5632 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
16:38:19.0930 5632 Serial - ok
16:38:19.0983 5632 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
16:38:19.0985 5632 sermouse - ok
16:38:20.0053 5632 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
16:38:20.0059 5632 SessionEnv - ok
16:38:20.0112 5632 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
16:38:20.0115 5632 sffdisk - ok
16:38:20.0138 5632 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
16:38:20.0141 5632 sffp_mmc - ok
16:38:20.0153 5632 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
16:38:20.0155 5632 sffp_sd - ok
16:38:20.0180 5632 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
16:38:20.0182 5632 sfloppy - ok
16:38:20.0236 5632 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
16:38:20.0242 5632 SharedAccess - ok
16:38:20.0315 5632 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
16:38:20.0324 5632 ShellHWDetection - ok
16:38:20.0373 5632 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
16:38:20.0376 5632 SiSRaid2 - ok
16:38:20.0389 5632 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
16:38:20.0393 5632 SiSRaid4 - ok
16:38:20.0424 5632 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
16:38:20.0428 5632 Smb - ok
16:38:20.0460 5632 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
16:38:20.0462 5632 SNMPTRAP - ok
16:38:20.0473 5632 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
16:38:20.0475 5632 spldr - ok
16:38:20.0588 5632 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
16:38:20.0599 5632 Spooler - ok
16:38:20.0854 5632 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
16:38:20.0929 5632 sppsvc - ok
16:38:21.0018 5632 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
16:38:21.0021 5632 sppuinotify - ok
16:38:21.0122 5632 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
16:38:21.0150 5632 srv - ok
16:38:21.0235 5632 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
16:38:21.0240 5632 srv2 - ok
16:38:21.0280 5632 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\windows\system32\DRIVERS\VSTAZL6.SYS
16:38:21.0285 5632 SrvHsfHDA - ok
16:38:21.0371 5632 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\windows\system32\DRIVERS\VSTDPV6.SYS
16:38:21.0388 5632 SrvHsfV92 - ok
16:38:21.0570 5632 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\windows\system32\DRIVERS\VSTCNXT6.SYS
16:38:21.0583 5632 SrvHsfWinac - ok
16:38:21.0642 5632 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
16:38:21.0648 5632 srvnet - ok
16:38:21.0696 5632 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
16:38:21.0702 5632 SSDPSRV - ok
16:38:21.0720 5632 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
16:38:21.0725 5632 SstpSvc - ok
16:38:21.0751 5632 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
16:38:21.0753 5632 stexstor - ok
16:38:21.0851 5632 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
16:38:21.0860 5632 stisvc - ok
16:38:21.0908 5632 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
16:38:21.0933 5632 swenum - ok
16:38:21.0994 5632 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
16:38:22.0008 5632 swprv - ok
16:38:22.0094 5632 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
16:38:22.0102 5632 SynTP - ok
16:38:22.0240 5632 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
16:38:22.0259 5632 SysMain - ok
16:38:22.0371 5632 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
16:38:22.0378 5632 TabletInputService - ok
16:38:22.0413 5632 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
16:38:22.0419 5632 TapiSrv - ok
16:38:22.0440 5632 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
16:38:22.0444 5632 TBS - ok
16:38:22.0670 5632 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
16:38:22.0695 5632 Tcpip - ok
16:38:22.0933 5632 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
16:38:22.0945 5632 TCPIP6 - ok
16:38:23.0099 5632 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
16:38:23.0103 5632 tcpipreg - ok
16:38:23.0145 5632 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
16:38:23.0148 5632 tdcmdpst - ok
16:38:23.0186 5632 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
16:38:23.0189 5632 TDPIPE - ok
16:38:23.0238 5632 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
16:38:23.0265 5632 TDTCP - ok
16:38:23.0324 5632 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
16:38:23.0327 5632 tdx - ok
16:38:23.0381 5632 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
16:38:23.0384 5632 TermDD - ok
16:38:23.0459 5632 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
16:38:23.0470 5632 TermService - ok
16:38:23.0484 5632 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
16:38:23.0486 5632 Themes - ok
16:38:23.0515 5632 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
16:38:23.0516 5632 THREADORDER - ok
16:38:23.0611 5632 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:38:23.0614 5632 TMachInfo - ok
16:38:23.0654 5632 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
16:38:23.0657 5632 TODDSrv - ok
16:38:23.0782 5632 TosCoSrv (98c864481d62f86ec8af65be3419a95b) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:38:23.0789 5632 TosCoSrv - ok
16:38:23.0829 5632 TOSHIBA eco Utility Service (2ab7a4697462edb0c9dfafc529746ba9) C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:38:23.0833 5632 TOSHIBA eco Utility Service - ok
16:38:23.0912 5632 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:38:23.0916 5632 TOSHIBA HDD SSD Alert Service - ok
16:38:24.0000 5632 TPCHSrv (97687d094aa597da366e1194b218cc6c) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:38:24.0011 5632 TPCHSrv - ok
16:38:24.0090 5632 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
16:38:24.0093 5632 TrkWks - ok
16:38:24.0154 5632 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
16:38:24.0156 5632 TrustedInstaller - ok
16:38:24.0292 5632 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
16:38:24.0294 5632 tssecsrv - ok
16:38:24.0380 5632 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
16:38:24.0385 5632 TsUsbFlt - ok
16:38:24.0461 5632 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
16:38:24.0466 5632 tunnel - ok
16:38:24.0507 5632 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
16:38:24.0510 5632 TVALZ - ok
16:38:24.0615 5632 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
16:38:24.0619 5632 TVALZFL - ok
16:38:24.0663 5632 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
16:38:24.0666 5632 uagp35 - ok
16:38:24.0789 5632 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
16:38:24.0797 5632 udfs - ok
16:38:24.0849 5632 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
16:38:24.0853 5632 UI0Detect - ok
16:38:24.0901 5632 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
16:38:24.0903 5632 uliagpkx - ok
16:38:24.0995 5632 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
16:38:24.0999 5632 umbus - ok
16:38:25.0025 5632 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
16:38:25.0028 5632 UmPass - ok
16:38:25.0084 5632 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
16:38:25.0093 5632 upnphost - ok
16:38:25.0139 5632 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
16:38:25.0142 5632 USBAAPL64 - ok
16:38:25.0204 5632 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys
16:38:25.0207 5632 usbaudio - ok
16:38:25.0233 5632 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
16:38:25.0255 5632 usbccgp - ok
16:38:25.0328 5632 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
16:38:25.0331 5632 usbcir - ok
16:38:25.0351 5632 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
16:38:25.0354 5632 usbehci - ok
16:38:25.0433 5632 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
16:38:25.0443 5632 usbhub - ok
16:38:25.0458 5632 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
16:38:25.0460 5632 usbohci - ok
16:38:25.0491 5632 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
16:38:25.0493 5632 usbprint - ok
16:38:25.0560 5632 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
16:38:25.0564 5632 usbscan - ok
16:38:25.0589 5632 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
16:38:25.0592 5632 USBSTOR - ok
16:38:25.0619 5632 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
16:38:25.0621 5632 usbuhci - ok
16:38:25.0706 5632 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
16:38:25.0715 5632 usbvideo - ok
16:38:25.0749 5632 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
16:38:25.0752 5632 UxSms - ok
16:38:25.0807 5632 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
16:38:25.0809 5632 VaultSvc - ok
16:38:25.0855 5632 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
16:38:25.0857 5632 vdrvroot - ok
16:38:25.0945 5632 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
16:38:25.0954 5632 vds - ok
16:38:25.0994 5632 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
16:38:25.0996 5632 vga - ok
16:38:26.0020 5632 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
16:38:26.0022 5632 VgaSave - ok
16:38:26.0075 5632 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
16:38:26.0078 5632 vhdmp - ok
16:38:26.0124 5632 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
16:38:26.0126 5632 viaide - ok
16:38:26.0174 5632 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
16:38:26.0176 5632 volmgr - ok
16:38:26.0232 5632 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
16:38:26.0237 5632 volmgrx - ok
16:38:26.0336 5632 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
16:38:26.0368 5632 volsnap - ok
16:38:26.0428 5632 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
16:38:26.0434 5632 vsmraid - ok
16:38:26.0593 5632 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
16:38:26.0611 5632 VSS - ok
16:38:26.0804 5632 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
16:38:26.0817 5632 vToolbarUpdater11.2.0 - ok
16:38:26.0954 5632 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
16:38:26.0957 5632 vwifibus - ok
16:38:26.0996 5632 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
16:38:26.0999 5632 vwififlt - ok
16:38:27.0048 5632 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
16:38:27.0055 5632 W32Time - ok
16:38:27.0079 5632 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
16:38:27.0081 5632 WacomPen - ok
16:38:27.0140 5632 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:38:27.0142 5632 WANARP - ok
16:38:27.0146 5632 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:38:27.0147 5632 Wanarpv6 - ok
16:38:27.0257 5632 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
16:38:27.0271 5632 WatAdminSvc - ok
16:38:27.0389 5632 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
16:38:27.0407 5632 wbengine - ok
16:38:27.0517 5632 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
16:38:27.0523 5632 WbioSrvc - ok
16:38:27.0585 5632 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
16:38:27.0592 5632 wcncsvc - ok
16:38:27.0605 5632 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
16:38:27.0609 5632 WcsPlugInService - ok
16:38:27.0660 5632 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
16:38:27.0663 5632 Wd - ok
16:38:27.0721 5632 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
16:38:27.0724 5632 WDC_SAM - ok
16:38:27.0785 5632 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
16:38:27.0795 5632 Wdf01000 - ok
16:38:27.0828 5632 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
16:38:27.0830 5632 WdiServiceHost - ok
16:38:27.0834 5632 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
16:38:27.0837 5632 WdiSystemHost - ok
16:38:27.0901 5632 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
16:38:27.0910 5632 WebClient - ok
16:38:27.0944 5632 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
16:38:27.0950 5632 Wecsvc - ok
16:38:27.0969 5632 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
16:38:27.0973 5632 wercplsupport - ok
16:38:27.0988 5632 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
16:38:27.0991 5632 WerSvc - ok
16:38:28.0061 5632 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
16:38:28.0065 5632 WfpLwf - ok
16:38:28.0089 5632 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
16:38:28.0092 5632 WIMMount - ok
16:38:28.0152 5632 WinDefend - ok
16:38:28.0169 5632 WinHttpAutoProxySvc - ok
16:38:28.0246 5632 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
16:38:28.0249 5632 Winmgmt - ok
16:38:28.0538 5632 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
16:38:28.0631 5632 WinRM - ok
16:38:29.0068 5632 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
16:38:29.0070 5632 WinUsb - ok
16:38:29.0126 5632 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
16:38:29.0137 5632 Wlansvc - ok
16:38:29.0389 5632 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:38:29.0416 5632 wlidsvc - ok
16:38:29.0578 5632 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
16:38:29.0579 5632 WmiAcpi - ok
16:38:29.0639 5632 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
16:38:29.0642 5632 wmiApSrv - ok
16:38:29.0697 5632 WMPNetworkSvc - ok
16:38:29.0739 5632 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
16:38:29.0745 5632 WPCSvc - ok
16:38:29.0802 5632 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
16:38:29.0806 5632 WPDBusEnum - ok
16:38:29.0830 5632 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
16:38:29.0831 5632 ws2ifsl - ok
16:38:29.0890 5632 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
16:38:29.0894 5632 wscsvc - ok
16:38:29.0899 5632 WSearch - ok
16:38:30.0098 5632 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
16:38:30.0178 5632 wuauserv - ok
16:38:30.0596 5632 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
16:38:30.0600 5632 WudfPf - ok
16:38:30.0701 5632 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
16:38:30.0704 5632 wudfsvc - ok
16:38:30.0792 5632 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
16:38:30.0797 5632 WwanSvc - ok
16:38:30.0878 5632 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
16:38:31.0599 5632 \Device\Harddisk0\DR0 - ok
16:38:31.0638 5632 Boot (0x1200) (dd76684b3133cbdee8075f0f14238df3) \Device\Harddisk0\DR0\Partition0
16:38:31.0642 5632 \Device\Harddisk0\DR0\Partition0 - ok
16:38:31.0643 5632 ============================================================
16:38:31.0643 5632 Scan finished
16:38:31.0643 5632 ============================================================
16:38:31.0669 5680 Detected object count: 0
16:38:31.0670 5680 Actual detected object count: 0

#7 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 07 August 2012 - 06:43 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-07 16:43:06
-----------------------------
16:43:06.455 OS Version: Windows x64 6.1.7601 Service Pack 1
16:43:06.455 Number of processors: 2 586 0x603
16:43:06.456 ComputerName: RICHARD-PC UserName: Richard
16:43:07.947 Initialize success
16:44:54.315 AVAST engine defs: 12080701
16:45:04.940 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:45:04.947 Disk 0 Vendor: TOSHIBA_MK3265GSX GJ003M Size: 305245MB BusType: 11
16:45:05.003 Disk 0 MBR read successfully
16:45:05.008 Disk 0 MBR scan
16:45:05.019 Disk 0 Windows VISTA default MBR code
16:45:05.034 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
16:45:05.051 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 293431 MB offset 3074048
16:45:05.088 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10313 MB offset 604020736
16:45:05.138 Disk 0 scanning C:\windows\system32\drivers
16:45:19.574 Service scanning
16:46:14.939 Modules scanning
16:46:14.957 Disk 0 trace - called modules:
16:46:14.995 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:46:15.004 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800316a060]
16:46:15.012 3 CLASSPNP.SYS[fffff8800195d43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80030a6680]
16:46:18.536 AVAST engine scan C:\windows
16:46:21.682 AVAST engine scan C:\windows\system32
16:51:06.590 AVAST engine scan C:\windows\system32\drivers
16:51:28.636 AVAST engine scan C:\Users\Richard
17:57:34.726 AVAST engine scan C:\ProgramData
18:03:15.033 Scan finished successfully
19:41:44.136 Disk 0 MBR has been saved successfully to "C:\Users\Richard\Desktop\MBR.dat"
19:41:44.143 The log file has been saved successfully to "C:\Users\Richard\Desktop\aswMBR.txt"

#8 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 07 August 2012 - 09:29 PM

C:\Users\Richard\AppData\Local\Dropbox\hkgsards.dll Win32/Boaxxe.G trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Richard\AppData\Local\Temp\NOD1F87.tmp Win32/Boaxxe.G trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Richard\AppData\Local\{4536AC02-DB81-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined

#9 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 07 August 2012 - 09:30 PM

Looks like we're getting somewhere. What's the next step

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:42 PM

Posted 07 August 2012 - 09:31 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#11 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 08 August 2012 - 10:04 AM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.08.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Richard :: RICHARD-PC [administrator]

8/8/2012 9:43:02 AM
mbam-log-2012-08-08 (09-43-02).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 454976
Time elapsed: 1 hour(s), 19 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 08 August 2012 - 10:21 AM

After the reboot, AVG popped up showing IDP.Trojan.62F162B5

The threat was removed. The quick scan of MBAM after reboot showed clean:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.08.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Richard :: RICHARD-PC [administrator]

8/8/2012 11:13:14 AM
mbam-log-2012-08-08 (11-13-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 198181
Time elapsed: 4 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0

#13 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 08 August 2012 - 10:26 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Richard (administrator) on 08-08-2012 at 11:24:15
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection 2 (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Richard-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller #2
Physical Address. . . . . . . . . : C8-0A-A9-98-7A-2A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC #2
Physical Address. . . . . . . . . : 70-F1-A1-9F-0F-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5821:2e9f:c974:4c55%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.137(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 08, 2012 11:07:26 AM
Lease Expires . . . . . . . . . . : Thursday, August 09, 2012 11:07:31 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 342946209
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-8E-68-67-C8-0A-A9-98-7A-2A
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{3DB6CF30-2A94-4577-B3EF-5E44F8B46B15}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A603937B-AD56-4B0E-A8B7-E31A085105D8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:d3:1640:3f57:ff76(Preferred)
Link-local IPv6 Address . . . . . : fe80::d3:1640:3f57:ff76%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4002:802::1007
74.125.137.100
74.125.137.101
74.125.137.102
74.125.137.113
74.125.137.138
74.125.137.139


Pinging google.com [173.194.37.68] with 32 bytes of data:
Reply from 173.194.37.68: bytes=32 time=10ms TTL=52
Reply from 173.194.37.68: bytes=32 time=10ms TTL=52

Ping statistics for 173.194.37.68:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 10ms, Average = 10ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=262ms TTL=48
Reply from 72.30.38.140: bytes=32 time=119ms TTL=48

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 119ms, Maximum = 262ms, Average = 190ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...c8 0a a9 98 7a 2a ......Atheros AR8152 PCI-E Fast Ethernet Controller #2
15...70 f1 a1 9f 0f 9a ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC #2
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.137 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.137 281
192.168.0.137 255.255.255.255 On-link 192.168.0.137 281
192.168.0.255 255.255.255.255 On-link 192.168.0.137 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.137 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.137 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:d3:1640:3f57:ff76/128
On-link
15 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::d3:1640:3f57:ff76/128
On-link
15 281 fe80::5821:2e9f:c974:4c55/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/08/2012 09:36:26 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 39859098

Error: (08/08/2012 09:36:26 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 39859098

Error: (08/08/2012 09:36:26 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 10:32:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14633

Error: (08/07/2012 10:32:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14633

Error: (08/07/2012 10:32:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 10:32:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13634

Error: (08/07/2012 10:32:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13634

Error: (08/07/2012 10:32:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 10:32:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12636


System errors:
=============
Error: (08/08/2012 11:07:48 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/08/2012 11:07:25 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/07/2012 02:05:52 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (08/07/2012 01:01:51 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (08/07/2012 00:55:46 PM) (Source: Service Control Manager) (User: )
Description: The TPCH Service service failed to start due to the following error:
%%1053

Error: (08/07/2012 00:55:46 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the TPCH Service service to connect.

Error: (08/07/2012 00:55:46 PM) (Source: DCOM) (User: )
Description: 1053TPCHSrv{45CC1698-D1CF-417B-BC32-80EB79E05EF1}

Error: (08/07/2012 00:52:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/07/2012 00:52:06 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/07/2012 00:05:38 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.


Microsoft Office Sessions:
=========================
Error: (08/08/2012 09:36:26 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 39859098

Error: (08/08/2012 09:36:26 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 39859098

Error: (08/08/2012 09:36:26 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 10:32:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14633

Error: (08/07/2012 10:32:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14633

Error: (08/07/2012 10:32:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 10:32:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13634

Error: (08/07/2012 10:32:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13634

Error: (08/07/2012 10:32:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 10:32:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12636


=========================== Installed Programs ============================

7-Zip 9.20
Adobe AIR (Version: 3.0.0.3880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader 9.3 (Version: 9.3.0)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.26)
ATI Catalyst Install Manager (Version: 3.0.765.0)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Bing Bar (Version: 5.0.1363.0)
Bonjour (Version: 3.0.0.10)
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
Camtasia Studio 7 (Version: 7.1.1)
Canon CanoScan LiDE 110 User Registration
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.0
Canon Solution Menu EX
CanoScan LiDE 110 Scanner Driver
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Full Existing (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Full New (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Light (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Previews Common (Version: 2010.0315.1050.17562)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0315.1050.17562)
Catalyst Control Center InstallProxy (Version: 2010.0315.1050.17562)
Catalyst Control Center Localization All (Version: 2010.0315.1050.17562)
ccc-core-static (Version: 2010.0315.1050.17562)
ccc-utility64 (Version: 2010.0315.1050.17562)
CCC Help Chinese Standard (Version: 2010.0315.1049.17562)
CCC Help Chinese Traditional (Version: 2010.0315.1049.17562)
CCC Help Czech (Version: 2010.0315.1049.17562)
CCC Help Danish (Version: 2010.0315.1049.17562)
CCC Help Dutch (Version: 2010.0315.1049.17562)
CCC Help English (Version: 2010.0315.1049.17562)
CCC Help Finnish (Version: 2010.0315.1049.17562)
CCC Help French (Version: 2010.0315.1049.17562)
CCC Help German (Version: 2010.0315.1049.17562)
CCC Help Greek (Version: 2010.0315.1049.17562)
CCC Help Hungarian (Version: 2010.0315.1049.17562)
CCC Help Italian (Version: 2010.0315.1049.17562)
CCC Help Japanese (Version: 2010.0315.1049.17562)
CCC Help Korean (Version: 2010.0315.1049.17562)
CCC Help Norwegian (Version: 2010.0315.1049.17562)
CCC Help Polish (Version: 2010.0315.1049.17562)
CCC Help Portuguese (Version: 2010.0315.1049.17562)
CCC Help Russian (Version: 2010.0315.1049.17562)
CCC Help Spanish (Version: 2010.0315.1049.17562)
CCC Help Swedish (Version: 2010.0315.1049.17562)
CCC Help Thai (Version: 2010.0315.1049.17562)
CCC Help Turkish (Version: 2010.0315.1049.17562)
Cisco Connect (Version: 1.4.11200.0)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.112.0.61)
D3DX10 (Version: 15.4.2368.0902)
Eraser 6.0.8.2273 (Version: 6.0.2273)
ESET Online Scanner v3
FileZilla Client 3.5.3 (Version: 3.5.3)
GOM Player (Version: 2.1.40.5106)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
iCloud (Version: 1.0.2.17)
Image Resizer Powertoy Clone for Windows (64 bit) (Version: 2.1)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft FrontPage 2000 (Version: 9.00.2720)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office XP Small Business (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
PlayReady PC Runtime amd64 (Version: 1.3.0)
QuickTime (Version: 7.71.80.42)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
Realtek WLAN Driver (Version: 2.00.0011)
Safari (Version: 5.34.52.7)
Sanse Playlister Ver1.5
Synaptics Pointing Device Driver (Version: 15.0.8.1)
TOSHIBA Application Installer (Version: 9.0.1.0)
TOSHIBA Assist (Version: 3.00.10)
TOSHIBA Bulletin Board (Version: 1.6.06.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA eco Utility (Version: 1.2.11.64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Hardware Setup (Version: 4.03.02.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA Media Controller (Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.4.9)
TOSHIBA PC Health Monitor (Version: 1.6.0.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.6.05.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Supervisor Password (Version: 4.03.02.00)
TOSHIBA Value Added Package (Version: 1.3.2.64)
TOSHIBA Web Camera Application (Version: 1.1.1.15)
ToshibaRegistration (Version: 1.0.4)
TurboTax 2010
TurboTax 2010 wgaiper (Version: 010.000.1530)
TurboTax 2010 WinPerFedFormset (Version: 010.000.5821)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0222)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0495)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wrapper (Version: 011.000.0121)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.11 (Version: 1.1.11)
Win7codecs (Version: 2.6.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
WinZip (Version: 10.0 (6667))

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 2806.86 MB
Available physical RAM: 1642.22 MB
Total Pagefile: 5611.92 MB
Available Pagefile: 3808.73 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.34 MB

========================= Partitions: =====================================

1 Drive c: (TI105828W0G) (Fixed) (Total:286.55 GB) (Free:97.59 GB) NTFS

========================= Users: ========================================

User accounts for \\RICHARD-PC

Administrator Guest Richard


**** End of log ****

#14 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 08 August 2012 - 10:29 AM

Farbar Service Scanner Version: 06-08-2012
Ran by Richard (administrator) on 08-08-2012 at 11:28:23
Running from "C:\Users\Richard\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#15 ktmrider31

ktmrider31
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 08 August 2012 - 10:41 AM

# AdwCleaner v1.800 - Logfile created 08/08/2012 at 11:30:20
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Richard - RICHARD-PC
# Running from : C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZZAOE1Y\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : vToolbarUpdater11.2.0

***** [Files / Folders] *****

Folder Deleted : C:\Users\Richard\AppData\Local\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted on reboot : C:C:\Program Files (x86)\Software
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[x64] Key Deleted : HKLM\SOFTWARE\Software

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [4775 octets] - [08/08/2012 11:30:20]

########## EOF - C:\AdwCleaner[S1].txt - [4903 octets] ##########




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users