Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help needed with removals! Trojan.Dropper.BCMIner and buch of others!


  • This topic is locked This topic is locked
8 replies to this topic

#1 Kornley

Kornley

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 24 July 2012 - 05:33 PM

Hello,
my computer seems to have many infections on it, Avast! keeps telling me I have a trojan or a malware (It has complained at least about Win32:downloader-PKU, Win32:Malware-gen and Win64:Sirefef-A)usually located in C:\Windows\system32\services.exe. Malwarebytes Anti-Malware found several infections but I was able to remove most of them. Only Trojan.Dropper.BCMiner keeps coming back again and again. So, it seems like MBAM isn't able to find Win32:downloader-PKU and the others that Avast! keeps alerting about.TDSSKiller didn't find anything though. There haven't actually been much of symptoms of these infections except for the occasional slowness which is very annoying. But I have done a little research and found out that these infections can steal personal information and harm my computer severely, so I'm getting more and more worried. I'd really appreciate if you could do something to help me, thanks in advance!

ps. I didn't post any logs since I'm not sure which ones I should. And sorry for my bad English, I'm from Finland.

------------------------------

Microsoft Windows 7 Ultimate
6.1.7601 Service Pack 1 Build 7601

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:24 AM

Posted 24 July 2012 - 08:22 PM

Hello and welcome.

Did you run TDSS like this?

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.




Now let's also do these...

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Kornley

Kornley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 25 July 2012 - 03:07 PM

Thanks for your fast reply! I did all the scans and ran TDSS again with your settings. I actually used ESET OnlineScan yesterday and it found 21 infections but this time it found only 6, which is weird.

Here are the logs:

------------ TDSSKiller log ------------


12:30:56.0904 1892 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:30:57.0320 1892 ============================================================
12:30:57.0320 1892 Current date / time: 2012/07/25 12:30:57.0320
12:30:57.0320 1892 SystemInfo:
12:30:57.0321 1892
12:30:57.0321 1892 OS Version: 6.1.7601 ServicePack: 1.0
12:30:57.0321 1892 Product type: Workstation
12:30:57.0321 1892 ComputerName: GORDA
12:30:57.0321 1892 UserName: illi
12:30:57.0321 1892 Windows directory: C:\Windows
12:30:57.0321 1892 System windows directory: C:\Windows
12:30:57.0321 1892 Processor architecture: Intel x86
12:30:57.0321 1892 Number of processors: 2
12:30:57.0321 1892 Page size: 0x1000
12:30:57.0321 1892 Boot type: Normal boot
12:30:57.0321 1892 ============================================================
12:30:59.0722 1892 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:30:59.0754 1892 ============================================================
12:30:59.0754 1892 \Device\Harddisk0\DR0:
12:30:59.0755 1892 MBR partitions:
12:30:59.0755 1892 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
12:30:59.0755 1892 ============================================================
12:30:59.0770 1892 C: <-> \Device\Harddisk0\DR0\Partition0
12:30:59.0770 1892 ============================================================
12:30:59.0770 1892 Initialize success
12:30:59.0770 1892 ============================================================
12:31:11.0057 3596 ============================================================
12:31:11.0057 3596 Scan started
12:31:11.0057 3596 Mode: Manual; TDLFS;
12:31:11.0057 3596 ============================================================
12:31:12.0748 3596 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
12:31:12.0760 3596 1394ohci - ok
12:31:12.0921 3596 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:31:12.0924 3596 ACDaemon - ok
12:31:12.0978 3596 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
12:31:12.0982 3596 ACPI - ok
12:31:13.0032 3596 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
12:31:13.0034 3596 AcpiPmi - ok
12:31:13.0139 3596 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:31:13.0156 3596 AdobeFlashPlayerUpdateSvc - ok
12:31:13.0229 3596 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
12:31:13.0258 3596 adp94xx - ok
12:31:13.0286 3596 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
12:31:13.0293 3596 adpahci - ok
12:31:13.0309 3596 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
12:31:13.0321 3596 adpu320 - ok
12:31:13.0360 3596 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
12:31:13.0362 3596 AeLookupSvc - ok
12:31:13.0433 3596 AF15BDA (7c1ecdedc0571763a36dd46c3638a87b) C:\Windows\system32\DRIVERS\AF15BDA.sys
12:31:13.0443 3596 AF15BDA - ok
12:31:13.0504 3596 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
12:31:13.0519 3596 AFD - ok
12:31:13.0560 3596 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
12:31:13.0563 3596 agp440 - ok
12:31:13.0658 3596 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
12:31:13.0660 3596 aic78xx - ok
12:31:13.0688 3596 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
12:31:13.0691 3596 ALG - ok
12:31:13.0729 3596 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
12:31:13.0731 3596 aliide - ok
12:31:13.0795 3596 AMD External Events Utility (ebccbcbf1df132e4775e5d6e6dea3ed0) C:\Windows\system32\atiesrxx.exe
12:31:13.0806 3596 AMD External Events Utility - ok
12:31:13.0818 3596 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
12:31:13.0821 3596 amdagp - ok
12:31:13.0847 3596 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
12:31:13.0849 3596 amdide - ok
12:31:13.0901 3596 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
12:31:13.0902 3596 AmdK8 - ok
12:31:14.0325 3596 amdkmdag (f89643a2ca001b1162061e306f8bf267) C:\Windows\system32\DRIVERS\atikmdag.sys
12:31:14.0455 3596 amdkmdag - ok
12:31:14.0730 3596 amdkmdap (fb68e1b9cec598f0f69503f3aebb45dd) C:\Windows\system32\DRIVERS\atikmpag.sys
12:31:14.0738 3596 amdkmdap - ok
12:31:14.0768 3596 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
12:31:14.0771 3596 AmdPPM - ok
12:31:14.0810 3596 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
12:31:14.0812 3596 amdsata - ok
12:31:14.0839 3596 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
12:31:14.0851 3596 amdsbs - ok
12:31:14.0867 3596 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
12:31:14.0869 3596 amdxata - ok
12:31:14.0915 3596 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
12:31:14.0917 3596 AppID - ok
12:31:14.0980 3596 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
12:31:14.0981 3596 AppIDSvc - ok
12:31:15.0027 3596 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
12:31:15.0029 3596 Appinfo - ok
12:31:15.0147 3596 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:31:15.0149 3596 Apple Mobile Device - ok
12:31:15.0194 3596 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
12:31:15.0207 3596 AppMgmt - ok
12:31:15.0255 3596 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
12:31:15.0258 3596 arc - ok
12:31:15.0270 3596 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
12:31:15.0273 3596 arcsas - ok
12:31:15.0306 3596 ASKUpgrade - ok
12:31:15.0353 3596 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\Windows\system32\drivers\aswFsBlk.sys
12:31:15.0354 3596 aswFsBlk - ok
12:31:15.0406 3596 aswMonFlt (a48d8015af2a0d8b4937613ffbfd28de) C:\Windows\system32\drivers\aswMonFlt.sys
12:31:15.0408 3596 aswMonFlt - ok
12:31:15.0447 3596 aswRdr (4a951beba9e49410cde478b6f6abb252) C:\Windows\System32\Drivers\aswrdr2.sys
12:31:15.0449 3596 aswRdr - ok
12:31:15.0504 3596 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\Windows\system32\drivers\aswSnx.sys
12:31:15.0516 3596 aswSnx - ok
12:31:15.0558 3596 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\Windows\system32\drivers\aswSP.sys
12:31:15.0573 3596 aswSP - ok
12:31:15.0651 3596 aswTdi (7109a9aa551f37cd168c02368465957e) C:\Windows\system32\drivers\aswTdi.sys
12:31:15.0653 3596 aswTdi - ok
12:31:15.0691 3596 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
12:31:15.0693 3596 AsyncMac - ok
12:31:15.0731 3596 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
12:31:15.0732 3596 atapi - ok
12:31:15.0815 3596 athrusb (569059302103fbf6774a2ea9c3454910) C:\Windows\system32\DRIVERS\athrusb.sys
12:31:15.0835 3596 athrusb - ok
12:31:15.0899 3596 AtiHDAudioService (7b4342936a3885cfe18e5d1df6d55bc5) C:\Windows\system32\drivers\AtihdW73.sys
12:31:15.0902 3596 AtiHDAudioService - ok
12:31:16.0293 3596 atikmdag (f89643a2ca001b1162061e306f8bf267) C:\Windows\system32\DRIVERS\atikmdag.sys
12:31:16.0346 3596 atikmdag - ok
12:31:16.0522 3596 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
12:31:16.0533 3596 AudioEndpointBuilder - ok
12:31:16.0542 3596 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
12:31:16.0546 3596 Audiosrv - ok
12:31:16.0710 3596 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:31:16.0711 3596 avast! Antivirus - ok
12:31:16.0755 3596 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
12:31:16.0758 3596 AxInstSV - ok
12:31:16.0857 3596 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
12:31:16.0869 3596 b06bdrv - ok
12:31:16.0918 3596 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
12:31:16.0928 3596 b57nd60x - ok
12:31:17.0048 3596 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
12:31:17.0060 3596 BBSvc - ok
12:31:17.0122 3596 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
12:31:17.0125 3596 BDESVC - ok
12:31:17.0149 3596 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
12:31:17.0150 3596 Beep - ok
12:31:17.0160 3596 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
12:31:17.0162 3596 blbdrive - ok
12:31:17.0234 3596 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
12:31:17.0248 3596 Bonjour Service - ok
12:31:17.0288 3596 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
12:31:17.0290 3596 bowser - ok
12:31:17.0302 3596 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:31:17.0304 3596 BrFiltLo - ok
12:31:17.0321 3596 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:31:17.0322 3596 BrFiltUp - ok
12:31:17.0367 3596 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
12:31:17.0370 3596 Browser - ok
12:31:17.0399 3596 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
12:31:17.0407 3596 Brserid - ok
12:31:17.0423 3596 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
12:31:17.0426 3596 BrSerWdm - ok
12:31:17.0438 3596 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:31:17.0439 3596 BrUsbMdm - ok
12:31:17.0449 3596 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
12:31:17.0451 3596 BrUsbSer - ok
12:31:17.0466 3596 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
12:31:17.0468 3596 BTHMODEM - ok
12:31:17.0519 3596 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
12:31:17.0521 3596 bthserv - ok
12:31:17.0561 3596 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
12:31:17.0564 3596 cdfs - ok
12:31:17.0658 3596 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
12:31:17.0661 3596 cdrom - ok
12:31:17.0708 3596 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
12:31:17.0711 3596 CertPropSvc - ok
12:31:17.0724 3596 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
12:31:17.0727 3596 circlass - ok
12:31:17.0751 3596 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
12:31:17.0760 3596 CLFS - ok
12:31:17.0848 3596 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:31:17.0852 3596 clr_optimization_v2.0.50727_32 - ok
12:31:17.0948 3596 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:31:17.0975 3596 clr_optimization_v4.0.30319_32 - ok
12:31:17.0995 3596 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
12:31:17.0997 3596 CmBatt - ok
12:31:18.0034 3596 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
12:31:18.0036 3596 cmdide - ok
12:31:18.0083 3596 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
12:31:18.0122 3596 CNG - ok
12:31:18.0132 3596 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
12:31:18.0134 3596 Compbatt - ok
12:31:18.0169 3596 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
12:31:18.0170 3596 CompositeBus - ok
12:31:18.0186 3596 COMSysApp - ok
12:31:18.0202 3596 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
12:31:18.0204 3596 crcdisk - ok
12:31:18.0257 3596 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
12:31:18.0261 3596 CryptSvc - ok
12:31:18.0317 3596 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
12:31:18.0331 3596 CSC - ok
12:31:18.0390 3596 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
12:31:18.0407 3596 CscService - ok
12:31:18.0434 3596 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
12:31:18.0445 3596 DcomLaunch - ok
12:31:18.0492 3596 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
12:31:18.0497 3596 defragsvc - ok
12:31:18.0608 3596 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
12:31:18.0611 3596 DfsC - ok
12:31:18.0685 3596 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
12:31:18.0693 3596 Dhcp - ok
12:31:18.0736 3596 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
12:31:18.0738 3596 discache - ok
12:31:18.0764 3596 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
12:31:18.0766 3596 Disk - ok
12:31:18.0808 3596 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
12:31:18.0821 3596 Dnscache - ok
12:31:18.0863 3596 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
12:31:18.0872 3596 dot3svc - ok
12:31:18.0912 3596 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
12:31:18.0917 3596 DPS - ok
12:31:18.0953 3596 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
12:31:18.0954 3596 drmkaud - ok
12:31:19.0029 3596 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
12:31:19.0048 3596 DXGKrnl - ok
12:31:19.0107 3596 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
12:31:19.0111 3596 EapHost - ok
12:31:19.0307 3596 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
12:31:19.0365 3596 ebdrv - ok
12:31:19.0507 3596 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
12:31:19.0512 3596 EFS - ok
12:31:19.0643 3596 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
12:31:19.0652 3596 ehRecvr - ok
12:31:19.0689 3596 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
12:31:19.0692 3596 ehSched - ok
12:31:19.0784 3596 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
12:31:19.0796 3596 elxstor - ok
12:31:19.0822 3596 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
12:31:19.0824 3596 ErrDev - ok
12:31:19.0882 3596 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
12:31:19.0890 3596 EventSystem - ok
12:31:19.0916 3596 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
12:31:19.0928 3596 exfat - ok
12:31:20.0104 3596 F-Secure BlackLight Sensor (e081184b8a58dc49bfe2200d56c297b2) C:\Windows\TEMP\F-Secure\Anti-Virus\fsblsrv.exe
12:31:20.0115 3596 F-Secure BlackLight Sensor - ok
12:31:20.0282 3596 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
12:31:20.0294 3596 fastfat - ok
12:31:20.0365 3596 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
12:31:20.0383 3596 Fax - ok
12:31:20.0400 3596 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
12:31:20.0402 3596 fdc - ok
12:31:20.0443 3596 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
12:31:20.0446 3596 fdPHost - ok
12:31:20.0458 3596 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
12:31:20.0461 3596 FDResPub - ok
12:31:20.0488 3596 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
12:31:20.0490 3596 FileInfo - ok
12:31:20.0505 3596 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
12:31:20.0507 3596 Filetrace - ok
12:31:20.0658 3596 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:31:20.0697 3596 FLEXnet Licensing Service - ok
12:31:20.0712 3596 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
12:31:20.0714 3596 flpydisk - ok
12:31:20.0742 3596 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
12:31:20.0752 3596 FltMgr - ok
12:31:20.0831 3596 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
12:31:20.0847 3596 FontCache - ok
12:31:20.0969 3596 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:31:20.0972 3596 FontCache3.0.0.0 - ok
12:31:21.0015 3596 fsbl - ok
12:31:21.0058 3596 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
12:31:21.0060 3596 FsDepends - ok
12:31:21.0112 3596 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
12:31:21.0115 3596 fssfltr - ok
12:31:21.0289 3596 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
12:31:21.0345 3596 fsssvc - ok
12:31:21.0519 3596 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
12:31:21.0521 3596 Fs_Rec - ok
12:31:21.0571 3596 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
12:31:21.0640 3596 fvevol - ok
12:31:21.0691 3596 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:31:21.0693 3596 gagp30kx - ok
12:31:21.0736 3596 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:31:21.0738 3596 GEARAspiWDM - ok
12:31:21.0796 3596 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
12:31:21.0812 3596 gpsvc - ok
12:31:21.0941 3596 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
12:31:21.0944 3596 gupdate - ok
12:31:21.0964 3596 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
12:31:21.0966 3596 gupdatem - ok
12:31:22.0011 3596 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:31:22.0025 3596 gusvc - ok
12:31:22.0060 3596 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
12:31:22.0062 3596 hcw85cir - ok
12:31:22.0129 3596 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
12:31:22.0137 3596 HdAudAddService - ok
12:31:22.0186 3596 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
12:31:22.0188 3596 HDAudBus - ok
12:31:22.0205 3596 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
12:31:22.0207 3596 HidBatt - ok
12:31:22.0225 3596 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
12:31:22.0228 3596 HidBth - ok
12:31:22.0253 3596 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
12:31:22.0255 3596 HidIr - ok
12:31:22.0292 3596 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
12:31:22.0296 3596 hidserv - ok
12:31:22.0350 3596 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
12:31:22.0352 3596 HidUsb - ok
12:31:22.0386 3596 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
12:31:22.0391 3596 hkmsvc - ok
12:31:22.0437 3596 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
12:31:22.0447 3596 HomeGroupListener - ok
12:31:22.0486 3596 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
12:31:22.0497 3596 HomeGroupProvider - ok
12:31:22.0538 3596 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
12:31:22.0541 3596 HpSAMD - ok
12:31:22.0652 3596 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
12:31:22.0662 3596 HTTP - ok
12:31:22.0704 3596 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
12:31:22.0706 3596 hwpolicy - ok
12:31:22.0762 3596 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
12:31:22.0765 3596 i8042prt - ok
12:31:22.0816 3596 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
12:31:22.0831 3596 iaStorV - ok
12:31:22.0993 3596 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:31:23.0015 3596 idsvc - ok
12:31:23.0162 3596 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
12:31:23.0165 3596 iirsp - ok
12:31:23.0252 3596 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
12:31:23.0266 3596 IKEEXT - ok
12:31:23.0301 3596 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
12:31:23.0304 3596 intelide - ok
12:31:23.0334 3596 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
12:31:23.0337 3596 intelppm - ok
12:31:23.0378 3596 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
12:31:23.0383 3596 IPBusEnum - ok
12:31:23.0395 3596 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:31:23.0398 3596 IpFilterDriver - ok
12:31:23.0436 3596 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
12:31:23.0439 3596 IPMIDRV - ok
12:31:23.0460 3596 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
12:31:23.0463 3596 IPNAT - ok
12:31:23.0490 3596 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
12:31:23.0492 3596 IRENUM - ok
12:31:23.0525 3596 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
12:31:23.0527 3596 isapnp - ok
12:31:23.0626 3596 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
12:31:23.0631 3596 iScsiPrt - ok
12:31:23.0658 3596 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
12:31:23.0660 3596 kbdclass - ok
12:31:23.0706 3596 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
12:31:23.0708 3596 kbdhid - ok
12:31:23.0748 3596 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:31:23.0752 3596 KeyIso - ok
12:31:23.0790 3596 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
12:31:23.0792 3596 KSecDD - ok
12:31:23.0830 3596 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
12:31:23.0843 3596 KSecPkg - ok
12:31:23.0893 3596 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
12:31:23.0908 3596 KtmRm - ok
12:31:23.0952 3596 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
12:31:23.0963 3596 LanmanServer - ok
12:31:23.0996 3596 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
12:31:24.0010 3596 LanmanWorkstation - ok
12:31:24.0061 3596 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
12:31:24.0063 3596 lltdio - ok
12:31:24.0108 3596 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
12:31:24.0118 3596 lltdsvc - ok
12:31:24.0135 3596 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
12:31:24.0140 3596 lmhosts - ok
12:31:24.0175 3596 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:31:24.0179 3596 LSI_FC - ok
12:31:24.0198 3596 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:31:24.0201 3596 LSI_SAS - ok
12:31:24.0217 3596 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:31:24.0220 3596 LSI_SAS2 - ok
12:31:24.0240 3596 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:31:24.0243 3596 LSI_SCSI - ok
12:31:24.0259 3596 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
12:31:24.0262 3596 luafv - ok
12:31:24.0304 3596 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
12:31:24.0308 3596 mcdbus - ok
12:31:24.0343 3596 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
12:31:24.0349 3596 Mcx2Svc - ok
12:31:24.0365 3596 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
12:31:24.0368 3596 megasas - ok
12:31:24.0391 3596 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
12:31:24.0400 3596 MegaSR - ok
12:31:24.0434 3596 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
12:31:24.0439 3596 MMCSS - ok
12:31:24.0457 3596 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
12:31:24.0459 3596 Modem - ok
12:31:24.0489 3596 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
12:31:24.0490 3596 monitor - ok
12:31:24.0541 3596 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
12:31:24.0543 3596 mouclass - ok
12:31:24.0558 3596 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
12:31:24.0560 3596 mouhid - ok
12:31:24.0642 3596 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
12:31:24.0645 3596 mountmgr - ok
12:31:24.0726 3596 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
12:31:24.0737 3596 MpFilter - ok
12:31:24.0782 3596 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
12:31:24.0795 3596 mpio - ok
12:31:24.0918 3596 MpKsl7ebced6c - ok
12:31:24.0963 3596 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
12:31:24.0965 3596 mpsdrv - ok
12:31:25.0003 3596 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
12:31:25.0007 3596 MRxDAV - ok
12:31:25.0065 3596 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:31:25.0069 3596 mrxsmb - ok
12:31:25.0128 3596 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:31:25.0139 3596 mrxsmb10 - ok
12:31:25.0169 3596 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:31:25.0172 3596 mrxsmb20 - ok
12:31:25.0209 3596 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
12:31:25.0211 3596 msahci - ok
12:31:25.0252 3596 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
12:31:25.0255 3596 msdsm - ok
12:31:25.0297 3596 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
12:31:25.0310 3596 MSDTC - ok
12:31:25.0353 3596 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
12:31:25.0355 3596 Msfs - ok
12:31:25.0370 3596 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
12:31:25.0371 3596 mshidkmdf - ok
12:31:25.0406 3596 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
12:31:25.0408 3596 msisadrv - ok
12:31:25.0462 3596 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
12:31:25.0475 3596 MSiSCSI - ok
12:31:25.0480 3596 msiserver - ok
12:31:25.0497 3596 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
12:31:25.0499 3596 MSKSSRV - ok
12:31:25.0515 3596 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
12:31:25.0517 3596 MSPCLOCK - ok
12:31:25.0522 3596 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
12:31:25.0525 3596 MSPQM - ok
12:31:25.0544 3596 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
12:31:25.0555 3596 MsRPC - ok
12:31:25.0615 3596 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
12:31:25.0616 3596 mssmbios - ok
12:31:25.0645 3596 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
12:31:25.0647 3596 MSTEE - ok
12:31:25.0662 3596 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
12:31:25.0664 3596 MTConfig - ok
12:31:25.0677 3596 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
12:31:25.0680 3596 Mup - ok
12:31:25.0727 3596 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
12:31:25.0743 3596 napagent - ok
12:31:25.0769 3596 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
12:31:25.0778 3596 NativeWifiP - ok
12:31:25.0831 3596 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
12:31:25.0842 3596 NDIS - ok
12:31:25.0860 3596 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
12:31:25.0863 3596 NdisCap - ok
12:31:25.0884 3596 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
12:31:25.0886 3596 NdisTapi - ok
12:31:25.0925 3596 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
12:31:25.0927 3596 Ndisuio - ok
12:31:25.0968 3596 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
12:31:25.0971 3596 NdisWan - ok
12:31:26.0012 3596 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
12:31:26.0014 3596 NDProxy - ok
12:31:26.0036 3596 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
12:31:26.0037 3596 NetBIOS - ok
12:31:26.0082 3596 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
12:31:26.0093 3596 NetBT - ok
12:31:26.0130 3596 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:31:26.0134 3596 Netlogon - ok
12:31:26.0194 3596 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
12:31:26.0210 3596 Netman - ok
12:31:26.0235 3596 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
12:31:26.0249 3596 netprofm - ok
12:31:26.0367 3596 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:31:26.0370 3596 NetTcpPortSharing - ok
12:31:26.0431 3596 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
12:31:26.0433 3596 nfrd960 - ok
12:31:26.0489 3596 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:31:26.0492 3596 NisDrv - ok
12:31:26.0655 3596 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
12:31:26.0666 3596 NisSrv - ok
12:31:26.0715 3596 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
12:31:26.0733 3596 NlaSvc - ok
12:31:26.0755 3596 nmwcd (f6c40e0a565ee3ce5aeeb325e10054f2) C:\Windows\system32\drivers\ccdcmb.sys
12:31:26.0757 3596 nmwcd - ok
12:31:26.0793 3596 nmwcdc (2a394e9e1fa3565e4b2fea470ffe4d6b) C:\Windows\system32\drivers\ccdcmbo.sys
12:31:26.0796 3596 nmwcdc - ok
12:31:26.0855 3596 nmwcdnsu (99b224f8026cb534724aa3c408561e45) C:\Windows\system32\drivers\nmwcdnsu.sys
12:31:26.0868 3596 nmwcdnsu - ok
12:31:26.0884 3596 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
12:31:26.0886 3596 Npfs - ok
12:31:26.0922 3596 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
12:31:26.0928 3596 nsi - ok
12:31:26.0970 3596 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
12:31:26.0974 3596 nsiproxy - ok
12:31:27.0079 3596 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
12:31:27.0128 3596 Ntfs - ok
12:31:27.0276 3596 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
12:31:27.0278 3596 Null - ok
12:31:27.0320 3596 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
12:31:27.0323 3596 nvraid - ok
12:31:27.0365 3596 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
12:31:27.0368 3596 nvstor - ok
12:31:27.0403 3596 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
12:31:27.0407 3596 nv_agp - ok
12:31:27.0526 3596 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:31:27.0538 3596 odserv - ok
12:31:27.0613 3596 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
12:31:27.0616 3596 ohci1394 - ok
12:31:27.0693 3596 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:31:27.0706 3596 ose - ok
12:31:27.0755 3596 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
12:31:27.0772 3596 p2pimsvc - ok
12:31:27.0826 3596 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
12:31:27.0842 3596 p2psvc - ok
12:31:27.0885 3596 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
12:31:27.0887 3596 Parport - ok
12:31:27.0920 3596 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
12:31:27.0922 3596 partmgr - ok
12:31:27.0936 3596 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
12:31:27.0938 3596 Parvdm - ok
12:31:27.0961 3596 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
12:31:27.0973 3596 PcaSvc - ok
12:31:28.0034 3596 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:31:28.0037 3596 pccsmcfd - ok
12:31:28.0079 3596 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
12:31:28.0082 3596 pci - ok
12:31:28.0127 3596 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
12:31:28.0130 3596 pciide - ok
12:31:28.0151 3596 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
12:31:28.0162 3596 pcmcia - ok
12:31:28.0182 3596 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
12:31:28.0185 3596 pcw - ok
12:31:28.0229 3596 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
12:31:28.0239 3596 PEAUTH - ok
12:31:28.0342 3596 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
12:31:28.0373 3596 PeerDistSvc - ok
12:31:28.0497 3596 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
12:31:28.0529 3596 pla - ok
12:31:28.0693 3596 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
12:31:28.0751 3596 PlugPlay - ok
12:31:28.0788 3596 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
12:31:28.0795 3596 PNRPAutoReg - ok
12:31:28.0817 3596 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
12:31:28.0824 3596 PNRPsvc - ok
12:31:28.0902 3596 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
12:31:28.0905 3596 Point32 - ok
12:31:28.0941 3596 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
12:31:28.0949 3596 PolicyAgent - ok
12:31:28.0983 3596 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
12:31:29.0012 3596 Power - ok
12:31:29.0055 3596 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
12:31:29.0058 3596 PptpMiniport - ok
12:31:29.0093 3596 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
12:31:29.0096 3596 Processor - ok
12:31:29.0144 3596 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
12:31:29.0156 3596 ProfSvc - ok
12:31:29.0200 3596 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:31:29.0204 3596 ProtectedStorage - ok
12:31:29.0254 3596 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
12:31:29.0257 3596 Psched - ok
12:31:29.0340 3596 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
12:31:29.0367 3596 ql2300 - ok
12:31:29.0546 3596 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
12:31:29.0550 3596 ql40xx - ok
12:31:29.0639 3596 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
12:31:29.0657 3596 QWAVE - ok
12:31:29.0672 3596 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
12:31:29.0674 3596 QWAVEdrv - ok
12:31:29.0760 3596 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
12:31:29.0771 3596 RapiMgr - ok
12:31:29.0788 3596 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
12:31:29.0790 3596 RasAcd - ok
12:31:29.0834 3596 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:31:29.0836 3596 RasAgileVpn - ok
12:31:29.0853 3596 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
12:31:29.0867 3596 RasAuto - ok
12:31:29.0878 3596 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:31:29.0881 3596 Rasl2tp - ok
12:31:29.0940 3596 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
12:31:29.0956 3596 RasMan - ok
12:31:29.0973 3596 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
12:31:29.0976 3596 RasPppoe - ok
12:31:30.0003 3596 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
12:31:30.0005 3596 RasSstp - ok
12:31:30.0054 3596 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
12:31:30.0063 3596 rdbss - ok
12:31:30.0078 3596 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
12:31:30.0080 3596 rdpbus - ok
12:31:30.0118 3596 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:31:30.0119 3596 RDPCDD - ok
12:31:30.0142 3596 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
12:31:30.0146 3596 RDPDR - ok
12:31:30.0168 3596 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
12:31:30.0169 3596 RDPENCDD - ok
12:31:30.0181 3596 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
12:31:30.0183 3596 RDPREFMP - ok
12:31:30.0244 3596 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
12:31:30.0272 3596 RdpVideoMiniport - ok
12:31:30.0360 3596 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
12:31:30.0372 3596 RDPWD - ok
12:31:30.0428 3596 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
12:31:30.0440 3596 rdyboost - ok
12:31:30.0478 3596 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
12:31:30.0484 3596 RemoteAccess - ok
12:31:30.0524 3596 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
12:31:30.0538 3596 RemoteRegistry - ok
12:31:30.0555 3596 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
12:31:30.0562 3596 RpcEptMapper - ok
12:31:30.0640 3596 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
12:31:30.0645 3596 RpcLocator - ok
12:31:30.0699 3596 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
12:31:30.0708 3596 RpcSs - ok
12:31:30.0757 3596 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
12:31:30.0760 3596 rspndr - ok
12:31:30.0798 3596 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys
12:31:30.0806 3596 RTL8167 - ok
12:31:30.0841 3596 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
12:31:30.0843 3596 s3cap - ok
12:31:30.0884 3596 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:31:30.0889 3596 SamSs - ok
12:31:30.0939 3596 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
12:31:30.0942 3596 sbp2port - ok
12:31:30.0982 3596 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
12:31:30.0995 3596 SCardSvr - ok
12:31:31.0039 3596 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
12:31:31.0041 3596 scfilter - ok
12:31:31.0117 3596 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
12:31:31.0136 3596 Schedule - ok
12:31:31.0176 3596 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
12:31:31.0178 3596 SCPolicySvc - ok
12:31:31.0221 3596 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
12:31:31.0233 3596 SDRSVC - ok
12:31:31.0379 3596 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
12:31:31.0387 3596 SeaPort - ok
12:31:31.0486 3596 Secdrv (07f7f501ad50de2ba2d5842d9b6d6155) C:\Windows\system32\drivers\SECDRV.SYS
12:31:31.0489 3596 Secdrv - ok
12:31:31.0523 3596 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
12:31:31.0530 3596 seclogon - ok
12:31:31.0555 3596 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
12:31:31.0570 3596 SENS - ok
12:31:31.0633 3596 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
12:31:31.0640 3596 SensrSvc - ok
12:31:31.0691 3596 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
12:31:31.0693 3596 Serenum - ok
12:31:31.0708 3596 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
12:31:31.0711 3596 Serial - ok
12:31:31.0750 3596 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
12:31:31.0752 3596 sermouse - ok
12:31:31.0887 3596 ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:31:31.0898 3596 ServiceLayer - ok
12:31:31.0945 3596 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
12:31:31.0958 3596 SessionEnv - ok
12:31:32.0004 3596 sfdrv01 (9e7dee11fd5a4355941a45f13c0ed59a) C:\Windows\system32\drivers\sfdrv01.sys
12:31:32.0007 3596 sfdrv01 - ok
12:31:32.0043 3596 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
12:31:32.0045 3596 sffdisk - ok
12:31:32.0056 3596 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
12:31:32.0059 3596 sffp_mmc - ok
12:31:32.0071 3596 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
12:31:32.0074 3596 sffp_sd - ok
12:31:32.0114 3596 sfhlp02 (ecefb59d2206d281e6d317af0ea0d8bd) C:\Windows\system32\drivers\sfhlp02.sys
12:31:32.0116 3596 sfhlp02 - ok
12:31:32.0155 3596 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
12:31:32.0157 3596 sfloppy - ok
12:31:32.0206 3596 sfsync04 (05e3038180cd846b0bca0e915163606a) C:\Windows\system32\drivers\sfsync04.sys
12:31:32.0209 3596 sfsync04 - ok
12:31:32.0263 3596 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
12:31:32.0278 3596 ShellHWDetection - ok
12:31:32.0319 3596 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
12:31:32.0322 3596 sisagp - ok
12:31:32.0344 3596 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:31:32.0347 3596 SiSRaid2 - ok
12:31:32.0369 3596 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
12:31:32.0373 3596 SiSRaid4 - ok
12:31:32.0500 3596 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
12:31:32.0512 3596 SkypeUpdate - ok
12:31:32.0536 3596 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
12:31:32.0539 3596 Smb - ok
12:31:32.0650 3596 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
12:31:32.0658 3596 SNMPTRAP - ok
12:31:32.0669 3596 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
12:31:32.0671 3596 spldr - ok
12:31:32.0723 3596 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
12:31:32.0738 3596 Spooler - ok
12:31:32.0935 3596 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
12:31:33.0000 3596 sppsvc - ok
12:31:33.0138 3596 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
12:31:33.0153 3596 sppuinotify - ok
12:31:33.0284 3596 sptd (0c1dad75274cb6e31f053ce3e08bf9c3) C:\Windows\system32\Drivers\sptd.sys
12:31:33.0303 3596 sptd - ok
12:31:33.0368 3596 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
12:31:33.0385 3596 srv - ok
12:31:33.0407 3596 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
12:31:33.0423 3596 srv2 - ok
12:31:33.0439 3596 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
12:31:33.0443 3596 srvnet - ok
12:31:33.0490 3596 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
12:31:33.0502 3596 SSDPSRV - ok
12:31:33.0516 3596 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
12:31:33.0531 3596 SstpSvc - ok
12:31:33.0624 3596 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
12:31:33.0625 3596 StarOpen - ok
12:31:33.0715 3596 Steam Client Service - ok
12:31:33.0756 3596 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
12:31:33.0759 3596 stexstor - ok
12:31:33.0815 3596 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
12:31:33.0835 3596 StiSvc - ok
12:31:33.0874 3596 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
12:31:33.0877 3596 storflt - ok
12:31:33.0925 3596 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
12:31:33.0928 3596 storvsc - ok
12:31:33.0968 3596 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
12:31:33.0970 3596 swenum - ok
12:31:34.0115 3596 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:31:34.0120 3596 SwitchBoard - ok
12:31:34.0174 3596 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
12:31:34.0189 3596 swprv - ok
12:31:34.0204 3596 Synth3dVsc - ok
12:31:34.0305 3596 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
12:31:34.0340 3596 SysMain - ok
12:31:34.0383 3596 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
12:31:34.0398 3596 TabletInputService - ok
12:31:34.0450 3596 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
12:31:34.0467 3596 TapiSrv - ok
12:31:34.0554 3596 tbhsd (77bd6143c6dce0a1bf7b5571bed860dc) C:\Windows\system32\drivers\tbhsd.sys
12:31:34.0557 3596 tbhsd - ok
12:31:34.0596 3596 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
12:31:34.0610 3596 TBS - ok
12:31:34.0735 3596 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
12:31:34.0755 3596 Tcpip - ok
12:31:34.0968 3596 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
12:31:34.0979 3596 TCPIP6 - ok
12:31:35.0062 3596 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
12:31:35.0064 3596 tcpipreg - ok
12:31:35.0104 3596 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
12:31:35.0107 3596 TDPIPE - ok
12:31:35.0144 3596 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
12:31:35.0147 3596 TDTCP - ok
12:31:35.0190 3596 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
12:31:35.0192 3596 tdx - ok
12:31:35.0230 3596 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
12:31:35.0233 3596 TermDD - ok
12:31:35.0300 3596 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
12:31:35.0318 3596 TermService - ok
12:31:35.0357 3596 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
12:31:35.0372 3596 Themes - ok
12:31:35.0413 3596 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
12:31:35.0418 3596 THREADORDER - ok
12:31:35.0477 3596 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\Windows\system32\drivers\tiehdusb.sys
12:31:35.0480 3596 TIEHDUSB - ok
12:31:35.0530 3596 TPkd (5815ae5ef8519066f19e575d67f6f191) C:\Windows\system32\drivers\TPkd.sys
12:31:35.0534 3596 TPkd - ok
12:31:35.0551 3596 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
12:31:35.0566 3596 TrkWks - ok
12:31:35.0681 3596 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
12:31:35.0691 3596 TrustedInstaller - ok
12:31:35.0736 3596 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:31:35.0742 3596 tssecsrv - ok
12:31:35.0786 3596 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
12:31:35.0789 3596 TsUsbFlt - ok
12:31:35.0794 3596 tsusbhub - ok
12:31:35.0853 3596 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
12:31:35.0856 3596 tunnel - ok
12:31:35.0912 3596 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
12:31:35.0915 3596 uagp35 - ok
12:31:35.0965 3596 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
12:31:35.0991 3596 udfs - ok
12:31:36.0039 3596 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
12:31:36.0055 3596 UI0Detect - ok
12:31:36.0098 3596 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
12:31:36.0101 3596 uliagpkx - ok
12:31:36.0146 3596 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
12:31:36.0148 3596 umbus - ok
12:31:36.0164 3596 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
12:31:36.0166 3596 UmPass - ok
12:31:36.0218 3596 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
12:31:36.0229 3596 UmRdpService - ok
12:31:36.0258 3596 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
12:31:36.0268 3596 upnphost - ok
12:31:36.0299 3596 upperdev (47f5f9d837d80ffd5882a14db9da0a67) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
12:31:36.0301 3596 upperdev - ok
12:31:36.0342 3596 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
12:31:36.0346 3596 USBAAPL - ok
12:31:36.0388 3596 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
12:31:36.0390 3596 usbccgp - ok
12:31:36.0428 3596 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
12:31:36.0432 3596 usbcir - ok
12:31:36.0471 3596 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
12:31:36.0474 3596 usbehci - ok
12:31:36.0509 3596 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
12:31:36.0534 3596 usbhub - ok
12:31:36.0545 3596 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
12:31:36.0547 3596 usbohci - ok
12:31:36.0630 3596 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
12:31:36.0633 3596 usbprint - ok
12:31:36.0667 3596 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
12:31:36.0670 3596 usbscan - ok
12:31:36.0722 3596 usbser (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys
12:31:36.0724 3596 usbser - ok
12:31:36.0756 3596 UsbserFilt (e44f0d17be0908b58dcc99ccb99c6c32) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
12:31:36.0758 3596 UsbserFilt - ok
12:31:36.0772 3596 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:31:36.0775 3596 USBSTOR - ok
12:31:36.0791 3596 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
12:31:36.0793 3596 usbuhci - ok
12:31:36.0824 3596 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
12:31:36.0837 3596 usbvideo - ok
12:31:36.0878 3596 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
12:31:36.0880 3596 usb_rndisx - ok
12:31:36.0915 3596 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
12:31:36.0931 3596 UxSms - ok
12:31:36.0985 3596 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:31:36.0989 3596 VaultSvc - ok
12:31:37.0023 3596 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
12:31:37.0025 3596 vdrvroot - ok
12:31:37.0074 3596 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
12:31:37.0102 3596 vds - ok
12:31:37.0153 3596 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
12:31:37.0156 3596 vga - ok
12:31:37.0197 3596 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
12:31:37.0199 3596 VgaSave - ok
12:31:37.0214 3596 VGPU - ok
12:31:37.0261 3596 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
12:31:37.0272 3596 vhdmp - ok
12:31:37.0296 3596 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
12:31:37.0299 3596 viaagp - ok
12:31:37.0319 3596 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
12:31:37.0323 3596 ViaC7 - ok
12:31:37.0336 3596 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
12:31:37.0339 3596 viaide - ok
12:31:37.0377 3596 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
12:31:37.0389 3596 vmbus - ok
12:31:37.0439 3596 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
12:31:37.0442 3596 VMBusHID - ok
12:31:37.0479 3596 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
12:31:37.0482 3596 volmgr - ok
12:31:37.0507 3596 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
12:31:37.0531 3596 volmgrx - ok
12:31:37.0612 3596 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
12:31:37.0642 3596 volsnap - ok
12:31:37.0679 3596 vpcbus (b26536add1d748cda104d856c979ae79) C:\Windows\system32\DRIVERS\vpchbus.sys
12:31:37.0683 3596 vpcbus - ok
12:31:37.0740 3596 vpcnfltr (a0f7e923a6261760130f22b85df9040e) C:\Windows\system32\DRIVERS\vpcnfltr.sys
12:31:37.0742 3596 vpcnfltr - ok
12:31:37.0758 3596 vpcusb (5f4b55e91ce7e2523c9e1e0ece858869) C:\Windows\system32\DRIVERS\vpcusb.sys
12:31:37.0761 3596 vpcusb - ok
12:31:37.0783 3596 vpcuxd (c35c2c888aff276e95ad3db3b7a8d003) C:\Windows\system32\drivers\vpcuxd.sys
12:31:37.0785 3596 vpcuxd - ok
12:31:37.0840 3596 vpcvmm (b487191fe18d6863381a1ac55482469a) C:\Windows\system32\drivers\vpcvmm.sys
12:31:37.0844 3596 vpcvmm - ok
12:31:37.0882 3596 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
12:31:37.0894 3596 vsmraid - ok
12:31:38.0005 3596 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
12:31:38.0051 3596 VSS - ok
12:31:38.0066 3596 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
12:31:38.0068 3596 vwifibus - ok
12:31:38.0182 3596 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
12:31:38.0294 3596 W32Time - ok
12:31:38.0318 3596 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
12:31:38.0321 3596 WacomPen - ok
12:31:38.0377 3596 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
12:31:38.0379 3596 WANARP - ok
12:31:38.0384 3596 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
12:31:38.0387 3596 Wanarpv6 - ok
12:31:38.0656 3596 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
12:31:38.0708 3596 WatAdminSvc - ok
12:31:39.0650 3596 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
12:31:39.0703 3596 wbengine - ok
12:31:39.0761 3596 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
12:31:39.0806 3596 WbioSrvc - ok
12:31:39.0908 3596 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
12:31:39.0922 3596 WcesComm - ok
12:31:39.0987 3596 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
12:31:40.0037 3596 wcncsvc - ok
12:31:40.0080 3596 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
12:31:40.0096 3596 WcsPlugInService - ok
12:31:40.0176 3596 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
12:31:40.0178 3596 Wd - ok
12:31:40.0209 3596 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
12:31:40.0220 3596 Wdf01000 - ok
12:31:40.0238 3596 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
12:31:40.0253 3596 WdiServiceHost - ok
12:31:40.0257 3596 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
12:31:40.0265 3596 WdiSystemHost - ok
12:31:40.0311 3596 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
12:31:40.0329 3596 WebClient - ok
12:31:40.0356 3596 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
12:31:40.0375 3596 Wecsvc - ok
12:31:40.0394 3596 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
12:31:40.0409 3596 wercplsupport - ok
12:31:40.0441 3596 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
12:31:40.0455 3596 WerSvc - ok
12:31:40.0493 3596 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
12:31:40.0495 3596 WfpLwf - ok
12:31:40.0508 3596 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
12:31:40.0511 3596 WIMMount - ok
12:31:40.0520 3596 WinHttpAutoProxySvc - ok
12:31:40.0645 3596 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
12:31:40.0657 3596 Winmgmt - ok
12:31:40.0761 3596 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
12:31:40.0796 3596 WinRM - ok
12:31:40.0903 3596 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
12:31:40.0906 3596 WinUsb - ok
12:31:40.0986 3596 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
12:31:41.0010 3596 Wlansvc - ok
12:31:41.0125 3596 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:31:41.0128 3596 wlcrasvc - ok
12:31:41.0772 3596 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:31:41.0810 3596 wlidsvc - ok
12:31:43.0230 3596 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
12:31:43.0253 3596 WmiAcpi - ok
12:31:44.0099 3596 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
12:31:44.0116 3596 wmiApSrv - ok
12:31:45.0665 3596 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
12:31:45.0702 3596 WMPNetworkSvc - ok
12:31:46.0925 3596 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
12:31:46.0936 3596 WPCSvc - ok
12:31:47.0184 3596 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
12:31:47.0211 3596 WPDBusEnum - ok
12:31:47.0508 3596 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
12:31:47.0540 3596 ws2ifsl - ok
12:31:47.0545 3596 WSearch - ok
12:31:47.0652 3596 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
12:31:47.0655 3596 WudfPf - ok
12:31:47.0738 3596 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:31:47.0764 3596 WUDFRd - ok
12:31:47.0822 3596 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
12:31:47.0838 3596 wudfsvc - ok
12:31:48.0202 3596 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
12:31:48.0227 3596 WwanSvc - ok
12:31:48.0303 3596 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:31:55.0720 3596 \Device\Harddisk0\DR0 - ok
12:31:55.0751 3596 Boot (0x1200) (0d264cd0bb3e9eefdae278c163e3b9a2) \Device\Harddisk0\DR0\Partition0
12:31:55.0815 3596 \Device\Harddisk0\DR0\Partition0 - ok
12:31:55.0816 3596 ============================================================
12:31:55.0816 3596 Scan finished
12:31:55.0816 3596 ============================================================
12:31:55.0830 3672 Detected object count: 0
12:31:55.0830 3672 Actual detected object count: 0







------------ MiniToolBox log ------------


MiniToolBox by Farbar Version: 23-07-2012
Ran by illi (administrator) on 25-07-2012 at 12:37:27
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90

There are 1 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR5007UG Wireless Network Adapter = Wireless Network Connection 3 (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : gorda
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : P-661HNU-F1

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . : P-661HNU-F1
Description . . . . . . . . . . . : Atheros AR5007UG Wireless Network Adapter #3
Physical Address. . . . . . . . . : 00-1A-9F-90-5D-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6802:b7b2:e26c:f202%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.49(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 25. hein„kuuta 2012 12:23:31
Lease Expires . . . . . . . . . . : 26. hein„kuuta 2012 12:23:35
Default Gateway . . . . . . . . . : 192.168.1.10
DHCP Server . . . . . . . . . . . : 192.168.1.10
DHCPv6 IAID . . . . . . . . . . . : 369105567
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-13-FB-E9-00-19-DB-C4-B6-EC
DNS Servers . . . . . . . . . . . : 192.168.1.10
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-19-DB-C4-B6-EC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.P-661HNU-F1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{503A47AE-4A0E-4D71-88B5-CB321F6AC37E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.10

Name: google.com
Addresses: 2a00:1450:400f:801::1003
173.194.32.38
173.194.32.35
173.194.32.37
173.194.32.36
173.194.32.33
173.194.32.40
173.194.32.46
173.194.32.39
173.194.32.41
173.194.32.32
173.194.32.34


Pinging google.com [173.194.32.34] with 32 bytes of data:
Reply from 173.194.32.34: bytes=32 time=41ms TTL=56
Reply from 173.194.32.34: bytes=32 time=41ms TTL=56

Ping statistics for 173.194.32.34:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 41ms, Maximum = 41ms, Average = 41ms
Server: UnKnown
Address: 192.168.1.10

Name: yahoo.com
Addresses: 72.30.38.140
209.191.122.70
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=265ms TTL=53
Reply from 98.139.183.24: bytes=32 time=185ms TTL=53

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 185ms, Maximum = 265ms, Average = 225ms
Server: UnKnown
Address: 192.168.1.10

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...00 1a 9f 90 5d 49 ......Atheros AR5007UG Wireless Network Adapter #3
10...00 19 db c4 b6 ec ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
21...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.10 192.168.1.49 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.49 281
192.168.1.49 255.255.255.255 On-link 192.168.1.49 281
192.168.1.255 255.255.255.255 On-link 192.168.1.49 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.49 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.49 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::6802:b7b2:e26c:f202/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()
Catalog9 33 mswsock.dll [File Not found] ()
Catalog9 34 mswsock.dll [File Not found] ()
Catalog9 35 mswsock.dll [File Not found] ()
Catalog9 36 mswsock.dll [File Not found] ()
Catalog9 37 mswsock.dll [File Not found] ()
Catalog9 38 mswsock.dll [File Not found] ()
Catalog9 39 mswsock.dll [File Not found] ()
Catalog9 40 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/25/2012 00:41:09 AM) (Source: Application Error) (User: )
Description: Faulting application name: Uninstall.exe_Messenger Plus! for Skype, version: 1.2.1.98, time stamp: 0x4f9cfcdd
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc0000374
Fault offset: 0x000c380b
Faulting process id: 0x16d8
Faulting application start time: 0xUninstall.exe_Messenger Plus! for Skype0
Faulting application path: Uninstall.exe_Messenger Plus! for Skype1
Faulting module path: Uninstall.exe_Messenger Plus! for Skype2
Report Id: Uninstall.exe_Messenger Plus! for Skype3

Error: (07/24/2012 08:11:11 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {0aa161e5-5b8a-4f35-a942-bf4d5f32e916}

Error: (07/24/2012 03:40:50 PM) (Source: MsgPlusService) (User: )
Description: MsgPlusServiceService failed to shut down.

Error: (07/24/2012 03:40:50 PM) (Source: MsgPlusService) (User: )
Description: MsgPlusServiceReceiving shutdown message.

Error: (07/24/2012 01:30:56 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 508501

Error: (07/24/2012 01:30:56 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 508501

Error: (07/24/2012 01:30:56 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/24/2012 01:30:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 507487

Error: (07/24/2012 01:30:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 507487

Error: (07/24/2012 01:30:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/25/2012 00:26:28 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/25/2012 00:26:28 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/25/2012 00:25:47 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
sfdrv01
sfsync04
sptd

Error: (07/25/2012 00:23:31 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/25/2012 00:23:31 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/25/2012 00:23:31 PM) (Source: Service Control Manager) (User: )
Description: The ASKUpgrade service failed to start due to the following error:
%%2

Error: (07/25/2012 00:23:31 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/25/2012 00:23:08 PM) (Source: Application Popup) (User: )
Description: Driver sfdrv01.sys has been blocked from loading.

Error: (07/25/2012 00:23:06 PM) (Source: Application Popup) (User: )
Description: Driver sfsync04.sys has been blocked from loading.

Error: (07/25/2012 00:23:06 PM) (Source: sptd) (User: )
Description: Driver detected an internal error in its data structures for .


Microsoft Office Sessions:
=========================
Error: (11/08/2011 02:50:13 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/28/2011 06:38:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 53 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/12/2011 00:21:09 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/09/2011 09:48:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/06/2011 08:21:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (02/14/2011 01:56:08 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/28/2011 01:54:47 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/27/2011 00:55:18 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/17/2011 00:56:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/06/2010 02:40:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
AC3Filter 1.63b (Version: 1.63b)
Adobe After Effects CS4 (Version: 9)
Adobe After Effects CS4 Presets (Version: 9)
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe AIR (Version: 1.5.3.9120)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color Video Profiles AE CS4 (Version: 2.0)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Default Language CS4 (Version: 2.0)
Adobe Dynamiclink Support (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Fonts All (Version: 2.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 1.8)
Adobe MotionPicture Color Files CS4 (Version: 2.0)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader 9.5.1 - Suomi (Version: 9.5.1)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe XMP Panels CS4 (Version: 2.0)
Antares Auto-Tune Evo VST (Version: 6.00.0009)
Apple Application Support (Version: 1.5.0)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.1.116)
ASIO4ALL (Version: 2.10 Beta 1)
ATI Catalyst Install Manager (Version: 3.0.790.0)
µTorrent (Version: 3.1.3)
avast! Free Antivirus (Version: 7.0.1456.0)
AviSynth 2.5
Bing Bar (Version: 7.0.619.0)
Bonjour (Version: 2.0.4.0)
Catalyst Control Center InstallProxy (Version: 2010.0825.2146.37182)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
D3DX10 (Version: 15.4.2368.0902)
DirectVobSub (remove only)
Dropbox (Version: 1.2.52)
DVBViewer Pro (Version: 4.2.1)
DVBViewer Recording Properties (Version: 1.0.0.0)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Feedback Tool (Version: 1.1.0)
ffdshow [rev 3305] [2010-03-04] (Version: 1.0.0.3305)
FL Studio 10
FormatFactory 2.20 (Version: 2.20)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 20.0.1132.57)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
Guitar Pro 5.2
i-Sound Recorder Pro 7.0.3.0 (Version: 7.0.3.0)
IL Download Manager
Interlok driver setup x32 (Version: 5.8.10)
iWisoft Free Video Converter 1.2 (Version: 1.2)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 15.4.3502.0922)
League of Legends (Version: 1.02.0000)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Media Go (Version: 2.0.317)
Melodyne 3.1 (Version: 3.1.0200)
Mesh Runtime (Version: 15.4.5722.2)
Messenger-kumppani (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
MicroMachines V4 (Version: 1.01.0000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Swedish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Finnish) 2007 (Version: 12.0.4518.1021)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MKVtoolnix 4.6.0 (Version: 4.6.0)
Mozilla Firefox 8.0 (x86 fi) (Version: 8.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS
Nokia Connectivity Cable Driver (Version: 7.1.69.0)
NWZ-S760 WALKMAN Guide (Version: 2.0.2.04130)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Ohjelman Microsoft Office Excel 2007 Help päivitys (KB963678)
Ohjelman Microsoft Office Powerpoint 2007 Help päivitys (KB963669)
Ohjelman Microsoft Office Word 2007 Help päivitys (KB963665)
Opera 12.00 (Version: 12.00.1467)
Pando Media Booster (Version: 2.6.0.1)
PC Connectivity Solution (Version: 11.5.29.0)
PDF Settings CS5 (Version: 10.0)
Photoshop Camera Raw (Version: 5.0)
Picasa 3 (Version: 3.8)
Pixel Bender Toolkit (Version: 1.0)
Project64 1.6 (Version: 1.6)
QuickTime (Version: 7.69.80.9)
Safari (Version: 5.33.20.27)
Skype™ 5.8 (Version: 5.8.158)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spotify (Version: 0.8.4.93.gd9f49c35)
Steam (Version: 1.0.0.0)
Suite Shared Configuration CS4 (Version: 1.0)
TI Connect 1.6 (Version: 1.6)
TmNationsForever
Trapcode Horizon
Trapcode Particular v2
Trapcode Shine
Ulead GIF Animator 5
Uninstall DreamSuite Bonus
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
WavePad Sound Editor
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VideoLAN VLC media player 0.8.6i (Version: 0.8.6i)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3555.0308)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
WinRAR
WinRAR archiver
WinX HD Video Converter Deluxe 3.3
Xilisoft HD Video Converter 6 (Version: 6.0.14.1104)
Xvid 1.2.2 final uninstall (Version: 1.2)

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 2047.43 MB
Available physical RAM: 1278.11 MB
Total Pagefile: 4094.86 MB
Available Pagefile: 2914.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.69 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.09 GB) (Free:35.98 GB) NTFS

========================= Users: ========================================

User accounts for \\GORDA

Administrator Guest hvk
illi oiva outi


**** End of log ****






------------ ESET OnlineScan log ------------



C:\Users\illi\AppData\Local\Temp\IXP002.TMP\fl10inst.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\illi\AppData\Local\Temp\IXP007.TMP\FLSetup.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\illi\AppData\Local\Temp\IXP008.TMP\fl10inst.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\illi\AppData\Local\Temp\msgpl_0188.tmp\LinkuryInstaller.msi Win32/Toolbar.Linkury application deleted - quarantined
C:\Users\illi\AppData\Local\Temp\nsxF597.tmp\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
C:\Windows\System32\services.exe Win32/Sirefef.FC trojan unable to clean

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:24 AM

Posted 25 July 2012 - 05:00 PM

Hi, it appears you are using a lot of Adobe apps,correct?

You may have a rootkit
Lets see if we can fix the Winsock.

Please Download this file, Click Me
Right-click on winsockfix.bat and click on Run as Administrator.

Rerun Minitoolbox with only this checked
•List Winsock Entries



A rootkit scan...

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Kornley

Kornley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 26 July 2012 - 12:20 AM

Well, I don't think I actually use so many Adobe apps, Photoshop and Afer Effects occasionally. I ran the Winsocfix.bat and restarted after it.

Here are the new logs:


------- Minitoolbox log -------


MiniToolBox by Farbar Version: 23-07-2012
Ran by illi (administrator) on 26-07-2012 at 01:08:51
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()
Catalog9 33 mswsock.dll [File Not found] ()
Catalog9 34 mswsock.dll [File Not found] ()
Catalog9 35 mswsock.dll [File Not found] ()
Catalog9 36 mswsock.dll [File Not found] ()
Catalog9 37 mswsock.dll [File Not found] ()
Catalog9 38 mswsock.dll [File Not found] ()
Catalog9 39 mswsock.dll [File Not found] ()
Catalog9 40 mswsock.dll [File Not found] ()

**** End of log ****





------- aswMBR log -------


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-26 01:25:00
-----------------------------
01:25:00.726 OS Version: Windows 6.1.7601 Service Pack 1
01:25:00.726 Number of processors: 2 586 0x6B01
01:25:00.728 ComputerName: GORDA UserName: illi
01:25:27.277 Initialize success
01:25:27.414 AVAST engine defs: 12072502
01:25:41.514 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
01:25:41.517 Disk 0 Vendor: WDC_WD3200AAJS-00VWA0 12.01B02 Size: 305245MB BusType: 3
01:25:41.531 Disk 0 MBR read successfully
01:25:41.535 Disk 0 MBR scan
01:25:41.540 Disk 0 Windows 7 default MBR code
01:25:41.550 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305243 MB offset 2048
01:25:41.558 Disk 0 scanning sectors +625139712
01:25:41.643 Disk 0 scanning C:\Windows\system32\drivers
01:26:14.761 Service scanning
01:26:39.278 Modules scanning
01:27:07.688 Disk 0 trace - called modules:
01:27:07.711 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
01:27:07.716 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86453030]
01:27:07.724 3 CLASSPNP.SYS[896f159e] -> nt!IofCallDriver -> [0x86388918]
01:27:07.731 5 ACPI.sys[83d6f3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8635a908]
01:27:09.683 AVAST engine scan C:\Windows
01:27:16.438 AVAST engine scan C:\Windows\system32
01:30:05.558 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
01:32:02.471 AVAST engine scan C:\Windows\system32\drivers
01:33:00.081 AVAST engine scan C:\Users\illi
01:50:09.587 Disk 0 MBR has been saved successfully to "C:\Users\illi\Desktop\MBR.dat"
01:50:09.599 The log file has been saved successfully to "C:\Users\illi\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-26 01:25:00
-----------------------------
01:25:00.726 OS Version: Windows 6.1.7601 Service Pack 1
01:25:00.726 Number of processors: 2 586 0x6B01
01:25:00.728 ComputerName: GORDA UserName: illi
01:25:27.277 Initialize success
01:25:27.414 AVAST engine defs: 12072502
01:25:41.514 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
01:25:41.517 Disk 0 Vendor: WDC_WD3200AAJS-00VWA0 12.01B02 Size: 305245MB BusType: 3
01:25:41.531 Disk 0 MBR read successfully
01:25:41.535 Disk 0 MBR scan
01:25:41.540 Disk 0 Windows 7 default MBR code
01:25:41.550 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305243 MB offset 2048
01:25:41.558 Disk 0 scanning sectors +625139712
01:25:41.643 Disk 0 scanning C:\Windows\system32\drivers
01:26:14.761 Service scanning
01:26:39.278 Modules scanning
01:27:07.688 Disk 0 trace - called modules:
01:27:07.711 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
01:27:07.716 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86453030]
01:27:07.724 3 CLASSPNP.SYS[896f159e] -> nt!IofCallDriver -> [0x86388918]
01:27:07.731 5 ACPI.sys[83d6f3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8635a908]
01:27:09.683 AVAST engine scan C:\Windows
01:27:16.438 AVAST engine scan C:\Windows\system32
01:30:05.558 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
01:32:02.471 AVAST engine scan C:\Windows\system32\drivers
01:33:00.081 AVAST engine scan C:\Users\illi
01:50:09.587 Disk 0 MBR has been saved successfully to "C:\Users\illi\Desktop\MBR.dat"
01:50:09.599 The log file has been saved successfully to "C:\Users\illi\Desktop\aswMBR.txt"
02:20:58.498 AVAST engine scan C:\ProgramData
02:27:40.927 Scan finished successfully
08:10:03.832 Disk 0 MBR has been saved successfully to "C:\Users\illi\Desktop\MBR.dat"
08:10:03.865 The log file has been saved successfully to "C:\Users\illi\Desktop\aswMBR.txt"

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:24 AM

Posted 26 July 2012 - 12:34 PM

Hi ,oK, you have a stubborn Win32:Sirefef-PL Rootkit.

We need to repost to get it out and that will fix many other things going on here.

Please go here....Preparation Guide .

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Kornley

Kornley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 27 July 2012 - 12:26 AM

well... there have been 2 BSODs while I've been trying to do a scan with GMER. First BSOD was before the program could even start, the second I noticed after waking up. It had been scanning propely for about 4 hours but then I had to go to sleep. I'm going to try run GMER on more time and see if it works.

#8 Kornley

Kornley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 27 July 2012 - 06:14 AM

3rd blue screen. Should a post a new topic with only DDS log? Or should I still try scanning with GMER?

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:24 AM

Posted 27 July 2012 - 07:04 PM

Yes please skip GMER.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.

Edited by boopme, 27 July 2012 - 07:31 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users