Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SvcHost connecting to random websites


  • Please log in to reply
12 replies to this topic

#1 GreenBag

GreenBag

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 23 August 2012 - 04:28 AM

Hello everyone,

I recently noticed an increase in bandwidth usage on my home pc that didn't seem to corrolate to actual usage. I tried running Malware, but it found no issues. After further investigation, I found via the "netstat -abf 5 > activity.txt" command that svchost and jusched are very frequently calling out to random websites... eg:

[svchost.exe]
TCP 192.168.0.3:49462 ip-67-201-62-138.hosts.zerolag.com:http TIME_WAIT
TCP 192.168.0.3:49463 ip-67-201-62-37.hosts.zerolag.com:http TIME_WAIT
TCP 192.168.0.3:49465 hosted-by.leaseweb.com:http TIME_WAIT
TCP 192.168.0.3:49467 199.58.84.154:http TIME_WAIT
TCP 192.168.0.3:49468 hosted-by.leaseweb.com:http TIME_WAIT
TCP 192.168.0.3:49469 hosted-by.leaseweb.com:http TIME_WAIT
TCP 192.168.0.3:49470 173.214.255.204:http TIME_WAIT
TCP 192.168.0.3:49473 ip-67-201-62-138.hosts.zerolag.com:http TIME_WAIT
TCP 192.168.0.3:49474 173.214.255.204:http TIME_WAIT
TCP 192.168.0.3:49482 ip-67-201-62-48.hosts.zerolag.com:http TIME_WAIT
TCP 192.168.0.3:49483 216.23.166.114:http ESTABLISHED


I'm not sure what is going on and have no idea how to sort this out, but I hope someone out there can guide through the process!

O/S is Win7 64Bit

Any help would be greatly appreciated. Thanks in Advance!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 PM

Posted 23 August 2012 - 05:36 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 GreenBag

GreenBag
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 26 August 2012 - 02:30 AM

Hi narenxp,

Thanks very much for looking into this issue! I've now had a chance to run the scans you requested and the logs are below. I actually had a bit of trouble getting aswMBR to complete... It would get up to checking temporary internet files and sit there for hours before disappearing, even if I emptied the temp internet files before running. I ended up deleting everying from the AppData\Local\Temp folder and it then completed as exected.

Again, thanks for any help. I really appreciate it!



TDSSkiller
===============
17:24:24.0000 3288 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
17:24:26.0010 3288 ============================================================
17:24:26.0010 3288 Current date / time: 2012/08/26 17:24:26.0010
17:24:26.0010 3288 SystemInfo:
17:24:26.0010 3288
17:24:26.0010 3288 OS Version: 6.1.7600 ServicePack: 0.0
17:24:26.0010 3288 Product type: Workstation
17:24:26.0010 3288 ComputerName: TANKS-PC
17:24:26.0010 3288 UserName: Tanks
17:24:26.0010 3288 Windows directory: C:\Windows
17:24:26.0010 3288 System windows directory: C:\Windows
17:24:26.0010 3288 Running under WOW64
17:24:26.0010 3288 Processor architecture: Intel x64
17:24:26.0010 3288 Number of processors: 4
17:24:26.0010 3288 Page size: 0x1000
17:24:26.0010 3288 Boot type: Normal boot
17:24:26.0010 3288 ============================================================
17:24:27.0360 3288 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:24:27.0370 3288 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:24:27.0370 3288 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:24:27.0830 3288 ============================================================
17:24:27.0830 3288 \Device\Harddisk0\DR0:
17:24:27.0830 3288 MBR partitions:
17:24:27.0830 3288 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:24:27.0830 3288 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
17:24:27.0830 3288 \Device\Harddisk1\DR1:
17:24:27.0830 3288 MBR partitions:
17:24:27.0830 3288 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
17:24:27.0830 3288 \Device\Harddisk2\DR2:
17:24:27.0830 3288 MBR partitions:
17:24:27.0830 3288 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
17:24:27.0830 3288 ============================================================
17:24:27.0850 3288 C: <-> \Device\Harddisk1\DR1\Partition1
17:24:27.0880 3288 E: <-> \Device\Harddisk0\DR0\Partition2
17:24:27.0920 3288 G: <-> \Device\Harddisk2\DR2\Partition1
17:24:27.0920 3288 ============================================================
17:24:27.0920 3288 Initialize success
17:24:27.0920 3288 ============================================================
17:24:33.0291 2112 ============================================================
17:24:33.0291 2112 Scan started
17:24:33.0291 2112 Mode: Manual; TDLFS;
17:24:33.0291 2112 ============================================================
17:24:35.0848 2112 ================ Scan system memory ========================
17:24:35.0848 2112 System memory - ok
17:24:35.0848 2112 ================ Scan services =============================
17:24:35.0989 2112 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:24:35.0989 2112 1394ohci - ok
17:24:36.0004 2112 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:24:36.0004 2112 ACPI - ok
17:24:36.0020 2112 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:24:36.0020 2112 AcpiPmi - ok
17:24:36.0145 2112 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:24:36.0145 2112 AdobeFlashPlayerUpdateSvc - ok
17:24:36.0176 2112 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:24:36.0191 2112 adp94xx - ok
17:24:36.0191 2112 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:24:36.0207 2112 adpahci - ok
17:24:36.0223 2112 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:24:36.0223 2112 adpu320 - ok
17:24:36.0254 2112 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:24:36.0254 2112 AeLookupSvc - ok
17:24:36.0332 2112 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
17:24:36.0332 2112 AFD - ok
17:24:36.0332 2112 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:24:36.0332 2112 agp440 - ok
17:24:36.0347 2112 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:24:36.0347 2112 ALG - ok
17:24:36.0363 2112 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:24:36.0363 2112 aliide - ok
17:24:36.0410 2112 [ EE048EF96EE7F7FDF1DCE45C9EBBF19A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:24:36.0410 2112 AMD External Events Utility - ok
17:24:36.0425 2112 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:24:36.0425 2112 amdide - ok
17:24:36.0425 2112 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:24:36.0425 2112 AmdK8 - ok
17:24:36.0535 2112 [ 8D8D3E85EFD9DD9718F879A49F9180A4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:24:36.0635 2112 amdkmdag - ok
17:24:36.0655 2112 [ B5EC8AEF50FE15B294EBC6AA3BDA1BE6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:24:36.0655 2112 amdkmdap - ok
17:24:36.0665 2112 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:24:36.0665 2112 AmdPPM - ok
17:24:36.0715 2112 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:24:36.0715 2112 amdsata - ok
17:24:36.0725 2112 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:24:36.0725 2112 amdsbs - ok
17:24:36.0745 2112 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:24:36.0745 2112 amdxata - ok
17:24:36.0755 2112 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:24:36.0755 2112 AppID - ok
17:24:36.0775 2112 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:24:36.0775 2112 AppIDSvc - ok
17:24:36.0785 2112 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:24:36.0785 2112 Appinfo - ok
17:24:36.0905 2112 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:24:36.0915 2112 Apple Mobile Device - ok
17:24:36.0945 2112 [ A632D9EA15F37D2605A7FCAF3892EC96 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
17:24:36.0945 2112 AppleCharger - ok
17:24:36.0985 2112 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
17:24:36.0985 2112 AppleChargerSrv - ok
17:24:37.0015 2112 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:24:37.0015 2112 arc - ok
17:24:37.0085 2112 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:24:37.0085 2112 arcsas - ok
17:24:37.0115 2112 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:24:37.0115 2112 AsyncMac - ok
17:24:37.0135 2112 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:24:37.0135 2112 atapi - ok
17:24:37.0185 2112 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:24:37.0205 2112 AudioEndpointBuilder - ok
17:24:37.0215 2112 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:24:37.0225 2112 AudioSrv - ok
17:24:37.0245 2112 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:24:37.0255 2112 AxInstSV - ok
17:24:37.0265 2112 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:24:37.0275 2112 b06bdrv - ok
17:24:37.0305 2112 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:24:37.0315 2112 b57nd60a - ok
17:24:37.0345 2112 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:24:37.0355 2112 BDESVC - ok
17:24:37.0355 2112 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:24:37.0355 2112 Beep - ok
17:24:37.0385 2112 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:24:37.0385 2112 BFE - ok
17:24:37.0425 2112 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:24:37.0435 2112 BITS - ok
17:24:37.0435 2112 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:24:37.0435 2112 blbdrive - ok
17:24:37.0525 2112 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:24:37.0525 2112 Bonjour Service - ok
17:24:37.0585 2112 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:24:37.0585 2112 bowser - ok
17:24:37.0595 2112 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:24:37.0595 2112 BrFiltLo - ok
17:24:37.0605 2112 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:24:37.0605 2112 BrFiltUp - ok
17:24:37.0625 2112 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
17:24:37.0625 2112 Browser - ok
17:24:37.0635 2112 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:24:37.0635 2112 Brserid - ok
17:24:37.0645 2112 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:24:37.0645 2112 BrSerWdm - ok
17:24:37.0645 2112 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:24:37.0645 2112 BrUsbMdm - ok
17:24:37.0655 2112 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:24:37.0655 2112 BrUsbSer - ok
17:24:37.0665 2112 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:24:37.0665 2112 BTHMODEM - ok
17:24:37.0695 2112 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:24:37.0695 2112 bthserv - ok
17:24:37.0705 2112 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:24:37.0705 2112 cdfs - ok
17:24:37.0735 2112 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:24:37.0735 2112 cdrom - ok
17:24:37.0765 2112 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:24:37.0765 2112 CertPropSvc - ok
17:24:37.0775 2112 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:24:37.0775 2112 circlass - ok
17:24:37.0795 2112 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:24:37.0805 2112 CLFS - ok
17:24:37.0845 2112 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:24:37.0845 2112 clr_optimization_v2.0.50727_32 - ok
17:24:37.0875 2112 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:24:37.0885 2112 clr_optimization_v2.0.50727_64 - ok
17:24:37.0985 2112 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:24:37.0985 2112 clr_optimization_v4.0.30319_32 - ok
17:24:38.0045 2112 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:24:38.0045 2112 clr_optimization_v4.0.30319_64 - ok
17:24:38.0065 2112 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:24:38.0075 2112 CmBatt - ok
17:24:38.0075 2112 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:24:38.0075 2112 cmdide - ok
17:24:38.0145 2112 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
17:24:38.0145 2112 CNG - ok
17:24:38.0155 2112 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:24:38.0155 2112 Compbatt - ok
17:24:38.0165 2112 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:24:38.0165 2112 CompositeBus - ok
17:24:38.0175 2112 COMSysApp - ok
17:24:38.0185 2112 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:24:38.0185 2112 crcdisk - ok
17:24:38.0245 2112 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:24:38.0245 2112 CryptSvc - ok
17:24:38.0275 2112 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:24:38.0285 2112 DcomLaunch - ok
17:24:38.0315 2112 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:24:38.0325 2112 defragsvc - ok
17:24:38.0365 2112 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:24:38.0365 2112 DfsC - ok
17:24:38.0385 2112 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:24:38.0385 2112 Dhcp - ok
17:24:38.0405 2112 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:24:38.0405 2112 discache - ok
17:24:38.0415 2112 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:24:38.0415 2112 Disk - ok
17:24:38.0465 2112 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:24:38.0475 2112 Dnscache - ok
17:24:38.0485 2112 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:24:38.0495 2112 dot3svc - ok
17:24:38.0515 2112 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:24:38.0515 2112 DPS - ok
17:24:38.0535 2112 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:24:38.0535 2112 drmkaud - ok
17:24:38.0595 2112 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:24:38.0605 2112 DXGKrnl - ok
17:24:38.0635 2112 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:24:38.0635 2112 EapHost - ok
17:24:38.0695 2112 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:24:38.0735 2112 ebdrv - ok
17:24:38.0775 2112 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
17:24:38.0775 2112 EFS - ok
17:24:38.0865 2112 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:24:38.0885 2112 ehRecvr - ok
17:24:38.0905 2112 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:24:38.0905 2112 ehSched - ok
17:24:38.0945 2112 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:24:38.0955 2112 elxstor - ok
17:24:38.0955 2112 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:24:38.0955 2112 ErrDev - ok
17:24:38.0975 2112 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:24:38.0985 2112 EventSystem - ok
17:24:38.0995 2112 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:24:39.0005 2112 exfat - ok
17:24:39.0015 2112 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:24:39.0015 2112 fastfat - ok
17:24:39.0045 2112 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:24:39.0055 2112 Fax - ok
17:24:39.0065 2112 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:24:39.0065 2112 fdc - ok
17:24:39.0085 2112 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:24:39.0085 2112 fdPHost - ok
17:24:39.0095 2112 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:24:39.0095 2112 FDResPub - ok
17:24:39.0105 2112 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:24:39.0105 2112 FileInfo - ok
17:24:39.0115 2112 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:24:39.0115 2112 Filetrace - ok
17:24:39.0125 2112 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:24:39.0125 2112 flpydisk - ok
17:24:39.0145 2112 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:24:39.0155 2112 FltMgr - ok
17:24:39.0205 2112 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
17:24:39.0235 2112 FontCache - ok
17:24:39.0265 2112 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:24:39.0265 2112 FontCache3.0.0.0 - ok
17:24:39.0285 2112 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:24:39.0285 2112 FsDepends - ok
17:24:39.0335 2112 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:24:39.0335 2112 Fs_Rec - ok
17:24:39.0375 2112 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:24:39.0375 2112 fvevol - ok
17:24:39.0395 2112 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:24:39.0395 2112 gagp30kx - ok
17:24:39.0405 2112 gdrv - ok
17:24:39.0445 2112 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:24:39.0445 2112 GEARAspiWDM - ok
17:24:39.0475 2112 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:24:39.0495 2112 gpsvc - ok
17:24:39.0505 2112 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:24:39.0505 2112 hcw85cir - ok
17:24:39.0545 2112 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:24:39.0545 2112 HdAudAddService - ok
17:24:39.0585 2112 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:24:39.0585 2112 HDAudBus - ok
17:24:39.0585 2112 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:24:39.0585 2112 HidBatt - ok
17:24:39.0595 2112 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:24:39.0605 2112 HidBth - ok
17:24:39.0615 2112 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:24:39.0615 2112 HidIr - ok
17:24:39.0625 2112 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:24:39.0625 2112 hidserv - ok
17:24:39.0625 2112 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:24:39.0625 2112 HidUsb - ok
17:24:39.0645 2112 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:24:39.0645 2112 hkmsvc - ok
17:24:39.0675 2112 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:24:39.0685 2112 HomeGroupListener - ok
17:24:39.0725 2112 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:24:39.0725 2112 HomeGroupProvider - ok
17:24:39.0745 2112 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:24:39.0745 2112 HpSAMD - ok
17:24:39.0775 2112 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:24:39.0785 2112 HTTP - ok
17:24:39.0795 2112 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:24:39.0795 2112 hwpolicy - ok
17:24:39.0815 2112 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:24:39.0815 2112 i8042prt - ok
17:24:39.0875 2112 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:24:39.0875 2112 iaStorV - ok
17:24:39.0905 2112 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:24:39.0925 2112 idsvc - ok
17:24:39.0935 2112 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:24:39.0935 2112 iirsp - ok
17:24:39.0965 2112 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:24:39.0985 2112 IKEEXT - ok
17:24:40.0075 2112 [ 163F94EBF8F8A98616A6B804AF08D736 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:24:40.0095 2112 IntcAzAudAddService - ok
17:24:40.0095 2112 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:24:40.0095 2112 intelide - ok
17:24:40.0115 2112 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:24:40.0115 2112 intelppm - ok
17:24:40.0135 2112 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:24:40.0135 2112 IPBusEnum - ok
17:24:40.0145 2112 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:24:40.0145 2112 IpFilterDriver - ok
17:24:40.0165 2112 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:24:40.0175 2112 iphlpsvc - ok
17:24:40.0185 2112 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:24:40.0185 2112 IPMIDRV - ok
17:24:40.0195 2112 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:24:40.0195 2112 IPNAT - ok
17:24:40.0245 2112 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:24:40.0265 2112 iPod Service - ok
17:24:40.0285 2112 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:24:40.0285 2112 IRENUM - ok
17:24:40.0295 2112 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:24:40.0295 2112 isapnp - ok
17:24:40.0315 2112 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:24:40.0315 2112 iScsiPrt - ok
17:24:40.0405 2112 [ F3A41EC4C6506E76E07A219B3A1DF8D2 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
17:24:40.0405 2112 JMB36X - ok
17:24:40.0415 2112 [ 1C368C1A2733DCC5B8E15420AA2B0F6D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
17:24:40.0415 2112 JRAID - ok
17:24:40.0425 2112 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:24:40.0425 2112 kbdclass - ok
17:24:40.0445 2112 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:24:40.0455 2112 kbdhid - ok
17:24:40.0475 2112 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
17:24:40.0475 2112 KeyIso - ok
17:24:40.0515 2112 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:24:40.0525 2112 KSecDD - ok
17:24:40.0535 2112 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:24:40.0535 2112 KSecPkg - ok
17:24:40.0555 2112 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:24:40.0555 2112 ksthunk - ok
17:24:40.0585 2112 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:24:40.0585 2112 KtmRm - ok
17:24:40.0635 2112 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:24:40.0635 2112 LanmanServer - ok
17:24:40.0655 2112 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:24:40.0655 2112 LanmanWorkstation - ok
17:24:40.0815 2112 [ 24A7D535BD9E58E5BC1AC52EF7E2EC8E ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
17:24:40.0875 2112 LeapFrog Connect Device Service - ok
17:24:40.0915 2112 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:24:40.0925 2112 lltdio - ok
17:24:40.0935 2112 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:24:40.0935 2112 lltdsvc - ok
17:24:40.0975 2112 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:24:40.0985 2112 lmhosts - ok
17:24:40.0995 2112 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:24:41.0005 2112 LSI_FC - ok
17:24:41.0005 2112 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:24:41.0005 2112 LSI_SAS - ok
17:24:41.0005 2112 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:24:41.0005 2112 LSI_SAS2 - ok
17:24:41.0015 2112 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:24:41.0015 2112 LSI_SCSI - ok
17:24:41.0025 2112 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:24:41.0025 2112 luafv - ok
17:24:41.0045 2112 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:24:41.0045 2112 Mcx2Svc - ok
17:24:41.0045 2112 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:24:41.0045 2112 megasas - ok
17:24:41.0055 2112 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:24:41.0065 2112 MegaSR - ok
17:24:41.0075 2112 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:24:41.0075 2112 MMCSS - ok
17:24:41.0085 2112 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:24:41.0085 2112 Modem - ok
17:24:41.0095 2112 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:24:41.0095 2112 monitor - ok
17:24:41.0115 2112 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:24:41.0115 2112 mouclass - ok
17:24:41.0135 2112 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:24:41.0135 2112 mouhid - ok
17:24:41.0155 2112 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:24:41.0155 2112 mountmgr - ok
17:24:41.0165 2112 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:24:41.0165 2112 mpio - ok
17:24:41.0185 2112 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:24:41.0185 2112 mpsdrv - ok
17:24:41.0215 2112 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:24:41.0215 2112 MpsSvc - ok
17:24:41.0235 2112 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:24:41.0235 2112 MRxDAV - ok
17:24:41.0275 2112 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:24:41.0275 2112 mrxsmb - ok
17:24:41.0325 2112 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:24:41.0325 2112 mrxsmb10 - ok
17:24:41.0335 2112 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:24:41.0335 2112 mrxsmb20 - ok
17:24:41.0355 2112 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:24:41.0355 2112 msahci - ok
17:24:41.0365 2112 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:24:41.0365 2112 msdsm - ok
17:24:41.0375 2112 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:24:41.0385 2112 MSDTC - ok
17:24:41.0405 2112 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:24:41.0405 2112 Msfs - ok
17:24:41.0415 2112 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:24:41.0415 2112 mshidkmdf - ok
17:24:41.0425 2112 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:24:41.0425 2112 msisadrv - ok
17:24:41.0435 2112 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:24:41.0445 2112 MSiSCSI - ok
17:24:41.0445 2112 msiserver - ok
17:24:41.0445 2112 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:24:41.0455 2112 MSKSSRV - ok
17:24:41.0455 2112 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:24:41.0455 2112 MSPCLOCK - ok
17:24:41.0455 2112 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:24:41.0465 2112 MSPQM - ok
17:24:41.0475 2112 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:24:41.0475 2112 MsRPC - ok
17:24:41.0495 2112 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:24:41.0495 2112 mssmbios - ok
17:24:41.0495 2112 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:24:41.0495 2112 MSTEE - ok
17:24:41.0495 2112 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:24:41.0495 2112 MTConfig - ok
17:24:41.0515 2112 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:24:41.0515 2112 Mup - ok
17:24:41.0535 2112 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:24:41.0545 2112 napagent - ok
17:24:41.0575 2112 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:24:41.0585 2112 NativeWifiP - ok
17:24:41.0705 2112 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:24:41.0705 2112 NAUpdate - ok
17:24:41.0735 2112 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:24:41.0745 2112 NDIS - ok
17:24:41.0765 2112 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:24:41.0765 2112 NdisCap - ok
17:24:41.0785 2112 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:24:41.0785 2112 NdisTapi - ok
17:24:41.0805 2112 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:24:41.0815 2112 Ndisuio - ok
17:24:41.0815 2112 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:24:41.0825 2112 NdisWan - ok
17:24:41.0825 2112 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:24:41.0825 2112 NDProxy - ok
17:24:41.0855 2112 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:24:41.0855 2112 NetBIOS - ok
17:24:41.0875 2112 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:24:41.0885 2112 NetBT - ok
17:24:41.0905 2112 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
17:24:41.0905 2112 Netlogon - ok
17:24:41.0935 2112 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:24:41.0945 2112 Netman - ok
17:24:41.0955 2112 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:24:41.0965 2112 netprofm - ok
17:24:41.0985 2112 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:24:41.0985 2112 NetTcpPortSharing - ok
17:24:42.0005 2112 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:24:42.0005 2112 nfrd960 - ok
17:24:42.0015 2112 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:24:42.0025 2112 NlaSvc - ok
17:24:42.0095 2112 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
17:24:42.0095 2112 nlsX86cc - ok
17:24:42.0115 2112 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:24:42.0115 2112 Npfs - ok
17:24:42.0125 2112 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:24:42.0125 2112 nsi - ok
17:24:42.0145 2112 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:24:42.0145 2112 nsiproxy - ok
17:24:42.0215 2112 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:24:42.0255 2112 Ntfs - ok
17:24:42.0265 2112 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:24:42.0265 2112 Null - ok
17:24:42.0275 2112 [ F5BC2345E8C89D4E90FAFD23A2239935 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:24:42.0275 2112 nusb3hub - ok
17:24:42.0295 2112 [ 5D42578241BC2A9B4A64837077436D5F ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:24:42.0295 2112 nusb3xhc - ok
17:24:42.0345 2112 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:24:42.0345 2112 nvraid - ok
17:24:42.0405 2112 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:24:42.0405 2112 nvstor - ok
17:24:42.0435 2112 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:24:42.0435 2112 nv_agp - ok
17:24:42.0545 2112 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:24:42.0555 2112 odserv - ok
17:24:42.0555 2112 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:24:42.0565 2112 ohci1394 - ok
17:24:42.0595 2112 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:24:42.0605 2112 ose - ok
17:24:42.0635 2112 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:24:42.0645 2112 p2pimsvc - ok
17:24:42.0685 2112 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:24:42.0685 2112 p2psvc - ok
17:24:42.0705 2112 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:24:42.0705 2112 Parport - ok
17:24:42.0745 2112 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:24:42.0745 2112 partmgr - ok
17:24:42.0755 2112 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:24:42.0755 2112 PcaSvc - ok
17:24:42.0775 2112 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:24:42.0775 2112 pci - ok
17:24:42.0775 2112 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:24:42.0775 2112 pciide - ok
17:24:42.0795 2112 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:24:42.0795 2112 pcmcia - ok
17:24:42.0805 2112 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:24:42.0805 2112 pcw - ok
17:24:42.0815 2112 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:24:42.0825 2112 PEAUTH - ok
17:24:42.0845 2112 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:24:42.0845 2112 PerfHost - ok
17:24:42.0875 2112 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:24:42.0905 2112 pla - ok
17:24:42.0965 2112 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:24:42.0975 2112 PlugPlay - ok
17:24:42.0985 2112 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:24:42.0985 2112 PNRPAutoReg - ok
17:24:43.0015 2112 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:24:43.0015 2112 PNRPsvc - ok
17:24:43.0055 2112 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:24:43.0055 2112 PolicyAgent - ok
17:24:43.0085 2112 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:24:43.0085 2112 Power - ok
17:24:43.0115 2112 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:24:43.0125 2112 PptpMiniport - ok
17:24:43.0135 2112 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:24:43.0135 2112 Processor - ok
17:24:43.0185 2112 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
17:24:43.0195 2112 ProfSvc - ok
17:24:43.0205 2112 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:24:43.0205 2112 ProtectedStorage - ok
17:24:43.0235 2112 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:24:43.0235 2112 Psched - ok
17:24:43.0265 2112 [ 93AC07B6DE0FC71274D4C489BE5CE2BA ] qcusbser C:\Windows\system32\DRIVERS\qcusbser.sys
17:24:43.0275 2112 qcusbser - ok
17:24:43.0315 2112 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:24:43.0345 2112 ql2300 - ok
17:24:43.0355 2112 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:24:43.0355 2112 ql40xx - ok
17:24:43.0375 2112 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:24:43.0385 2112 QWAVE - ok
17:24:43.0395 2112 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:24:43.0395 2112 QWAVEdrv - ok
17:24:43.0405 2112 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:24:43.0405 2112 RasAcd - ok
17:24:43.0435 2112 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:24:43.0435 2112 RasAgileVpn - ok
17:24:43.0445 2112 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:24:43.0445 2112 RasAuto - ok
17:24:43.0455 2112 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:24:43.0455 2112 Rasl2tp - ok
17:24:43.0485 2112 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:24:43.0485 2112 RasMan - ok
17:24:43.0495 2112 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:24:43.0495 2112 RasPppoe - ok
17:24:43.0515 2112 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:24:43.0515 2112 RasSstp - ok
17:24:43.0535 2112 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:24:43.0535 2112 rdbss - ok
17:24:43.0535 2112 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:24:43.0535 2112 rdpbus - ok
17:24:43.0555 2112 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:24:43.0555 2112 RDPCDD - ok
17:24:43.0555 2112 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:24:43.0555 2112 RDPENCDD - ok
17:24:43.0565 2112 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:24:43.0565 2112 RDPREFMP - ok
17:24:43.0605 2112 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:24:43.0605 2112 RDPWD - ok
17:24:43.0635 2112 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:24:43.0635 2112 rdyboost - ok
17:24:43.0655 2112 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:24:43.0655 2112 RemoteAccess - ok
17:24:43.0675 2112 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:24:43.0685 2112 RemoteRegistry - ok
17:24:43.0705 2112 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:24:43.0705 2112 RpcEptMapper - ok
17:24:43.0725 2112 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:24:43.0725 2112 RpcLocator - ok
17:24:43.0755 2112 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
17:24:43.0755 2112 RpcSs - ok
17:24:43.0765 2112 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:24:43.0765 2112 rspndr - ok
17:24:43.0795 2112 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:24:43.0795 2112 RTL8167 - ok
17:24:43.0815 2112 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
17:24:43.0815 2112 SamSs - ok
17:24:43.0835 2112 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:24:43.0835 2112 sbp2port - ok
17:24:43.0855 2112 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:24:43.0855 2112 SCardSvr - ok
17:24:43.0865 2112 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:24:43.0865 2112 scfilter - ok
17:24:43.0945 2112 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
17:24:43.0975 2112 Schedule - ok
17:24:43.0995 2112 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:24:43.0995 2112 SCPolicySvc - ok
17:24:44.0005 2112 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:24:44.0015 2112 SDRSVC - ok
17:24:44.0035 2112 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:24:44.0035 2112 secdrv - ok
17:24:44.0045 2112 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:24:44.0045 2112 seclogon - ok
17:24:44.0075 2112 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:24:44.0075 2112 SENS - ok
17:24:44.0095 2112 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:24:44.0095 2112 SensrSvc - ok
17:24:44.0095 2112 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:24:44.0095 2112 Serenum - ok
17:24:44.0115 2112 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:24:44.0115 2112 Serial - ok
17:24:44.0125 2112 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:24:44.0125 2112 sermouse - ok
17:24:44.0165 2112 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:24:44.0165 2112 SessionEnv - ok
17:24:44.0165 2112 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:24:44.0165 2112 sffdisk - ok
17:24:44.0175 2112 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:24:44.0175 2112 sffp_mmc - ok
17:24:44.0175 2112 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:24:44.0175 2112 sffp_sd - ok
17:24:44.0185 2112 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:24:44.0185 2112 sfloppy - ok
17:24:44.0205 2112 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:24:44.0215 2112 SharedAccess - ok
17:24:44.0225 2112 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:24:44.0235 2112 ShellHWDetection - ok
17:24:44.0235 2112 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:24:44.0235 2112 SiSRaid2 - ok
17:24:44.0245 2112 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:24:44.0245 2112 SiSRaid4 - ok
17:24:44.0255 2112 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:24:44.0265 2112 Smb - ok
17:24:44.0285 2112 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:24:44.0285 2112 SNMPTRAP - ok
17:24:44.0295 2112 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:24:44.0295 2112 spldr - ok
17:24:44.0335 2112 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
17:24:44.0345 2112 Spooler - ok
17:24:44.0415 2112 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:24:44.0455 2112 sppsvc - ok
17:24:44.0475 2112 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:24:44.0475 2112 sppuinotify - ok
17:24:44.0545 2112 [ 51DE15CA5C05BCA46D8B110CD00A02FB ] sptd C:\Windows\system32\Drivers\sptd.sys
17:24:44.0555 2112 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51DE15CA5C05BCA46D8B110CD00A02FB
17:24:44.0555 2112 sptd ( LockedFile.Multi.Generic ) - warning
17:24:44.0555 2112 sptd - detected LockedFile.Multi.Generic (1)
17:24:44.0605 2112 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:24:44.0615 2112 srv - ok
17:24:44.0635 2112 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:24:44.0635 2112 srv2 - ok
17:24:44.0685 2112 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:24:44.0695 2112 srvnet - ok
17:24:44.0725 2112 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:24:44.0725 2112 SSDPSRV - ok
17:24:44.0745 2112 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:24:44.0745 2112 SstpSvc - ok
17:24:44.0775 2112 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:24:44.0775 2112 stexstor - ok
17:24:44.0815 2112 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:24:44.0815 2112 stisvc - ok
17:24:44.0835 2112 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:24:44.0835 2112 swenum - ok
17:24:44.0905 2112 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:24:44.0905 2112 SwitchBoard - ok
17:24:44.0935 2112 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:24:44.0945 2112 swprv - ok
17:24:44.0985 2112 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:24:45.0015 2112 SysMain - ok
17:24:45.0035 2112 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:24:45.0035 2112 TabletInputService - ok
17:24:45.0055 2112 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:24:45.0055 2112 TapiSrv - ok
17:24:45.0075 2112 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:24:45.0075 2112 TBS - ok
17:24:45.0165 2112 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:24:45.0195 2112 Tcpip - ok
17:24:45.0245 2112 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:24:45.0255 2112 TCPIP6 - ok
17:24:45.0275 2112 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:24:45.0275 2112 tcpipreg - ok
17:24:45.0295 2112 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:24:45.0295 2112 TDPIPE - ok
17:24:45.0345 2112 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:24:45.0345 2112 TDTCP - ok
17:24:45.0355 2112 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:24:45.0355 2112 tdx - ok
17:24:45.0375 2112 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:24:45.0375 2112 TermDD - ok
17:24:45.0405 2112 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:24:45.0425 2112 TermService - ok
17:24:45.0435 2112 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:24:45.0435 2112 Themes - ok
17:24:45.0455 2112 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:24:45.0455 2112 THREADORDER - ok
17:24:45.0466 2112 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:24:45.0466 2112 TrkWks - ok
17:24:45.0516 2112 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:24:45.0516 2112 TrustedInstaller - ok
17:24:45.0526 2112 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:24:45.0526 2112 tssecsrv - ok
17:24:45.0546 2112 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:24:45.0546 2112 tunnel - ok
17:24:45.0556 2112 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:24:45.0556 2112 uagp35 - ok
17:24:45.0576 2112 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:24:45.0586 2112 udfs - ok
17:24:45.0606 2112 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:24:45.0606 2112 UI0Detect - ok
17:24:45.0636 2112 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:24:45.0636 2112 uliagpkx - ok
17:24:45.0646 2112 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:24:45.0646 2112 umbus - ok
17:24:45.0666 2112 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:24:45.0666 2112 UmPass - ok
17:24:45.0686 2112 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:24:45.0686 2112 upnphost - ok
17:24:45.0746 2112 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:24:45.0746 2112 USBAAPL64 - ok
17:24:45.0796 2112 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:24:45.0796 2112 usbccgp - ok
17:24:45.0796 2112 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:24:45.0796 2112 usbcir - ok
17:24:45.0836 2112 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:24:45.0836 2112 usbehci - ok
17:24:45.0916 2112 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:24:45.0926 2112 usbhub - ok
17:24:45.0966 2112 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:24:45.0966 2112 usbohci - ok
17:24:45.0996 2112 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:24:45.0996 2112 usbprint - ok
17:24:46.0046 2112 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:24:46.0046 2112 USBSTOR - ok
17:24:46.0096 2112 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:24:46.0096 2112 usbuhci - ok
17:24:46.0126 2112 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:24:46.0126 2112 UxSms - ok
17:24:46.0136 2112 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
17:24:46.0136 2112 VaultSvc - ok
17:24:46.0166 2112 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:24:46.0166 2112 vdrvroot - ok
17:24:46.0186 2112 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:24:46.0196 2112 vds - ok
17:24:46.0216 2112 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:24:46.0216 2112 vga - ok
17:24:46.0216 2112 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:24:46.0216 2112 VgaSave - ok
17:24:46.0226 2112 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:24:46.0226 2112 vhdmp - ok
17:24:46.0236 2112 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:24:46.0236 2112 viaide - ok
17:24:46.0276 2112 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:24:46.0276 2112 volmgr - ok
17:24:46.0286 2112 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:24:46.0296 2112 volmgrx - ok
17:24:46.0306 2112 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:24:46.0316 2112 volsnap - ok
17:24:46.0336 2112 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:24:46.0346 2112 vsmraid - ok
17:24:46.0386 2112 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:24:46.0426 2112 VSS - ok
17:24:46.0426 2112 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:24:46.0426 2112 vwifibus - ok
17:24:46.0486 2112 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:24:46.0486 2112 W32Time - ok
17:24:46.0486 2112 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:24:46.0486 2112 WacomPen - ok
17:24:46.0526 2112 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:24:46.0526 2112 WANARP - ok
17:24:46.0546 2112 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:24:46.0546 2112 Wanarpv6 - ok
17:24:46.0586 2112 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:24:46.0606 2112 WatAdminSvc - ok
17:24:46.0686 2112 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:24:46.0726 2112 wbengine - ok
17:24:46.0766 2112 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:24:46.0776 2112 WbioSrvc - ok
17:24:46.0826 2112 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:24:46.0836 2112 wcncsvc - ok
17:24:46.0846 2112 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:24:46.0846 2112 WcsPlugInService - ok
17:24:46.0866 2112 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:24:46.0866 2112 Wd - ok
17:24:46.0896 2112 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:24:46.0906 2112 Wdf01000 - ok
17:24:46.0956 2112 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:24:46.0956 2112 WdiServiceHost - ok
17:24:46.0956 2112 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:24:46.0956 2112 WdiSystemHost - ok
17:24:46.0986 2112 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
17:24:46.0986 2112 WebClient - ok
17:24:47.0016 2112 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:24:47.0016 2112 Wecsvc - ok
17:24:47.0026 2112 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:24:47.0036 2112 wercplsupport - ok
17:24:47.0046 2112 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:24:47.0056 2112 WerSvc - ok
17:24:47.0056 2112 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:24:47.0066 2112 WfpLwf - ok
17:24:47.0066 2112 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:24:47.0066 2112 WIMMount - ok
17:24:47.0076 2112 WinDefend - ok
17:24:47.0076 2112 WinHttpAutoProxySvc - ok
17:24:47.0106 2112 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:24:47.0106 2112 Winmgmt - ok
17:24:47.0156 2112 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:24:47.0196 2112 WinRM - ok
17:24:47.0266 2112 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:24:47.0276 2112 WinUsb - ok
17:24:47.0306 2112 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:24:47.0336 2112 Wlansvc - ok
17:24:47.0466 2112 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:24:47.0496 2112 wlidsvc - ok
17:24:47.0516 2112 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:24:47.0516 2112 WmiAcpi - ok
17:24:47.0536 2112 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:24:47.0546 2112 wmiApSrv - ok
17:24:47.0566 2112 WMPNetworkSvc - ok
17:24:47.0586 2112 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:24:47.0586 2112 WPCSvc - ok
17:24:47.0606 2112 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:24:47.0606 2112 WPDBusEnum - ok
17:24:47.0616 2112 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:24:47.0616 2112 ws2ifsl - ok
17:24:47.0656 2112 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
17:24:47.0666 2112 wscsvc - ok
17:24:47.0666 2112 WSearch - ok
17:24:47.0736 2112 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:24:47.0776 2112 wuauserv - ok
17:24:47.0786 2112 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:24:47.0786 2112 WudfPf - ok
17:24:47.0796 2112 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:24:47.0796 2112 WUDFRd - ok
17:24:47.0816 2112 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:24:47.0816 2112 wudfsvc - ok
17:24:47.0836 2112 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:24:47.0836 2112 WwanSvc - ok
17:24:47.0836 2112 ================ Scan global ===============================
17:24:47.0896 2112 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:24:47.0946 2112 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:24:47.0966 2112 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:24:47.0996 2112 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:24:48.0016 2112 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:24:48.0026 2112 [Global] - ok
17:24:48.0026 2112 ================ Scan MBR ==================================
17:24:48.0036 2112 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:24:48.0306 2112 \Device\Harddisk0\DR0 - ok
17:24:48.0326 2112 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:24:48.0396 2112 \Device\Harddisk1\DR1 - ok
17:24:48.0851 2112 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk2\DR2
17:24:48.0991 2112 \Device\Harddisk2\DR2 - ok
17:24:48.0991 2112 ================ Scan VBR ==================================
17:24:48.0991 2112 [ A071CCE23862A4496B2B100F7A37D189 ] \Device\Harddisk0\DR0\Partition1
17:24:48.0991 2112 \Device\Harddisk0\DR0\Partition1 - ok
17:24:49.0007 2112 [ 58A420F1FDD5497F024CB5677C4EA945 ] \Device\Harddisk0\DR0\Partition2
17:24:49.0007 2112 \Device\Harddisk0\DR0\Partition2 - ok
17:24:49.0007 2112 [ C555740B299C5EE7B04CEB56C05929C2 ] \Device\Harddisk1\DR1\Partition1
17:24:49.0022 2112 \Device\Harddisk1\DR1\Partition1 - ok
17:24:49.0022 2112 [ EFB8BF001407B330C1FB816A2F6E72C1 ] \Device\Harddisk2\DR2\Partition1
17:24:49.0038 2112 \Device\Harddisk2\DR2\Partition1 - ok
17:24:49.0038 2112 ============================================================
17:24:49.0038 2112 Scan finished
17:24:49.0038 2112 ============================================================
17:24:49.0053 5460 Detected object count: 1
17:24:49.0053 5460 Actual detected object count: 1
17:24:53.0312 5460 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:24:53.0312 5460 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:24:55.0184 4480 Deinitialize success






aswMBR
==============
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-26 17:21:28
-----------------------------
17:21:28.136 OS Version: Windows x64 6.1.7600
17:21:28.136 Number of processors: 4 586 0x1E05
17:21:28.136 ComputerName: TANKS-PC UserName: Tanks
17:21:30.976 Initialize success
17:21:37.802 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:21:37.802 Disk 0 Vendor: WDC_WD10EALS-002BA0 05.01D05 Size: 953869MB BusType: 3
17:21:37.802 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
17:21:37.802 Disk 1 Vendor: WDC_WD5000AAKS-00UU3A0 01.03B01 Size: 476940MB BusType: 3
17:21:37.865 Disk 1 MBR read successfully
17:21:37.880 Disk 1 MBR scan
17:21:37.880 Disk 1 Windows 7 default MBR code
17:21:37.880 Disk 1 Partition 1 00 07 HPFS/NTFS NTFS 476938 MB offset 2048
17:21:37.896 Disk 1 scanning C:\Windows\system32\drivers
17:21:45.602 Service scanning
17:21:53.298 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
17:21:56.251 Modules scanning
17:21:56.251 Disk 1 trace - called modules:
17:21:56.298 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa800741e2c0]<<spzj.sys ataport.SYS pciide.sys
17:21:56.812 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8007862060]
17:21:56.812 3 CLASSPNP.SYS[fffff880013cc43f] -> nt!IofCallDriver -> [0xfffffa8007596520]
17:21:56.828 5 ACPI.sys[fffff8800100b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8007587680]
17:21:56.828 \Driver\atapi[0xfffffa800752a730] -> IRP_MJ_CREATE -> 0xfffffa800741e2c0
17:21:56.844 Scan finished successfully
17:22:52.217 Disk 1 MBR has been saved successfully to "C:\MBR.dat"
17:22:52.227 The log file has been saved successfully to "C:\aswMBR.txt"

#4 GreenBag

GreenBag
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 26 August 2012 - 05:02 AM

And the Eset log... wow, plenty there :)
=============================================
C:\$Recycle.Bin\S-1-5-21-2320940549-1294400451-58276952-1000\$RFTGP65.tmp Win32/Sirefef.EV trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4OD1WAY4\insurance[1].htm JS/Kryptik.PX trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FSC13YNJ\insurance[1].htm JS/Kryptik.PX trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FSC13YNJ\insurance[2].htm JS/Kryptik.PX trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HC9PJLTV\q[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HX56E1JO\firstload_com[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HX56E1JO\mx_aun_a[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIZO792K\iframe3CAW3P55N.htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MHRFH6L1\insurance[1].htm JS/Kryptik.PX trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MHRFH6L1\insurance[2].htm JS/Kryptik.PX trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R51GYQB3\iframe3[11].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRBYUC04\17554233[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Tanks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRBYUC04\ferveton_org[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Tanks\AppData\Local\Temp\msimg32.dll Win32/Sirefef.EV trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\n Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\U\80000000.@ Win64/Sirefef.AL trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\U\800000cb.@ Win64/Sirefef.AH trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\7db6e8a2-1597934d Java/Exploit.CVE-2012-0507.BR trojan cleaned by deleting - quarantined
C:\Users\Tanks\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\487ce36e-6bc8f29a Java/Exploit.CVE-2012-0507.BR trojan cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 PM

Posted 26 August 2012 - 07:08 AM

Please download new copy of tdsskiller and run it

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 GreenBag

GreenBag
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 27 August 2012 - 06:41 AM

Hi again,

I've now completed the requested actions and the logs are below.

Thanks again!



#################################################################################
1) Latest version of tdsskiller
#################################################################################
21:21:07.0979 5720 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:21:08.0819 5720 ============================================================
21:21:08.0819 5720 Current date / time: 2012/08/27 21:21:08.0819
21:21:08.0819 5720 SystemInfo:
21:21:08.0819 5720
21:21:08.0819 5720 OS Version: 6.1.7600 ServicePack: 0.0
21:21:08.0819 5720 Product type: Workstation
21:21:08.0819 5720 ComputerName: TANKS-PC
21:21:08.0819 5720 UserName: Tanks
21:21:08.0819 5720 Windows directory: C:\Windows
21:21:08.0819 5720 System windows directory: C:\Windows
21:21:08.0819 5720 Running under WOW64
21:21:08.0819 5720 Processor architecture: Intel x64
21:21:08.0819 5720 Number of processors: 4
21:21:08.0819 5720 Page size: 0x1000
21:21:08.0819 5720 Boot type: Normal boot
21:21:08.0819 5720 ============================================================
21:21:09.0729 5720 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
21:21:09.0739 5720 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:21:09.0739 5720 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:21:10.0199 5720 ============================================================
21:21:10.0199 5720 \Device\Harddisk0\DR0:
21:21:10.0199 5720 MBR partitions:
21:21:10.0199 5720 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:21:10.0199 5720 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
21:21:10.0199 5720 \Device\Harddisk1\DR1:
21:21:10.0199 5720 MBR partitions:
21:21:10.0199 5720 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
21:21:10.0199 5720 \Device\Harddisk2\DR2:
21:21:10.0199 5720 MBR partitions:
21:21:10.0199 5720 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
21:21:10.0199 5720 ============================================================
21:21:10.0219 5720 C: <-> \Device\Harddisk1\DR1\Partition1
21:21:10.0249 5720 E: <-> \Device\Harddisk0\DR0\Partition2
21:21:10.0259 5720 G: <-> \Device\Harddisk2\DR2\Partition1
21:21:10.0259 5720 ============================================================
21:21:10.0259 5720 Initialize success
21:21:10.0259 5720 ============================================================
21:21:14.0290 2288 ============================================================
21:21:14.0290 2288 Scan started
21:21:14.0290 2288 Mode: Manual; TDLFS;
21:21:14.0290 2288 ============================================================
21:21:15.0030 2288 ================ Scan system memory ========================
21:21:15.0030 2288 System memory - ok
21:21:15.0030 2288 ================ Scan services =============================
21:21:15.0160 2288 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:21:15.0170 2288 1394ohci - ok
21:21:15.0190 2288 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:21:15.0200 2288 ACPI - ok
21:21:15.0200 2288 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:21:15.0200 2288 AcpiPmi - ok
21:21:15.0330 2288 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:21:15.0330 2288 AdobeFlashPlayerUpdateSvc - ok
21:21:15.0370 2288 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:21:15.0380 2288 adp94xx - ok
21:21:15.0400 2288 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:21:15.0400 2288 adpahci - ok
21:21:15.0420 2288 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:21:15.0420 2288 adpu320 - ok
21:21:15.0450 2288 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:21:15.0450 2288 AeLookupSvc - ok
21:21:15.0530 2288 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
21:21:15.0540 2288 AFD - ok
21:21:15.0560 2288 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:21:15.0560 2288 agp440 - ok
21:21:15.0580 2288 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:21:15.0580 2288 ALG - ok
21:21:15.0580 2288 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:21:15.0580 2288 aliide - ok
21:21:15.0630 2288 [ EE048EF96EE7F7FDF1DCE45C9EBBF19A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:21:15.0640 2288 AMD External Events Utility - ok
21:21:15.0650 2288 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:21:15.0650 2288 amdide - ok
21:21:15.0670 2288 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:21:15.0670 2288 AmdK8 - ok
21:21:15.0790 2288 [ 8D8D3E85EFD9DD9718F879A49F9180A4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:21:15.0900 2288 amdkmdag - ok
21:21:15.0920 2288 [ B5EC8AEF50FE15B294EBC6AA3BDA1BE6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:21:15.0920 2288 amdkmdap - ok
21:21:15.0920 2288 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:21:15.0920 2288 AmdPPM - ok
21:21:15.0980 2288 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:21:15.0980 2288 amdsata - ok
21:21:16.0010 2288 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:21:16.0010 2288 amdsbs - ok
21:21:16.0020 2288 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:21:16.0020 2288 amdxata - ok
21:21:16.0040 2288 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
21:21:16.0050 2288 AppID - ok
21:21:16.0070 2288 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:21:16.0070 2288 AppIDSvc - ok
21:21:16.0080 2288 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
21:21:16.0080 2288 Appinfo - ok
21:21:16.0220 2288 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:21:16.0220 2288 Apple Mobile Device - ok
21:21:16.0260 2288 [ A632D9EA15F37D2605A7FCAF3892EC96 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
21:21:16.0260 2288 AppleCharger - ok
21:21:16.0270 2288 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
21:21:16.0270 2288 AppleChargerSrv - ok
21:21:16.0300 2288 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:21:16.0300 2288 arc - ok
21:21:16.0320 2288 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:21:16.0320 2288 arcsas - ok
21:21:16.0340 2288 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:21:16.0350 2288 AsyncMac - ok
21:21:16.0350 2288 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:21:16.0350 2288 atapi - ok
21:21:16.0410 2288 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:21:16.0410 2288 AudioEndpointBuilder - ok
21:21:16.0430 2288 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:21:16.0440 2288 AudioSrv - ok
21:21:16.0450 2288 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:21:16.0450 2288 AxInstSV - ok
21:21:16.0480 2288 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:21:16.0480 2288 b06bdrv - ok
21:21:16.0520 2288 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:21:16.0520 2288 b57nd60a - ok
21:21:16.0540 2288 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:21:16.0540 2288 BDESVC - ok
21:21:16.0540 2288 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:21:16.0540 2288 Beep - ok
21:21:16.0580 2288 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
21:21:16.0580 2288 BFE - ok
21:21:16.0610 2288 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
21:21:16.0630 2288 BITS - ok
21:21:16.0640 2288 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:21:16.0640 2288 blbdrive - ok
21:21:16.0710 2288 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:21:16.0710 2288 Bonjour Service - ok
21:21:16.0760 2288 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:21:16.0760 2288 bowser - ok
21:21:16.0790 2288 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:21:16.0790 2288 BrFiltLo - ok
21:21:16.0800 2288 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:21:16.0800 2288 BrFiltUp - ok
21:21:16.0820 2288 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
21:21:16.0830 2288 Browser - ok
21:21:16.0830 2288 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:21:16.0840 2288 Brserid - ok
21:21:16.0840 2288 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:21:16.0850 2288 BrSerWdm - ok
21:21:16.0850 2288 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:21:16.0850 2288 BrUsbMdm - ok
21:21:16.0850 2288 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:21:16.0860 2288 BrUsbSer - ok
21:21:16.0870 2288 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:21:16.0870 2288 BTHMODEM - ok
21:21:16.0880 2288 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:21:16.0890 2288 bthserv - ok
21:21:16.0910 2288 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:21:16.0910 2288 cdfs - ok
21:21:16.0940 2288 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:21:16.0940 2288 cdrom - ok
21:21:16.0960 2288 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
21:21:16.0970 2288 CertPropSvc - ok
21:21:16.0980 2288 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:21:16.0980 2288 circlass - ok
21:21:17.0000 2288 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:21:17.0010 2288 CLFS - ok
21:21:17.0080 2288 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:21:17.0080 2288 clr_optimization_v2.0.50727_32 - ok
21:21:17.0120 2288 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:21:17.0120 2288 clr_optimization_v2.0.50727_64 - ok
21:21:17.0230 2288 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:21:17.0230 2288 clr_optimization_v4.0.30319_32 - ok
21:21:17.0290 2288 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:21:17.0290 2288 clr_optimization_v4.0.30319_64 - ok
21:21:17.0330 2288 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:21:17.0330 2288 CmBatt - ok
21:21:17.0340 2288 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:21:17.0340 2288 cmdide - ok
21:21:17.0400 2288 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
21:21:17.0410 2288 CNG - ok
21:21:17.0420 2288 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:21:17.0420 2288 Compbatt - ok
21:21:17.0440 2288 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:21:17.0440 2288 CompositeBus - ok
21:21:17.0450 2288 COMSysApp - ok
21:21:17.0460 2288 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:21:17.0460 2288 crcdisk - ok
21:21:17.0520 2288 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:21:17.0520 2288 CryptSvc - ok
21:21:17.0550 2288 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:21:17.0560 2288 DcomLaunch - ok
21:21:17.0590 2288 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:21:17.0590 2288 defragsvc - ok
21:21:17.0640 2288 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:21:17.0640 2288 DfsC - ok
21:21:17.0650 2288 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
21:21:17.0660 2288 Dhcp - ok
21:21:17.0690 2288 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:21:17.0690 2288 discache - ok
21:21:17.0720 2288 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:21:17.0720 2288 Disk - ok
21:21:17.0770 2288 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:21:17.0770 2288 Dnscache - ok
21:21:17.0790 2288 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
21:21:17.0800 2288 dot3svc - ok
21:21:17.0810 2288 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
21:21:17.0820 2288 DPS - ok
21:21:17.0840 2288 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:21:17.0840 2288 drmkaud - ok
21:21:17.0990 2288 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:21:18.0030 2288 DXGKrnl - ok
21:21:18.0050 2288 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:21:18.0060 2288 EapHost - ok
21:21:18.0110 2288 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:21:18.0160 2288 ebdrv - ok
21:21:18.0210 2288 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
21:21:18.0220 2288 EFS - ok
21:21:18.0310 2288 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:21:18.0320 2288 ehRecvr - ok
21:21:18.0340 2288 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:21:18.0340 2288 ehSched - ok
21:21:18.0370 2288 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:21:18.0380 2288 elxstor - ok
21:21:18.0380 2288 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:21:18.0380 2288 ErrDev - ok
21:21:18.0410 2288 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:21:18.0420 2288 EventSystem - ok
21:21:18.0450 2288 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:21:18.0460 2288 exfat - ok
21:21:18.0470 2288 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:21:18.0470 2288 fastfat - ok
21:21:18.0500 2288 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
21:21:18.0510 2288 Fax - ok
21:21:18.0510 2288 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:21:18.0510 2288 fdc - ok
21:21:18.0530 2288 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:21:18.0530 2288 fdPHost - ok
21:21:18.0530 2288 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:21:18.0540 2288 FDResPub - ok
21:21:18.0560 2288 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:21:18.0560 2288 FileInfo - ok
21:21:18.0580 2288 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:21:18.0580 2288 Filetrace - ok
21:21:18.0580 2288 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:21:18.0580 2288 flpydisk - ok
21:21:18.0600 2288 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:21:18.0600 2288 FltMgr - ok
21:21:18.0660 2288 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
21:21:18.0680 2288 FontCache - ok
21:21:18.0700 2288 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:21:18.0700 2288 FontCache3.0.0.0 - ok
21:21:18.0720 2288 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:21:18.0720 2288 FsDepends - ok
21:21:18.0770 2288 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:21:18.0770 2288 Fs_Rec - ok
21:21:18.0800 2288 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:21:18.0810 2288 fvevol - ok
21:21:18.0830 2288 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:21:18.0830 2288 gagp30kx - ok
21:21:18.0840 2288 gdrv - ok
21:21:18.0890 2288 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:21:18.0890 2288 GEARAspiWDM - ok
21:21:18.0960 2288 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
21:21:18.0970 2288 gpsvc - ok
21:21:18.0980 2288 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:21:18.0980 2288 hcw85cir - ok
21:21:19.0020 2288 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:21:19.0030 2288 HdAudAddService - ok
21:21:19.0050 2288 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:21:19.0050 2288 HDAudBus - ok
21:21:19.0060 2288 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:21:19.0060 2288 HidBatt - ok
21:21:19.0070 2288 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:21:19.0070 2288 HidBth - ok
21:21:19.0080 2288 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:21:19.0080 2288 HidIr - ok
21:21:19.0090 2288 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:21:19.0090 2288 hidserv - ok
21:21:19.0100 2288 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:21:19.0100 2288 HidUsb - ok
21:21:19.0110 2288 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:21:19.0110 2288 hkmsvc - ok
21:21:19.0130 2288 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:21:19.0130 2288 HomeGroupListener - ok
21:21:19.0150 2288 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:21:19.0150 2288 HomeGroupProvider - ok
21:21:19.0170 2288 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:21:19.0170 2288 HpSAMD - ok
21:21:19.0200 2288 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:21:19.0210 2288 HTTP - ok
21:21:19.0230 2288 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:21:19.0230 2288 hwpolicy - ok
21:21:19.0260 2288 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:21:19.0260 2288 i8042prt - ok
21:21:19.0320 2288 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:21:19.0330 2288 iaStorV - ok
21:21:19.0360 2288 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:21:19.0370 2288 idsvc - ok
21:21:19.0390 2288 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:21:19.0400 2288 iirsp - ok
21:21:19.0420 2288 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
21:21:19.0440 2288 IKEEXT - ok
21:21:19.0520 2288 [ 163F94EBF8F8A98616A6B804AF08D736 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:21:19.0590 2288 IntcAzAudAddService - ok
21:21:19.0600 2288 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:21:19.0600 2288 intelide - ok
21:21:19.0620 2288 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:21:19.0620 2288 intelppm - ok
21:21:19.0650 2288 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:21:19.0650 2288 IPBusEnum - ok
21:21:19.0650 2288 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:21:19.0650 2288 IpFilterDriver - ok
21:21:19.0680 2288 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:21:19.0690 2288 iphlpsvc - ok
21:21:19.0710 2288 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:21:19.0710 2288 IPMIDRV - ok
21:21:19.0730 2288 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:21:19.0730 2288 IPNAT - ok
21:21:19.0790 2288 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:21:19.0810 2288 iPod Service - ok
21:21:19.0830 2288 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:21:19.0830 2288 IRENUM - ok
21:21:19.0830 2288 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:21:19.0830 2288 isapnp - ok
21:21:19.0840 2288 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:21:19.0850 2288 iScsiPrt - ok
21:21:19.0920 2288 [ F3A41EC4C6506E76E07A219B3A1DF8D2 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
21:21:19.0920 2288 JMB36X - ok
21:21:19.0930 2288 [ 1C368C1A2733DCC5B8E15420AA2B0F6D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
21:21:19.0930 2288 JRAID - ok
21:21:19.0940 2288 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:21:19.0940 2288 kbdclass - ok
21:21:19.0950 2288 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:21:19.0950 2288 kbdhid - ok
21:21:19.0970 2288 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
21:21:19.0970 2288 KeyIso - ok
21:21:20.0010 2288 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:21:20.0020 2288 KSecDD - ok
21:21:20.0030 2288 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:21:20.0030 2288 KSecPkg - ok
21:21:20.0050 2288 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:21:20.0050 2288 ksthunk - ok
21:21:20.0080 2288 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:21:20.0090 2288 KtmRm - ok
21:21:20.0150 2288 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:21:20.0150 2288 LanmanServer - ok
21:21:20.0180 2288 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:21:20.0180 2288 LanmanWorkstation - ok
21:21:20.0381 2288 [ 24A7D535BD9E58E5BC1AC52EF7E2EC8E ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
21:21:20.0401 2288 LeapFrog Connect Device Service - ok
21:21:20.0431 2288 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:21:20.0431 2288 lltdio - ok
21:21:20.0451 2288 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:21:20.0451 2288 lltdsvc - ok
21:21:20.0471 2288 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:21:20.0471 2288 lmhosts - ok
21:21:20.0501 2288 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:21:20.0501 2288 LSI_FC - ok
21:21:20.0511 2288 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:21:20.0511 2288 LSI_SAS - ok
21:21:20.0511 2288 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:21:20.0511 2288 LSI_SAS2 - ok
21:21:20.0521 2288 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:21:20.0521 2288 LSI_SCSI - ok
21:21:20.0541 2288 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:21:20.0541 2288 luafv - ok
21:21:20.0561 2288 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:21:20.0561 2288 Mcx2Svc - ok
21:21:20.0571 2288 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:21:20.0571 2288 megasas - ok
21:21:20.0571 2288 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:21:20.0581 2288 MegaSR - ok
21:21:20.0591 2288 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:21:20.0591 2288 MMCSS - ok
21:21:20.0591 2288 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:21:20.0591 2288 Modem - ok
21:21:20.0611 2288 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:21:20.0621 2288 monitor - ok
21:21:20.0651 2288 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:21:20.0651 2288 mouclass - ok
21:21:20.0661 2288 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:21:20.0671 2288 mouhid - ok
21:21:20.0671 2288 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:21:20.0681 2288 mountmgr - ok
21:21:20.0691 2288 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:21:20.0701 2288 mpio - ok
21:21:20.0711 2288 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:21:20.0711 2288 mpsdrv - ok
21:21:20.0741 2288 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:21:20.0761 2288 MpsSvc - ok
21:21:20.0771 2288 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:21:20.0771 2288 MRxDAV - ok
21:21:20.0821 2288 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:21:20.0821 2288 mrxsmb - ok
21:21:20.0881 2288 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:21:20.0891 2288 mrxsmb10 - ok
21:21:20.0891 2288 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:21:20.0901 2288 mrxsmb20 - ok
21:21:20.0921 2288 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:21:20.0921 2288 msahci - ok
21:21:20.0931 2288 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:21:20.0931 2288 msdsm - ok
21:21:20.0941 2288 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:21:20.0941 2288 MSDTC - ok
21:21:20.0961 2288 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:21:20.0961 2288 Msfs - ok
21:21:20.0991 2288 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:21:20.0991 2288 mshidkmdf - ok
21:21:21.0001 2288 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:21:21.0001 2288 msisadrv - ok
21:21:21.0031 2288 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:21:21.0031 2288 MSiSCSI - ok
21:21:21.0031 2288 msiserver - ok
21:21:21.0041 2288 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:21:21.0041 2288 MSKSSRV - ok
21:21:21.0051 2288 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:21:21.0051 2288 MSPCLOCK - ok
21:21:21.0051 2288 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:21:21.0051 2288 MSPQM - ok
21:21:21.0061 2288 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:21:21.0071 2288 MsRPC - ok
21:21:21.0081 2288 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:21:21.0081 2288 mssmbios - ok
21:21:21.0081 2288 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:21:21.0081 2288 MSTEE - ok
21:21:21.0081 2288 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:21:21.0081 2288 MTConfig - ok
21:21:21.0091 2288 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:21:21.0101 2288 Mup - ok
21:21:21.0121 2288 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
21:21:21.0131 2288 napagent - ok
21:21:21.0161 2288 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:21:21.0161 2288 NativeWifiP - ok
21:21:21.0281 2288 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
21:21:21.0291 2288 NAUpdate - ok
21:21:21.0331 2288 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:21:21.0341 2288 NDIS - ok
21:21:21.0361 2288 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:21:21.0361 2288 NdisCap - ok
21:21:21.0381 2288 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:21:21.0381 2288 NdisTapi - ok
21:21:21.0401 2288 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:21:21.0401 2288 Ndisuio - ok
21:21:21.0401 2288 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:21:21.0411 2288 NdisWan - ok
21:21:21.0411 2288 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:21:21.0411 2288 NDProxy - ok
21:21:21.0431 2288 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:21:21.0431 2288 NetBIOS - ok
21:21:21.0451 2288 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:21:21.0461 2288 NetBT - ok
21:21:21.0471 2288 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
21:21:21.0471 2288 Netlogon - ok
21:21:21.0511 2288 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:21:21.0521 2288 Netman - ok
21:21:21.0541 2288 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:21:21.0551 2288 netprofm - ok
21:21:21.0571 2288 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:21:21.0571 2288 NetTcpPortSharing - ok
21:21:21.0591 2288 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:21:21.0601 2288 nfrd960 - ok
21:21:21.0611 2288 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:21:21.0621 2288 NlaSvc - ok
21:21:21.0711 2288 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
21:21:21.0711 2288 nlsX86cc - ok
21:21:21.0721 2288 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:21:21.0721 2288 Npfs - ok
21:21:21.0741 2288 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:21:21.0741 2288 nsi - ok
21:21:21.0751 2288 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:21:21.0751 2288 nsiproxy - ok
21:21:21.0822 2288 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:21:21.0862 2288 Ntfs - ok
21:21:21.0872 2288 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:21:21.0872 2288 Null - ok
21:21:21.0892 2288 [ F5BC2345E8C89D4E90FAFD23A2239935 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
21:21:21.0892 2288 nusb3hub - ok
21:21:21.0912 2288 [ 5D42578241BC2A9B4A64837077436D5F ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:21:21.0912 2288 nusb3xhc - ok
21:21:21.0962 2288 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:21:21.0962 2288 nvraid - ok
21:21:22.0012 2288 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:21:22.0012 2288 nvstor - ok
21:21:22.0032 2288 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
21:21:22.0032 2288 nv_agp - ok
21:21:22.0112 2288 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:21:22.0122 2288 odserv - ok
21:21:22.0142 2288 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:21:22.0142 2288 ohci1394 - ok
21:21:22.0182 2288 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:21:22.0192 2288 ose - ok
21:21:22.0222 2288 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:21:22.0232 2288 p2pimsvc - ok
21:21:22.0272 2288 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:21:22.0272 2288 p2psvc - ok
21:21:22.0292 2288 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:21:22.0292 2288 Parport - ok
21:21:22.0342 2288 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:21:22.0342 2288 partmgr - ok
21:21:22.0362 2288 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:21:22.0362 2288 PcaSvc - ok
21:21:22.0372 2288 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
21:21:22.0382 2288 pci - ok
21:21:22.0392 2288 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:21:22.0392 2288 pciide - ok
21:21:22.0402 2288 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:21:22.0402 2288 pcmcia - ok
21:21:22.0422 2288 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:21:22.0422 2288 pcw - ok
21:21:22.0452 2288 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:21:22.0462 2288 PEAUTH - ok
21:21:22.0482 2288 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:21:22.0482 2288 PerfHost - ok
21:21:22.0512 2288 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
21:21:22.0532 2288 pla - ok
21:21:22.0602 2288 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:21:22.0612 2288 PlugPlay - ok
21:21:22.0622 2288 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:21:22.0622 2288 PNRPAutoReg - ok
21:21:22.0652 2288 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:21:22.0652 2288 PNRPsvc - ok
21:21:22.0692 2288 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:21:22.0692 2288 PolicyAgent - ok
21:21:22.0722 2288 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:21:22.0722 2288 Power - ok
21:21:22.0752 2288 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:21:22.0762 2288 PptpMiniport - ok
21:21:22.0772 2288 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:21:22.0772 2288 Processor - ok
21:21:22.0812 2288 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
21:21:22.0822 2288 ProfSvc - ok
21:21:22.0832 2288 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:21:22.0832 2288 ProtectedStorage - ok
21:21:22.0852 2288 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:21:22.0852 2288 Psched - ok
21:21:22.0882 2288 [ 93AC07B6DE0FC71274D4C489BE5CE2BA ] qcusbser C:\Windows\system32\DRIVERS\qcusbser.sys
21:21:22.0882 2288 qcusbser - ok
21:21:22.0922 2288 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:21:22.0952 2288 ql2300 - ok
21:21:22.0962 2288 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:21:22.0962 2288 ql40xx - ok
21:21:22.0982 2288 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:21:22.0982 2288 QWAVE - ok
21:21:23.0002 2288 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:21:23.0002 2288 QWAVEdrv - ok
21:21:23.0002 2288 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:21:23.0002 2288 RasAcd - ok
21:21:23.0042 2288 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:21:23.0072 2288 RasAgileVpn - ok
21:21:23.0092 2288 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:21:23.0092 2288 RasAuto - ok
21:21:23.0102 2288 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:21:23.0102 2288 Rasl2tp - ok
21:21:23.0132 2288 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
21:21:23.0142 2288 RasMan - ok
21:21:23.0142 2288 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:21:23.0142 2288 RasPppoe - ok
21:21:23.0162 2288 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:21:23.0162 2288 RasSstp - ok
21:21:23.0192 2288 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:21:23.0192 2288 rdbss - ok
21:21:23.0202 2288 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:21:23.0202 2288 rdpbus - ok
21:21:23.0212 2288 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:21:23.0212 2288 RDPCDD - ok
21:21:23.0222 2288 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:21:23.0222 2288 RDPENCDD - ok
21:21:23.0232 2288 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:21:23.0232 2288 RDPREFMP - ok
21:21:23.0282 2288 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:21:23.0282 2288 RDPWD - ok
21:21:23.0302 2288 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:21:23.0312 2288 rdyboost - ok
21:21:23.0322 2288 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:21:23.0322 2288 RemoteAccess - ok
21:21:23.0352 2288 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:21:23.0352 2288 RemoteRegistry - ok
21:21:23.0382 2288 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:21:23.0382 2288 RpcEptMapper - ok
21:21:23.0392 2288 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:21:23.0392 2288 RpcLocator - ok
21:21:23.0422 2288 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
21:21:23.0432 2288 RpcSs - ok
21:21:23.0452 2288 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:21:23.0462 2288 rspndr - ok
21:21:23.0482 2288 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:21:23.0492 2288 RTL8167 - ok
21:21:23.0502 2288 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
21:21:23.0512 2288 SamSs - ok
21:21:23.0532 2288 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
21:21:23.0532 2288 sbp2port - ok
21:21:23.0542 2288 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:21:23.0552 2288 SCardSvr - ok
21:21:23.0552 2288 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:21:23.0552 2288 scfilter - ok
21:21:23.0612 2288 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
21:21:23.0642 2288 Schedule - ok
21:21:23.0662 2288 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:21:23.0662 2288 SCPolicySvc - ok
21:21:23.0672 2288 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:21:23.0672 2288 SDRSVC - ok
21:21:23.0692 2288 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:21:23.0692 2288 secdrv - ok
21:21:23.0712 2288 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
21:21:23.0712 2288 seclogon - ok
21:21:23.0742 2288 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:21:23.0742 2288 SENS - ok
21:21:23.0772 2288 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:21:23.0772 2288 SensrSvc - ok
21:21:23.0782 2288 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:21:23.0782 2288 Serenum - ok
21:21:23.0792 2288 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:21:23.0792 2288 Serial - ok
21:21:23.0802 2288 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:21:23.0802 2288 sermouse - ok
21:21:23.0812 2288 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
21:21:23.0822 2288 SessionEnv - ok
21:21:23.0822 2288 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:21:23.0822 2288 sffdisk - ok
21:21:23.0822 2288 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:21:23.0822 2288 sffp_mmc - ok
21:21:23.0832 2288 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:21:23.0832 2288 sffp_sd - ok
21:21:23.0842 2288 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:21:23.0842 2288 sfloppy - ok
21:21:23.0872 2288 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:21:23.0882 2288 SharedAccess - ok
21:21:23.0902 2288 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:21:23.0902 2288 ShellHWDetection - ok
21:21:23.0902 2288 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:21:23.0902 2288 SiSRaid2 - ok
21:21:23.0922 2288 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:21:23.0922 2288 SiSRaid4 - ok
21:21:23.0932 2288 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:21:23.0932 2288 Smb - ok
21:21:23.0952 2288 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:21:23.0952 2288 SNMPTRAP - ok
21:21:23.0962 2288 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:21:23.0962 2288 spldr - ok
21:21:24.0002 2288 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
21:21:24.0022 2288 Spooler - ok
21:21:24.0072 2288 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
21:21:24.0142 2288 sppsvc - ok
21:21:24.0152 2288 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:21:24.0162 2288 sppuinotify - ok
21:21:24.0212 2288 [ 51DE15CA5C05BCA46D8B110CD00A02FB ] sptd C:\Windows\system32\Drivers\sptd.sys
21:21:24.0212 2288 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51DE15CA5C05BCA46D8B110CD00A02FB
21:21:24.0212 2288 sptd ( LockedFile.Multi.Generic ) - warning
21:21:24.0212 2288 sptd - detected LockedFile.Multi.Generic (1)
21:21:24.0262 2288 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:21:24.0272 2288 srv - ok
21:21:24.0282 2288 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:21:24.0292 2288 srv2 - ok
21:21:24.0352 2288 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:21:24.0352 2288 srvnet - ok
21:21:24.0392 2288 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:21:24.0402 2288 SSDPSRV - ok
21:21:24.0422 2288 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:21:24.0422 2288 SstpSvc - ok
21:21:24.0442 2288 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:21:24.0442 2288 stexstor - ok
21:21:24.0492 2288 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
21:21:24.0502 2288 stisvc - ok
21:21:24.0512 2288 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:21:24.0512 2288 swenum - ok
21:21:24.0592 2288 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:21:24.0592 2288 SwitchBoard - ok
21:21:24.0622 2288 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:21:24.0632 2288 swprv - ok
21:21:24.0672 2288 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
21:21:24.0702 2288 SysMain - ok
21:21:24.0722 2288 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:21:24.0722 2288 TabletInputService - ok
21:21:24.0742 2288 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
21:21:24.0742 2288 TapiSrv - ok
21:21:24.0762 2288 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:21:24.0762 2288 TBS - ok
21:21:24.0852 2288 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:21:24.0882 2288 Tcpip - ok
21:21:24.0912 2288 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:21:24.0922 2288 TCPIP6 - ok
21:21:24.0952 2288 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:21:24.0952 2288 tcpipreg - ok
21:21:24.0972 2288 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:21:24.0972 2288 TDPIPE - ok
21:21:25.0012 2288 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:21:25.0012 2288 TDTCP - ok
21:21:25.0022 2288 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:21:25.0022 2288 tdx - ok
21:21:25.0052 2288 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:21:25.0052 2288 TermDD - ok
21:21:25.0082 2288 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
21:21:25.0082 2288 TermService - ok
21:21:25.0112 2288 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:21:25.0112 2288 Themes - ok
21:21:25.0132 2288 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:21:25.0132 2288 THREADORDER - ok
21:21:25.0152 2288 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:21:25.0152 2288 TrkWks - ok
21:21:25.0192 2288 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:21:25.0192 2288 TrustedInstaller - ok
21:21:25.0212 2288 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:21:25.0212 2288 tssecsrv - ok
21:21:25.0232 2288 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:21:25.0232 2288 tunnel - ok
21:21:25.0252 2288 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:21:25.0252 2288 uagp35 - ok
21:21:25.0272 2288 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:21:25.0282 2288 udfs - ok
21:21:25.0302 2288 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:21:25.0302 2288 UI0Detect - ok
21:21:25.0332 2288 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
21:21:25.0332 2288 uliagpkx - ok
21:21:25.0352 2288 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:21:25.0352 2288 umbus - ok
21:21:25.0362 2288 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:21:25.0372 2288 UmPass - ok
21:21:25.0392 2288 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:21:25.0392 2288 upnphost - ok
21:21:25.0452 2288 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:21:25.0452 2288 USBAAPL64 - ok
21:21:25.0502 2288 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:21:25.0502 2288 usbccgp - ok
21:21:25.0502 2288 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
21:21:25.0512 2288 usbcir - ok
21:21:25.0552 2288 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:21:25.0552 2288 usbehci - ok
21:21:25.0612 2288 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:21:25.0622 2288 usbhub - ok
21:21:25.0662 2288 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:21:25.0662 2288 usbohci - ok
21:21:25.0692 2288 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:21:25.0692 2288 usbprint - ok
21:21:25.0742 2288 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:21:25.0742 2288 USBSTOR - ok
21:21:25.0792 2288 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:21:25.0792 2288 usbuhci - ok
21:21:25.0822 2288 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:21:25.0822 2288 UxSms - ok
21:21:25.0852 2288 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
21:21:25.0852 2288 VaultSvc - ok
21:21:25.0872 2288 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
21:21:25.0872 2288 vdrvroot - ok
21:21:25.0892 2288 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
21:21:25.0902 2288 vds - ok
21:21:25.0912 2288 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:21:25.0912 2288 vga - ok
21:21:25.0922 2288 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:21:25.0922 2288 VgaSave - ok
21:21:25.0932 2288 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
21:21:25.0932 2288 vhdmp - ok
21:21:25.0942 2288 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
21:21:25.0942 2288 viaide - ok
21:21:25.0952 2288 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
21:21:25.0952 2288 volmgr - ok
21:21:25.0962 2288 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:21:25.0972 2288 volmgrx - ok
21:21:25.0982 2288 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
21:21:25.0982 2288 volsnap - ok
21:21:26.0012 2288 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:21:26.0012 2288 vsmraid - ok
21:21:26.0052 2288 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
21:21:26.0082 2288 VSS - ok
21:21:26.0082 2288 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:21:26.0082 2288 vwifibus - ok
21:21:26.0092 2288 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:21:26.0102 2288 W32Time - ok
21:21:26.0102 2288 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:21:26.0102 2288 WacomPen - ok
21:21:26.0132 2288 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:21:26.0132 2288 WANARP - ok
21:21:26.0142 2288 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:21:26.0142 2288 Wanarpv6 - ok
21:21:26.0192 2288 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:21:26.0222 2288 WatAdminSvc - ok
21:21:26.0262 2288 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
21:21:26.0292 2288 wbengine - ok
21:21:26.0302 2288 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:21:26.0312 2288 WbioSrvc - ok
21:21:26.0372 2288 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:21:26.0372 2288 wcncsvc - ok
21:21:26.0392 2288 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:21:26.0392 2288 WcsPlugInService - ok
21:21:26.0412 2288 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:21:26.0412 2288 Wd - ok
21:21:26.0432 2288 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:21:26.0442 2288 Wdf01000 - ok
21:21:26.0442 2288 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:21:26.0452 2288 WdiServiceHost - ok
21:21:26.0452 2288 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:21:26.0452 2288 WdiSystemHost - ok
21:21:26.0482 2288 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
21:21:26.0482 2288 WebClient - ok
21:21:26.0512 2288 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:21:26.0512 2288 Wecsvc - ok
21:21:26.0522 2288 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:21:26.0532 2288 wercplsupport - ok
21:21:26.0552 2288 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:21:26.0552 2288 WerSvc - ok
21:21:26.0572 2288 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:21:26.0582 2288 WfpLwf - ok
21:21:26.0582 2288 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:21:26.0582 2288 WIMMount - ok
21:21:26.0592 2288 WinDefend - ok
21:21:26.0592 2288 WinHttpAutoProxySvc - ok
21:21:26.0632 2288 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:21:26.0632 2288 Winmgmt - ok
21:21:26.0672 2288 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
21:21:26.0712 2288 WinRM - ok
21:21:26.0782 2288 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:21:26.0782 2288 WinUsb - ok
21:21:26.0812 2288 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:21:26.0822 2288 Wlansvc - ok
21:21:26.0962 2288 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:21:26.0982 2288 wlidsvc - ok
21:21:27.0002 2288 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:21:27.0002 2288 WmiAcpi - ok
21:21:27.0022 2288 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:21:27.0032 2288 wmiApSrv - ok
21:21:27.0042 2288 WMPNetworkSvc - ok
21:21:27.0062 2288 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:21:27.0062 2288 WPCSvc - ok
21:21:27.0072 2288 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:21:27.0092 2288 WPDBusEnum - ok
21:21:27.0102 2288 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:21:27.0102 2288 ws2ifsl - ok
21:21:27.0142 2288 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
21:21:27.0152 2288 wscsvc - ok
21:21:27.0152 2288 WSearch - ok
21:21:27.0222 2288 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:21:27.0262 2288 wuauserv - ok
21:21:27.0282 2288 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:21:27.0292 2288 WudfPf - ok
21:21:27.0312 2288 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:21:27.0312 2288 WUDFRd - ok
21:21:27.0342 2288 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:21:27.0342 2288 wudfsvc - ok
21:21:27.0352 2288 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:21:27.0362 2288 WwanSvc - ok
21:21:27.0372 2288 ================ Scan global ===============================
21:21:27.0392 2288 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:21:27.0442 2288 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
21:21:27.0452 2288 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
21:21:27.0482 2288 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:21:27.0512 2288 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:21:27.0512 2288 [Global] - ok
21:21:27.0512 2288 ================ Scan MBR ==================================
21:21:27.0522 2288 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:21:27.0732 2288 \Device\Harddisk0\DR0 - ok
21:21:27.0752 2288 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:21:27.0822 2288 \Device\Harddisk1\DR1 - ok
21:21:28.0292 2288 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk2\DR2
21:21:28.0442 2288 \Device\Harddisk2\DR2 - ok
21:21:28.0442 2288 ================ Scan VBR ==================================
21:21:28.0442 2288 [ A071CCE23862A4496B2B100F7A37D189 ] \Device\Harddisk0\DR0\Partition1
21:21:28.0442 2288 \Device\Harddisk0\DR0\Partition1 - ok
21:21:28.0442 2288 [ 58A420F1FDD5497F024CB5677C4EA945 ] \Device\Harddisk0\DR0\Partition2
21:21:28.0442 2288 \Device\Harddisk0\DR0\Partition2 - ok
21:21:28.0452 2288 [ C555740B299C5EE7B04CEB56C05929C2 ] \Device\Harddisk1\DR1\Partition1
21:21:28.0452 2288 \Device\Harddisk1\DR1\Partition1 - ok
21:21:28.0462 2288 [ 3FE2F480CCC5E258AF56FE8F541CE819 ] \Device\Harddisk2\DR2\Partition1
21:21:28.0472 2288 \Device\Harddisk2\DR2\Partition1 - ok
21:21:28.0472 2288 ============================================================
21:21:28.0472 2288 Scan finished
21:21:28.0472 2288 ============================================================
21:21:28.0472 4332 Detected object count: 1
21:21:28.0472 4332 Actual detected object count: 1
21:21:31.0313 4332 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:21:31.0313 4332 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:21:35.0233 4396 Deinitialize success





#################################################################################
2) MBAM
#################################################################################
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.27.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Tanks :: TANKS-PC [administrator]

27/08/2012 7:12:23 PM
mbam-log-2012-08-27 (19-12-23).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 704055
Time elapsed: 1 hour(s), 28 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




#################################################################################
3) Mini toolbox
#################################################################################
MiniToolBox by Farbar Version: 23-07-2012
Ran by Tanks (administrator) on 27-08-2012 at 21:23:34
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tanks-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 1C-6F-65-22-E7-F0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c090:e331:aa48:8bd9%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, 27 August 2012 5:28:38 PM
Lease Expires . . . . . . . . . . : Monday, 27 August 2012 9:58:46 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 236744549
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-20-FB-FC-1C-6F-65-22-E7-F0
DNS Servers . . . . . . . . . . . : 61.9.211.33
61.9.211.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{1344E235-17B3-4795-AC07-DFA3F45F069C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:10d1:2714:3f57:fffc(Preferred)
Link-local IPv6 Address . . . . . : fe80::10d1:2714:3f57:fffc%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-cust.cha.bigpond.net.au
Address: 61.9.211.33

Name: google.com
Addresses: 2404:6800:4006:804::1006
74.125.237.129
74.125.237.131
74.125.237.136
74.125.237.128
74.125.237.142
74.125.237.137
74.125.237.132
74.125.237.133
74.125.237.134
74.125.237.135
74.125.237.130


Pinging google.com [74.125.237.131] with 32 bytes of data:
Reply from 74.125.237.131: bytes=32 time=24ms TTL=52
Reply from 74.125.237.131: bytes=32 time=26ms TTL=52

Ping statistics for 74.125.237.131:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 24ms, Maximum = 26ms, Average = 25ms
Server: dns-cust.cha.bigpond.net.au
Address: 61.9.211.33

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=244ms TTL=45
Reply from 98.138.253.109: bytes=32 time=228ms TTL=45

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 228ms, Maximum = 244ms, Average = 236ms
Server: dns-cust.cha.bigpond.net.au
Address: 61.9.211.33

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...1c 6f 65 22 e7 f0 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.3 276
192.168.0.3 255.255.255.255 On-link 192.168.0.3 276
192.168.0.255 255.255.255.255 On-link 192.168.0.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:10d1:2714:3f57:fffc/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::10d1:2714:3f57:fffc/128
On-link
11 276 fe80::c090:e331:aa48:8bd9/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/27/2012 05:52:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/27/2012 05:52:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/27/2012 05:51:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (08/26/2012 05:31:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/26/2012 05:31:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/26/2012 05:31:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/26/2012 05:31:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/26/2012 05:02:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (08/26/2012 04:28:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000006e88b82000
Faulting process id: 0xfbc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/26/2012 04:22:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mshtml.dll, version: 9.0.8112.16447, time stamp: 0x4fca0a05
Exception code: 0xc0000005
Fault offset: 0x00000000002ea0f2
Faulting process id: 0x16c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (08/27/2012 05:31:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Security Update for Windows 7 for x64-based Systems (KB2712808).

Error: (08/27/2012 05:31:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Security Update for Windows 7 for x64-based Systems (KB2731847).

Error: (08/27/2012 05:31:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Security Update for Windows 7 for x64-based Systems (KB2705219).

Error: (08/27/2012 05:31:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2722913).

Error: (08/27/2012 05:31:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Update for Windows 7 for x64-based Systems (KB2647753).

Error: (08/27/2012 05:31:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Update for Windows 7 for x64-based Systems (KB2732487).

Error: (08/27/2012 05:31:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Update for Windows 7 for x64-based Systems (KB2729094).

Error: (08/27/2012 05:31:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Update for Windows 7 for x64-based Systems (KB2732500).

Error: (08/26/2012 03:40:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Security Update for Windows 7 for x64-based Systems (KB2712808).

Error: (08/26/2012 03:40:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80071a90: Security Update for Windows 7 for x64-based Systems (KB2731847).


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.7.1.19610)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader 9.5.0 (Version: 9.5.0)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Clickonprint PhotoBooks 2.1 (Version: Clickonprint PhotoBooks 2.1)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
ESET Online Scanner v3
FileZilla Client 3.5.0 (Version: 3.5.0)
Gigabyte Raid Configurer (Version: 1.00.0001)
High-Definition Video Playback (Version: 7.1.13400.42.0)
ImageMixer 3 SE Ver.5 Transfer Utility (Version: 3.04.008)
Imagenomic Noiseware 4.2 Professional Plug-in (build 4205)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 32 (Version: 6.0.320)
Junk Mail filter update (Version: 15.4.3502.0922)
LeapFrog Connect (Version: 2.9.1.11093)
LeapFrog My Pals Plugin (Version: 2.8.7.11034)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox (3.6.23) (Version: 3.6.23 (en-US))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.17.0)
Nero 10 ClipartPack (Version: 10.2.10000.11.0)
Nero 10 Menu TemplatePack 1 (Version: 10.2.10000.0.0)
Nero 10 Menu TemplatePack 2 (Version: 10.2.10000.0.0)
Nero 10 Menu TemplatePack 3 (Version: 10.2.10100.1.0)
Nero 10 Menu TemplatePack Basic (Version: 10.2.10000.0.0)
Nero 10 Movie ThemePack 1 (Version: 10.2.10000.11.0)
Nero 10 Movie ThemePack 2 (Version: 10.2.10100.1.0)
Nero 10 Movie ThemePack Basic (Version: 10.2.10000.0.0)
Nero 10 Sample ImagePack (Version: 10.2.10000.11.0)
Nero 10 Sample Videos (Version: 10.2.10000.11.0)
Nero Burning ROM 10 (Version: 10.2.11000.12.100)
Nero Burning ROM 10 (Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)
Nero Control Center 10 (Version: 10.2.10600.0.6)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.17400.8.2)
Nero Dolby Files 10 (Version: 2.0.12100.0.10)
Nero MediaHub 10 (Version: 1.2.12300.27.100)
Nero MediaHub 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
Nero Vision 10 (Version: 7.2.14700.9.100)
Nero Vision 10 Help (CHM) (Version: 10.5.10000)
Nero Vision Xtra (Version: 10.5.11300)
Noiseware Professional Plug-in (Version: 4.1.1.0)
ON_OFF Charge B10.0422.2 (Version: 1.00.0001)
PDF Settings CS5 (Version: 10.0)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6077)
Silver Efex Pro 2 (Version: 2.0.0.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
VLC media player 1.1.10 (Version: 1.1.10)
WavePad Sound Editor
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 8187.49 MB
Available physical RAM: 5519.11 MB
Total Pagefile: 16373.13 MB
Available Pagefile: 14015.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.34 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:111.08 GB) NTFS
2 Drive d: (D3C1.0.0) (CDROM) (Total:7.6 GB) (Free:0 GB) UDF
3 Drive e: (Primary) (Fixed) (Total:931.41 GB) (Free:135.29 GB) NTFS
4 Drive g: (TERRA 1) (Fixed) (Total:931.28 GB) (Free:25.15 GB) FAT32

========================= Users: ========================================

User accounts for \\TANKS-PC

Administrator Guest Tanks


**** End of log ****




#################################################################################
4) FSS
#################################################################################
Farbar Service Scanner Version: 06-08-2012
Ran by Tanks (administrator) on 27-08-2012 at 21:29:19
Running from "C:\Users\Tanks\Desktop"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-17 04:40] - [2011-12-28 13:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-09 18:51] - [2012-03-30 21:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 10:09] - [2009-07-14 11:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 09:36] - [2009-07-14 11:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-13 13:18] - [2012-04-24 15:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




#################################################################################
5) adware cleaner
#################################################################################
# AdwCleaner v1.801 - Logfile created 08/27/2012 at 21:30:48
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Tanks - TANKS-PC
# Boot Mode : Normal
# Running from : C:\Users\Tanks\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Conduit

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.23 (en-US)

Profile name : default
File : C:\Users\Tanks\AppData\Roaming\Mozilla\Firefox\Profiles\3h99y6so.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [853 octets] - [27/08/2012 21:30:48]

########## EOF - C:\AdwCleaner[S1].txt - [980 octets] ##########

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 PM

Posted 27 August 2012 - 07:47 AM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#8 GreenBag

GreenBag
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 27 August 2012 - 03:42 PM

Hi narenxp

Here is the log from Rkill as requested...

Thanks again!




Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/28/2012 06:38:42 AM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Tanks\Desktop\rkill\rkill-08-28-2012-06-38-46.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\ [ZA Dir]
* C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\@ [ZA File]
* C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\L\ [ZA Dir]
* C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\U\ [ZA Dir]
* C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\U\00000001.@ [ZA File]
* C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\U\80000000.@ [ZA File]
* C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}\U\800000cb.@ [ZA File]

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/28/2012 06:38:56 AM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 PM

Posted 27 August 2012 - 03:46 PM

Press Windows+R key and type

notepad and click ok

Copy this script
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,\
  65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,00,00
"ThreadingModel"="Apartment"

Click on FILE-SAVE AS

Filename:fix.reg
Save as :All files

Launch the FIX.REG

Click YES when you receive a prompt

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Tanks\AppData\Local\{3e60f770-969a-9e70-54fb-cbfec2c9d21c}

delete the folder

Run RKILL again and post the new log

#10 GreenBag

GreenBag
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 28 August 2012 - 04:15 AM

Thanks heaps for all this effort narenxp! Here is the new RKILL log after deleting that folder



Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/28/2012 07:14:05 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/28/2012 07:14:08 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 PM

Posted 28 August 2012 - 04:18 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 GreenBag

GreenBag
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 28 August 2012 - 06:49 AM

Awesome. Thanks so much for the help. You're doing a fantastic job on here.

Cheers!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 PM

Posted 28 August 2012 - 06:51 AM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users