Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is "atikmpag.sys" my current virus or just an error that caused me many Blue Screens?


  • Please log in to reply
13 replies to this topic

#1 jo-prez

jo-prez

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, IL
  • Local time:11:20 PM

Posted 18 April 2012 - 12:49 PM

How you doing guys, I'm worried and very exited to post for the first time on here about my problem. I'm worried because I've been with no working computer for weeks now and I'm hoping to get get some help on here from the experts.

HINT* Before mentioning my problem, I remember installing some windows updates days before the whole problem happened. But ok my problem started on a regular day using the internet I remember I was watching a youtube video and running other open tabs on IE explorer at the same time and eventually my computer crashed giving me a blue screen with the first error "atikmdag.sys". I restarted my computer on normal mode and everything seemed to work fine again. I went back to watching a video on youtube and I recieved a message on my taskbar saying “Display driver stopped responding and has recovered”. I noticed my video and sound freezing and again my computer crashed giving me the same "atikmdag.sys" error. I then did some research on the error and I came to the conclusion that it was related to my video card. Many people believe it could be multiple different causes that triggers that error(failing video card, power supply, etc.) The first step i took was to update my video drivers aka CCC(Catalyst Control Center)from AMD, but the problem kept coming, and each time it was more often. Eventually I wouldn't get any sound at all, I didn't had to do anything and I would still get the blue screens with the same error. But now I would also get artifacts(color lines) all over my screen on startup. I was in the process of uninstalling the video drivers again before I would get to update them with a newer version during that same month, but i never got the chance to install my video drivers at all because I wasn't able to start windows in normal mode anymore, I would only get blue screens. I did got the chance of uninstalling the CCC before my computer would give me blue screens, but now my computer is with no CCC installed, and I would now get error "atikmpag" all the time, notice how this error is different from the first one.


That was one of my problems, but then i was forced to go onto Safe Mode with Networking cause of the problem. I never in my life used safe mode before, and I didn't know my Norton Security Suite did not work on safe mode!! Also I didn't know what a firewall was, I was so ignorant and uninformed about it and i guess my firewall was disabled too and i didn't pay any attention to it and left it like that. I would then go online on safe mode trying to find a fix for my problem when all of a sudden lots of windows popped out with errors saying my computer was infected and if I wanted to do a system scan, and i pressed yes then it would want me to buy the full version in order to fix my computer. I realized it was a virus and went to shut down my computer because I freaked out. I then restarted my computer on normal mode and this time my computer was able to load into normal mode, but everything was gone! I did my research and I realized it was one of the fake viruses that you guys talk about in your page. I don't want to go into every single detail about everything I did to try to remove the virus/malware since this isn't the right forum topic to talk about that. But I do want to mention that I used TDSSKiller, Rkill, Malwarebytes, SUPERAntiSpyware, and Unhide to kill the virus following steps on different posts on the website(I was not a member when I did all this). I just wanted to say I always get this virus that keeps coming back on Malwarebytes. Sometimes it keeps appearing as a Registry Value("Runonce|GrpConv") and sometimes as a file("grpconv.exe) and sometimes as both at the same time. I do scan after scan it always keeps coming back after rebooting my computer.


My question is about the current error I have "atikmpag.sys", is that error related to this "grpconv.exe" "Runonce|GrpConv" virus/malware on my computer? Was atikmpag.sys what forced me to go onto safemode and then get infected or is atikmpag.sys really a video card error? I would like to know if it's really a virus that can be fixed or should I start ordering a new video card already? I wouldn't like to waste money on a new video card just to maybe find out that wasn't the problem, I would like to make sure first. What do you guys think? Any help would be greatly appretiated and sorry if this wasn't the right place to post this topic but I'm so lost, and this problem is driving me insane. If the moderators think I should post somewhere else please guide me on the right direction, THANKS in advance! and sorry for the long post.


-THINGS TO HAVE IN MIND-

*There's still isn't any video drivers installed(CCC)
*I can no longer load windows into normal mode only safe mode
*Artifacts(color lines) appear all over my screen on every start up
*If I let windows load into normal mode, I would get a Blue Screen with error "atikmpag.sys"
*Malwarebytes detects "grpconv.exe" and "Runonce|GrpConv" coming back on every scan


-My PC is a Windows Vista 64
-My video card is a ATI Radeon HD 4850
-My power supply is 475 watts

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:20 AM

Posted 22 April 2012 - 11:29 AM

Hello lets start by running 3 items.
Did TDSS killer find any thing?

The atikmpag.sys is a driver file of your ATI graphic card.
grpconv.exe is malware.

First some system info.
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Do not reboot in vrterrn these

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

>>>
Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jo-prez

jo-prez
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, IL
  • Local time:11:20 PM

Posted 22 April 2012 - 04:28 PM

Hi there thanks for replying.
TDSS killer found lots of things, please let me know if you want to see the log and I'll post it for you.

Before I go ahead and do all the steps you require for me to do, I wanted to ask you something. I was reading all the steps, and I noticed that maybe you want me to do it all in normal mode? I haven't been able to log into normal mode for a while now because everytime I try it my computer crashes and gives me lots of dots and colored lines all over my screen and then I get a blue screen with the "atikmpag.sys" error. Is it ok to go ahead and do all the steps in safe mode with networking, including the steps you mentioned for MBAM?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:20 AM

Posted 22 April 2012 - 05:26 PM

Yes,post the TDSS log,, Use safe with networking if you have to.

Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 jo-prez

jo-prez
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, IL
  • Local time:11:20 PM

Posted 22 April 2012 - 08:40 PM

hello again, here are the logs you asked for TDSS, MiniToolBox, MBAM and aswMBR.


TDSS Killer Log:

06:36:19.0898 2032 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
06:36:20.0225 2032 ============================================================
06:36:20.0225 2032 Current date / time: 2012/03/27 06:36:20.0225
06:36:20.0225 2032 SystemInfo:
06:36:20.0225 2032
06:36:20.0225 2032 OS Version: 6.0.6002 ServicePack: 2.0
06:36:20.0225 2032 Product type: Workstation
06:36:20.0225 2032 ComputerName: PEPE-PC
06:36:20.0225 2032 UserName: Pepe
06:36:20.0225 2032 Windows directory: C:\Windows
06:36:20.0225 2032 System windows directory: C:\Windows
06:36:20.0225 2032 Running under WOW64
06:36:20.0225 2032 Processor architecture: Intel x64
06:36:20.0225 2032 Number of processors: 8
06:36:20.0225 2032 Page size: 0x1000
06:36:20.0225 2032 Boot type: Safe boot with network
06:36:20.0225 2032 ============================================================
06:36:24.0406 2032 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:36:24.0422 2032 \Device\Harddisk0\DR0:
06:36:24.0437 2032 MBR used
06:36:24.0437 2032 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x1E00000
06:36:24.0437 2032 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x728E2800
06:36:24.0609 2032 Initialize success
06:36:24.0609 2032 ============================================================
06:36:27.0214 0756 ============================================================
06:36:27.0214 0756 Scan started
06:36:27.0214 0756 Mode: Manual;
06:36:27.0214 0756 ============================================================
06:36:29.0367 0756 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
06:36:29.0383 0756 ACPI - ok
06:36:29.0741 0756 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
06:36:29.0757 0756 adfs - ok
06:36:30.0131 0756 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
06:36:30.0194 0756 adp94xx - ok
06:36:30.0506 0756 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
06:36:30.0506 0756 adpahci - ok
06:36:30.0771 0756 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
06:36:30.0802 0756 adpu160m - ok
06:36:31.0161 0756 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
06:36:31.0192 0756 adpu320 - ok
06:36:31.0504 0756 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
06:36:31.0567 0756 AeLookupSvc - ok
06:36:31.0769 0756 AERTFilters (7394641611ef3ab2d041f104f1e8c1b9) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
06:36:31.0785 0756 AERTFilters - ok
06:36:32.0144 0756 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
06:36:32.0206 0756 AFD - ok
06:36:32.0503 0756 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
06:36:32.0503 0756 agp440 - ok
06:36:32.0830 0756 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
06:36:32.0846 0756 aic78xx - ok
06:36:33.0548 0756 Akamai (31bd294dc6ddbc0f16356d958d0743a4) c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll
06:36:33.0548 0756 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll. md5: 31bd294dc6ddbc0f16356d958d0743a4
06:36:33.0548 0756 Akamai ( HiddenFile.Multi.Generic ) - warning
06:36:33.0548 0756 Akamai - detected HiddenFile.Multi.Generic (1)
06:36:33.0766 0756 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
06:36:33.0782 0756 ALG - ok
06:36:34.0047 0756 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
06:36:34.0078 0756 aliide - ok
06:36:34.0453 0756 AMD External Events Utility (962227630779043b5c1d4cd157abb912) C:\Windows\system32\atiesrxx.exe
06:36:34.0468 0756 AMD External Events Utility - ok
06:36:34.0718 0756 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
06:36:34.0718 0756 amdide - ok
06:36:35.0030 0756 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
06:36:35.0045 0756 AmdK8 - ok
06:36:37.0791 0756 amdkmdag (56d6631761ec37745f0df16bcdc4caf4) C:\Windows\system32\DRIVERS\atikmdag.sys
06:36:42.0518 0756 amdkmdag - ok
06:36:42.0908 0756 amdkmdap (2d9005ea0bfd25c740e53c8dd3c069e0) C:\Windows\system32\DRIVERS\atikmpag.sys
06:36:42.0955 0756 amdkmdap - ok
06:36:43.0313 0756 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
06:36:43.0313 0756 Appinfo - ok
06:36:43.0563 0756 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
06:36:43.0594 0756 arc - ok
06:36:43.0906 0756 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
06:36:43.0937 0756 arcsas - ok
06:36:44.0203 0756 astcc - ok
06:36:44.0437 0756 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
06:36:44.0452 0756 AsyncMac - ok
06:36:44.0780 0756 atapi (f988bb0690cd660318037908e9b8dbf7) C:\Windows\system32\drivers\atapi.sys
06:36:44.0795 0756 atapi - ok
06:36:45.0170 0756 AtiHDAudioService (9e66c9e321a7c596ca12d839a77fcb95) C:\Windows\system32\drivers\AtihdLH6.sys
06:36:45.0185 0756 AtiHDAudioService - ok
06:36:47.0853 0756 atikmdag (56d6631761ec37745f0df16bcdc4caf4) C:\Windows\system32\DRIVERS\atikmdag.sys
06:36:47.0900 0756 atikmdag - ok
06:36:48.0274 0756 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
06:36:48.0337 0756 AudioEndpointBuilder - ok
06:36:48.0399 0756 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
06:36:48.0399 0756 AudioSrv - ok
06:36:48.0742 0756 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
06:36:48.0758 0756 BFE - ok
06:36:49.0382 0756 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
06:36:50.0209 0756 BHDrvx64 - ok
06:36:50.0645 0756 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
06:36:51.0004 0756 BITS - ok
06:36:51.0269 0756 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
06:36:51.0285 0756 blbdrive - ok
06:36:51.0519 0756 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
06:36:51.0519 0756 bowser - ok
06:36:51.0847 0756 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
06:36:51.0862 0756 BrFiltLo - ok
06:36:52.0143 0756 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
06:36:52.0159 0756 BrFiltUp - ok
06:36:52.0393 0756 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
06:36:52.0408 0756 Browser - ok
06:36:52.0783 0756 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
06:36:52.0814 0756 Brserid - ok
06:36:53.0110 0756 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
06:36:53.0126 0756 BrSerWdm - ok
06:36:53.0391 0756 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
06:36:53.0422 0756 BrUsbMdm - ok
06:36:53.0609 0756 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
06:36:53.0609 0756 BrUsbSer - ok
06:36:53.0937 0756 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
06:36:53.0953 0756 BTHMODEM - ok
06:36:54.0296 0756 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
06:36:54.0296 0756 BVRPMPR5a64 - ok
06:36:54.0577 0756 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
06:36:54.0608 0756 cdfs - ok
06:36:54.0920 0756 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
06:36:54.0935 0756 cdrom - ok
06:36:55.0263 0756 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
06:36:55.0279 0756 CertPropSvc - ok
06:36:55.0481 0756 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
06:36:55.0497 0756 circlass - ok
06:36:55.0840 0756 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
06:36:55.0903 0756 CLFS - ok
06:36:56.0074 0756 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:36:56.0168 0756 clr_optimization_v2.0.50727_32 - ok
06:36:56.0402 0756 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:36:56.0495 0756 clr_optimization_v2.0.50727_64 - ok
06:36:56.0761 0756 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:36:56.0917 0756 clr_optimization_v4.0.30319_32 - ok
06:36:57.0135 0756 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:36:57.0244 0756 clr_optimization_v4.0.30319_64 - ok
06:36:57.0525 0756 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
06:36:57.0541 0756 cmdide - ok
06:36:57.0743 0756 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\drivers\compbatt.sys
06:36:57.0759 0756 Compbatt - ok
06:36:57.0915 0756 COMSysApp - ok
06:36:58.0024 0756 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
06:36:58.0040 0756 crcdisk - ok
06:36:58.0289 0756 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
06:36:58.0321 0756 CryptSvc - ok
06:36:58.0570 0756 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
06:36:58.0617 0756 DcomLaunch - ok
06:36:58.0711 0756 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
06:36:58.0711 0756 DfsC - ok
06:36:58.0804 0756 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
06:36:58.0867 0756 DFSR - ok
06:36:59.0116 0756 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
06:36:59.0163 0756 Dhcp - ok
06:36:59.0413 0756 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
06:36:59.0428 0756 disk - ok
06:36:59.0600 0756 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
06:36:59.0615 0756 Dnscache - ok
06:36:59.0818 0756 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
06:36:59.0849 0756 DockLoginService - ok
06:37:00.0083 0756 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
06:37:00.0115 0756 dot3svc - ok
06:37:00.0349 0756 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
06:37:00.0380 0756 DPS - ok
06:37:00.0614 0756 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
06:37:00.0645 0756 drmkaud - ok
06:37:00.0957 0756 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
06:37:01.0066 0756 DXGKrnl - ok
06:37:01.0425 0756 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
06:37:01.0487 0756 e1express - ok
06:37:01.0815 0756 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
06:37:01.0862 0756 E1G60 - ok
06:37:02.0065 0756 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
06:37:02.0080 0756 EapHost - ok
06:37:02.0314 0756 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
06:37:02.0330 0756 Ecache - ok
06:37:02.0579 0756 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
06:37:02.0673 0756 eeCtrl - ok
06:37:02.0829 0756 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
06:37:02.0876 0756 ehRecvr - ok
06:37:03.0063 0756 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
06:37:03.0063 0756 ehSched - ok
06:37:03.0219 0756 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
06:37:03.0235 0756 ehstart - ok
06:37:03.0391 0756 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
06:37:03.0406 0756 elxstor - ok
06:37:03.0453 0756 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
06:37:03.0453 0756 EMDMgmt - ok
06:37:03.0547 0756 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
06:37:03.0547 0756 EraserUtilRebootDrv - ok
06:37:03.0640 0756 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
06:37:03.0656 0756 ErrDev - ok
06:37:03.0749 0756 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
06:37:03.0796 0756 EventSystem - ok
06:37:04.0046 0756 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
06:37:04.0077 0756 exfat - ok
06:37:04.0311 0756 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
06:37:04.0342 0756 fastfat - ok
06:37:04.0607 0756 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
06:37:04.0623 0756 fdc - ok
06:37:04.0826 0756 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
06:37:04.0826 0756 fdPHost - ok
06:37:05.0060 0756 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
06:37:05.0075 0756 FDResPub - ok
06:37:05.0294 0756 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
06:37:05.0309 0756 FileInfo - ok
06:37:05.0559 0756 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
06:37:05.0575 0756 Filetrace - ok
06:37:05.0809 0756 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
06:37:05.0824 0756 flpydisk - ok
06:37:06.0152 0756 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
06:37:06.0167 0756 FltMgr - ok
06:37:06.0620 0756 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
06:37:06.0745 0756 FontCache - ok
06:37:06.0994 0756 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:37:07.0010 0756 FontCache3.0.0.0 - ok
06:37:07.0181 0756 Freemake Improver (37c2ff67a2565286f1c1c1072be74678) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
06:37:07.0181 0756 Freemake Improver - ok
06:37:07.0291 0756 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
06:37:07.0291 0756 fssfltr - ok
06:37:07.0571 0756 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
06:37:07.0712 0756 fsssvc - ok
06:37:07.0961 0756 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
06:37:07.0977 0756 Fs_Rec - ok
06:37:08.0227 0756 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
06:37:08.0258 0756 gagp30kx - ok
06:37:08.0461 0756 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
06:37:08.0461 0756 GEARAspiWDM - ok
06:37:08.0632 0756 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
06:37:08.0695 0756 gpsvc - ok
06:37:08.0851 0756 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:37:08.0851 0756 gupdate - ok
06:37:08.0897 0756 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:37:08.0897 0756 gupdatem - ok
06:37:09.0069 0756 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
06:37:09.0085 0756 gusvc - ok
06:37:09.0397 0756 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
06:37:09.0412 0756 HdAudAddService - ok
06:37:09.0755 0756 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
06:37:09.0787 0756 HDAudBus - ok
06:37:10.0005 0756 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
06:37:10.0052 0756 HidBth - ok
06:37:10.0223 0756 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
06:37:10.0255 0756 HidIr - ok
06:37:10.0379 0756 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
06:37:10.0395 0756 hidserv - ok
06:37:10.0473 0756 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
06:37:10.0473 0756 HidUsb - ok
06:37:10.0551 0756 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
06:37:10.0551 0756 hkmsvc - ok
06:37:10.0707 0756 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
06:37:10.0738 0756 HpCISSs - ok
06:37:11.0003 0756 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
06:37:11.0050 0756 HTTP - ok
06:37:11.0269 0756 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
06:37:11.0269 0756 i2omp - ok
06:37:11.0425 0756 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
06:37:11.0456 0756 i8042prt - ok
06:37:11.0659 0756 IAANTMON (3e42c4691aad4b1e8d0466f9cbf05cbe) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
06:37:11.0674 0756 IAANTMON - ok
06:37:11.0955 0756 iaStor (fc28e90f2204d8fd147fa9bfa8a51c01) C:\Windows\system32\drivers\iastor.sys
06:37:11.0955 0756 iaStor - ok
06:37:12.0205 0756 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
06:37:12.0251 0756 iaStorV - ok
06:37:12.0626 0756 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:37:12.0719 0756 idsvc - ok
06:37:13.0016 0756 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120323.002\IDSvia64.sys
06:37:13.0031 0756 IDSVia64 - ok
06:37:13.0312 0756 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
06:37:13.0328 0756 iirsp - ok
06:37:13.0655 0756 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
06:37:13.0718 0756 IKEEXT - ok
06:37:13.0999 0756 IntcAzAudAddService (e28edf74900e68184f44cfcdd66f1bc3) C:\Windows\system32\drivers\RTKVHD64.sys
06:37:14.0061 0756 IntcAzAudAddService - ok
06:37:14.0311 0756 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
06:37:14.0311 0756 intelide - ok
06:37:14.0326 0756 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
06:37:14.0326 0756 intelppm - ok
06:37:14.0373 0756 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
06:37:14.0373 0756 IPBusEnum - ok
06:37:14.0451 0756 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:37:14.0451 0756 IpFilterDriver - ok
06:37:14.0513 0756 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
06:37:14.0513 0756 iphlpsvc - ok
06:37:14.0560 0756 IpInIp - ok
06:37:14.0638 0756 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
06:37:14.0638 0756 IPMIDRV - ok
06:37:14.0685 0756 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
06:37:14.0701 0756 IPNAT - ok
06:37:14.0747 0756 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
06:37:14.0747 0756 IRENUM - ok
06:37:14.0841 0756 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
06:37:14.0841 0756 isapnp - ok
06:37:15.0044 0756 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
06:37:15.0059 0756 iScsiPrt - ok
06:37:15.0231 0756 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
06:37:15.0231 0756 iteatapi - ok
06:37:15.0278 0756 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
06:37:15.0278 0756 iteraid - ok
06:37:15.0434 0756 JRAID (db85fe8d6cbaa2047cb4da1b2c193d76) C:\Windows\system32\drivers\jraid.sys
06:37:15.0449 0756 JRAID - ok
06:37:15.0590 0756 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
06:37:15.0590 0756 kbdclass - ok
06:37:15.0621 0756 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
06:37:15.0621 0756 kbdhid - ok
06:37:15.0668 0756 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
06:37:15.0668 0756 KeyIso - ok
06:37:15.0715 0756 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
06:37:15.0746 0756 KSecDD - ok
06:37:15.0949 0756 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
06:37:15.0964 0756 ksthunk - ok
06:37:16.0073 0756 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
06:37:16.0105 0756 KtmRm - ok
06:37:16.0151 0756 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
06:37:16.0167 0756 LanmanServer - ok
06:37:16.0261 0756 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
06:37:16.0292 0756 LanmanWorkstation - ok
06:37:16.0385 0756 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
06:37:16.0401 0756 lltdio - ok
06:37:16.0495 0756 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
06:37:16.0526 0756 lltdsvc - ok
06:37:16.0604 0756 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
06:37:16.0635 0756 lmhosts - ok
06:37:16.0713 0756 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
06:37:16.0729 0756 LSI_FC - ok
06:37:16.0775 0756 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
06:37:16.0775 0756 LSI_SAS - ok
06:37:16.0869 0756 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
06:37:16.0869 0756 LSI_SCSI - ok
06:37:16.0931 0756 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
06:37:16.0947 0756 luafv - ok
06:37:17.0072 0756 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
06:37:17.0087 0756 MBAMProtector - ok
06:37:17.0290 0756 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
06:37:17.0337 0756 MBAMService - ok
06:37:17.0555 0756 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
06:37:17.0587 0756 Mcx2Svc - ok
06:37:17.0743 0756 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
06:37:17.0743 0756 megasas - ok
06:37:17.0867 0756 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
06:37:17.0899 0756 MegaSR - ok
06:37:18.0008 0756 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
06:37:18.0008 0756 MMCSS - ok
06:37:18.0055 0756 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
06:37:18.0070 0756 Modem - ok
06:37:18.0179 0756 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
06:37:18.0179 0756 monitor - ok
06:37:18.0257 0756 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
06:37:18.0257 0756 mouclass - ok
06:37:18.0335 0756 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
06:37:18.0335 0756 mouhid - ok
06:37:18.0351 0756 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
06:37:18.0367 0756 MountMgr - ok
06:37:18.0445 0756 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
06:37:18.0460 0756 mpio - ok
06:37:18.0523 0756 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
06:37:18.0523 0756 mpsdrv - ok
06:37:18.0632 0756 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
06:37:18.0663 0756 MpsSvc - ok
06:37:18.0679 0756 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
06:37:18.0694 0756 Mraid35x - ok
06:37:18.0772 0756 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
06:37:18.0772 0756 MRxDAV - ok
06:37:18.0850 0756 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
06:37:18.0866 0756 mrxsmb - ok
06:37:18.0944 0756 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:37:18.0944 0756 mrxsmb10 - ok
06:37:18.0991 0756 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:37:19.0006 0756 mrxsmb20 - ok
06:37:19.0053 0756 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
06:37:19.0053 0756 msahci - ok
06:37:19.0209 0756 MSCamSvc (023e10227d83b47d3b72c9ffcd323704) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
06:37:19.0225 0756 MSCamSvc - ok
06:37:19.0303 0756 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
06:37:19.0334 0756 msdsm - ok
06:37:19.0412 0756 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
06:37:19.0443 0756 MSDTC - ok
06:37:19.0490 0756 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
06:37:19.0505 0756 Msfs - ok
06:37:19.0630 0756 MSHUSBVideo (0bbe794e0c54621cfa8ed9b5850baaae) C:\Windows\system32\Drivers\nx6000.sys
06:37:19.0646 0756 MSHUSBVideo - ok
06:37:19.0739 0756 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
06:37:19.0755 0756 msisadrv - ok
06:37:19.0833 0756 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
06:37:19.0833 0756 MSiSCSI - ok
06:37:19.0880 0756 msiserver - ok
06:37:19.0989 0756 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
06:37:19.0989 0756 MSKSSRV - ok
06:37:20.0036 0756 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
06:37:20.0036 0756 MSPCLOCK - ok
06:37:20.0067 0756 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
06:37:20.0067 0756 MSPQM - ok
06:37:20.0114 0756 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
06:37:20.0129 0756 MsRPC - ok
06:37:20.0207 0756 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
06:37:20.0207 0756 mssmbios - ok
06:37:20.0301 0756 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
06:37:20.0317 0756 MSTEE - ok
06:37:20.0363 0756 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
06:37:20.0363 0756 Mup - ok
06:37:20.0519 0756 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
06:37:20.0551 0756 N360 - ok
06:37:20.0644 0756 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
06:37:20.0644 0756 napagent - ok
06:37:20.0769 0756 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
06:37:20.0769 0756 NativeWifiP - ok
06:37:21.0112 0756 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120323.023\ENG64.SYS
06:37:21.0143 0756 NAVENG - ok
06:37:21.0689 0756 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120323.023\EX64.SYS
06:37:21.0830 0756 NAVEX15 - ok
06:37:22.0189 0756 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
06:37:22.0251 0756 NDIS - ok
06:37:22.0345 0756 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
06:37:22.0360 0756 NdisTapi - ok
06:37:22.0407 0756 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
06:37:22.0423 0756 Ndisuio - ok
06:37:22.0501 0756 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
06:37:22.0516 0756 NdisWan - ok
06:37:22.0594 0756 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
06:37:22.0610 0756 NDProxy - ok
06:37:22.0688 0756 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
06:37:22.0688 0756 NetBIOS - ok
06:37:22.0781 0756 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
06:37:22.0813 0756 netbt - ok
06:37:22.0875 0756 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
06:37:22.0875 0756 Netlogon - ok
06:37:23.0015 0756 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
06:37:23.0015 0756 Netman - ok
06:37:23.0078 0756 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
06:37:23.0078 0756 netprofm - ok
06:37:23.0234 0756 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:37:23.0234 0756 NetTcpPortSharing - ok
06:37:23.0327 0756 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
06:37:23.0343 0756 nfrd960 - ok
06:37:23.0405 0756 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
06:37:23.0421 0756 NlaSvc - ok
06:37:23.0515 0756 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
06:37:23.0515 0756 Npfs - ok
06:37:23.0546 0756 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
06:37:23.0561 0756 nsi - ok
06:37:23.0702 0756 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
06:37:23.0702 0756 nsiproxy - ok
06:37:23.0936 0756 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
06:37:24.0076 0756 Ntfs - ok
06:37:24.0139 0756 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
06:37:24.0154 0756 Null - ok
06:37:24.0248 0756 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
06:37:24.0279 0756 nvraid - ok
06:37:24.0373 0756 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
06:37:24.0388 0756 nvstor - ok
06:37:24.0482 0756 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
06:37:24.0513 0756 nv_agp - ok
06:37:24.0560 0756 NwlnkFlt - ok
06:37:24.0607 0756 NwlnkFwd - ok
06:37:24.0685 0756 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
06:37:24.0685 0756 ohci1394 - ok
06:37:24.0903 0756 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
06:37:24.0950 0756 p2pimsvc - ok
06:37:24.0997 0756 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
06:37:24.0997 0756 p2psvc - ok
06:37:25.0309 0756 PAC207 (9a0d2e75de12c577388aed146e9d3429) C:\Windows\system32\DRIVERS\PFC027.SYS
06:37:25.0387 0756 PAC207 - ok
06:37:25.0511 0756 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
06:37:25.0543 0756 Parport - ok
06:37:25.0589 0756 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
06:37:25.0621 0756 partmgr - ok
06:37:25.0683 0756 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
06:37:25.0699 0756 PcaSvc - ok
06:37:25.0777 0756 pccsmcfd - ok
06:37:25.0886 0756 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
06:37:25.0901 0756 pci - ok
06:37:25.0995 0756 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
06:37:26.0011 0756 pciide - ok
06:37:26.0104 0756 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
06:37:26.0135 0756 pcmcia - ok
06:37:26.0276 0756 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
06:37:26.0307 0756 PEAUTH - ok
06:37:26.0416 0756 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
06:37:26.0557 0756 PerfHost - ok
06:37:26.0681 0756 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
06:37:26.0713 0756 pla - ok
06:37:26.0853 0756 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
06:37:26.0884 0756 PlugPlay - ok
06:37:26.0947 0756 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
06:37:26.0962 0756 PNRPAutoReg - ok
06:37:26.0993 0756 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
06:37:27.0009 0756 PNRPsvc - ok
06:37:27.0087 0756 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
06:37:27.0118 0756 PolicyAgent - ok
06:37:27.0181 0756 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
06:37:27.0196 0756 PptpMiniport - ok
06:37:27.0305 0756 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
06:37:27.0337 0756 Processor - ok
06:37:27.0430 0756 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
06:37:27.0446 0756 ProfSvc - ok
06:37:27.0539 0756 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
06:37:27.0555 0756 ProtectedStorage - ok
06:37:27.0617 0756 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
06:37:27.0633 0756 PSched - ok
06:37:27.0742 0756 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
06:37:27.0758 0756 PxHlpa64 - ok
06:37:27.0961 0756 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
06:37:28.0023 0756 ql2300 - ok
06:37:28.0085 0756 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
06:37:28.0117 0756 ql40xx - ok
06:37:28.0195 0756 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
06:37:28.0210 0756 QWAVE - ok
06:37:28.0288 0756 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
06:37:28.0304 0756 QWAVEdrv - ok
06:37:29.0411 0756 R300 (56d6631761ec37745f0df16bcdc4caf4) C:\Windows\system32\DRIVERS\atikmdag.sys
06:37:29.0458 0756 R300 - ok
06:37:29.0599 0756 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
06:37:29.0599 0756 RasAcd - ok
06:37:29.0630 0756 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
06:37:29.0645 0756 RasAuto - ok
06:37:29.0692 0756 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
06:37:29.0692 0756 Rasl2tp - ok
06:37:29.0723 0756 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
06:37:29.0739 0756 RasMan - ok
06:37:29.0786 0756 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
06:37:29.0786 0756 RasPppoe - ok
06:37:29.0848 0756 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
06:37:29.0879 0756 RasSstp - ok
06:37:29.0957 0756 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
06:37:29.0957 0756 rdbss - ok
06:37:30.0067 0756 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
06:37:30.0082 0756 RDPCDD - ok
06:37:30.0223 0756 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
06:37:30.0238 0756 rdpdr - ok
06:37:30.0285 0756 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
06:37:30.0285 0756 RDPENCDD - ok
06:37:30.0332 0756 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
06:37:30.0347 0756 RDPWD - ok
06:37:30.0425 0756 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
06:37:30.0441 0756 RemoteAccess - ok
06:37:30.0519 0756 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
06:37:30.0519 0756 RemoteRegistry - ok
06:37:30.0581 0756 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
06:37:30.0581 0756 RpcLocator - ok
06:37:30.0675 0756 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
06:37:30.0675 0756 RpcSs - ok
06:37:30.0769 0756 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
06:37:30.0769 0756 rspndr - ok
06:37:30.0909 0756 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys
06:37:30.0925 0756 RTL8169 - ok
06:37:30.0987 0756 RTSTOR (0851174830dafad4eacc4dd818d803d1) C:\Windows\system32\drivers\RTSTOR64.SYS
06:37:31.0018 0756 RTSTOR - ok
06:37:31.0143 0756 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
06:37:31.0143 0756 SamSs - ok
06:37:31.0205 0756 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
06:37:31.0221 0756 sbp2port - ok
06:37:31.0330 0756 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
06:37:31.0330 0756 SCardSvr - ok
06:37:31.0439 0756 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\Windows\system32\drivers\SCDEmu.sys
06:37:31.0455 0756 SCDEmu - ok
06:37:31.0564 0756 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
06:37:31.0595 0756 Schedule - ok
06:37:31.0627 0756 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
06:37:31.0627 0756 SCPolicySvc - ok
06:37:31.0658 0756 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
06:37:31.0658 0756 SDRSVC - ok
06:37:31.0814 0756 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
06:37:31.0814 0756 SeaPort - ok
06:37:31.0892 0756 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
06:37:31.0907 0756 secdrv - ok
06:37:31.0985 0756 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
06:37:31.0985 0756 seclogon - ok
06:37:32.0017 0756 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
06:37:32.0017 0756 SENS - ok
06:37:32.0079 0756 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
06:37:32.0079 0756 Serenum - ok
06:37:32.0126 0756 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
06:37:32.0141 0756 Serial - ok
06:37:32.0204 0756 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
06:37:32.0219 0756 sermouse - ok
06:37:32.0297 0756 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
06:37:32.0313 0756 SessionEnv - ok
06:37:32.0344 0756 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
06:37:32.0344 0756 sffdisk - ok
06:37:32.0375 0756 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
06:37:32.0391 0756 sffp_mmc - ok
06:37:32.0438 0756 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
06:37:32.0453 0756 sffp_sd - ok
06:37:32.0516 0756 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
06:37:32.0531 0756 sfloppy - ok
06:37:32.0703 0756 SftService (4ef8fc5158aa1a01df37fdb3fadda077) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
06:37:32.0750 0756 SftService - ok
06:37:32.0828 0756 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
06:37:32.0843 0756 SharedAccess - ok
06:37:32.0937 0756 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
06:37:32.0953 0756 ShellHWDetection - ok
06:37:33.0031 0756 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
06:37:33.0031 0756 SiSRaid2 - ok
06:37:33.0109 0756 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
06:37:33.0124 0756 SiSRaid4 - ok
06:37:33.0187 0756 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
06:37:33.0218 0756 slsvc - ok
06:37:33.0280 0756 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
06:37:33.0296 0756 SLUINotify - ok
06:37:33.0343 0756 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
06:37:33.0358 0756 Smb - ok
06:37:33.0421 0756 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
06:37:33.0436 0756 SNMPTRAP - ok
06:37:33.0467 0756 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
06:37:33.0499 0756 spldr - ok
06:37:33.0592 0756 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
06:37:33.0608 0756 Spooler - ok
06:37:33.0670 0756 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
06:37:33.0686 0756 SRTSP - ok
06:37:33.0717 0756 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
06:37:33.0748 0756 SRTSPX - ok
06:37:33.0826 0756 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
06:37:33.0842 0756 srv - ok
06:37:33.0857 0756 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
06:37:33.0873 0756 srv2 - ok
06:37:33.0904 0756 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
06:37:33.0904 0756 srvnet - ok
06:37:33.0982 0756 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys
06:37:33.0982 0756 sscdbus - ok
06:37:34.0045 0756 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys
06:37:34.0045 0756 sscdmdfl - ok
06:37:34.0091 0756 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys
06:37:34.0091 0756 sscdmdm - ok
06:37:34.0138 0756 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
06:37:34.0138 0756 SSDPSRV - ok
06:37:34.0232 0756 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
06:37:34.0232 0756 SstpSvc - ok
06:37:34.0263 0756 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
06:37:34.0279 0756 stisvc - ok
06:37:34.0357 0756 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
06:37:34.0357 0756 stllssvr - ok
06:37:34.0403 0756 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
06:37:34.0403 0756 swenum - ok
06:37:34.0481 0756 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
06:37:34.0513 0756 SwitchBoard - ok
06:37:34.0637 0756 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
06:37:34.0669 0756 swprv - ok
06:37:34.0700 0756 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
06:37:34.0700 0756 Symc8xx - ok
06:37:34.0793 0756 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
06:37:34.0793 0756 SymDS - ok
06:37:34.0887 0756 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
06:37:34.0903 0756 SymEFA - ok
06:37:34.0996 0756 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
06:37:35.0012 0756 SymEvent - ok
06:37:35.0043 0756 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
06:37:35.0043 0756 SymIRON - ok
06:37:35.0121 0756 SYMTDIv (61d06be74fa23ebb7d816e4468edd19e) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMTDIV.SYS
06:37:35.0121 0756 SYMTDIv - ok
06:37:35.0168 0756 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
06:37:35.0168 0756 Sym_hi - ok
06:37:35.0215 0756 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
06:37:35.0230 0756 Sym_u3 - ok
06:37:35.0293 0756 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
06:37:35.0308 0756 SysMain - ok
06:37:35.0339 0756 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
06:37:35.0355 0756 TabletInputService - ok
06:37:35.0449 0756 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
06:37:35.0449 0756 TapiSrv - ok
06:37:35.0495 0756 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
06:37:35.0495 0756 TBS - ok
06:37:35.0573 0756 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
06:37:35.0573 0756 Tcpip - ok
06:37:35.0605 0756 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
06:37:35.0605 0756 Tcpip6 - ok
06:37:35.0683 0756 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
06:37:35.0683 0756 tcpipreg - ok
06:37:35.0714 0756 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
06:37:35.0745 0756 TDPIPE - ok
06:37:35.0792 0756 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
06:37:35.0792 0756 TDTCP - ok
06:37:35.0870 0756 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
06:37:35.0885 0756 tdx - ok
06:37:35.0995 0756 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
06:37:35.0995 0756 TermDD - ok
06:37:36.0104 0756 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
06:37:36.0104 0756 TermService - ok
06:37:36.0197 0756 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys
06:37:36.0213 0756 TFsExDisk - ok
06:37:36.0322 0756 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
06:37:36.0322 0756 Themes - ok
06:37:36.0416 0756 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
06:37:36.0416 0756 THREADORDER - ok
06:37:36.0509 0756 Tpkd (c676b0f52f2b6483afb88f79cabb011e) C:\Windows\system32\drivers\Tpkd.sys
06:37:36.0541 0756 Tpkd - ok
06:37:36.0603 0756 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
06:37:36.0619 0756 TrkWks - ok
06:37:36.0697 0756 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
06:37:36.0697 0756 TrustedInstaller - ok
06:37:36.0806 0756 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
06:37:36.0806 0756 tssecsrv - ok
06:37:36.0899 0756 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
06:37:36.0899 0756 tunmp - ok
06:37:37.0009 0756 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
06:37:37.0024 0756 tunnel - ok
06:37:37.0055 0756 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
06:37:37.0071 0756 uagp35 - ok
06:37:37.0149 0756 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
06:37:37.0149 0756 udfs - ok
06:37:37.0227 0756 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
06:37:37.0243 0756 UI0Detect - ok
06:37:37.0289 0756 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
06:37:37.0305 0756 uliagpkx - ok
06:37:37.0352 0756 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
06:37:37.0367 0756 uliahci - ok
06:37:37.0414 0756 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
06:37:37.0430 0756 UlSata - ok
06:37:37.0477 0756 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
06:37:37.0508 0756 ulsata2 - ok
06:37:37.0539 0756 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
06:37:37.0539 0756 umbus - ok
06:37:37.0726 0756 Updater Service for StartNow Toolbar (7ccf424450af71461ca5aca14fb45b72) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
06:37:37.0757 0756 Updater Service for StartNow Toolbar - ok
06:37:37.0835 0756 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
06:37:37.0867 0756 upnphost - ok
06:37:37.0929 0756 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
06:37:37.0945 0756 usbaudio - ok
06:37:38.0069 0756 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
06:37:38.0085 0756 usbccgp - ok
06:37:38.0163 0756 usbcir (8c39d53e1a343f4c47ee8f3c052126d8) C:\Windows\system32\DRIVERS\usbcir.sys
06:37:38.0179 0756 usbcir - ok
06:37:38.0257 0756 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
06:37:38.0257 0756 usbehci - ok
06:37:38.0335 0756 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
06:37:38.0366 0756 usbhub - ok
06:37:38.0459 0756 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
06:37:38.0459 0756 usbohci - ok
06:37:38.0491 0756 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
06:37:38.0522 0756 usbprint - ok
06:37:38.0569 0756 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:37:38.0569 0756 USBSTOR - ok
06:37:38.0693 0756 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
06:37:38.0693 0756 usbuhci - ok
06:37:38.0787 0756 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
06:37:38.0803 0756 usbvideo - ok
06:37:38.0849 0756 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
06:37:38.0849 0756 UxSms - ok
06:37:38.0912 0756 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
06:37:38.0943 0756 vds - ok
06:37:39.0005 0756 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
06:37:39.0021 0756 vga - ok
06:37:39.0037 0756 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
06:37:39.0052 0756 VgaSave - ok
06:37:39.0083 0756 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
06:37:39.0083 0756 viaide - ok
06:37:39.0208 0756 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
06:37:39.0224 0756 volmgr - ok
06:37:39.0333 0756 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
06:37:39.0364 0756 volmgrx - ok
06:37:39.0442 0756 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
06:37:39.0442 0756 volsnap - ok
06:37:39.0505 0756 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
06:37:39.0505 0756 vsmraid - ok
06:37:39.0692 0756 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
06:37:39.0754 0756 VSS - ok
06:37:39.0832 0756 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
06:37:39.0863 0756 W32Time - ok
06:37:39.0926 0756 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
06:37:39.0941 0756 WacomPen - ok
06:37:40.0035 0756 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
06:37:40.0035 0756 Wanarp - ok
06:37:40.0051 0756 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
06:37:40.0051 0756 Wanarpv6 - ok
06:37:40.0129 0756 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
06:37:40.0129 0756 wcncsvc - ok
06:37:40.0191 0756 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
06:37:40.0191 0756 WcsPlugInService - ok
06:37:40.0253 0756 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
06:37:40.0269 0756 Wd - ok
06:37:40.0347 0756 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
06:37:40.0394 0756 Wdf01000 - ok
06:37:40.0456 0756 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
06:37:40.0472 0756 WdiServiceHost - ok
06:37:40.0472 0756 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
06:37:40.0487 0756 WdiSystemHost - ok
06:37:40.0534 0756 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
06:37:40.0565 0756 WebClient - ok
06:37:40.0675 0756 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
06:37:40.0675 0756 Wecsvc - ok
06:37:40.0721 0756 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
06:37:40.0753 0756 wercplsupport - ok
06:37:40.0846 0756 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
06:37:40.0862 0756 WerSvc - ok
06:37:40.0955 0756 WinDefend - ok
06:37:40.0955 0756 WinHttpAutoProxySvc - ok
06:37:41.0065 0756 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
06:37:41.0096 0756 Winmgmt - ok
06:37:41.0299 0756 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
06:37:41.0377 0756 WinRM - ok
06:37:41.0470 0756 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
06:37:41.0470 0756 WinUSB - ok
06:37:41.0548 0756 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
06:37:41.0564 0756 Wlansvc - ok
06:37:41.0657 0756 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
06:37:41.0673 0756 wlcrasvc - ok
06:37:41.0782 0756 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:37:41.0876 0756 wlidsvc - ok
06:37:41.0954 0756 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
06:37:41.0954 0756 WmiAcpi - ok
06:37:42.0094 0756 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
06:37:42.0110 0756 wmiApSrv - ok
06:37:42.0141 0756 WMPNetworkSvc - ok
06:37:42.0250 0756 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
06:37:42.0266 0756 WPCSvc - ok
06:37:42.0359 0756 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
06:37:42.0375 0756 WPDBusEnum - ok
06:37:42.0469 0756 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
06:37:42.0484 0756 WpdUsb - ok
06:37:42.0640 0756 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
06:37:42.0687 0756 WPFFontCache_v0400 - ok
06:37:42.0781 0756 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
06:37:42.0796 0756 ws2ifsl - ok
06:37:42.0859 0756 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
06:37:42.0874 0756 wscsvc - ok
06:37:42.0890 0756 WSearch - ok
06:37:43.0061 0756 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
06:37:43.0155 0756 wuauserv - ok
06:37:43.0202 0756 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
06:37:43.0202 0756 WudfPf - ok
06:37:43.0295 0756 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
06:37:43.0311 0756 WUDFRd - ok
06:37:43.0420 0756 wudfsvc (3dcc7bf5afa921b479e622bd999121f3) C:\Windows\System32\WUDFSvc.dll
06:37:43.0436 0756 wudfsvc - ok
06:37:43.0639 0756 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
06:37:43.0670 0756 YahooAUService - ok
06:37:43.0685 0756 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
06:37:43.0717 0756 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
06:37:43.0717 0756 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
06:37:43.0748 0756 Boot (0x1200) (780f976090e2c3ceb08f62b61222530f) \Device\Harddisk0\DR0\Partition0
06:37:43.0748 0756 \Device\Harddisk0\DR0\Partition0 - ok
06:37:43.0779 0756 Boot (0x1200) (f00aa6f9ee9fda814a3ceeb8a0ce3d79) \Device\Harddisk0\DR0\Partition1
06:37:43.0779 0756 \Device\Harddisk0\DR0\Partition1 - ok
06:37:43.0779 0756 ============================================================
06:37:43.0779 0756 Scan finished
06:37:43.0779 0756 ============================================================
06:37:43.0779 1480 Detected object count: 2
06:37:43.0779 1480 Actual detected object count: 2
06:38:47.0411 1480 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
06:38:47.0411 1480 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
06:38:47.0505 1480 \Device\Harddisk0\DR0\# - copied to quarantine
06:38:47.0505 1480 \Device\Harddisk0\DR0 - copied to quarantine
06:38:47.0552 1480 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
06:38:47.0552 1480 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
06:38:47.0552 1480 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
06:38:47.0552 1480 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
06:38:47.0552 1480 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
06:38:47.0552 1480 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
06:38:47.0552 1480 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
06:38:47.0552 1480 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
06:38:47.0567 1480 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
06:38:47.0567 1480 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
06:38:47.0567 1480 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
06:38:47.0567 1480 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
06:38:47.0567 1480 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
06:38:47.0567 1480 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
06:38:47.0567 1480 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
06:38:47.0567 1480 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
06:38:47.0567 1480 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
06:38:47.0614 1480 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
06:38:47.0614 1480 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
06:38:47.0630 1480 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
06:38:47.0692 1480 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
06:38:47.0692 1480 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
06:38:47.0739 1480 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
06:38:47.0739 1480 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
06:38:47.0755 1480 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
06:38:47.0755 1480 \Device\Harddisk0\DR0 - ok
06:38:47.0942 1480 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
06:40:37.0298 1180 Deinitialize success







MiniToolBox Log:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Pepe (administrator) on 22-04-2012 at 18:40:38
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 hl2rcv.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90

There are 1 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Pepe-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-23-AE-E7-08-7A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::156f:1c4d:67f1:ae95%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.59(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, April 22, 2012 6:39:09 PM
Lease Expires . . . . . . . . . . : Monday, April 23, 2012 6:39:08 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 251667374
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-F2-0F-4B-00-23-AE-E7-08-7A
DNS Servers . . . . . . . . . . . : 4.2.2.2
4.2.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E15948E1-A5B2-47BE-A27E-871C216C8DDC}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

Name: google.com
Addresses: 74.125.225.3
74.125.225.4
74.125.225.5
74.125.225.6
74.125.225.7
74.125.225.8
74.125.225.9
74.125.225.14
74.125.225.0
74.125.225.1
74.125.225.2



Pinging google.com [74.125.225.2] with 32 bytes of data:

Reply from 74.125.225.2: bytes=32 time=12ms TTL=55

Reply from 74.125.225.2: bytes=32 time=13ms TTL=55



Ping statistics for 74.125.225.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 12ms, Maximum = 13ms, Average = 12ms

Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=44ms TTL=50

Reply from 209.191.122.70: bytes=32 time=43ms TTL=50



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 43ms, Maximum = 44ms, Average = 43ms

Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 23 ae e7 08 7a ...... Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{E15948E1-A5B2-47BE-A27E-871C216C8DDC}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.59 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.59 276
192.168.1.59 255.255.255.255 On-link 192.168.1.59 276
192.168.1.255 255.255.255.255 On-link 192.168.1.59 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.59 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.59 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::156f:1c4d:67f1:ae95/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/22/2012 06:23:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 06:23:03 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/21/2012 10:46:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2012 10:45:51 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/18/2012 09:06:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2012 09:05:55 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/18/2012 07:28:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2012 07:02:26 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/18/2012 07:00:59 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2012 06:41:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/22/2012 06:39:17 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (04/22/2012 06:23:27 PM) (Source: Service Control Manager) (User: )
Description: BHDrvx64
eeCtrl
IDSVia64
SASDIFSV
SASKUTIL
SCDEmu
spldr
SRTSP
SRTSPX
SymIRON
SYMTDIv
Wanarpv6

Error: (04/22/2012 06:23:27 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (04/22/2012 06:23:08 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (04/22/2012 06:23:07 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (04/22/2012 06:23:03 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/22/2012 06:22:55 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/21/2012 11:05:07 PM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/21/2012 10:46:09 PM) (Source: Service Control Manager) (User: )
Description: BHDrvx64
eeCtrl
IDSVia64
SASDIFSV
SASKUTIL
SCDEmu
spldr
SRTSP
SRTSPX
SymIRON
SYMTDIv
Wanarpv6

Error: (04/21/2012 10:46:09 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068


Microsoft Office Sessions:
=========================
Error: (04/22/2012 06:23:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 06:23:03 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/21/2012 10:46:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2012 10:45:51 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/18/2012 09:06:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2012 09:05:55 AM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/18/2012 07:28:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2012 07:02:26 AM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/18/2012 07:00:59 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2012 06:41:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.62)
Akamai NetSession Interface
Dell Dock (Version: 1.0.0)
Intel® Matrix Storage Manager
Interlok driver setup x64 (Version: 5.8.13)
Java™ 6 Update 13 (64-bit) (Version: 6.0.130)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 9.0.30729.1)
Microsoft LifeCam (Version: 3.0.215.0)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Move Media Player
Native Instruments Compilation Vol. 2 (Version: 1.0.0.003)
Native Instruments Essential Bass (Version: 1.0.0.002)
Native Instruments Kontakt 4 (Version: 4.1.1.3832)
Native Instruments Kontakt Factory Selection (Version: 1.0.0.011)
Native Instruments Kore Player (Version: 2.1.2.8232)
Native Instruments North India (Version: 1.0.0.004)
Native Instruments Service Center (Version: 2.2.3.537)
Photomatix Pro version 4.0.2 (Version: 4.0.2)
rgc:audio z3ta+ 1.5 (Version: 1.5)
Rob Papen Albino 3
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0)
SUPERAntiSpyware (Version: 5.0.1146)
TruePianos 1.5.0
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Mobile Device Updater Component (Version: 04.07.1407.00)
WinRAR archiver
Yahoo! BrowserPlus 2.9.8

========================= Devices: ================================

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.

Name: eHome Infrared Receiver (USBCIR)
Description: eHome Infrared Receiver (USBCIR)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbcir
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Consumer IR Devices
Description: Consumer IR Devices
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: circlass
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


========================= Memory info: ===================================

Percentage of memory in use: 15%
Total physical RAM: 6134.07 MB
Available physical RAM: 5205.99 MB
Total Pagefile: 12379.66 MB
Available Pagefile: 11631.41 MB
Total Virtual: 4095.88 MB
Available Virtual: 3998.03 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:916.44 GB) (Free:467.11 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:7.78 GB) NTFS

========================= Users: ========================================

User accounts for \\PEPE-PC

Administrator Guest Pepe


**** End of log ****








MBAM Log:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.22.06

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Pepe :: PEPE-PC [administrator]

Protection: Disabled

4/22/2012 7:07:22 PM
mbam-log-2012-04-22 (19-07-22).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222681
Time elapsed: 3 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)







aswMBR Log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-22 19:19:09
-----------------------------
19:19:09.854 OS Version: Windows x64 6.0.6002 Service Pack 2
19:19:09.854 Number of processors: 8 586 0x1A04
19:19:09.870 ComputerName: PEPE-PC UserName: Pepe
19:19:11.586 Initialize success
19:19:53.425 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:19:53.425 Disk 0 Vendor: SAMSUNG_ 1AA0 Size: 953869MB BusType: 3
19:19:53.440 Disk 0 MBR read successfully
19:19:53.440 Disk 0 MBR scan
19:19:53.440 Disk 0 Windows VISTA default MBR code
19:19:53.440 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
19:19:53.456 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 145408
19:19:53.472 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 938437 MB offset 31602688
19:19:53.534 Disk 0 scanning C:\Windows\system32\drivers
19:19:59.446 Service scanning
19:20:12.270 Modules scanning
19:20:12.270 Disk 0 trace - called modules:
19:20:12.285 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
19:20:12.285 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068b7060]
19:20:12.285 3 CLASSPNP.SYS[fffffa60012d0c33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006596050]
19:20:12.285 Scan finished successfully
19:21:31.237 Disk 0 MBR has been saved successfully to "C:\Users\Pepe\Desktop\MBR.dat"
19:21:31.237 The log file has been saved successfully to "C:\Users\Pepe\Desktop\aswMBR.txt"




Just to let you know, before running Rkill, I think I didn't had to disable my anti-malware programs(MBAM and SUPERAntiSpyware Free Edition) because I didn't see them running while I was logged into Safe Mode with Networking. Rkill was running ok, but it didn't terminated any processes while running.

About the MBAM posted on here, I guess it came up clean but I just wanted to let you know that in my past scans I did, they were all Full scans and that is when I always get the "grpconv" malware showing. Let me know if you want to see the log I did in the past when MBAM found so much malware...Or I could also do a full MBAM scan so you can see the "grpconv" malware showing.

My computer behaves normal under Safe Mode with Networking except I'm unable to log into Normal mode. I want you to help me figure out how to get rid of that "grpconv" malware that MBAM always finds when doing the full scan and if possible I would love to know how to fix that "atikmpag.sys" blue screen error. But whatever step you want me to do next, you let me know, thanks!

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:20 AM

Posted 22 April 2012 - 09:19 PM

OK, thanks for the info. We removed some najor badware in tDSS.. You need to reboot if you gave not.


Your HOSTS file is infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.






We'll deal with this last or later,, atikmpag.sys


Re run rKill and immediately re run MBAM (FULL)Post those,



And rerun TDSS like this/// we are making progress.

  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 jo-prez

jo-prez
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, IL
  • Local time:11:20 PM

Posted 23 April 2012 - 10:00 AM

Ok sounds great! Right now I'm working on it, so far I got the HOSTS file back to normal and I ran rKill and now MBAM is doing the full scan. It should take a while. I wanted to ask you a question and hope you get to read it before MBAM finishes the full scan: If MBAM requires me to reboot, should I reboot right away, or should I wait and run TDSS right before the reboot? or it doesn't matter at all?

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:20 AM

Posted 23 April 2012 - 10:39 AM

If it lets you wait then wait. If it reboots on its own then rerun Rkill before Tddss.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 jo-prez

jo-prez
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, IL
  • Local time:11:20 PM

Posted 23 April 2012 - 02:45 PM

Hello again. Like I mentioned before, the HOSTS files are back to normal and here are the logs for rKill, MBAM, and TDSS. I must mention that when I ran rKill this message appeared on the black window: "The process cannot access the file because it is being used by another process", so I ran rKill again and it worked normal. But here are the logs:



rKill:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 04/23/2012 at 14:19:31.
Operating System: Windows ™ Vista Home Premium


Processes terminated by Rkill or while it was running:



Rkill completed on 04/23/2012 at 14:19:33.








MBAM:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.23.05

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Pepe :: PEPE-PC [administrator]

Protection: Disabled

4/23/2012 11:43:51 AM
mbam-log-2012-04-23 (11-43-51).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 592424
Time elapsed: 1 hour(s), 24 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)






TDSS:

13:11:37.0086 1144 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
13:11:37.0507 1144 ============================================================
13:11:37.0507 1144 Current date / time: 2012/04/23 13:11:37.0507
13:11:37.0507 1144 SystemInfo:
13:11:37.0507 1144
13:11:37.0507 1144 OS Version: 6.0.6002 ServicePack: 2.0
13:11:37.0507 1144 Product type: Workstation
13:11:37.0507 1144 ComputerName: PEPE-PC
13:11:37.0507 1144 UserName: Pepe
13:11:37.0507 1144 Windows directory: C:\Windows
13:11:37.0507 1144 System windows directory: C:\Windows
13:11:37.0507 1144 Running under WOW64
13:11:37.0507 1144 Processor architecture: Intel x64
13:11:37.0507 1144 Number of processors: 8
13:11:37.0507 1144 Page size: 0x1000
13:11:37.0507 1144 Boot type: Safe boot with network
13:11:37.0507 1144 ============================================================
13:11:37.0991 1144 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:11:38.0116 1144 \Device\Harddisk0\DR0:
13:11:38.0116 1144 MBR partitions:
13:11:38.0116 1144 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x1E00000
13:11:38.0116 1144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x728E2800
13:11:38.0162 1144 C: <-> \Device\Harddisk0\DR0\Partition1
13:11:38.0194 1144 D: <-> \Device\Harddisk0\DR0\Partition0
13:11:38.0194 1144 Initialize success
13:11:38.0194 1144 ============================================================
13:12:11.0141 0736 ============================================================
13:12:11.0141 0736 Scan started
13:12:11.0141 0736 Mode: Manual; TDLFS;
13:12:11.0141 0736 ============================================================
13:12:12.0326 0736 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
13:12:12.0326 0736 !SASCORE - ok
13:12:12.0451 0736 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
13:12:12.0451 0736 ACPI - ok
13:12:12.0514 0736 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
13:12:12.0514 0736 adfs - ok
13:12:12.0545 0736 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
13:12:12.0560 0736 adp94xx - ok
13:12:12.0638 0736 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
13:12:12.0638 0736 adpahci - ok
13:12:12.0670 0736 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
13:12:12.0670 0736 adpu160m - ok
13:12:12.0685 0736 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
13:12:12.0701 0736 adpu320 - ok
13:12:12.0763 0736 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
13:12:12.0763 0736 AeLookupSvc - ok
13:12:12.0810 0736 AERTFilters (7394641611ef3ab2d041f104f1e8c1b9) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:12:12.0810 0736 AERTFilters - ok
13:12:12.0872 0736 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
13:12:12.0872 0736 AFD - ok
13:12:12.0950 0736 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
13:12:12.0950 0736 agp440 - ok
13:12:13.0013 0736 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
13:12:13.0013 0736 aic78xx - ok
13:12:13.0153 0736 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll
13:12:13.0153 0736 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
13:12:13.0153 0736 Akamai ( HiddenFile.Multi.Generic ) - warning
13:12:13.0153 0736 Akamai - detected HiddenFile.Multi.Generic (1)
13:12:13.0184 0736 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
13:12:13.0184 0736 ALG - ok
13:12:13.0216 0736 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
13:12:13.0216 0736 aliide - ok
13:12:13.0262 0736 AMD External Events Utility (b5e2434fc851698c1f119cf1c3935a50) C:\Windows\system32\atiesrxx.exe
13:12:13.0294 0736 AMD External Events Utility - ok
13:12:13.0309 0736 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
13:12:13.0309 0736 amdide - ok
13:12:13.0325 0736 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
13:12:13.0340 0736 AmdK8 - ok
13:12:13.0528 0736 amdkmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
13:12:13.0637 0736 amdkmdag - ok
13:12:13.0684 0736 amdkmdap (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
13:12:13.0684 0736 amdkmdap - ok
13:12:13.0746 0736 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
13:12:13.0746 0736 Appinfo - ok
13:12:13.0777 0736 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
13:12:13.0777 0736 arc - ok
13:12:13.0793 0736 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
13:12:13.0793 0736 arcsas - ok
13:12:13.0824 0736 astcc - ok
13:12:13.0855 0736 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
13:12:13.0855 0736 AsyncMac - ok
13:12:13.0871 0736 atapi (f988bb0690cd660318037908e9b8dbf7) C:\Windows\system32\drivers\atapi.sys
13:12:13.0871 0736 atapi - ok
13:12:13.0933 0736 AtiHDAudioService (1a872ab76d00f52643bb0f81792bbf3b) C:\Windows\system32\drivers\AtihdLH6.sys
13:12:13.0933 0736 AtiHDAudioService - ok
13:12:14.0136 0736 atikmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
13:12:14.0183 0736 atikmdag - ok
13:12:14.0230 0736 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
13:12:14.0230 0736 AudioEndpointBuilder - ok
13:12:14.0245 0736 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
13:12:14.0245 0736 AudioSrv - ok
13:12:14.0339 0736 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
13:12:14.0339 0736 BFE - ok
13:12:14.0510 0736 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
13:12:14.0526 0736 BHDrvx64 - ok
13:12:14.0588 0736 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
13:12:14.0620 0736 BITS - ok
13:12:14.0666 0736 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
13:12:14.0666 0736 blbdrive - ok
13:12:14.0698 0736 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
13:12:14.0698 0736 bowser - ok
13:12:14.0713 0736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
13:12:14.0713 0736 BrFiltLo - ok
13:12:14.0744 0736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
13:12:14.0744 0736 BrFiltUp - ok
13:12:14.0791 0736 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
13:12:14.0791 0736 Browser - ok
13:12:14.0822 0736 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
13:12:14.0822 0736 Brserid - ok
13:12:14.0838 0736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
13:12:14.0838 0736 BrSerWdm - ok
13:12:14.0869 0736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
13:12:14.0869 0736 BrUsbMdm - ok
13:12:14.0900 0736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
13:12:14.0900 0736 BrUsbSer - ok
13:12:14.0916 0736 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
13:12:14.0932 0736 BTHMODEM - ok
13:12:14.0994 0736 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
13:12:14.0994 0736 BVRPMPR5a64 - ok
13:12:15.0025 0736 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
13:12:15.0025 0736 cdfs - ok
13:12:15.0056 0736 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
13:12:15.0056 0736 cdrom - ok
13:12:15.0088 0736 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
13:12:15.0088 0736 CertPropSvc - ok
13:12:15.0103 0736 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
13:12:15.0103 0736 circlass - ok
13:12:15.0134 0736 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
13:12:15.0150 0736 CLFS - ok
13:12:15.0197 0736 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:12:15.0197 0736 clr_optimization_v2.0.50727_32 - ok
13:12:15.0228 0736 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:12:15.0228 0736 clr_optimization_v2.0.50727_64 - ok
13:12:15.0290 0736 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:12:15.0306 0736 clr_optimization_v4.0.30319_32 - ok
13:12:15.0353 0736 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:12:15.0353 0736 clr_optimization_v4.0.30319_64 - ok
13:12:15.0400 0736 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
13:12:15.0400 0736 cmdide - ok
13:12:15.0415 0736 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\drivers\compbatt.sys
13:12:15.0415 0736 Compbatt - ok
13:12:15.0446 0736 COMSysApp - ok
13:12:15.0446 0736 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
13:12:15.0446 0736 crcdisk - ok
13:12:15.0478 0736 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
13:12:15.0478 0736 CryptSvc - ok
13:12:15.0524 0736 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
13:12:15.0524 0736 DcomLaunch - ok
13:12:15.0556 0736 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
13:12:15.0556 0736 DfsC - ok
13:12:15.0618 0736 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
13:12:15.0649 0736 DFSR - ok
13:12:15.0696 0736 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
13:12:15.0712 0736 Dhcp - ok
13:12:15.0727 0736 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
13:12:15.0743 0736 disk - ok
13:12:15.0774 0736 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
13:12:15.0774 0736 Dnscache - ok
13:12:15.0868 0736 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
13:12:15.0868 0736 DockLoginService - ok
13:12:15.0899 0736 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
13:12:15.0914 0736 dot3svc - ok
13:12:15.0946 0736 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
13:12:15.0946 0736 DPS - ok
13:12:15.0977 0736 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
13:12:15.0977 0736 drmkaud - ok
13:12:16.0024 0736 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
13:12:16.0039 0736 DXGKrnl - ok
13:12:16.0086 0736 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
13:12:16.0086 0736 e1express - ok
13:12:16.0148 0736 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
13:12:16.0148 0736 E1G60 - ok
13:12:16.0164 0736 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
13:12:16.0164 0736 EapHost - ok
13:12:16.0211 0736 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
13:12:16.0211 0736 Ecache - ok
13:12:16.0289 0736 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:12:16.0304 0736 eeCtrl - ok
13:12:16.0367 0736 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
13:12:16.0367 0736 ehRecvr - ok
13:12:16.0398 0736 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
13:12:16.0398 0736 ehSched - ok
13:12:16.0414 0736 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
13:12:16.0414 0736 ehstart - ok
13:12:16.0445 0736 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
13:12:16.0445 0736 elxstor - ok
13:12:16.0507 0736 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
13:12:16.0507 0736 EMDMgmt - ok
13:12:16.0538 0736 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:12:16.0538 0736 EraserUtilRebootDrv - ok
13:12:16.0585 0736 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
13:12:16.0585 0736 ErrDev - ok
13:12:16.0616 0736 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
13:12:16.0616 0736 EventSystem - ok
13:12:16.0663 0736 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
13:12:16.0663 0736 exfat - ok
13:12:16.0694 0736 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
13:12:16.0710 0736 fastfat - ok
13:12:16.0726 0736 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
13:12:16.0726 0736 fdc - ok
13:12:16.0757 0736 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
13:12:16.0757 0736 fdPHost - ok
13:12:16.0772 0736 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
13:12:16.0772 0736 FDResPub - ok
13:12:16.0788 0736 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
13:12:16.0788 0736 FileInfo - ok
13:12:16.0804 0736 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
13:12:16.0804 0736 Filetrace - ok
13:12:16.0835 0736 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:12:16.0835 0736 flpydisk - ok
13:12:16.0850 0736 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
13:12:16.0850 0736 FltMgr - ok
13:12:16.0913 0736 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
13:12:16.0928 0736 FontCache - ok
13:12:16.0975 0736 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:12:16.0975 0736 FontCache3.0.0.0 - ok
13:12:17.0038 0736 Freemake Improver (37c2ff67a2565286f1c1c1072be74678) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
13:12:17.0038 0736 Freemake Improver - ok
13:12:17.0069 0736 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
13:12:17.0069 0736 fssfltr - ok
13:12:17.0178 0736 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:12:17.0194 0736 fsssvc - ok
13:12:17.0209 0736 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
13:12:17.0209 0736 Fs_Rec - ok
13:12:17.0240 0736 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
13:12:17.0240 0736 gagp30kx - ok
13:12:17.0303 0736 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:12:17.0303 0736 GEARAspiWDM - ok
13:12:17.0350 0736 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
13:12:17.0365 0736 gpsvc - ok
13:12:17.0443 0736 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:12:17.0459 0736 gupdate - ok
13:12:17.0459 0736 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:12:17.0459 0736 gupdatem - ok
13:12:17.0521 0736 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:12:17.0521 0736 gusvc - ok
13:12:17.0584 0736 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
13:12:17.0584 0736 HdAudAddService - ok
13:12:17.0599 0736 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:12:17.0615 0736 HDAudBus - ok
13:12:17.0646 0736 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
13:12:17.0646 0736 HidBth - ok
13:12:17.0677 0736 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
13:12:17.0677 0736 HidIr - ok
13:12:17.0724 0736 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
13:12:17.0724 0736 hidserv - ok
13:12:17.0740 0736 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
13:12:17.0740 0736 HidUsb - ok
13:12:17.0786 0736 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
13:12:17.0786 0736 hkmsvc - ok
13:12:17.0833 0736 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
13:12:17.0833 0736 HpCISSs - ok
13:12:17.0864 0736 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
13:12:17.0880 0736 HTTP - ok
13:12:17.0911 0736 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
13:12:17.0911 0736 i2omp - ok
13:12:17.0958 0736 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
13:12:17.0958 0736 i8042prt - ok
13:12:18.0005 0736 IAANTMON (3e42c4691aad4b1e8d0466f9cbf05cbe) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:12:18.0020 0736 IAANTMON - ok
13:12:18.0052 0736 iaStor (fc28e90f2204d8fd147fa9bfa8a51c01) C:\Windows\system32\drivers\iastor.sys
13:12:18.0052 0736 iaStor - ok
13:12:18.0083 0736 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
13:12:18.0083 0736 iaStorV - ok
13:12:18.0145 0736 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:12:18.0161 0736 idsvc - ok
13:12:18.0332 0736 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120327.002\IDSvia64.sys
13:12:18.0332 0736 IDSVia64 - ok
13:12:18.0379 0736 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
13:12:18.0379 0736 iirsp - ok
13:12:18.0410 0736 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
13:12:18.0410 0736 IKEEXT - ok
13:12:18.0473 0736 IntcAzAudAddService (e28edf74900e68184f44cfcdd66f1bc3) C:\Windows\system32\drivers\RTKVHD64.sys
13:12:18.0488 0736 IntcAzAudAddService - ok
13:12:18.0520 0736 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
13:12:18.0520 0736 intelide - ok
13:12:18.0535 0736 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
13:12:18.0535 0736 intelppm - ok
13:12:18.0566 0736 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
13:12:18.0582 0736 IPBusEnum - ok
13:12:18.0613 0736 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:12:18.0613 0736 IpFilterDriver - ok
13:12:18.0660 0736 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
13:12:18.0660 0736 iphlpsvc - ok
13:12:18.0676 0736 IpInIp - ok
13:12:18.0707 0736 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
13:12:18.0707 0736 IPMIDRV - ok
13:12:18.0722 0736 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
13:12:18.0722 0736 IPNAT - ok
13:12:18.0769 0736 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
13:12:18.0769 0736 IRENUM - ok
13:12:18.0800 0736 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
13:12:18.0800 0736 isapnp - ok
13:12:18.0847 0736 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
13:12:18.0863 0736 iScsiPrt - ok
13:12:18.0878 0736 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
13:12:18.0894 0736 iteatapi - ok
13:12:18.0910 0736 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
13:12:18.0910 0736 iteraid - ok
13:12:18.0972 0736 JRAID (db85fe8d6cbaa2047cb4da1b2c193d76) C:\Windows\system32\drivers\jraid.sys
13:12:18.0972 0736 JRAID - ok
13:12:19.0003 0736 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
13:12:19.0003 0736 kbdclass - ok
13:12:19.0019 0736 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
13:12:19.0019 0736 kbdhid - ok
13:12:19.0034 0736 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:12:19.0050 0736 KeyIso - ok
13:12:19.0081 0736 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
13:12:19.0097 0736 KSecDD - ok
13:12:19.0097 0736 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
13:12:19.0097 0736 ksthunk - ok
13:12:19.0112 0736 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
13:12:19.0128 0736 KtmRm - ok
13:12:19.0144 0736 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
13:12:19.0159 0736 LanmanServer - ok
13:12:19.0190 0736 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
13:12:19.0206 0736 LanmanWorkstation - ok
13:12:19.0206 0736 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
13:12:19.0206 0736 lltdio - ok
13:12:19.0237 0736 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
13:12:19.0237 0736 lltdsvc - ok
13:12:19.0268 0736 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
13:12:19.0268 0736 lmhosts - ok
13:12:19.0300 0736 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
13:12:19.0300 0736 LSI_FC - ok
13:12:19.0331 0736 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
13:12:19.0331 0736 LSI_SAS - ok
13:12:19.0346 0736 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
13:12:19.0346 0736 LSI_SCSI - ok
13:12:19.0346 0736 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
13:12:19.0346 0736 luafv - ok
13:12:19.0393 0736 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
13:12:19.0393 0736 MBAMProtector - ok
13:12:19.0471 0736 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:12:19.0471 0736 MBAMService - ok
13:12:19.0502 0736 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
13:12:19.0518 0736 Mcx2Svc - ok
13:12:19.0534 0736 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
13:12:19.0549 0736 megasas - ok
13:12:19.0596 0736 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
13:12:19.0612 0736 MegaSR - ok
13:12:19.0643 0736 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
13:12:19.0643 0736 MMCSS - ok
13:12:19.0658 0736 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
13:12:19.0658 0736 Modem - ok
13:12:19.0674 0736 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
13:12:19.0674 0736 monitor - ok
13:12:19.0690 0736 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
13:12:19.0690 0736 mouclass - ok
13:12:19.0705 0736 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
13:12:19.0705 0736 mouhid - ok
13:12:19.0705 0736 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
13:12:19.0721 0736 MountMgr - ok
13:12:19.0736 0736 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
13:12:19.0736 0736 mpio - ok
13:12:19.0768 0736 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
13:12:19.0768 0736 mpsdrv - ok
13:12:19.0799 0736 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
13:12:19.0814 0736 MpsSvc - ok
13:12:19.0830 0736 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
13:12:19.0830 0736 Mraid35x - ok
13:12:19.0830 0736 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
13:12:19.0830 0736 MRxDAV - ok
13:12:19.0861 0736 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:12:19.0861 0736 mrxsmb - ok
13:12:19.0908 0736 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:12:19.0908 0736 mrxsmb10 - ok
13:12:19.0908 0736 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:12:19.0908 0736 mrxsmb20 - ok
13:12:19.0955 0736 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
13:12:19.0955 0736 msahci - ok
13:12:20.0017 0736 MSCamSvc (023e10227d83b47d3b72c9ffcd323704) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
13:12:20.0033 0736 MSCamSvc - ok
13:12:20.0048 0736 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
13:12:20.0048 0736 msdsm - ok
13:12:20.0080 0736 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
13:12:20.0080 0736 MSDTC - ok
13:12:20.0095 0736 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
13:12:20.0095 0736 Msfs - ok
13:12:20.0142 0736 MSHUSBVideo (0bbe794e0c54621cfa8ed9b5850baaae) C:\Windows\system32\Drivers\nx6000.sys
13:12:20.0142 0736 MSHUSBVideo - ok
13:12:20.0158 0736 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
13:12:20.0158 0736 msisadrv - ok
13:12:20.0204 0736 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
13:12:20.0204 0736 MSiSCSI - ok
13:12:20.0204 0736 msiserver - ok
13:12:20.0267 0736 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
13:12:20.0267 0736 MSKSSRV - ok
13:12:20.0282 0736 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
13:12:20.0282 0736 MSPCLOCK - ok
13:12:20.0329 0736 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
13:12:20.0329 0736 MSPQM - ok
13:12:20.0360 0736 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
13:12:20.0360 0736 MsRPC - ok
13:12:20.0376 0736 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
13:12:20.0376 0736 mssmbios - ok
13:12:20.0423 0736 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
13:12:20.0423 0736 MSTEE - ok
13:12:20.0438 0736 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
13:12:20.0438 0736 Mup - ok
13:12:20.0516 0736 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
13:12:20.0516 0736 N360 - ok
13:12:20.0532 0736 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
13:12:20.0532 0736 napagent - ok
13:12:20.0579 0736 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
13:12:20.0579 0736 NativeWifiP - ok
13:12:20.0688 0736 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120327.037\ENG64.SYS
13:12:20.0688 0736 NAVENG - ok
13:12:20.0750 0736 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120327.037\EX64.SYS
13:12:20.0782 0736 NAVEX15 - ok
13:12:20.0844 0736 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
13:12:20.0844 0736 NDIS - ok
13:12:20.0844 0736 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
13:12:20.0844 0736 NdisTapi - ok
13:12:20.0875 0736 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
13:12:20.0875 0736 Ndisuio - ok
13:12:20.0906 0736 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
13:12:20.0906 0736 NdisWan - ok
13:12:20.0922 0736 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
13:12:20.0922 0736 NDProxy - ok
13:12:20.0938 0736 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
13:12:20.0938 0736 NetBIOS - ok
13:12:20.0969 0736 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
13:12:20.0969 0736 netbt - ok
13:12:21.0000 0736 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:12:21.0000 0736 Netlogon - ok
13:12:21.0031 0736 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
13:12:21.0031 0736 Netman - ok
13:12:21.0062 0736 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
13:12:21.0078 0736 netprofm - ok
13:12:21.0109 0736 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:12:21.0109 0736 NetTcpPortSharing - ok
13:12:21.0140 0736 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
13:12:21.0140 0736 nfrd960 - ok
13:12:21.0156 0736 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
13:12:21.0156 0736 NlaSvc - ok
13:12:21.0187 0736 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
13:12:21.0187 0736 Npfs - ok
13:12:21.0218 0736 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
13:12:21.0218 0736 nsi - ok
13:12:21.0250 0736 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
13:12:21.0250 0736 nsiproxy - ok
13:12:21.0281 0736 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
13:12:21.0296 0736 Ntfs - ok
13:12:21.0312 0736 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
13:12:21.0312 0736 Null - ok
13:12:21.0328 0736 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
13:12:21.0328 0736 nvraid - ok
13:12:21.0359 0736 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
13:12:21.0359 0736 nvstor - ok
13:12:21.0390 0736 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
13:12:21.0390 0736 nv_agp - ok
13:12:21.0390 0736 NwlnkFlt - ok
13:12:21.0390 0736 NwlnkFwd - ok
13:12:21.0437 0736 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
13:12:21.0437 0736 ohci1394 - ok
13:12:21.0468 0736 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:12:21.0484 0736 p2pimsvc - ok
13:12:21.0499 0736 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:12:21.0499 0736 p2psvc - ok
13:12:21.0546 0736 PAC207 (9a0d2e75de12c577388aed146e9d3429) C:\Windows\system32\DRIVERS\PFC027.SYS
13:12:21.0562 0736 PAC207 - ok
13:12:21.0577 0736 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
13:12:21.0577 0736 Parport - ok
13:12:21.0624 0736 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
13:12:21.0624 0736 partmgr - ok
13:12:21.0640 0736 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
13:12:21.0640 0736 PcaSvc - ok
13:12:21.0655 0736 pccsmcfd - ok
13:12:21.0686 0736 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
13:12:21.0686 0736 pci - ok
13:12:21.0718 0736 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
13:12:21.0718 0736 pciide - ok
13:12:21.0733 0736 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
13:12:21.0733 0736 pcmcia - ok
13:12:21.0764 0736 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
13:12:21.0780 0736 PEAUTH - ok
13:12:21.0811 0736 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
13:12:21.0811 0736 PerfHost - ok
13:12:21.0858 0736 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
13:12:21.0874 0736 pla - ok
13:12:21.0889 0736 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
13:12:21.0905 0736 PlugPlay - ok
13:12:21.0920 0736 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:12:21.0920 0736 PNRPAutoReg - ok
13:12:21.0936 0736 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:12:21.0936 0736 PNRPsvc - ok
13:12:21.0967 0736 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
13:12:21.0967 0736 PolicyAgent - ok
13:12:21.0983 0736 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
13:12:21.0983 0736 PptpMiniport - ok
13:12:22.0014 0736 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
13:12:22.0014 0736 Processor - ok
13:12:22.0076 0736 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
13:12:22.0076 0736 ProfSvc - ok
13:12:22.0108 0736 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:12:22.0108 0736 ProtectedStorage - ok
13:12:22.0139 0736 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
13:12:22.0139 0736 PSched - ok
13:12:22.0154 0736 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
13:12:22.0154 0736 PSI - ok
13:12:22.0186 0736 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
13:12:22.0201 0736 PxHlpa64 - ok
13:12:22.0232 0736 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
13:12:22.0248 0736 ql2300 - ok
13:12:22.0295 0736 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
13:12:22.0295 0736 ql40xx - ok
13:12:22.0342 0736 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
13:12:22.0342 0736 QWAVE - ok
13:12:22.0373 0736 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
13:12:22.0373 0736 QWAVEdrv - ok
13:12:22.0560 0736 R300 (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
13:12:22.0607 0736 R300 - ok
13:12:22.0622 0736 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
13:12:22.0622 0736 RasAcd - ok
13:12:22.0638 0736 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
13:12:22.0638 0736 RasAuto - ok
13:12:22.0669 0736 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:12:22.0669 0736 Rasl2tp - ok
13:12:22.0685 0736 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
13:12:22.0700 0736 RasMan - ok
13:12:22.0716 0736 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
13:12:22.0716 0736 RasPppoe - ok
13:12:22.0747 0736 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
13:12:22.0747 0736 RasSstp - ok
13:12:22.0763 0736 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
13:12:22.0778 0736 rdbss - ok
13:12:22.0778 0736 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:12:22.0778 0736 RDPCDD - ok
13:12:22.0825 0736 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
13:12:22.0825 0736 rdpdr - ok
13:12:22.0825 0736 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
13:12:22.0825 0736 RDPENCDD - ok
13:12:22.0872 0736 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
13:12:22.0872 0736 RDPWD - ok
13:12:22.0903 0736 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
13:12:22.0903 0736 RemoteAccess - ok
13:12:22.0934 0736 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
13:12:22.0950 0736 RemoteRegistry - ok
13:12:22.0981 0736 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
13:12:22.0981 0736 RpcLocator - ok
13:12:23.0012 0736 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
13:12:23.0028 0736 RpcSs - ok
13:12:23.0044 0736 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
13:12:23.0044 0736 rspndr - ok
13:12:23.0090 0736 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys
13:12:23.0090 0736 RTL8169 - ok
13:12:23.0122 0736 RTSTOR (0851174830dafad4eacc4dd818d803d1) C:\Windows\system32\drivers\RTSTOR64.SYS
13:12:23.0122 0736 RTSTOR - ok
13:12:23.0137 0736 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:12:23.0137 0736 SamSs - ok
13:12:23.0215 0736 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
13:12:23.0215 0736 SASDIFSV - ok
13:12:23.0231 0736 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
13:12:23.0231 0736 SASKUTIL - ok
13:12:23.0262 0736 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
13:12:23.0262 0736 sbp2port - ok
13:12:23.0293 0736 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
13:12:23.0293 0736 SCardSvr - ok
13:12:23.0340 0736 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\Windows\system32\drivers\SCDEmu.sys
13:12:23.0340 0736 SCDEmu - ok
13:12:23.0387 0736 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
13:12:23.0402 0736 Schedule - ok
13:12:23.0434 0736 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
13:12:23.0434 0736 SCPolicySvc - ok
13:12:23.0449 0736 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
13:12:23.0449 0736 SDRSVC - ok
13:12:23.0543 0736 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:12:23.0543 0736 SeaPort - ok
13:12:23.0558 0736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:12:23.0558 0736 secdrv - ok
13:12:23.0574 0736 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
13:12:23.0574 0736 seclogon - ok
13:12:23.0730 0736 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
13:12:23.0746 0736 Secunia PSI Agent - ok
13:12:23.0824 0736 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files (x86)\Secunia\PSI\sua.exe
13:12:23.0824 0736 Secunia Update Agent - ok
13:12:23.0855 0736 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
13:12:23.0855 0736 SENS - ok
13:12:23.0870 0736 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
13:12:23.0870 0736 Serenum - ok
13:12:23.0902 0736 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
13:12:23.0902 0736 Serial - ok
13:12:23.0933 0736 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
13:12:23.0933 0736 sermouse - ok
13:12:23.0964 0736 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
13:12:23.0980 0736 SessionEnv - ok
13:12:23.0995 0736 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
13:12:23.0995 0736 sffdisk - ok
13:12:24.0026 0736 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
13:12:24.0026 0736 sffp_mmc - ok
13:12:24.0042 0736 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
13:12:24.0042 0736 sffp_sd - ok
13:12:24.0058 0736 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
13:12:24.0058 0736 sfloppy - ok
13:12:24.0151 0736 SftService (4ef8fc5158aa1a01df37fdb3fadda077) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
13:12:24.0151 0736 SftService - ok
13:12:24.0182 0736 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
13:12:24.0182 0736 SharedAccess - ok
13:12:24.0229 0736 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
13:12:24.0229 0736 ShellHWDetection - ok
13:12:24.0245 0736 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
13:12:24.0245 0736 SiSRaid2 - ok
13:12:24.0292 0736 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
13:12:24.0292 0736 SiSRaid4 - ok
13:12:24.0370 0736 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
13:12:24.0385 0736 slsvc - ok
13:12:24.0432 0736 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
13:12:24.0432 0736 SLUINotify - ok
13:12:24.0479 0736 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
13:12:24.0479 0736 Smb - ok
13:12:24.0510 0736 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
13:12:24.0510 0736 SNMPTRAP - ok
13:12:24.0526 0736 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
13:12:24.0526 0736 spldr - ok
13:12:24.0557 0736 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
13:12:24.0557 0736 Spooler - ok
13:12:24.0619 0736 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
13:12:24.0635 0736 SRTSP - ok
13:12:24.0650 0736 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
13:12:24.0650 0736 SRTSPX - ok
13:12:24.0666 0736 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
13:12:24.0682 0736 srv - ok
13:12:24.0713 0736 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
13:12:24.0728 0736 srv2 - ok
13:12:24.0760 0736 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
13:12:24.0760 0736 srvnet - ok
13:12:24.0791 0736 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys
13:12:24.0791 0736 sscdbus - ok
13:12:24.0822 0736 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys
13:12:24.0822 0736 sscdmdfl - ok
13:12:24.0853 0736 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys
13:12:24.0853 0736 sscdmdm - ok
13:12:24.0869 0736 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
13:12:24.0869 0736 SSDPSRV - ok
13:12:24.0900 0736 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
13:12:24.0900 0736 SstpSvc - ok
13:12:24.0962 0736 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
13:12:24.0962 0736 stisvc - ok
13:12:25.0040 0736 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:12:25.0040 0736 stllssvr - ok
13:12:25.0072 0736 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
13:12:25.0072 0736 swenum - ok
13:12:25.0150 0736 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:12:25.0150 0736 SwitchBoard - ok
13:12:25.0165 0736 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
13:12:25.0181 0736 swprv - ok
13:12:25.0212 0736 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
13:12:25.0212 0736 Symc8xx - ok
13:12:25.0259 0736 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
13:12:25.0274 0736 SymDS - ok
13:12:25.0290 0736 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
13:12:25.0306 0736 SymEFA - ok
13:12:25.0352 0736 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:12:25.0352 0736 SymEvent - ok
13:12:25.0368 0736 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
13:12:25.0368 0736 SymIRON - ok
13:12:25.0415 0736 SYMTDIv (61d06be74fa23ebb7d816e4468edd19e) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMTDIV.SYS
13:12:25.0430 0736 SYMTDIv - ok
13:12:25.0462 0736 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
13:12:25.0462 0736 Sym_hi - ok
13:12:25.0477 0736 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
13:12:25.0477 0736 Sym_u3 - ok
13:12:25.0524 0736 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
13:12:25.0540 0736 SysMain - ok
13:12:25.0586 0736 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
13:12:25.0586 0736 TabletInputService - ok
13:12:25.0618 0736 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
13:12:25.0618 0736 TapiSrv - ok
13:12:25.0633 0736 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
13:12:25.0633 0736 TBS - ok
13:12:25.0680 0736 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
13:12:25.0696 0736 Tcpip - ok
13:12:25.0711 0736 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
13:12:25.0727 0736 Tcpip6 - ok
13:12:25.0758 0736 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
13:12:25.0758 0736 tcpipreg - ok
13:12:25.0789 0736 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
13:12:25.0789 0736 TDPIPE - ok
13:12:25.0805 0736 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
13:12:25.0805 0736 TDTCP - ok
13:12:25.0836 0736 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
13:12:25.0836 0736 tdx - ok
13:12:25.0867 0736 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
13:12:25.0867 0736 TermDD - ok
13:12:25.0898 0736 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
13:12:25.0898 0736 TermService - ok
13:12:25.0930 0736 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys
13:12:25.0930 0736 TFsExDisk - ok
13:12:25.0976 0736 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
13:12:25.0976 0736 Themes - ok
13:12:26.0008 0736 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
13:12:26.0008 0736 THREADORDER - ok
13:12:26.0039 0736 Tpkd (c676b0f52f2b6483afb88f79cabb011e) C:\Windows\system32\drivers\Tpkd.sys
13:12:26.0039 0736 Tpkd - ok
13:12:26.0054 0736 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
13:12:26.0054 0736 TrkWks - ok
13:12:26.0101 0736 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
13:12:26.0101 0736 TrustedInstaller - ok
13:12:26.0148 0736 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:12:26.0148 0736 tssecsrv - ok
13:12:26.0195 0736 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
13:12:26.0195 0736 tunmp - ok
13:12:26.0226 0736 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
13:12:26.0226 0736 tunnel - ok
13:12:26.0242 0736 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
13:12:26.0242 0736 uagp35 - ok
13:12:26.0273 0736 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
13:12:26.0273 0736 udfs - ok
13:12:26.0288 0736 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
13:12:26.0288 0736 UI0Detect - ok
13:12:26.0304 0736 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
13:12:26.0304 0736 uliagpkx - ok
13:12:26.0351 0736 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
13:12:26.0351 0736 uliahci - ok
13:12:26.0398 0736 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
13:12:26.0398 0736 UlSata - ok
13:12:26.0429 0736 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
13:12:26.0429 0736 ulsata2 - ok
13:12:26.0444 0736 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
13:12:26.0444 0736 umbus - ok
13:12:26.0476 0736 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
13:12:26.0476 0736 upnphost - ok
13:12:26.0522 0736 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
13:12:26.0522 0736 usbaudio - ok
13:12:26.0585 0736 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
13:12:26.0585 0736 usbccgp - ok
13:12:26.0616 0736 usbcir (8c39d53e1a343f4c47ee8f3c052126d8) C:\Windows\system32\DRIVERS\usbcir.sys
13:12:26.0616 0736 usbcir - ok
13:12:26.0632 0736 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
13:12:26.0632 0736 usbehci - ok
13:12:26.0647 0736 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
13:12:26.0647 0736 usbhub - ok
13:12:26.0678 0736 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
13:12:26.0678 0736 usbohci - ok
13:12:26.0694 0736 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
13:12:26.0694 0736 usbprint - ok
13:12:26.0741 0736 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:12:26.0741 0736 USBSTOR - ok
13:12:26.0756 0736 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
13:12:26.0772 0736 usbuhci - ok
13:12:26.0788 0736 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
13:12:26.0803 0736 usbvideo - ok
13:12:26.0834 0736 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
13:12:26.0850 0736 UxSms - ok
13:12:26.0897 0736 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
13:12:26.0897 0736 vds - ok
13:12:26.0912 0736 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
13:12:26.0912 0736 vga - ok
13:12:26.0944 0736 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
13:12:26.0944 0736 VgaSave - ok
13:12:26.0975 0736 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
13:12:26.0975 0736 viaide - ok
13:12:26.0990 0736 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
13:12:26.0990 0736 volmgr - ok
13:12:27.0022 0736 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
13:12:27.0037 0736 volmgrx - ok
13:12:27.0068 0736 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
13:12:27.0068 0736 volsnap - ok
13:12:27.0084 0736 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
13:12:27.0084 0736 vsmraid - ok
13:12:27.0146 0736 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
13:12:27.0162 0736 VSS - ok
13:12:27.0178 0736 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
13:12:27.0193 0736 W32Time - ok
13:12:27.0209 0736 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
13:12:27.0209 0736 WacomPen - ok
13:12:27.0224 0736 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
13:12:27.0224 0736 Wanarp - ok
13:12:27.0256 0736 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
13:12:27.0256 0736 Wanarpv6 - ok
13:12:27.0271 0736 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
13:12:27.0271 0736 wcncsvc - ok
13:12:27.0302 0736 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
13:12:27.0302 0736 WcsPlugInService - ok
13:12:27.0334 0736 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
13:12:27.0334 0736 Wd - ok
13:12:27.0380 0736 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:12:27.0380 0736 Wdf01000 - ok
13:12:27.0412 0736 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
13:12:27.0412 0736 WdiServiceHost - ok
13:12:27.0412 0736 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
13:12:27.0412 0736 WdiSystemHost - ok
13:12:27.0427 0736 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
13:12:27.0427 0736 WebClient - ok
13:12:27.0474 0736 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
13:12:27.0474 0736 Wecsvc - ok
13:12:27.0490 0736 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
13:12:27.0490 0736 wercplsupport - ok
13:12:27.0505 0736 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
13:12:27.0505 0736 WerSvc - ok
13:12:27.0552 0736 WinDefend - ok
13:12:27.0568 0736 WinHttpAutoProxySvc - ok
13:12:27.0614 0736 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
13:12:27.0614 0736 Winmgmt - ok
13:12:27.0677 0736 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
13:12:27.0692 0736 WinRM - ok
13:12:27.0739 0736 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
13:12:27.0739 0736 WinUSB - ok
13:12:27.0786 0736 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
13:12:27.0802 0736 Wlansvc - ok
13:12:27.0880 0736 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:12:27.0880 0736 wlcrasvc - ok
13:12:27.0926 0736 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:12:27.0942 0736 wlidsvc - ok
13:12:27.0973 0736 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:12:27.0973 0736 WmiAcpi - ok
13:12:28.0004 0736 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
13:12:28.0004 0736 wmiApSrv - ok
13:12:28.0020 0736 WMPNetworkSvc - ok
13:12:28.0051 0736 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
13:12:28.0051 0736 WPCSvc - ok
13:12:28.0082 0736 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
13:12:28.0082 0736 WPDBusEnum - ok
13:12:28.0114 0736 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
13:12:28.0114 0736 WpdUsb - ok
13:12:28.0238 0736 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:12:28.0238 0736 WPFFontCache_v0400 - ok
13:12:28.0285 0736 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
13:12:28.0285 0736 ws2ifsl - ok
13:12:28.0316 0736 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
13:12:28.0316 0736 wscsvc - ok
13:12:28.0332 0736 WSearch - ok
13:12:28.0394 0736 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
13:12:28.0410 0736 wuauserv - ok
13:12:28.0457 0736 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
13:12:28.0457 0736 WudfPf - ok
13:12:28.0504 0736 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:12:28.0504 0736 WUDFRd - ok
13:12:28.0535 0736 wudfsvc (3dcc7bf5afa921b479e622bd999121f3) C:\Windows\System32\WUDFSvc.dll
13:12:28.0535 0736 wudfsvc - ok
13:12:28.0644 0736 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:12:28.0644 0736 YahooAUService - ok
13:12:28.0660 0736 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:12:28.0784 0736 \Device\Harddisk0\DR0 - ok
13:12:28.0800 0736 Boot (0x1200) (780f976090e2c3ceb08f62b61222530f) \Device\Harddisk0\DR0\Partition0
13:12:28.0800 0736 \Device\Harddisk0\DR0\Partition0 - ok
13:12:28.0816 0736 Boot (0x1200) (f00aa6f9ee9fda814a3ceeb8a0ce3d79) \Device\Harddisk0\DR0\Partition1
13:12:28.0816 0736 \Device\Harddisk0\DR0\Partition1 - ok
13:12:28.0816 0736 ============================================================
13:12:28.0816 0736 Scan finished
13:12:28.0816 0736 ============================================================
13:12:28.0816 0924 Detected object count: 1
13:12:28.0816 0924 Actual detected object count: 1
13:12:36.0491 0924 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
13:12:36.0491 0924 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip



Sorry for the delay, I scanned my computer 2 times with MBAM just to make sure the malware wouldn't appear like it always used to, but it's amazing, it looks like it's gone! TDSS always finds that Akamai hidden file, but you're the expert, please let me know what's next or if there really is something next to do. I just really want to make sure my computer is clean, thanks so much for everything so far!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:20 AM

Posted 23 April 2012 - 08:41 PM

Ok looks good now.
The Akamai is OK
Each quarter, Akamai publishes a quarterly "State of the Internet" report. This report includes data gathered across Akamai's global server network about attack traffic, average & maximum connection speeds, Internet penetration and broadband adoption, and mobile usage, as well as trends seen in this data over time.



If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 jo-prez

jo-prez
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, IL
  • Local time:11:20 PM

Posted 23 April 2012 - 09:07 PM

WOW! thanks so much, all of that info you listed looks very interesting, I will read and do every single thing very careful. I will for sure take my time to read everything. You're the best! I have one question, what do you suggest I should do about my Blue screen error "atikmpag.sys"?

And by the way, I'm very curious about how did we got rid of that "grpconv" malware that MBAM always used to find? was it your programs(MiniToolBox and aswMBR) that fixed the problem, or was it the update from MBAM that it downloaded when I hit the update tab?

About me using internet on Safe Mode with Networking, is it safe to go online for now since I can't log onto Normal mode for now? it looks like my Norton Security Suite is not active during Safe Mode. The only think protecting me is my Firewall.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:20 AM

Posted 23 April 2012 - 09:38 PM

Ok the malware removved in TDSS killed the virus hidden in a driver . May be responsible for both the BSOD and the other issues. I thinkk we should get a deeper look as to what is stoopingthe AV and normal internet.
I would say it's not safe yet.

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 jo-prez

jo-prez
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, IL
  • Local time:11:20 PM

Posted 23 April 2012 - 10:08 PM

ok sounds great! I will do everything you're telling me to do and I will for sure let you know how everything goes. I wanted to ask you somethings. When I post my new topic, should I mention this topic and post a link of it too or no? Should my topic be named after the BSOD error "atikmpag.sys"? and so I'm guessing you think that I still have some malware hidden on my computer right?

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:20 AM

Posted 24 April 2012 - 10:39 AM

Yes, good title and here is this topic link.

http://www.bleepingcomputer.com/forums/topic450555.html/page__pid__2676456#entry2676456
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users