Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Ad Virus


  • Please log in to reply
5 replies to this topic

#1 _-Nyo-_

_-Nyo-_

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:54 AM

Posted 18 April 2012 - 08:06 PM

Hello. I recently have gotten an ad virus that seems to happen occasionally. It used to direct my links and after I ran TDSSKiller, Malwarebytes, and SuperAntiSpyware all I have left is this annoying ad pop up. It would take me in a separate window to some sort of site not related to anything I searched. I can still click on links and go to the website I am on, but sometimes the random ads pop up. This also happens on YouTube and other regular websites I visit... I started up in safe mode and ran TDSSKiller and the rest again. TDSSKiller found one and then deleted it. I restarted and then after an hour or so another ad pops up. Sometimes in the address bar it would have something about facebook.com and a whole bunch of letters and such. Then it would take me to the ad site. I got back and did the process again. TDSSKiller kills 1 more virus. Restart it and then here it is all over again. I think its just one little virus I got to get rid of. Yesterday I ran Malwarebytes and the rest and they killed quite a few viruses. Today when I first got back home from school, I ran Malwarebytes and it found 7 viruses and were Trojans of some sort... Will this little ad virus spread? I need help to get rid of this please! :)

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:54 AM

Posted 18 April 2012 - 09:15 PM

Hello, may we see the TDSS and Malwarebytes logs?

In MBAM... The log is automatically saved and can be viewed by clicking the Logs tab.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.


TDSS... By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 _-Nyo-_

_-Nyo-_
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:54 AM

Posted 19 April 2012 - 05:47 AM

Ok I got the logs for each one. I accidentally clicked on removed found threats on ESET, and couldn't go back to get the log and it didn't seem to do anything... so I am using it to scan all over again. Here is TDSSKiller, Malwarebytes, and the MiniToolbox log.


TDSSKiller Log


20:07:01.0949 1408 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
20:07:02.0152 1408 ============================================================
20:07:02.0152 1408 Current date / time: 2012/04/18 20:07:02.0152
20:07:02.0152 1408 SystemInfo:
20:07:02.0152 1408
20:07:02.0152 1408 OS Version: 6.1.7601 ServicePack: 1.0
20:07:02.0152 1408 Product type: Workstation
20:07:02.0152 1408 ComputerName: JUSTIN-HP
20:07:02.0152 1408 UserName: Justin
20:07:02.0152 1408 Windows directory: C:\Windows
20:07:02.0152 1408 System windows directory: C:\Windows
20:07:02.0152 1408 Running under WOW64
20:07:02.0152 1408 Processor architecture: Intel x64
20:07:02.0152 1408 Number of processors: 2
20:07:02.0152 1408 Page size: 0x1000
20:07:02.0152 1408 Boot type: Safe boot
20:07:02.0152 1408 ============================================================
20:07:06.0208 1408 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:07:06.0208 1408 \Device\Harddisk0\DR0:
20:07:06.0208 1408 MBR used
20:07:06.0208 1408 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:07:06.0208 1408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x230E5800
20:07:06.0208 1408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23149800, BlocksNum 0x22B1000
20:07:06.0208 1408 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
20:07:06.0380 1408 Initialize success
20:07:06.0380 1408 ============================================================
20:07:08.0002 1528 ============================================================
20:07:08.0002 1528 Scan started
20:07:08.0002 1528 Mode: Manual;
20:07:08.0002 1528 ============================================================
20:07:10.0217 1528 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:07:10.0233 1528 !SASCORE - ok
20:07:10.0685 1528 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:07:10.0716 1528 1394ohci - ok
20:07:11.0044 1528 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:07:11.0075 1528 ACPI - ok
20:07:11.0325 1528 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:07:11.0325 1528 AcpiPmi - ok
20:07:11.0528 1528 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:07:11.0528 1528 AdobeFlashPlayerUpdateSvc - ok
20:07:11.0933 1528 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:07:11.0996 1528 adp94xx - ok
20:07:12.0230 1528 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:07:12.0230 1528 adpahci - ok
20:07:12.0635 1528 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:07:12.0651 1528 adpu320 - ok
20:07:12.0822 1528 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:07:12.0822 1528 AeLookupSvc - ok
20:07:13.0010 1528 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:07:13.0010 1528 AERTFilters - ok
20:07:13.0337 1528 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:07:13.0337 1528 AFD - ok
20:07:13.0571 1528 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:07:13.0587 1528 agp440 - ok
20:07:13.0821 1528 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:07:13.0836 1528 ALG - ok
20:07:13.0946 1528 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:07:13.0961 1528 aliide - ok
20:07:14.0382 1528 AlKernel (5f22132c9153639762708909f156b33d) C:\Windows\system32\monfilt.dll
20:07:14.0382 1528 AlKernel ( Backdoor.Multi.ZAccess.gen ) - infected
20:07:14.0382 1528 AlKernel - detected Backdoor.Multi.ZAccess.gen (0)
20:07:14.0897 1528 AMD External Events Utility (29c151492510640343b00b63996e4070) C:\Windows\system32\atiesrxx.exe
20:07:14.0897 1528 AMD External Events Utility - ok
20:07:15.0350 1528 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:07:15.0365 1528 amdide - ok
20:07:15.0802 1528 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:07:15.0818 1528 AmdK8 - ok
20:07:17.0362 1528 amdkmdag (2c9c4824664c61351ff1e0169262d026) C:\Windows\system32\DRIVERS\atikmdag.sys
20:07:17.0518 1528 amdkmdag - ok
20:07:17.0970 1528 amdkmdap (ef7382689d3b17ac2983202e7a40ab45) C:\Windows\system32\DRIVERS\atikmpag.sys
20:07:17.0970 1528 amdkmdap - ok
20:07:18.0298 1528 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:07:18.0298 1528 AmdPPM - ok
20:07:18.0672 1528 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys
20:07:18.0672 1528 amdsata - ok
20:07:19.0094 1528 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:07:19.0094 1528 amdsbs - ok
20:07:19.0468 1528 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys
20:07:19.0468 1528 amdxata - ok
20:07:19.0811 1528 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:07:19.0827 1528 AppID - ok
20:07:20.0108 1528 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:07:20.0123 1528 AppIDSvc - ok
20:07:20.0482 1528 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:07:20.0482 1528 Appinfo - ok
20:07:20.0919 1528 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:07:20.0934 1528 arc - ok
20:07:21.0200 1528 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:07:21.0215 1528 arcsas - ok
20:07:21.0512 1528 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:07:21.0870 1528 aspnet_state - ok
20:07:22.0229 1528 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:07:22.0245 1528 AsyncMac - ok
20:07:22.0650 1528 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:07:22.0650 1528 atapi - ok
20:07:23.0462 1528 athr (40734f3a5eec4c4ac6a1faf10b293714) C:\Windows\system32\DRIVERS\athrx.sys
20:07:23.0524 1528 athr - ok
20:07:24.0008 1528 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
20:07:24.0008 1528 AtiHdmiService - ok
20:07:24.0335 1528 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
20:07:24.0335 1528 AtiPcie - ok
20:07:24.0772 1528 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:07:24.0803 1528 AudioEndpointBuilder - ok
20:07:24.0897 1528 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:07:24.0897 1528 AudioSrv - ok
20:07:25.0209 1528 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:07:25.0224 1528 AxInstSV - ok
20:07:25.0833 1528 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:07:25.0880 1528 b06bdrv - ok
20:07:26.0192 1528 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:07:26.0207 1528 b57nd60a - ok
20:07:26.0441 1528 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:07:26.0441 1528 BDESVC - ok
20:07:26.0784 1528 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:07:26.0784 1528 Beep - ok
20:07:27.0299 1528 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:07:27.0362 1528 BITS - ok
20:07:27.0736 1528 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:07:27.0736 1528 blbdrive - ok
20:07:28.0266 1528 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:07:28.0266 1528 bowser - ok
20:07:28.0672 1528 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:07:28.0688 1528 BrFiltLo - ok
20:07:29.0000 1528 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:07:29.0000 1528 BrFiltUp - ok
20:07:29.0280 1528 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:07:29.0280 1528 Browser - ok
20:07:29.0826 1528 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:07:29.0982 1528 Brserid - ok
20:07:30.0294 1528 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:07:30.0310 1528 BrSerWdm - ok
20:07:30.0669 1528 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:07:30.0669 1528 BrUsbMdm - ok
20:07:31.0106 1528 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:07:31.0106 1528 BrUsbSer - ok
20:07:31.0449 1528 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:07:31.0464 1528 BTHMODEM - ok
20:07:31.0776 1528 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:07:31.0776 1528 bthserv - ok
20:07:32.0322 1528 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:07:32.0322 1528 cdfs - ok
20:07:32.0837 1528 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:07:32.0837 1528 cdrom - ok
20:07:33.0290 1528 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:07:33.0290 1528 CertPropSvc - ok
20:07:33.0555 1528 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
20:07:33.0555 1528 CinemaNow Service - ok
20:07:34.0241 1528 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:07:36.0144 1528 circlass - ok
20:07:36.0800 1528 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:07:36.0878 1528 CLFS - ok
20:07:37.0221 1528 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:07:37.0424 1528 clr_optimization_v2.0.50727_32 - ok
20:07:38.0016 1528 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:07:38.0375 1528 clr_optimization_v2.0.50727_64 - ok
20:07:39.0171 1528 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:07:40.0528 1528 clr_optimization_v4.0.30319_32 - ok
20:07:41.0355 1528 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:07:41.0698 1528 clr_optimization_v4.0.30319_64 - ok
20:07:42.0057 1528 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:07:42.0072 1528 CmBatt - ok
20:07:42.0494 1528 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:07:42.0494 1528 cmdide - ok
20:07:43.0367 1528 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:07:43.0383 1528 CNG - ok
20:07:43.0820 1528 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:07:43.0820 1528 Compbatt - ok
20:07:44.0537 1528 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:07:44.0537 1528 CompositeBus - ok
20:07:44.0880 1528 COMSysApp - ok
20:07:45.0286 1528 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:07:45.0286 1528 crcdisk - ok
20:07:45.0551 1528 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:07:45.0551 1528 CryptSvc - ok
20:07:46.0035 1528 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:07:46.0050 1528 DcomLaunch - ok
20:07:46.0519 1528 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:07:46.0519 1528 defragsvc - ok
20:07:46.0862 1528 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:07:46.0862 1528 DfsC - ok
20:07:47.0704 1528 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:07:47.0767 1528 Dhcp - ok
20:07:48.0609 1528 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:07:48.0609 1528 discache - ok
20:07:48.0905 1528 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:07:48.0921 1528 Disk - ok
20:07:49.0389 1528 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:07:49.0405 1528 Dnscache - ok
20:07:50.0231 1528 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:07:50.0263 1528 dot3svc - ok
20:07:50.0637 1528 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:07:50.0637 1528 DPS - ok
20:07:50.0980 1528 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:07:50.0996 1528 drmkaud - ok
20:07:52.0072 1528 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:07:52.0072 1528 DXGKrnl - ok
20:07:52.0322 1528 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:07:52.0322 1528 EapHost - ok
20:07:53.0414 1528 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:07:53.0492 1528 ebdrv - ok
20:07:54.0022 1528 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:07:54.0022 1528 EFS - ok
20:07:54.0599 1528 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:07:54.0599 1528 ehRecvr - ok
20:07:54.0958 1528 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:07:54.0974 1528 ehSched - ok
20:07:55.0551 1528 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:07:55.0645 1528 elxstor - ok
20:07:56.0674 1528 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:07:56.0690 1528 ErrDev - ok
20:07:57.0485 1528 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:07:57.0595 1528 EventSystem - ok
20:07:58.0343 1528 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:07:58.0343 1528 exfat - ok
20:07:58.0967 1528 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:07:58.0983 1528 fastfat - ok
20:07:59.0825 1528 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:07:59.0857 1528 Fax - ok
20:08:00.0356 1528 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:08:00.0371 1528 fdc - ok
20:08:00.0808 1528 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:08:00.0808 1528 fdPHost - ok
20:08:01.0261 1528 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:08:01.0261 1528 FDResPub - ok
20:08:01.0573 1528 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:08:01.0588 1528 FileInfo - ok
20:08:01.0791 1528 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:08:01.0807 1528 Filetrace - ok
20:08:02.0165 1528 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:08:02.0181 1528 flpydisk - ok
20:08:02.0275 1528 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:08:02.0290 1528 FltMgr - ok
20:08:02.0867 1528 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:08:02.0914 1528 FontCache - ok
20:08:03.0320 1528 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:08:03.0320 1528 FontCache3.0.0.0 - ok
20:08:03.0835 1528 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:08:03.0850 1528 FsDepends - ok
20:08:04.0412 1528 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:08:04.0412 1528 Fs_Rec - ok
20:08:04.0989 1528 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:08:05.0005 1528 fvevol - ok
20:08:05.0348 1528 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:08:05.0363 1528 gagp30kx - ok
20:08:05.0738 1528 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
20:08:05.0738 1528 GameConsoleService - ok
20:08:06.0440 1528 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:08:06.0471 1528 gpsvc - ok
20:08:06.0845 1528 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:08:08.0156 1528 gupdate - ok
20:08:08.0483 1528 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:08:08.0499 1528 gupdatem - ok
20:08:09.0185 1528 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:08:09.0185 1528 gusvc - ok
20:08:09.0638 1528 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:08:09.0653 1528 hcw85cir - ok
20:08:10.0231 1528 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:08:10.0262 1528 HdAudAddService - ok
20:08:10.0917 1528 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:08:10.0917 1528 HDAudBus - ok
20:08:11.0572 1528 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:08:11.0572 1528 HidBatt - ok
20:08:12.0040 1528 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:08:12.0056 1528 HidBth - ok
20:08:12.0695 1528 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:08:12.0695 1528 HidIr - ok
20:08:13.0179 1528 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:08:13.0195 1528 hidserv - ok
20:08:13.0865 1528 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
20:08:13.0865 1528 HidUsb - ok
20:08:14.0271 1528 HiPatchService - ok
20:08:14.0801 1528 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:08:14.0817 1528 hkmsvc - ok
20:08:15.0472 1528 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:08:15.0472 1528 HomeGroupListener - ok
20:08:15.0987 1528 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:08:16.0003 1528 HomeGroupProvider - ok
20:08:16.0564 1528 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:08:16.0564 1528 HP Support Assistant Service - ok
20:08:17.0032 1528 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:08:17.0048 1528 HP Wireless Assistant Service - ok
20:08:17.0563 1528 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:08:17.0563 1528 HPDrvMntSvc.exe - ok
20:08:18.0249 1528 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:08:18.0265 1528 hpqwmiex - ok
20:08:18.0608 1528 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:08:18.0608 1528 HpSAMD - ok
20:08:19.0107 1528 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:08:19.0107 1528 HPWMISVC - ok
20:08:19.0513 1528 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:08:19.0513 1528 HTTP - ok
20:08:20.0199 1528 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:08:20.0199 1528 hwpolicy - ok
20:08:20.0870 1528 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:08:20.0885 1528 i8042prt - ok
20:08:21.0369 1528 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:08:21.0385 1528 iaStorV - ok
20:08:21.0775 1528 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:08:21.0868 1528 idsvc - ok
20:08:23.0241 1528 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:08:23.0366 1528 igfx - ok
20:08:23.0974 1528 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:08:23.0974 1528 iirsp - ok
20:08:24.0427 1528 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:08:24.0427 1528 IKEEXT - ok
20:08:25.0035 1528 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys
20:08:25.0051 1528 IntcAzAudAddService - ok
20:08:25.0472 1528 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:08:25.0472 1528 intelide - ok
20:08:25.0846 1528 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:08:25.0846 1528 intelppm - ok
20:08:26.0049 1528 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:08:26.0049 1528 IPBusEnum - ok
20:08:26.0439 1528 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:08:26.0439 1528 IpFilterDriver - ok
20:08:26.0860 1528 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:08:26.0876 1528 IPMIDRV - ok
20:08:27.0422 1528 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:08:27.0437 1528 IPNAT - ok
20:08:27.0703 1528 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:08:27.0703 1528 IRENUM - ok
20:08:28.0249 1528 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:08:28.0264 1528 isapnp - ok
20:08:29.0060 1528 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:08:29.0060 1528 iScsiPrt - ok
20:08:29.0278 1528 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:08:29.0278 1528 kbdclass - ok
20:08:29.0637 1528 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:08:29.0653 1528 kbdhid - ok
20:08:30.0136 1528 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:08:30.0214 1528 KeyIso - ok
20:08:30.0651 1528 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:08:30.0698 1528 KSecDD - ok
20:08:31.0337 1528 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:08:31.0337 1528 KSecPkg - ok
20:08:31.0727 1528 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:08:31.0727 1528 ksthunk - ok
20:08:32.0242 1528 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:08:32.0242 1528 KtmRm - ok
20:08:32.0585 1528 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:08:32.0585 1528 LanmanServer - ok
20:08:33.0038 1528 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:08:33.0053 1528 LanmanWorkstation - ok
20:08:33.0256 1528 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:08:33.0256 1528 LightScribeService - ok
20:08:33.0662 1528 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:08:33.0662 1528 lltdio - ok
20:08:33.0989 1528 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:08:33.0989 1528 lltdsvc - ok
20:08:34.0364 1528 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:08:34.0364 1528 lmhosts - ok
20:08:34.0582 1528 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:08:34.0598 1528 LSI_FC - ok
20:08:34.0879 1528 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:08:34.0879 1528 LSI_SAS - ok
20:08:35.0237 1528 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:08:35.0237 1528 LSI_SAS2 - ok
20:08:35.0627 1528 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:08:35.0627 1528 LSI_SCSI - ok
20:08:35.0846 1528 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:08:35.0846 1528 luafv - ok
20:08:36.0064 1528 MBAMProtector - ok
20:08:36.0283 1528 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:08:36.0283 1528 MBAMService - ok
20:08:36.0501 1528 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:08:36.0501 1528 Mcx2Svc - ok
20:08:36.0797 1528 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:08:36.0797 1528 megasas - ok
20:08:37.0031 1528 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:08:37.0031 1528 MegaSR - ok
20:08:37.0297 1528 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:08:37.0297 1528 MMCSS - ok
20:08:37.0624 1528 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:08:37.0624 1528 Modem - ok
20:08:37.0858 1528 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:08:37.0858 1528 monitor - ok
20:08:38.0311 1528 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
20:08:38.0311 1528 mouclass - ok
20:08:38.0607 1528 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:08:38.0607 1528 mouhid - ok
20:08:38.0779 1528 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:08:38.0779 1528 mountmgr - ok
20:08:39.0059 1528 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:08:39.0059 1528 mpio - ok
20:08:39.0356 1528 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:08:39.0356 1528 mpsdrv - ok
20:08:39.0746 1528 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:08:39.0746 1528 MRxDAV - ok
20:08:39.0964 1528 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:08:39.0964 1528 mrxsmb - ok
20:08:40.0229 1528 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:08:40.0229 1528 mrxsmb10 - ok
20:08:40.0401 1528 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:08:40.0401 1528 mrxsmb20 - ok
20:08:40.0635 1528 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:08:40.0635 1528 msahci - ok
20:08:40.0900 1528 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:08:40.0900 1528 msdsm - ok
20:08:41.0103 1528 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:08:41.0103 1528 MSDTC - ok
20:08:41.0368 1528 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:08:41.0368 1528 Msfs - ok
20:08:41.0618 1528 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:08:41.0618 1528 mshidkmdf - ok
20:08:41.0977 1528 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:08:41.0977 1528 msisadrv - ok
20:08:42.0226 1528 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:08:42.0226 1528 MSiSCSI - ok
20:08:42.0382 1528 msiserver - ok
20:08:42.0585 1528 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:08:42.0632 1528 MSKSSRV - ok
20:08:43.0069 1528 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:08:43.0069 1528 MSPCLOCK - ok
20:08:43.0271 1528 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:08:43.0271 1528 MSPQM - ok
20:08:43.0521 1528 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:08:43.0583 1528 MsRPC - ok
20:08:43.0771 1528 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:08:43.0771 1528 mssmbios - ok
20:08:44.0036 1528 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:08:44.0036 1528 MSTEE - ok
20:08:44.0457 1528 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:08:44.0457 1528 MTConfig - ok
20:08:44.0753 1528 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:08:44.0753 1528 Mup - ok
20:08:45.0050 1528 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:08:45.0050 1528 napagent - ok
20:08:45.0487 1528 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:08:45.0487 1528 NativeWifiP - ok
20:08:45.0783 1528 NAVENG (5f20c5ab2f3cdc1700a1013902398e5c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\ENG64.SYS
20:08:45.0783 1528 NAVENG - ok
20:08:45.0986 1528 NAVEX15 (386578e94e66302136288b349deb1e92) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\EX64.SYS
20:08:46.0001 1528 NAVEX15 - ok
20:08:46.0282 1528 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:08:46.0298 1528 NDIS - ok
20:08:46.0703 1528 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:08:46.0703 1528 NdisCap - ok
20:08:47.0015 1528 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:08:47.0015 1528 NdisTapi - ok
20:08:47.0249 1528 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:08:47.0249 1528 Ndisuio - ok
20:08:47.0343 1528 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:08:47.0359 1528 NdisWan - ok
20:08:47.0499 1528 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:08:47.0499 1528 NDProxy - ok
20:08:47.0655 1528 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:08:47.0655 1528 NetBIOS - ok
20:08:48.0014 1528 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:08:48.0014 1528 NetBT - ok
20:08:48.0185 1528 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:08:48.0185 1528 Netlogon - ok
20:08:48.0451 1528 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:08:48.0451 1528 Netman - ok
20:08:48.0747 1528 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:48.0747 1528 NetMsmqActivator - ok
20:08:48.0872 1528 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:48.0872 1528 NetPipeActivator - ok
20:08:49.0231 1528 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:08:49.0246 1528 netprofm - ok
20:08:49.0387 1528 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:49.0387 1528 NetTcpActivator - ok
20:08:49.0433 1528 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:49.0433 1528 NetTcpPortSharing - ok
20:08:50.0182 1528 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
20:08:50.0291 1528 netw5v64 - ok
20:08:50.0510 1528 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:08:50.0510 1528 nfrd960 - ok
20:08:50.0697 1528 NIS (436e7b2e6f42c2717c1d670220d03336) C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
20:08:50.0713 1528 NIS - ok
20:08:50.0993 1528 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:08:50.0993 1528 NlaSvc - ok
20:08:51.0337 1528 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:08:51.0352 1528 NOBU - ok
20:08:51.0649 1528 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:08:51.0649 1528 Npfs - ok
20:08:51.0805 1528 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:08:51.0805 1528 nsi - ok
20:08:52.0132 1528 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:08:52.0132 1528 nsiproxy - ok
20:08:52.0663 1528 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:08:52.0678 1528 Ntfs - ok
20:08:52.0865 1528 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:08:52.0865 1528 Null - ok
20:08:53.0068 1528 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:08:53.0068 1528 nvraid - ok
20:08:53.0271 1528 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:08:53.0271 1528 nvstor - ok
20:08:53.0599 1528 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:08:53.0599 1528 nv_agp - ok
20:08:53.0770 1528 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:08:53.0770 1528 ohci1394 - ok
20:08:54.0004 1528 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:08:54.0004 1528 ose - ok
20:08:54.0878 1528 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:08:54.0909 1528 osppsvc - ok
20:08:55.0065 1528 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:08:55.0065 1528 p2pimsvc - ok
20:08:55.0299 1528 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:08:55.0299 1528 p2psvc - ok
20:08:55.0471 1528 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:08:55.0471 1528 Parport - ok
20:08:55.0767 1528 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:08:55.0767 1528 partmgr - ok
20:08:56.0001 1528 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:08:56.0001 1528 PcaSvc - ok
20:08:56.0173 1528 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:08:56.0173 1528 pci - ok
20:08:56.0453 1528 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:08:56.0453 1528 pciide - ok
20:08:56.0578 1528 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:08:56.0578 1528 pcmcia - ok
20:08:56.0734 1528 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:08:56.0734 1528 pcw - ok
20:08:57.0093 1528 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:08:57.0109 1528 PEAUTH - ok
20:08:57.0296 1528 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:08:57.0296 1528 PerfHost - ok
20:08:57.0592 1528 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:08:57.0592 1528 pla - ok
20:08:57.0873 1528 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:08:57.0873 1528 PlugPlay - ok
20:08:58.0060 1528 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:08:58.0060 1528 PNRPAutoReg - ok
20:08:58.0279 1528 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:08:58.0279 1528 PNRPsvc - ok
20:08:58.0606 1528 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:08:58.0606 1528 PolicyAgent - ok
20:08:58.0809 1528 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:08:58.0809 1528 Power - ok
20:08:59.0043 1528 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:08:59.0043 1528 PptpMiniport - ok
20:08:59.0183 1528 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:08:59.0183 1528 Processor - ok
20:08:59.0449 1528 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:08:59.0449 1528 ProfSvc - ok
20:08:59.0776 1528 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:08:59.0776 1528 ProtectedStorage - ok
20:09:00.0104 1528 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:09:00.0104 1528 Psched - ok
20:09:00.0650 1528 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:09:00.0665 1528 ql2300 - ok
20:09:00.0821 1528 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:09:00.0821 1528 ql40xx - ok
20:09:00.0946 1528 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:09:00.0946 1528 QWAVE - ok
20:09:01.0009 1528 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:09:01.0009 1528 QWAVEdrv - ok
20:09:01.0367 1528 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:09:01.0367 1528 RasAcd - ok
20:09:01.0726 1528 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:09:01.0726 1528 RasAgileVpn - ok
20:09:01.0976 1528 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:09:01.0976 1528 RasAuto - ok
20:09:02.0319 1528 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:09:02.0319 1528 Rasl2tp - ok
20:09:02.0491 1528 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:09:02.0491 1528 RasMan - ok
20:09:02.0725 1528 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:09:02.0756 1528 RasPppoe - ok
20:09:03.0068 1528 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:09:03.0068 1528 RasSstp - ok
20:09:03.0271 1528 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:09:03.0271 1528 rdbss - ok
20:09:03.0473 1528 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:09:03.0473 1528 rdpbus - ok
20:09:03.0645 1528 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:09:03.0645 1528 RDPCDD - ok
20:09:03.0832 1528 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:09:03.0832 1528 RDPENCDD - ok
20:09:04.0113 1528 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:09:04.0113 1528 RDPREFMP - ok
20:09:04.0487 1528 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:09:04.0487 1528 RDPWD - ok
20:09:04.0987 1528 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:09:04.0987 1528 rdyboost - ok
20:09:05.0423 1528 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:09:05.0423 1528 RemoteAccess - ok
20:09:05.0595 1528 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:09:05.0611 1528 RemoteRegistry - ok
20:09:05.0751 1528 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:09:05.0751 1528 RpcEptMapper - ok
20:09:05.0923 1528 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:09:05.0923 1528 RpcLocator - ok
20:09:06.0110 1528 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:09:06.0110 1528 RpcSs - ok
20:09:06.0453 1528 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:09:06.0453 1528 rspndr - ok
20:09:06.0812 1528 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys
20:09:06.0827 1528 RSUSBSTOR - ok
20:09:07.0217 1528 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:09:07.0217 1528 RTL8167 - ok
20:09:07.0405 1528 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
20:09:07.0405 1528 RtVOsdService - ok
20:09:07.0639 1528 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:09:07.0639 1528 SamSs - ok
20:09:07.0826 1528 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:09:07.0826 1528 SASDIFSV - ok
20:09:07.0951 1528 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:09:07.0951 1528 SASKUTIL - ok
20:09:08.0372 1528 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:09:08.0372 1528 sbp2port - ok
20:09:08.0543 1528 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:09:08.0559 1528 SCardSvr - ok
20:09:08.0762 1528 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:09:08.0762 1528 scfilter - ok
20:09:09.0058 1528 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:09:09.0058 1528 Schedule - ok
20:09:09.0261 1528 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:09:09.0261 1528 SCPolicySvc - ok
20:09:09.0776 1528 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
20:09:09.0776 1528 sdbus - ok
20:09:09.0963 1528 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:09:09.0963 1528 SDRSVC - ok
20:09:10.0197 1528 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:09:10.0213 1528 SeaPort - ok
20:09:10.0369 1528 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:09:10.0369 1528 secdrv - ok
20:09:10.0540 1528 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:09:10.0540 1528 seclogon - ok
20:09:10.0696 1528 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:09:10.0696 1528 SENS - ok
20:09:10.0946 1528 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:09:10.0946 1528 SensrSvc - ok
20:09:11.0164 1528 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:09:11.0164 1528 Serenum - ok
20:09:11.0383 1528 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:09:11.0383 1528 Serial - ok
20:09:11.0601 1528 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:09:11.0601 1528 sermouse - ok
20:09:11.0757 1528 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:09:11.0757 1528 SessionEnv - ok
20:09:12.0007 1528 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:09:12.0007 1528 sffdisk - ok
20:09:12.0256 1528 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:09:12.0256 1528 sffp_mmc - ok
20:09:12.0537 1528 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:09:12.0537 1528 sffp_sd - ok
20:09:12.0787 1528 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:09:12.0787 1528 sfloppy - ok
20:09:13.0052 1528 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:09:13.0067 1528 SharedAccess - ok
20:09:13.0333 1528 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:09:13.0348 1528 ShellHWDetection - ok
20:09:13.0629 1528 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:09:13.0629 1528 SiSRaid2 - ok
20:09:13.0832 1528 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:09:13.0832 1528 SiSRaid4 - ok
20:09:14.0003 1528 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:09:14.0003 1528 Smb - ok
20:09:14.0144 1528 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:09:14.0144 1528 SNMPTRAP - ok
20:09:14.0331 1528 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:09:14.0331 1528 spldr - ok
20:09:14.0627 1528 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:09:14.0643 1528 Spooler - ok
20:09:15.0173 1528 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:09:15.0189 1528 sppsvc - ok
20:09:15.0407 1528 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:09:15.0407 1528 sppuinotify - ok
20:09:15.0751 1528 SRTSP (4f3dee025dfc4d8bb067fa952d040405) C:\Windows\system32\drivers\NISx64\1200000.080\SRTSP64.SYS
20:09:15.0766 1528 SRTSP - ok
20:09:15.0969 1528 SRTSPX (f14935c467021f3293a099307cfc8e2a) C:\Windows\system32\drivers\NISx64\1200000.080\SRTSPX64.SYS
20:09:16.0031 1528 SRTSPX - ok
20:09:16.0437 1528 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:09:16.0437 1528 srv - ok
20:09:16.0765 1528 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:09:16.0765 1528 srv2 - ok
20:09:17.0092 1528 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:09:17.0108 1528 SrvHsfHDA - ok
20:09:17.0607 1528 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:09:17.0623 1528 SrvHsfV92 - ok
20:09:17.0950 1528 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:09:17.0950 1528 SrvHsfWinac - ok
20:09:18.0137 1528 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:09:18.0137 1528 srvnet - ok
20:09:18.0403 1528 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:09:18.0403 1528 SSDPSRV - ok
20:09:18.0746 1528 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:09:18.0746 1528 SstpSvc - ok
20:09:18.0964 1528 Steam Client Service - ok
20:09:19.0245 1528 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:09:19.0245 1528 stexstor - ok
20:09:19.0619 1528 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:09:19.0619 1528 stisvc - ok
20:09:19.0885 1528 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:09:19.0885 1528 swenum - ok
20:09:20.0134 1528 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:09:20.0150 1528 swprv - ok
20:09:20.0665 1528 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys
20:09:20.0680 1528 SynTP - ok
20:09:21.0133 1528 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:09:21.0133 1528 SysMain - ok
20:09:21.0382 1528 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:09:21.0382 1528 TabletInputService - ok
20:09:21.0647 1528 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:09:21.0663 1528 TapiSrv - ok
20:09:21.0835 1528 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:09:21.0835 1528 TBS - ok
20:09:22.0287 1528 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:09:22.0303 1528 Tcpip - ok
20:09:22.0630 1528 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:09:22.0646 1528 TCPIP6 - ok
20:09:22.0864 1528 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:09:22.0864 1528 tcpipreg - ok
20:09:23.0083 1528 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:09:23.0083 1528 TDPIPE - ok
20:09:23.0270 1528 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:09:23.0285 1528 TDTCP - ok
20:09:23.0457 1528 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:09:23.0457 1528 tdx - ok
20:09:23.0660 1528 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:09:23.0660 1528 TermDD - ok
20:09:23.0909 1528 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:09:23.0956 1528 TermService - ok
20:09:24.0143 1528 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:09:24.0143 1528 Themes - ok
20:09:24.0362 1528 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:09:24.0362 1528 THREADORDER - ok
20:09:24.0565 1528 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:09:24.0565 1528 TrkWks - ok
20:09:24.0674 1528 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:09:24.0674 1528 TrustedInstaller - ok
20:09:24.0908 1528 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:09:24.0923 1528 tssecsrv - ok
20:09:25.0111 1528 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:09:25.0126 1528 TsUsbFlt - ok
20:09:25.0438 1528 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:09:25.0454 1528 tunnel - ok
20:09:25.0657 1528 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:09:25.0657 1528 uagp35 - ok
20:09:25.0859 1528 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:09:25.0859 1528 udfs - ok
20:09:26.0031 1528 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:09:26.0031 1528 UI0Detect - ok
20:09:26.0327 1528 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:09:26.0327 1528 uliagpkx - ok
20:09:26.0655 1528 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:09:26.0655 1528 umbus - ok
20:09:27.0014 1528 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:09:27.0014 1528 UmPass - ok
20:09:27.0154 1528 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:09:27.0154 1528 upnphost - ok
20:09:27.0404 1528 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:09:27.0419 1528 usbaudio - ok
20:09:27.0700 1528 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:09:27.0700 1528 usbccgp - ok
20:09:28.0012 1528 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:09:28.0012 1528 usbcir - ok
20:09:28.0324 1528 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
20:09:28.0324 1528 usbehci - ok
20:09:28.0652 1528 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
20:09:28.0652 1528 usbfilter - ok
20:09:28.0855 1528 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:09:28.0855 1528 usbhub - ok
20:09:29.0089 1528 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
20:09:29.0089 1528 usbohci - ok
20:09:29.0416 1528 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:09:29.0416 1528 usbprint - ok
20:09:29.0619 1528 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:09:29.0619 1528 usbscan - ok
20:09:29.0806 1528 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:09:29.0822 1528 USBSTOR - ok
20:09:30.0056 1528 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:09:30.0056 1528 usbuhci - ok
20:09:30.0399 1528 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:09:30.0399 1528 usbvideo - ok
20:09:30.0539 1528 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:09:30.0539 1528 UxSms - ok
20:09:30.0742 1528 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:09:30.0742 1528 VaultSvc - ok
20:09:30.0992 1528 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:09:30.0992 1528 vdrvroot - ok
20:09:31.0226 1528 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:09:31.0226 1528 vds - ok
20:09:31.0491 1528 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:09:31.0538 1528 vga - ok
20:09:31.0787 1528 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:09:31.0787 1528 VgaSave - ok
20:09:31.0975 1528 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:09:31.0975 1528 vhdmp - ok
20:09:32.0162 1528 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:09:32.0162 1528 viaide - ok
20:09:32.0349 1528 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:09:32.0521 1528 volmgr - ok
20:09:32.0661 1528 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:09:32.0677 1528 volmgrx - ok
20:09:32.0848 1528 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:09:32.0848 1528 volsnap - ok
20:09:33.0238 1528 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:09:33.0254 1528 vsmraid - ok
20:09:33.0613 1528 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:09:33.0956 1528 VSS - ok
20:09:34.0377 1528 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:09:34.0377 1528 vwifibus - ok
20:09:34.0627 1528 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:09:34.0627 1528 vwififlt - ok
20:09:34.0892 1528 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:09:34.0923 1528 W32Time - ok
20:09:35.0048 1528 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:09:35.0048 1528 WacomPen - ok
20:09:35.0375 1528 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:09:35.0375 1528 WANARP - ok
20:09:35.0563 1528 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:09:35.0563 1528 Wanarpv6 - ok
20:09:36.0218 1528 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:09:36.0280 1528 WatAdminSvc - ok
20:09:36.0686 1528 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:09:36.0733 1528 wbengine - ok
20:09:36.0998 1528 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:09:36.0998 1528 WbioSrvc - ok
20:09:37.0263 1528 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:09:37.0279 1528 wcncsvc - ok
20:09:37.0450 1528 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:09:37.0481 1528 WcsPlugInService - ok
20:09:37.0715 1528 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:09:37.0731 1528 Wd - ok
20:09:37.0918 1528 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:09:37.0934 1528 Wdf01000 - ok
20:09:38.0168 1528 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:09:38.0168 1528 WdiServiceHost - ok
20:09:38.0199 1528 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:09:38.0199 1528 WdiSystemHost - ok
20:09:38.0371 1528 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:09:38.0371 1528 WebClient - ok
20:09:38.0558 1528 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:09:38.0558 1528 Wecsvc - ok
20:09:38.0636 1528 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:09:38.0636 1528 wercplsupport - ok
20:09:38.0698 1528 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:09:38.0714 1528 WerSvc - ok
20:09:38.0948 1528 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:09:38.0948 1528 WfpLwf - ok
20:09:39.0088 1528 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:09:39.0104 1528 WIMMount - ok
20:09:39.0104 1528 WinHttpAutoProxySvc - ok
20:09:39.0494 1528 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:09:39.0494 1528 Winmgmt - ok
20:09:39.0868 1528 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:09:39.0946 1528 WinRM - ok
20:09:40.0274 1528 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:09:40.0321 1528 Wlansvc - ok
20:09:41.0085 1528 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:09:41.0101 1528 wlidsvc - ok
20:09:41.0350 1528 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:09:41.0350 1528 WmiAcpi - ok
20:09:41.0725 1528 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:09:41.0740 1528 wmiApSrv - ok
20:09:41.0865 1528 WMPNetworkSvc - ok
20:09:41.0990 1528 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:09:42.0006 1528 WPCSvc - ok
20:09:42.0255 1528 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:09:42.0286 1528 WPDBusEnum - ok
20:09:42.0520 1528 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:09:42.0520 1528 ws2ifsl - ok
20:09:42.0630 1528 WSearch - ok
20:09:43.0004 1528 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:09:43.0082 1528 wuauserv - ok
20:09:43.0363 1528 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:09:43.0363 1528 WudfPf - ok
20:09:43.0581 1528 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:09:43.0581 1528 WUDFRd - ok
20:09:43.0706 1528 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:09:43.0722 1528 wudfsvc - ok
20:09:44.0065 1528 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:09:44.0065 1528 WwanSvc - ok
20:09:44.0268 1528 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
20:09:44.0283 1528 yukonw7 - ok
20:09:44.0330 1528 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:09:49.0509 1528 \Device\Harddisk0\DR0 - ok
20:09:49.0540 1528 Boot (0x1200) (e9e02c4faa781b08377153817f726184) \Device\Harddisk0\DR0\Partition0
20:09:49.0572 1528 \Device\Harddisk0\DR0\Partition0 - ok
20:09:49.0634 1528 Boot (0x1200) (6aa0e973bbcf6dacf660b54bcfe36583) \Device\Harddisk0\DR0\Partition1
20:09:49.0665 1528 \Device\Harddisk0\DR0\Partition1 - ok
20:09:49.0728 1528 Boot (0x1200) (336a0f1c4df3bbe7bb71c03b6c9ec705) \Device\Harddisk0\DR0\Partition2
20:09:49.0790 1528 \Device\Harddisk0\DR0\Partition2 - ok
20:09:49.0852 1528 Boot (0x1200) (cb9b284987266952134aac3c55bb99c4) \Device\Harddisk0\DR0\Partition3
20:09:49.0930 1528 \Device\Harddisk0\DR0\Partition3 - ok
20:09:49.0930 1528 ============================================================
20:09:49.0930 1528 Scan finished
20:09:49.0930 1528 ============================================================
20:09:49.0946 1520 Detected object count: 1
20:09:49.0946 1520 Actual detected object count: 1
20:10:08.0354 1520 C:\Windows\system32\monfilt.dll - copied to quarantine
20:10:08.0354 1520 HKLM\SYSTEM\ControlSet001\services\AlKernel - will be deleted on reboot
20:10:08.0416 1520 HKLM\SYSTEM\ControlSet002\services\AlKernel - will be deleted on reboot
20:10:08.0806 1520 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - cured
20:10:09.0009 1520 C:\Windows\system32\monfilt.dll - will be deleted on reboot
20:10:09.0009 1520 AlKernel ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete
20:14:39.0155 1404 Deinitialize success



Malwarebytes Log


Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.17.05

Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 9.0.8112.16421
Justin :: JUSTIN-HP [administrator]

Protection: Disabled

4/18/2012 10:25:02 PM
mbam-log-2012-04-18 (22-25-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 199067
Time elapsed: 4 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox Log


MiniToolBox by Farbar Version: 18-01-2012
Ran by Justin (administrator) on 18-04-2012 at 22:40:00
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Justin-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 18-F4-6A-B6-01-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9598:e811:9aef:de6a%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.45(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, April 18, 2012 10:35:09 PM
Lease Expires . . . . . . . . . . : Thursday, April 19, 2012 10:35:09 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 320402538
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-79-40-D8-78-AC-C0-3F-50-DB
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-AC-C0-3F-50-DB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.228.4] with 32 bytes of data:
Reply from 74.125.228.4: bytes=32 time=62ms TTL=48
Reply from 74.125.228.4: bytes=32 time=62ms TTL=48

Ping statistics for 74.125.228.4:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 62ms, Maximum = 62ms, Average = 62ms

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=136ms TTL=44
Reply from 98.139.183.24: bytes=32 time=81ms TTL=44

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 81ms, Maximum = 136ms, Average = 108ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...18 f4 6a b6 01 08 ......Atheros AR9285 802.11b/g/n WiFi Adapter
10...78 ac c0 3f 50 db ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.45 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.45 281
192.168.1.45 255.255.255.255 On-link 192.168.1.45 281
192.168.1.255 255.255.255.255 On-link 192.168.1.45 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.45 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.45 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::9598:e811:9aef:de6a/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 mswsock.dll [File Not found] ()
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 mswsock.dll [File Not found] ()
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (04/18/2012 08:17:32 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/18/2012 08:17:32 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f) (0x8004117f)

Error: (04/18/2012 08:17:32 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=1100}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/18/2012 08:17:32 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
0x%08x (0x8004117f - The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f))

Error: (04/18/2012 06:02:09 AM) (Source: Application Error) (User: )
Description: Faulting application name: ping.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc964
Faulting module name: jscript9.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f4c2b71
Exception code: 0xc0000005
Fault offset: 0x6fbec505
Faulting process id: 0x88c
Faulting application start time: 0xping.exe0
Faulting application path: ping.exe1
Faulting module path: ping.exe2
Report Id: ping.exe3


System errors:
=============
Error: (04/18/2012 10:37:08 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (04/18/2012 10:37:08 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (04/18/2012 10:35:21 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (04/18/2012 10:35:00 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (04/18/2012 10:35:00 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014847

Error: (04/18/2012 10:35:00 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (04/18/2012 10:34:59 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (04/18/2012 10:25:33 PM) (Source: Service Control Manager) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (04/18/2012 10:25:33 PM) (Source: Service Control Manager) (User: )
Description: The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (04/18/2012 10:24:37 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/18/2012 08:17:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (04/18/2012 08:17:32 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (04/18/2012 08:17:32 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f) (0x8004117f)

Error: (04/18/2012 08:17:32 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
1100

Error: (04/18/2012 08:17:32 PM) (Source: Windows Search Service)(User: )
Description: Details:
0x%08x (0x8004117f - The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f))

Error: (04/18/2012 06:02:09 AM) (Source: Application Error)(User: )
Description: ping.exe6.1.7600.163854a5bc964jscript9.dll_unloaded0.0.0.04f4c2b71c00000056fbec50588c01cd1d4920953c5bC:\Windows\SysWOW64\ping.exejscript9.dll8f697661-893d-11e1-8665-78acc03f50db


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Reader 9.4.6 MUI (Version: 9.4.6)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
AMD USB Filter Driver (Version: 1.0.15.94)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
ASPCA Reminder by We-Care.com v5.0.5.1 (Version: 5.0.5.1)
Atheros Driver Installation Program (Version: 9.2)
ATI Catalyst Install Manager (Version: 3.0.765.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 5.0.1363.0)
Bing Bar Platform (Version: 5.0.1423.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blender (remove only)
Build-a-lot 2 (Version: 2.2.0.95)
Canon MX320 series MP Drivers
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Full Existing (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Full New (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Light (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Previews Common (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0617.855.14122)
Catalyst Control Center InstallProxy (Version: 2010.0617.855.14122)
Catalyst Control Center Localization All (Version: 2010.0617.855.14122)
ccc-core-static (Version: 2010.0617.855.14122)
ccc-utility64 (Version: 2010.0617.855.14122)
CCC Help Chinese Standard (Version: 2010.0617.0854.14122)
CCC Help Chinese Traditional (Version: 2010.0617.0854.14122)
CCC Help Czech (Version: 2010.0617.0854.14122)
CCC Help Danish (Version: 2010.0617.0854.14122)
CCC Help Dutch (Version: 2010.0617.0854.14122)
CCC Help English (Version: 2010.0617.0854.14122)
CCC Help Finnish (Version: 2010.0617.0854.14122)
CCC Help French (Version: 2010.0617.0854.14122)
CCC Help German (Version: 2010.0617.0854.14122)
CCC Help Greek (Version: 2010.0617.0854.14122)
CCC Help Hungarian (Version: 2010.0617.0854.14122)
CCC Help Italian (Version: 2010.0617.0854.14122)
CCC Help Japanese (Version: 2010.0617.0854.14122)
CCC Help Korean (Version: 2010.0617.0854.14122)
CCC Help Norwegian (Version: 2010.0617.0854.14122)
CCC Help Polish (Version: 2010.0617.0854.14122)
CCC Help Portuguese (Version: 2010.0617.0854.14122)
CCC Help Russian (Version: 2010.0617.0854.14122)
CCC Help Spanish (Version: 2010.0617.0854.14122)
CCC Help Swedish (Version: 2010.0617.0854.14122)
CCC Help Thai (Version: 2010.0617.0854.14122)
CCC Help Turkish (Version: 2010.0617.0854.14122)
CCleaner (Version: 3.13)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Cool Timer 3.7
Curse Client (Version: 4.0.1.260)
CyberLink DVD Suite (Version: 7.0.3003)
CyberLink MediaShow (Version: 5.0.1616)
CyberLink PowerDVD 9 (Version: 9.0.1.4217)
CyberLink YouCam (Version: 3.0.2511)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Domain Samurai (Version: 0.2.81)
Dora's Carnival Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESU for Microsoft Windows 7 (Version: 1.0.0)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
FXAA Post Process Injector
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.1.0)
HP Game Console
HP Games (Version: 1.0.1.3)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP Photo Creations (Version: 1.0.0.3611)
HP Power Manager (Version: 1.0.3)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.1.4186.3400)
HP Software Framework (Version: 4.0.108.1)
HP Support Assistant (Version: 6.1.12.1)
HP Wireless Assistant (Version: 4.0.9.0)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 29 (Version: 6.0.290)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 14.0.8117.416)
LabelPrint (Version: 2.5.2907)
LightScribe System Software (Version: 1.18.15.1)
LockHunter version 1.0 beta 3, 64 bit edition
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Default Manager (Version: 2.1.55.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.126.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual Basic PowerPacks 10.0 (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Internet Security (Version: 18.0.0.128)
Norton Online Backup (Version: 2.1.17869)
Paint.NET v3.5.10 (Version: 3.60.0)
Penguins! (Version: 2.2.0.95)
Phoenix Viewer 1.6.0.1691
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
Python 2.6.2 (64-bit) (Version: 2.6.2150)
QuickTime (Version: 7.71.80.42)
Realistic Colors and Real Nights 1.6 - HDR Edition -
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6122)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30120)
Recovery Manager (Version: 5.5.3023)
Roxio CinemaNow 2.0 (Version: 1.0.278)
RtVOsd (Version: 1.0.3)
SecondLifeViewer (remove only)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.0.1146)
Synaptics Pointing Device Driver (Version: 15.1.6.64)
Team Fortress 2
TEAM MANAGER 3.0 Lite for Track & Field (Version: 1.00.0010)
Tribes Ascend Closed Beta (Version: 0.1.760.0)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Ventrilo Client (Version: 3.0.8)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
VTFEdit 1.2.5
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
WinRAR 4.10 beta 2 (64-bit) (Version: 4.10.2)
World of Warcraft (Version: 4.3.0.15050)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 2810.9 MB
Available physical RAM: 1705.37 MB
Total Pagefile: 5620 MB
Available Pagefile: 4084.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 3975.41 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:280.45 GB) (Free:192.77 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:17.35 GB) (Free:2.51 GB) NTFS

========================= Users: ========================================

User accounts for \\JUSTIN-HP

Administrator Guest Justin


**** End of log ****

#4 _-Nyo-_

_-Nyo-_
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:54 AM

Posted 19 April 2012 - 06:45 PM

Ok now after leaving my computer on for the ESET Scan, it was sluggish but I managed to save a .txt file. I had to force turn it off, and today after a few hours or so, I started the computer again and now its in Startup Repair mode saying my computer cannot start up. I am guessing the virus got way worse or something, because when I got back to save the .txt file there were about 5 of the same ads. I will post the ESET.txt file if my computer manages to finish its Startup Repair.

#5 _-Nyo-_

_-Nyo-_
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:54 AM

Posted 19 April 2012 - 08:12 PM

Ok it seems I narrowed it down to one virus that keeps reappearing.
It seems to be this over and over. :/

Backdoor.MultiZAccess.gen
Service: drvmcdb

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:54 AM

Posted 19 April 2012 - 10:11 PM

Yes its a ZeroAccess infection and its deep
See all these in the Winsock entries..
Catalog5 01 mswsock.dll [File Not found] ()


To get it out safely //we need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
Skip GMER it won't run on 64 bit.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users