Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google search redirect virus


  • Please log in to reply
17 replies to this topic

#1 AALanline

AALanline

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 11 August 2011 - 12:42 PM

I am not sure exactly when my computer started to experience this virus, but I started to try and remove it since ten days ago. I am running Windows 7 and using Firefox. The problem is that not always, but occasionally the virus will redirect my search from Google to another website. I have tried using Norton 360 Malwarebytes, Hijack this and Norton Power Eraser, but still the virus remains. I am not sure how to post an example of this here so if that does help solve the problem I will try and see if I can find a way to.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:34 AM

Posted 11 August 2011 - 01:38 PM

Before doing anything further, if you have not already done so, you should back up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. If that occurs there may be no option but to reformat and reinstall the OS or perform a full system recovery. The safest practice is not to backup any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.Please post the complete results of your last MBAM scan for review (even if nothing was found).

To retrieve the Malwarebytes Anti-Malware scan log information, launch MBAM.
  • Click the Logs Tab at the top.
  • The log will be named by the date of scan in the following format: mbam-log-date(time).txt
    -- If you have previously used MBAM, there may be several logs showing in the list.
  • Click on the log name to highlight it.
  • Go to the bottom and click on Open.
  • The log should automatically open in notepad as a text file.
  • Go to Edit and choose Select all.
  • Go back to Edit and choose Copy or right-click on the highlighted text and choose Copy from there.
  • Come back to this thread, click Add Reply, then right-click and choose Paste.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Logs are saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd



Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
Be sure to print out and follow the instructions for performing a scan. Alternate instructions can be found here.

  • Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
  • Alternatively, you can download TDSSKiller.exe and use that instead.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • When the program opens, click the Start Scan button.

    Posted Image
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found, will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

    Posted Image
  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

    Posted Image
  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

-- For any files detected as 'Suspicious' (except those identified as Forged to be cured after reboot) get a second opinion by submitting to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.

Important Note: Some infections will alter the Proxy settings in Internet Explorer which can affect your ability to browse, update or download tools required for disinfection. If you are experiencing such a problem, check those settings. To do that, please refer to Steps 4-7 under the section Automated Removal Instructions in this guide.

If using FireFox, refer to these instructions to check and configure Proxy Settings under the Connection Settings Dialog.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 AALanline

AALanline
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 12 August 2011 - 08:45 PM

Ok so this is sent before I have downloaded but I have put the things i wish to keep on a removable hard drive as for Malwarebytes this is the latest scan results Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7452

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

8/12/2011 6:43:33 PM
mbam-log-2011-08-12 (18-43-33).txt

Scan type: Quick scan
Objects scanned: 177698
Time elapsed: 9 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 AALanline

AALanline
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 12 August 2011 - 08:51 PM

Still can't seem to find the virus even after the scan

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:34 AM

Posted 12 August 2011 - 11:19 PM

Did you scan with Kaspersky's TDSSKiller? If not, please do so and post the log.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 AALanline

AALanline
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 13 August 2011 - 02:02 AM

I did do a scan and it found nothing not sure how to send the log but this is the best I can do since I can't seem to post photos
System Scan completed
Duration 37 seconds
Processed 281
Infection not found

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:34 AM

Posted 13 August 2011 - 07:45 AM

After running TDSSkiller, a log file named TDSSKiller_version_date_time_log.txt will have been created and saved to the root directory (usually Local Disk C:). Open that file in notepad, then copy and paste the contents in your next reply.

Please download MiniToolBox by farbar and save it to your desktop.

Close all open browsers, double-click on the file to launch the utility and check the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List Users, Partitions and Memory size
Click Go and a log file named Result.txt will open in Notepad with the results. Copy and paste the contents in your next reply
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 AALanline

AALanline
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 13 August 2011 - 02:28 PM

The TDSSkiller results:
2011/08/12 23:53:45.0955 6492 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
2011/08/12 23:53:46.0517 6492 ================================================================================
2011/08/12 23:53:46.0517 6492 SystemInfo:
2011/08/12 23:53:46.0517 6492
2011/08/12 23:53:46.0517 6492 OS Version: 6.1.7601 ServicePack: 1.0
2011/08/12 23:53:46.0517 6492 Product type: Workstation
2011/08/12 23:53:46.0517 6492 ComputerName: AALANLINE-VAIO
2011/08/12 23:53:46.0517 6492 UserName: Aaron Lan
2011/08/12 23:53:46.0517 6492 Windows directory: C:\Windows
2011/08/12 23:53:46.0517 6492 System windows directory: C:\Windows
2011/08/12 23:53:46.0517 6492 Running under WOW64
2011/08/12 23:53:46.0517 6492 Processor architecture: Intel x64
2011/08/12 23:53:46.0517 6492 Number of processors: 4
2011/08/12 23:53:46.0517 6492 Page size: 0x1000
2011/08/12 23:53:46.0517 6492 Boot type: Normal boot
2011/08/12 23:53:46.0517 6492 ================================================================================
2011/08/12 23:53:48.0747 6492 Initialize success
2011/08/12 23:53:52.0351 4760 ================================================================================
2011/08/12 23:53:52.0351 4760 Scan started
2011/08/12 23:53:52.0351 4760 Mode: Manual;
2011/08/12 23:53:52.0351 4760 ================================================================================
2011/08/12 23:53:54.0114 4760 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/08/12 23:53:54.0629 4760 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/08/12 23:53:55.0143 4760 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/08/12 23:53:55.0767 4760 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
2011/08/12 23:53:56.0376 4760 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
2011/08/12 23:53:56.0766 4760 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
2011/08/12 23:53:58.0061 4760 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/08/12 23:53:58.0248 4760 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/08/12 23:53:58.0466 4760 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/08/12 23:53:58.0482 4760 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/08/12 23:53:58.0544 4760 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
2011/08/12 23:53:58.0591 4760 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
2011/08/12 23:53:58.0638 4760 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/08/12 23:53:58.0716 4760 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
2011/08/12 23:53:58.0825 4760 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/08/12 23:53:58.0903 4760 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys
2011/08/12 23:53:58.0997 4760 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/08/12 23:53:59.0090 4760 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
2011/08/12 23:53:59.0153 4760 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
2011/08/12 23:53:59.0184 4760 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
2011/08/12 23:53:59.0324 4760 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/12 23:53:59.0433 4760 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/08/12 23:53:59.0589 4760 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
2011/08/12 23:54:00.0182 4760 atikmdag (89a3d56ce4044f35b9d08dd37193bbfc) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/12 23:54:00.0681 4760 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
2011/08/12 23:54:00.0853 4760 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/08/12 23:54:00.0915 4760 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/08/12 23:54:01.0883 4760 BHDrvx64 (c823adeedd3ae6f3db52b6152e5789cf) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110723.001\BHDrvx64.sys
2011/08/12 23:54:02.0257 4760 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
2011/08/12 23:54:02.0553 4760 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/12 23:54:02.0631 4760 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
2011/08/12 23:54:02.0663 4760 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
2011/08/12 23:54:02.0787 4760 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/08/12 23:54:02.0834 4760 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/12 23:54:02.0912 4760 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/12 23:54:02.0943 4760 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/12 23:54:03.0053 4760 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
2011/08/12 23:54:03.0131 4760 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
2011/08/12 23:54:03.0177 4760 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/08/12 23:54:03.0287 4760 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
2011/08/12 23:54:03.0365 4760 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
2011/08/12 23:54:03.0427 4760 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
2011/08/12 23:54:03.0474 4760 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
2011/08/12 23:54:03.0552 4760 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
2011/08/12 23:54:03.0630 4760 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/08/12 23:54:03.0645 4760 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys
2011/08/12 23:54:03.0677 4760 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/12 23:54:03.0770 4760 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/08/12 23:54:03.0879 4760 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
2011/08/12 23:54:03.0942 4760 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/08/12 23:54:04.0035 4760 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
2011/08/12 23:54:04.0067 4760 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/08/12 23:54:04.0113 4760 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/08/12 23:54:04.0160 4760 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
2011/08/12 23:54:04.0238 4760 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/08/12 23:54:04.0301 4760 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
2011/08/12 23:54:04.0379 4760 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/08/12 23:54:04.0441 4760 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/08/12 23:54:04.0503 4760 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
2011/08/12 23:54:04.0644 4760 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/08/12 23:54:04.0753 4760 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
2011/08/12 23:54:04.0831 4760 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/08/12 23:54:04.0893 4760 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/08/12 23:54:04.0956 4760 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/12 23:54:05.0283 4760 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
2011/08/12 23:54:05.0595 4760 eeCtrl (5e3a50930447f464c66032e05a4632f5) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
2011/08/12 23:54:05.0985 4760 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
2011/08/12 23:54:06.0219 4760 EraserUtilRebootDrv (dcb76ecc6b50a266fdc16e1963ab98ce) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/08/12 23:54:06.0469 4760 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/08/12 23:54:06.0594 4760 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/08/12 23:54:06.0672 4760 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/08/12 23:54:06.0765 4760 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
2011/08/12 23:54:06.0797 4760 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/08/12 23:54:06.0828 4760 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/08/12 23:54:06.0859 4760 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
2011/08/12 23:54:06.0921 4760 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/08/12 23:54:06.0984 4760 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/08/12 23:54:07.0046 4760 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/08/12 23:54:07.0093 4760 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/12 23:54:07.0140 4760 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/12 23:54:07.0187 4760 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
2011/08/12 23:54:07.0249 4760 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/08/12 23:54:07.0358 4760 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/12 23:54:07.0436 4760 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/08/12 23:54:07.0514 4760 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/08/12 23:54:07.0577 4760 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
2011/08/12 23:54:07.0686 4760 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
2011/08/12 23:54:07.0733 4760 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
2011/08/12 23:54:07.0779 4760 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
2011/08/12 23:54:07.0951 4760 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/08/12 23:54:08.0091 4760 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/08/12 23:54:08.0450 4760 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/08/12 23:54:08.0653 4760 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/12 23:54:08.0778 4760 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/08/12 23:54:08.0856 4760 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
2011/08/12 23:54:08.0949 4760 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/08/12 23:54:09.0573 4760 IDSVia64 (d321ff68ff6986bcc18fe85943cb55ef) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110812.030\IDSvia64.sys
2011/08/12 23:54:10.0416 4760 igfx (2835c0808ba40fa8bc141e6015eb2414) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/08/12 23:54:10.0868 4760 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
2011/08/12 23:54:11.0009 4760 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
2011/08/12 23:54:11.0274 4760 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
2011/08/12 23:54:11.0477 4760 IntcDAud (d248aae81c156c0d47a77cd61bc24cd4) C:\Windows\system32\DRIVERS\IntcDAud.sys
2011/08/12 23:54:11.0586 4760 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/08/12 23:54:11.0664 4760 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
2011/08/12 23:54:11.0726 4760 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/12 23:54:11.0804 4760 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/08/12 23:54:11.0851 4760 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/08/12 23:54:11.0913 4760 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/08/12 23:54:11.0960 4760 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/08/12 23:54:12.0007 4760 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/08/12 23:54:12.0147 4760 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/08/12 23:54:12.0241 4760 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/08/12 23:54:12.0288 4760 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/12 23:54:12.0350 4760 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/12 23:54:12.0413 4760 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/08/12 23:54:12.0475 4760 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/12 23:54:12.0553 4760 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
2011/08/12 23:54:12.0584 4760 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
2011/08/12 23:54:12.0631 4760 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
2011/08/12 23:54:12.0662 4760 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
2011/08/12 23:54:12.0756 4760 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/08/12 23:54:12.0912 4760 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
2011/08/12 23:54:13.0005 4760 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
2011/08/12 23:54:13.0068 4760 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
2011/08/12 23:54:13.0208 4760 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/08/12 23:54:13.0302 4760 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/12 23:54:13.0395 4760 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/08/12 23:54:13.0442 4760 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/12 23:54:13.0505 4760 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/08/12 23:54:13.0614 4760 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/08/12 23:54:13.0723 4760 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/12 23:54:13.0863 4760 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/08/12 23:54:13.0926 4760 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/12 23:54:13.0988 4760 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/12 23:54:14.0035 4760 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/12 23:54:14.0097 4760 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/08/12 23:54:14.0175 4760 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/08/12 23:54:14.0394 4760 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/08/12 23:54:14.0441 4760 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/12 23:54:14.0565 4760 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/08/12 23:54:14.0690 4760 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/12 23:54:14.0753 4760 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/12 23:54:14.0815 4760 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/08/12 23:54:14.0940 4760 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/08/12 23:54:15.0033 4760 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/08/12 23:54:15.0330 4760 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/08/12 23:54:15.0455 4760 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
2011/08/12 23:54:15.0501 4760 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/08/12 23:54:15.0657 4760 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/12 23:54:16.0344 4760 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110812.023\ENG64.SYS
2011/08/12 23:54:16.0983 4760 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110812.023\EX64.SYS
2011/08/12 23:54:17.0561 4760 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/08/12 23:54:17.0873 4760 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/12 23:54:17.0935 4760 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/12 23:54:17.0982 4760 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/12 23:54:18.0138 4760 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/12 23:54:18.0231 4760 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/08/12 23:54:18.0325 4760 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/12 23:54:18.0372 4760 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/12 23:54:18.0481 4760 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
2011/08/12 23:54:18.0528 4760 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/08/12 23:54:18.0559 4760 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/12 23:54:18.0684 4760 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/08/12 23:54:18.0746 4760 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/08/12 23:54:18.0809 4760 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/08/12 23:54:18.0918 4760 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/08/12 23:54:18.0980 4760 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/08/12 23:54:19.0058 4760 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/08/12 23:54:19.0152 4760 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
2011/08/12 23:54:19.0199 4760 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/08/12 23:54:19.0261 4760 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/08/12 23:54:19.0323 4760 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/08/12 23:54:19.0386 4760 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
2011/08/12 23:54:19.0433 4760 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/08/12 23:54:19.0464 4760 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/08/12 23:54:19.0729 4760 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/12 23:54:19.0807 4760 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
2011/08/12 23:54:19.0979 4760 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/12 23:54:20.0057 4760 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/08/12 23:54:20.0415 4760 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
2011/08/12 23:54:20.0665 4760 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
2011/08/12 23:54:20.0712 4760 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/12 23:54:20.0743 4760 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/12 23:54:20.0790 4760 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/12 23:54:20.0868 4760 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/12 23:54:20.0930 4760 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/12 23:54:20.0961 4760 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/12 23:54:21.0071 4760 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/12 23:54:21.0149 4760 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
2011/08/12 23:54:21.0180 4760 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/12 23:54:21.0227 4760 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/12 23:54:21.0242 4760 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/12 23:54:21.0320 4760 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/08/12 23:54:21.0429 4760 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/08/12 23:54:21.0523 4760 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/08/12 23:54:21.0554 4760 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
2011/08/12 23:54:21.0663 4760 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
2011/08/12 23:54:21.0741 4760 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/12 23:54:21.0851 4760 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/08/12 23:54:21.0897 4760 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/12 23:54:22.0007 4760 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
2011/08/12 23:54:22.0100 4760 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/08/12 23:54:22.0163 4760 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
2011/08/12 23:54:22.0225 4760 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
2011/08/12 23:54:22.0287 4760 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
2011/08/12 23:54:22.0412 4760 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
2011/08/12 23:54:22.0553 4760 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/08/12 23:54:22.0615 4760 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/12 23:54:22.0693 4760 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/12 23:54:22.0755 4760 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
2011/08/12 23:54:22.0802 4760 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
2011/08/12 23:54:22.0833 4760 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
2011/08/12 23:54:22.0880 4760 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/08/12 23:54:22.0958 4760 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/08/12 23:54:23.0270 4760 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS
2011/08/12 23:54:23.0301 4760 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS
2011/08/12 23:54:23.0551 4760 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/08/12 23:54:24.0066 4760 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/12 23:54:24.0362 4760 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/12 23:54:24.0425 4760 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
2011/08/12 23:54:24.0503 4760 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/08/12 23:54:24.0768 4760 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS
2011/08/12 23:54:24.0971 4760 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS
2011/08/12 23:54:25.0111 4760 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2011/08/12 23:54:25.0407 4760 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS
2011/08/12 23:54:25.0485 4760 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS
2011/08/12 23:54:25.0626 4760 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
2011/08/12 23:54:26.0000 4760 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/12 23:54:26.0219 4760 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/12 23:54:26.0297 4760 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/08/12 23:54:26.0343 4760 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/08/12 23:54:26.0406 4760 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/12 23:54:26.0499 4760 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/08/12 23:54:26.0562 4760 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/12 23:54:26.0671 4760 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/08/12 23:54:26.0765 4760 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/12 23:54:26.0811 4760 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
2011/08/12 23:54:26.0905 4760 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/12 23:54:27.0014 4760 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/12 23:54:27.0092 4760 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/08/12 23:54:27.0170 4760 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
2011/08/12 23:54:27.0248 4760 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
2011/08/12 23:54:27.0342 4760 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/12 23:54:27.0389 4760 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/08/12 23:54:27.0451 4760 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
2011/08/12 23:54:27.0529 4760 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/12 23:54:27.0560 4760 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
2011/08/12 23:54:27.0638 4760 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/12 23:54:27.0701 4760 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/08/12 23:54:27.0763 4760 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
2011/08/12 23:54:27.0779 4760 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/08/12 23:54:27.0857 4760 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2011/08/12 23:54:27.0966 4760 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/08/12 23:54:28.0013 4760 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/12 23:54:28.0044 4760 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/08/12 23:54:28.0059 4760 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/08/12 23:54:28.0122 4760 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/08/12 23:54:28.0153 4760 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/08/12 23:54:28.0215 4760 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/08/12 23:54:28.0262 4760 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/08/12 23:54:28.0340 4760 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
2011/08/12 23:54:28.0403 4760 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/08/12 23:54:28.0434 4760 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/08/12 23:54:28.0481 4760 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
2011/08/12 23:54:28.0543 4760 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/12 23:54:28.0574 4760 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/12 23:54:28.0668 4760 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
2011/08/12 23:54:28.0730 4760 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
2011/08/12 23:54:28.0917 4760 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/12 23:54:29.0011 4760 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/12 23:54:29.0027 4760 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/08/12 23:54:29.0151 4760 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/08/12 23:54:29.0214 4760 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/08/12 23:54:29.0292 4760 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/12 23:54:29.0370 4760 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/08/12 23:54:29.0432 4760 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/12 23:54:29.0526 4760 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/08/12 23:54:29.0619 4760 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/08/12 23:54:29.0635 4760 Boot (0x1200) (d76a362f6af521c04969a9eb0df1dd89) \Device\Harddisk0\DR0\Partition0
2011/08/12 23:54:29.0666 4760 Boot (0x1200) (6819bb751000aaff4e2dd9907b7755ed) \Device\Harddisk0\DR0\Partition1
2011/08/12 23:54:29.0682 4760 ================================================================================
2011/08/12 23:54:29.0682 4760 Scan finished
2011/08/12 23:54:29.0682 4760 ================================================================================
2011/08/12 23:54:29.0682 6164 Detected object count: 0
2011/08/12 23:54:29.0682 6164 Actual detected object count: 0
2011/08/13 00:03:22.0589 6540 ================================================================================
2011/08/13 00:03:22.0589 6540 Scan started
2011/08/13 00:03:22.0589 6540 Mode: Manual;
2011/08/13 00:03:22.0589 6540 ================================================================================
2011/08/13 00:03:22.0997 6540 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/08/13 00:03:23.0049 6540 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/08/13 00:03:23.0091 6540 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/08/13 00:03:23.0159 6540 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
2011/08/13 00:03:23.0192 6540 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
2011/08/13 00:03:23.0228 6540 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
2011/08/13 00:03:23.0298 6540 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/08/13 00:03:23.0357 6540 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/08/13 00:03:23.0390 6540 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/08/13 00:03:23.0403 6540 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/08/13 00:03:23.0450 6540 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
2011/08/13 00:03:23.0486 6540 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
2011/08/13 00:03:23.0532 6540 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/08/13 00:03:23.0571 6540 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
2011/08/13 00:03:23.0587 6540 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/08/13 00:03:23.0619 6540 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys
2011/08/13 00:03:23.0672 6540 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/08/13 00:03:23.0731 6540 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
2011/08/13 00:03:23.0771 6540 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
2011/08/13 00:03:23.0806 6540 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
2011/08/13 00:03:23.0832 6540 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/13 00:03:23.0876 6540 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/08/13 00:03:23.0948 6540 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
2011/08/13 00:03:24.0121 6540 atikmdag (89a3d56ce4044f35b9d08dd37193bbfc) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/13 00:03:24.0273 6540 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
2011/08/13 00:03:24.0315 6540 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/08/13 00:03:24.0353 6540 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/08/13 00:03:24.0809 6540 BHDrvx64 (c823adeedd3ae6f3db52b6152e5789cf) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110723.001\BHDrvx64.sys
2011/08/13 00:03:24.0927 6540 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
2011/08/13 00:03:24.0984 6540 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/13 00:03:25.0014 6540 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
2011/08/13 00:03:25.0043 6540 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
2011/08/13 00:03:25.0089 6540 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/08/13 00:03:25.0120 6540 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/13 00:03:25.0148 6540 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/13 00:03:25.0175 6540 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/13 00:03:25.0212 6540 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
2011/08/13 00:03:25.0265 6540 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
2011/08/13 00:03:25.0300 6540 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/08/13 00:03:25.0339 6540 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
2011/08/13 00:03:25.0360 6540 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
2011/08/13 00:03:25.0389 6540 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
2011/08/13 00:03:25.0422 6540 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
2011/08/13 00:03:25.0449 6540 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
2011/08/13 00:03:25.0476 6540 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/08/13 00:03:25.0514 6540 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys
2011/08/13 00:03:25.0536 6540 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/13 00:03:25.0582 6540 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/08/13 00:03:25.0627 6540 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
2011/08/13 00:03:25.0669 6540 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/08/13 00:03:25.0727 6540 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
2011/08/13 00:03:25.0765 6540 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/08/13 00:03:25.0805 6540 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/08/13 00:03:25.0853 6540 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
2011/08/13 00:03:25.0904 6540 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/08/13 00:03:25.0948 6540 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
2011/08/13 00:03:26.0004 6540 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/08/13 00:03:26.0055 6540 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/08/13 00:03:26.0092 6540 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
2011/08/13 00:03:26.0157 6540 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/08/13 00:03:26.0198 6540 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
2011/08/13 00:03:26.0234 6540 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/08/13 00:03:26.0257 6540 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/08/13 00:03:26.0307 6540 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/13 00:03:26.0421 6540 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
2011/08/13 00:03:26.0529 6540 eeCtrl (5e3a50930447f464c66032e05a4632f5) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
2011/08/13 00:03:26.0657 6540 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
2011/08/13 00:03:26.0717 6540 EraserUtilRebootDrv (dcb76ecc6b50a266fdc16e1963ab98ce) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/08/13 00:03:26.0757 6540 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/08/13 00:03:26.0814 6540 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/08/13 00:03:26.0848 6540 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/08/13 00:03:26.0872 6540 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
2011/08/13 00:03:26.0910 6540 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/08/13 00:03:26.0932 6540 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/08/13 00:03:26.0959 6540 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
2011/08/13 00:03:27.0003 6540 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/08/13 00:03:27.0034 6540 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/08/13 00:03:27.0078 6540 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/08/13 00:03:27.0110 6540 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/13 00:03:27.0148 6540 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/13 00:03:27.0188 6540 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
2011/08/13 00:03:27.0228 6540 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/08/13 00:03:27.0272 6540 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/13 00:03:27.0329 6540 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/08/13 00:03:27.0352 6540 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/08/13 00:03:27.0401 6540 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
2011/08/13 00:03:27.0438 6540 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
2011/08/13 00:03:27.0470 6540 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
2011/08/13 00:03:27.0495 6540 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
2011/08/13 00:03:27.0544 6540 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/08/13 00:03:27.0597 6540 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/08/13 00:03:27.0655 6540 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/08/13 00:03:27.0704 6540 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/13 00:03:27.0747 6540 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/08/13 00:03:27.0797 6540 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
2011/08/13 00:03:27.0852 6540 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/08/13 00:03:28.0127 6540 IDSVia64 (d321ff68ff6986bcc18fe85943cb55ef) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110812.030\IDSvia64.sys
2011/08/13 00:03:28.0339 6540 igfx (2835c0808ba40fa8bc141e6015eb2414) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/08/13 00:03:28.0485 6540 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
2011/08/13 00:03:28.0541 6540 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
2011/08/13 00:03:28.0620 6540 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
2011/08/13 00:03:28.0673 6540 IntcDAud (d248aae81c156c0d47a77cd61bc24cd4) C:\Windows\system32\DRIVERS\IntcDAud.sys
2011/08/13 00:03:28.0714 6540 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/08/13 00:03:28.0748 6540 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
2011/08/13 00:03:28.0795 6540 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/13 00:03:28.0835 6540 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/08/13 00:03:28.0881 6540 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/08/13 00:03:28.0909 6540 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/08/13 00:03:28.0959 6540 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/08/13 00:03:28.0989 6540 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/08/13 00:03:29.0017 6540 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/08/13 00:03:29.0051 6540 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/08/13 00:03:29.0111 6540 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/13 00:03:29.0149 6540 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/13 00:03:29.0192 6540 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/08/13 00:03:29.0230 6540 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/13 00:03:29.0282 6540 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
2011/08/13 00:03:29.0302 6540 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
2011/08/13 00:03:29.0341 6540 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
2011/08/13 00:03:29.0386 6540 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
2011/08/13 00:03:29.0412 6540 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/08/13 00:03:29.0449 6540 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
2011/08/13 00:03:29.0504 6540 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
2011/08/13 00:03:29.0539 6540 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
2011/08/13 00:03:29.0593 6540 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/08/13 00:03:29.0615 6540 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/13 00:03:29.0656 6540 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/08/13 00:03:29.0700 6540 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/13 00:03:29.0757 6540 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/08/13 00:03:29.0805 6540 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/08/13 00:03:29.0843 6540 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/13 00:03:29.0890 6540 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/08/13 00:03:29.0940 6540 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/13 00:03:29.0993 6540 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/13 00:03:30.0027 6540 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/13 00:03:30.0074 6540 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/08/13 00:03:30.0147 6540 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/08/13 00:03:30.0213 6540 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/08/13 00:03:30.0236 6540 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/13 00:03:30.0272 6540 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/08/13 00:03:30.0308 6540 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/13 00:03:30.0329 6540 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/13 00:03:30.0345 6540 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/08/13 00:03:30.0401 6540 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/08/13 00:03:30.0450 6540 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/08/13 00:03:30.0486 6540 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/08/13 00:03:30.0516 6540 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
2011/08/13 00:03:30.0545 6540 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/08/13 00:03:30.0581 6540 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/13 00:03:30.0807 6540 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110812.023\ENG64.SYS
2011/08/13 00:03:30.0905 6540 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110812.023\EX64.SYS
2011/08/13 00:03:31.0046 6540 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/08/13 00:03:31.0089 6540 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/13 00:03:31.0125 6540 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/13 00:03:31.0168 6540 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/13 00:03:31.0218 6540 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/13 00:03:31.0267 6540 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/08/13 00:03:31.0295 6540 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/13 00:03:31.0346 6540 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/13 00:03:31.0409 6540 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
2011/08/13 00:03:31.0450 6540 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/08/13 00:03:31.0472 6540 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/13 00:03:31.0555 6540 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/08/13 00:03:31.0590 6540 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/08/13 00:03:31.0634 6540 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/08/13 00:03:31.0654 6540 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/08/13 00:03:31.0686 6540 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/08/13 00:03:31.0728 6540 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/08/13 00:03:31.0789 6540 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
2011/08/13 00:03:31.0835 6540 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/08/13 00:03:31.0869 6540 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/08/13 00:03:31.0894 6540 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/08/13 00:03:31.0949 6540 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
2011/08/13 00:03:31.0991 6540 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/08/13 00:03:32.0027 6540 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/08/13 00:03:32.0138 6540 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/13 00:03:32.0187 6540 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
2011/08/13 00:03:32.0245 6540 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/13 00:03:32.0292 6540 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/08/13 00:03:32.0361 6540 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
2011/08/13 00:03:32.0403 6540 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
2011/08/13 00:03:32.0443 6540 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/13 00:03:32.0464 6540 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/13 00:03:32.0499 6540 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/13 00:03:32.0554 6540 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/13 00:03:32.0600 6540 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/13 00:03:32.0622 6540 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/13 00:03:32.0676 6540 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/13 00:03:32.0705 6540 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
2011/08/13 00:03:32.0727 6540 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/13 00:03:32.0755 6540 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/13 00:03:32.0773 6540 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/13 00:03:32.0899 6540 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/08/13 00:03:32.0946 6540 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/08/13 00:03:32.0994 6540 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/08/13 00:03:33.0020 6540 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
2011/08/13 00:03:33.0053 6540 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
2011/08/13 00:03:33.0097 6540 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/13 00:03:33.0146 6540 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/08/13 00:03:33.0195 6540 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/13 00:03:33.0263 6540 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
2011/08/13 00:03:33.0309 6540 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/08/13 00:03:33.0356 6540 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
2011/08/13 00:03:33.0392 6540 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
2011/08/13 00:03:33.0432 6540 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
2011/08/13 00:03:33.0489 6540 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
2011/08/13 00:03:33.0521 6540 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/08/13 00:03:33.0552 6540 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/13 00:03:33.0573 6540 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/13 00:03:33.0612 6540 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
2011/08/13 00:03:33.0661 6540 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
2011/08/13 00:03:33.0697 6540 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
2011/08/13 00:03:33.0731 6540 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/08/13 00:03:33.0783 6540 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/08/13 00:03:33.0917 6540 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS
2011/08/13 00:03:33.0948 6540 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS
2011/08/13 00:03:34.0009 6540 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/08/13 00:03:34.0040 6540 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/13 00:03:34.0068 6540 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/13 00:03:34.0114 6540 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
2011/08/13 00:03:34.0165 6540 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/08/13 00:03:34.0287 6540 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS
2011/08/13 00:03:34.0386 6540 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS
2011/08/13 00:03:34.0446 6540 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2011/08/13 00:03:34.0502 6540 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS
2011/08/13 00:03:34.0555 6540 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS
2011/08/13 00:03:34.0651 6540 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
2011/08/13 00:03:34.0694 6540 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/13 00:03:34.0756 6540 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/13 00:03:34.0798 6540 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/08/13 00:03:34.0827 6540 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/08/13 00:03:34.0875 6540 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/13 00:03:34.0908 6540 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/08/13 00:03:34.0979 6540 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/13 00:03:35.0031 6540 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/08/13 00:03:35.0098 6540 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/13 00:03:35.0139 6540 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
2011/08/13 00:03:35.0199 6540 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/13 00:03:35.0254 6540 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/13 00:03:35.0312 6540 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/08/13 00:03:35.0349 6540 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
2011/08/13 00:03:35.0412 6540 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
2011/08/13 00:03:35.0440 6540 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/13 00:03:35.0485 6540 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/08/13 00:03:35.0527 6540 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
2011/08/13 00:03:35.0568 6540 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/13 00:03:35.0630 6540 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
2011/08/13 00:03:35.0679 6540 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/13 00:03:35.0724 6540 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/08/13 00:03:35.0781 6540 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
2011/08/13 00:03:35.0796 6540 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/08/13 00:03:35.0853 6540 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2011/08/13 00:03:35.0935 6540 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/08/13 00:03:35.0989 6540 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/13 00:03:36.0011 6540 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/08/13 00:03:36.0069 6540 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/08/13 00:03:36.0102 6540 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/08/13 00:03:36.0132 6540 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/08/13 00:03:36.0182 6540 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/08/13 00:03:36.0215 6540 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/08/13 00:03:36.0266 6540 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
2011/08/13 00:03:36.0301 6540 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/08/13 00:03:36.0320 6540 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/08/13 00:03:36.0365 6540 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
2011/08/13 00:03:36.0405 6540 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/13 00:03:36.0417 6540 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/13 00:03:36.0484 6540 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
2011/08/13 00:03:36.0531 6540 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
2011/08/13 00:03:36.0564 6540 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/13 00:03:36.0622 6540 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/13 00:03:36.0645 6540 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/08/13 00:03:36.0731 6540 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/08/13 00:03:36.0775 6540 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/08/13 00:03:36.0826 6540 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/13 00:03:36.0893 6540 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/08/13 00:03:36.0942 6540 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/13 00:03:36.0996 6540 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/08/13 00:03:37.0098 6540 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/08/13 00:03:37.0127 6540 Boot (0x1200) (d76a362f6af521c04969a9eb0df1dd89) \Device\Harddisk0\DR0\Partition0
2011/08/13 00:03:37.0145 6540 Boot (0x1200) (6819bb751000aaff4e2dd9907b7755ed) \Device\Harddisk0\DR0\Partition1
2011/08/13 00:03:37.0150 6540 ================================================================================
2011/08/13 00:03:37.0150 6540 Scan finished
2011/08/13 00:03:37.0150 6540 ================================================================================
2011/08/13 00:03:37.0161 0372 Detected object count: 0
2011/08/13 00:03:37.0161 0372 Actual detected object count: 0
2011/08/13 00:03:41.0184 1228 Deinitialize success

The Minitool box results: MiniToolBox by Farbar
Ran by Aaron Lan (administrator) on 13-08-2011 at 12:26:27
Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
========================= Hosts content: =================================




========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 3758.1 MB
Available physical RAM: 2172.94 MB
Total Pagefile: 7514.39 MB
Available Pagefile: 5693.22 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.91 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:289.23 GB) (Free:21.75 GB) NTFS

========================= Users: ========================================

User accounts for \\AALANLINE-VAIO

Aaron Lan Administrator Guest


== End of log ==

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:34 AM

Posted 13 August 2011 - 04:29 PM

Please download and scan with the Kaspersky Virus Removal Tool from one of the links provided below and save it to your desktop.
Link 1
Link 2Be sure to print out and read the instructions provided in:How to Install Kaspersky Virus Removal Tool
How to use the Kaspersky Virus Removal Tool to automatically remove viruses
  • Double-click the setup file (i.e. setup_9.0.0.722_22.01.2010_10-04.exe) to select your language and install the utility.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • At the 'Setup page', click Next, check the box 'I accept the license agreement' and click Next twice more to extract the required files.
  • Setup may recommend to scan the computer in Safe Mode. Click Ok.
  • A window will open with a tab that says Autoscan and one for Manual disinfection.
  • Click the green Start scan button on the Autoscan tab in the main window.
  • If malware is detected, you will see the Scan Alert screen.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • After the scan finishes, if any threats are left unneutralized in the Scan window (Red exclamation point), click the Neutralize all button.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • If advised that a special disinfection procedure is required which demands system reboot, click the Ok button to close the window.
  • In the Scan window click the Reports button, choose Critical events and select Save to save the results to a file (name it avptool.txt).
  • Copy and paste the report results of any threats detected. Do not include the longer list marked Events.
  • When finished, follow these instructions on How to uninstall Kaspersky Virus Removal Tool 2010.
-- If you cannot run this tool in normal mode, then try using it in "safe mode".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 AALanline

AALanline
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 13 August 2011 - 09:21 PM

These are the results:
8/13/2011 6:47:57 PM Detected: Trojan-Dropper.Win32.Pihar.f C:\Users\Aaron Lan\AppData\Local\Temp\thpm7077388399884812460.tmp
8/13/2011 6:48:50 PM Backed up C:\Users\Aaron Lan\AppData\Local\Temp\thpm7077388399884812460.tmp
8/13/2011 6:48:50 PM Will be deleted on system restart: Trojan-Dropper.Win32.Pihar.f C:\Users\Aaron Lan\AppData\Local\Temp\thpm7077388399884812460.tmp

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:34 AM

Posted 14 August 2011 - 09:07 AM

Make sure you have restarted the computer, then try doing an online scan to see if it finds anything else that the other scans may have missed.

Please perform a scan with Eset Online Anti-virus Scanner.
  • If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.
  • Vista/Windows 7 users need to run Internet Explorer/Firefox as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
  • Click the green Posted Image button.
  • Read the End User License Agreement and check the box:
  • Check Posted Image.
  • Click the Posted Image button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check Posted Image and make sure that the option Remove found threats is NOT checked.
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop as ESETScan.txt.
  • Push the Posted Image button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a log.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 AALanline

AALanline
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 14 August 2011 - 06:58 PM

The results you asked for:
C:\Users\Aaron Lan\AppData\Roaming\Mozilla\Firefox\Profiles\3emk5di8.default\extensions\{e02d9c9a-ea30-4efd-aefe-5ca7edca480d}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan
C:\Users\Aaron Lan\AppData\Roaming\Mozilla\Firefox\Profiles\3emk5di8.default\extensions\{e02d9c9a-ea30-4efd-aefe-5ca7edca480d}\chrome\xulcache.jar JS/Agent.NDJ trojan
C:\Users\Aaron Lan\Downloads\registryboosterplc.exe Win32/RegistryBooster application

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:34 AM

Posted 14 August 2011 - 07:55 PM

Rerun Eset Online Anti-virus Scanner again, but this time under scan settings, be sure to check the option to Remove found threats. Save the log as before and copy and paste the contents in your next reply.

Also let me know how your computer is running and if there are any more signs of infection...strange audio ads, unwanted pop-ups, security alerts, or browser redirects.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 AALanline

AALanline
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 14 August 2011 - 11:41 PM

The computer loads quickly but Firefox is slow also freezes a few times. Besides the redirect nothing really happens but before I ran Kaspersky something kept trying to install I didn't write it down but it was persistent and it did not tell me its name. Also another install that has not stopped popping up is another install the only thing I can say about it is its a picture of a disk and asks for me to select a country no other identifier shows up, I doubt this is helpful but if I can see it again I'll try to post a picture of it. I will post the results after I get them.

#15 AALanline

AALanline
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 15 August 2011 - 02:06 AM

These are the results:
C:\Users\Aaron Lan\AppData\Roaming\Mozilla\Firefox\Profiles\3emk5di8.default\extensions\{e02d9c9a-ea30-4efd-aefe-5ca7edca480d}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Users\Aaron Lan\AppData\Roaming\Mozilla\Firefox\Profiles\3emk5di8.default\extensions\{e02d9c9a-ea30-4efd-aefe-5ca7edca480d}\chrome\xulcache.jar JS/Agent.NDJ trojan deleted - quarantined
C:\Users\Aaron Lan\Downloads\registryboosterplc.exe Win32/RegistryBooster application deleted - quarantined




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users