Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7 2012 Antivirus


  • This topic is locked This topic is locked
13 replies to this topic

#1 Lilysdad0823

Lilysdad0823

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 27 December 2011 - 04:32 PM

Hello,

I've got the Win 7 2012 Antivirus malware on my computer hijacking my browser. I've seen in recently in the forums, so I'm not alone. I got something similar on my desktop last summer, and Gringo was gracious enough to help me get it fixed. I could use some help getting rid of this beast on my laptop. I'm running Windows 7 Pro with the ever-useless Norton Antivirus. I appreciate your help!

BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 PM

Posted 02 January 2012 - 08:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/434817 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Lilysdad0823

Lilysdad0823
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 04 January 2012 - 11:03 AM

Hello,

Last week I got infected with Win 7 2012 Antivirus.

I posted in this forum asking for help, and then I found this handy tutorial explaining how to resolve the issue. http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012, and I followed all the steps. My system seems to be running normally, I would just like for someone to look at my logs and tell me if they see anything out of whack that still needs resolving. After cleaning my system following the steps in the self-help guide, I also upgraded my antivirus, and Norton IS comes up clean. I also ran a scan with eset online scanner, and it was clean as well. thanks for your help!

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by Meredith at 10:48:25 on 2012-01-04
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3895.2443 [GMT -5:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\windows\system32\taskeng.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: FCToolbarURLSearchHook Class: {4219427b-0228-4356-a78b-eb7668d37d07} - C:\Program Files (x86)\InboxDollars\Helper.dll
mWinlogon: Userinit=userinit.exe,
BHO: AutorunsDisabled - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
TB: InboxDollars: {47980628-3844-42aa-a0dd-e2d86bba9600} - C:\Program Files (x86)\InboxDollars\Toolbar.dll
uRun: [cdloader] "C:\Users\Meredith\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL
Trusted Zone: advancedmd.com
Trusted Zone: advancedmd.com\login
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://sl1-rs00.advancedmd.com/rs-current/components/smsx.cab
DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxps://sl1-rs00.advancedmd.com/ReportingServices/Reserved.ReportViewerWebControl.axd?ExecutionID=w0fp1e55melurp55fod3no55&ControlID=b51e98a84e7749e2aac11c99243921d3&Culture=127&UICulture=9&ReportStack=1&OpType=PrintCab
DPF: {5EF06782-55B2-4DF3-A57A-3FE8F1D2A181} - hxxps://a-sl1-app01.advancedmd.com/practicemanager/ppmdcontrols/ppmdforms.cab
DPF: {6A6E7E91-B6EB-46B5-A545-12B8EDDD261E} - hxxps://a-sl1-app01.advancedmd.com/practicemanager/ppmdcontrols/amdscontrols50.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {9602B3CE-BC91-417D-B4FD-F6538C2ABB3B} - hxxps://a-app1.advancedmd.com/practicemanager/ppmdcontrols/amdswscheck.cab
DPF: {B15C3921-CCFA-4403-9E6F-4470839E835E} - hxxps://a-sl1-app01.advancedmd.com/practicemanager/ppmdcontrols/leadtools.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CC99A86F-EA5D-414A-8231-7C3F1B10A644} - hxxps://a-app1.advancedmd.com/practicemanager/ppmdcontrols/amdsaudio.cab
DPF: {EE8CEFA4-1F91-11D4-B31E-00C04F1D37E6} - hxxps://a-app1.advancedmd.com/practicemanager/ppmdcontrols/ppmdvbdownload.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{977FBC7D-F82C-4307-AE69-7A21AD59A25D} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{EC373CBB-2DAC-42B9-8EF3-3903E1C22240} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EC373CBB-2DAC-42B9-8EF3-3903E1C22240}\163757D26796379647F627 : DhcpNameServer = 152.10.2.222 152.10.2.223
TCP: Interfaces\{EC373CBB-2DAC-42B9-8EF3-3903E1C22240}\2516E6368613 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{EC373CBB-2DAC-42B9-8EF3-3903E1C22240}\34F6D65602241636B60235861636B6D27657563747 : DhcpNameServer = 192.168.33.1 24.178.162.3 97.81.22.195
TCP: Interfaces\{EC373CBB-2DAC-42B9-8EF3-3903E1C22240}\758696475684F6273756D27657563747 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{EC373CBB-2DAC-42B9-8EF3-3903E1C22240}\C696E6B6379737 : DhcpNameServer = 10.90.10.1
TCP: Interfaces\{EC373CBB-2DAC-42B9-8EF3-3903E1C22240}\E4544574541425 : DhcpNameServer = 192.168.1.254 65.68.49.50 65.68.49.51
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: AutorunsDisabled - No File
BHO-X64: FCTBPos00Pos - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO-X64: Constant Guard Protection Suite (COM) - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
TB-X64: InboxDollars: {47980628-3844-42AA-A0DD-E2D86BBA9600} - C:\Program Files (x86)\InboxDollars\Toolbar.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun-x64: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
mRun-x64: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
mRun-x64: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
mRun-x64: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun-x64: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Meredith\AppData\Roaming\Mozilla\Firefox\Profiles\b0ws5anv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx64.sys [2011-12-21 1156216]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111228.001\IDSviA64.sys [2011-12-29 488568]
R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS --> C:\windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-10-27 252784]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-15 13336]
R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2011-12-17 63048]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe [2011-12-27 130008]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-9 144672]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-11-11 317296]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-5-15 2314240]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-12-29 138360]
R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-9 136176]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\windows\system32\DRIVERS\BrSerIb.sys --> C:\windows\system32\DRIVERS\BrSerIb.sys [?]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\windows\system32\DRIVERS\BrUsbSIb.sys --> C:\windows\system32\DRIVERS\BrUsbSIb.sys [?]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2011-11-20 245760]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-9 136176]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-5-15 222720]
S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-5-15 51512]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-12-28 03:14:48 912504 ----a-w- C:\windows\System32\drivers\N360x64\0501000.01D\symefa64.sys
2011-12-28 03:14:48 744568 ----a-w- C:\windows\System32\drivers\N360x64\0501000.01D\srtsp64.sys
2011-12-28 03:14:48 450680 ----a-w- C:\windows\System32\drivers\N360x64\0501000.01D\symds64.sys
2011-12-28 03:14:48 40568 ----a-w- C:\windows\System32\drivers\N360x64\0501000.01D\srtspx64.sys
2011-12-28 03:14:48 386168 ----a-w- C:\windows\System32\drivers\N360x64\0501000.01D\symnets.sys
2011-12-28 03:14:48 171128 ----a-r- C:\windows\System32\drivers\N360x64\0501000.01D\ironx64.sys
2011-12-28 03:14:42 -------- d-----w- C:\windows\System32\drivers\N360x64\0501000.01D
2011-12-28 03:08:57 34152 ----a-w- C:\windows\System32\drivers\GEARAspiWDM.sys
2011-12-28 03:08:56 174200 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
2011-12-28 03:08:56 -------- d-----w- C:\Program Files\Symantec
2011-12-28 03:08:56 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2011-12-28 03:08:31 -------- d-----w- C:\windows\System32\drivers\N360x64
2011-12-28 03:08:30 -------- d-----w- C:\Program Files (x86)\Norton Security Suite
2011-12-28 02:19:50 -------- d-----w- C:\Users\Meredith\AppData\Local\ID Vault
2011-12-28 02:19:50 -------- d-----w- C:\ProgramData\IsolatedStorage
2011-12-28 02:19:39 91720 ----a-w- C:\Program Files (x86)\Mozilla Firefox\IdVaultCore.XmlSerializers.dll
2011-12-28 02:19:39 8007680 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Microsoft.mshtml.dll
2011-12-28 02:19:39 1642056 ----a-w- C:\Program Files (x86)\Mozilla Firefox\IdVaultCore.dll
2011-12-28 02:19:39 133192 ----a-w- C:\Program Files (x86)\Mozilla Firefox\CommonDotNET.dll
2011-12-28 02:19:35 -------- d-----w- C:\Users\Meredith\AppData\Roaming\ID Vault
2011-12-28 02:19:16 -------- d-----w- C:\Program Files (x86)\Constant Guard Protection Suite
2011-12-28 02:18:42 -------- d-----w- C:\ProgramData\White Sky, Inc
2011-12-28 00:05:34 476904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2011-12-27 23:26:07 25416 ----a-w- C:\windows\System32\drivers\mbam.sys
2011-12-27 21:48:11 -------- d-----w- C:\Users\Meredith\AppData\Roaming\Malwarebytes
2011-12-27 21:48:07 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-27 21:48:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-14 04:19:54 43520 ----a-w- C:\windows\System32\csrsrv.dll
2011-12-14 04:19:53 3141632 ----a-w- C:\windows\System32\win32k.sys
2011-12-14 04:19:52 723456 ----a-w- C:\windows\System32\EncDec.dll
2011-12-14 04:19:52 534528 ----a-w- C:\windows\SysWow64\EncDec.dll
2011-12-14 04:19:45 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2011-12-14 04:19:45 2048 ----a-w- C:\windows\System32\tzres.dll
.
==================== Find3M ====================
.
2011-12-04 19:04:09 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-10 10:54:13 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
.
============= FINISH: 10:49:21.69 ===============


My system is running Windows 7 Professional 64bit.


thanks!

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:45 PM

Posted 04 January 2012 - 04:42 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Lilysdad0823

Lilysdad0823
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 05 January 2012 - 10:52 PM

Hi Gringo,

I stopped everything norton, uninstall constant guard (comcast bloatware) and I downloaded Combofix. I've run it several times and it always stalls the same place. It says "Completed Stage_4" and then it stalls, no matter how long I leave it. I've closed and restarted it. I've rebooted the computer and tried again. Any thoughts?

thanks

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:45 PM

Posted 05 January 2012 - 11:18 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Lilysdad0823

Lilysdad0823
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 08 January 2012 - 08:50 AM

Here is the report from TDSS Killer.

08:47:24.0991 4212 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
08:47:25.0281 4212 ============================================================
08:47:25.0281 4212 Current date / time: 2012/01/08 08:47:25.0281
08:47:25.0281 4212 SystemInfo:
08:47:25.0281 4212
08:47:25.0281 4212 OS Version: 6.1.7600 ServicePack: 0.0
08:47:25.0281 4212 Product type: Workstation
08:47:25.0281 4212 ComputerName: GIZMO
08:47:25.0282 4212 UserName: Meredith
08:47:25.0282 4212 Windows directory: C:\windows
08:47:25.0282 4212 System windows directory: C:\windows
08:47:25.0282 4212 Running under WOW64
08:47:25.0282 4212 Processor architecture: Intel x64
08:47:25.0282 4212 Number of processors: 4
08:47:25.0282 4212 Page size: 0x1000
08:47:25.0282 4212 Boot type: Normal boot
08:47:25.0282 4212 ============================================================
08:47:25.0784 4212 Initialize success
08:47:35.0435 5396 ============================================================
08:47:35.0436 5396 Scan started
08:47:35.0436 5396 Mode: Manual;
08:47:35.0436 5396 ============================================================
08:47:37.0320 5396 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys
08:47:37.0326 5396 1394ohci - ok
08:47:37.0459 5396 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
08:47:37.0466 5396 ACPI - ok
08:47:37.0551 5396 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
08:47:37.0565 5396 AcpiPmi - ok
08:47:37.0770 5396 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
08:47:37.0793 5396 adp94xx - ok
08:47:37.0968 5396 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
08:47:37.0999 5396 adpahci - ok
08:47:38.0221 5396 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
08:47:38.0231 5396 adpu320 - ok
08:47:38.0353 5396 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\windows\system32\drivers\afd.sys
08:47:38.0387 5396 AFD - ok
08:47:38.0606 5396 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys
08:47:38.0663 5396 AgereSoftModem - ok
08:47:38.0872 5396 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
08:47:38.0885 5396 agp440 - ok
08:47:39.0018 5396 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
08:47:39.0029 5396 aliide - ok
08:47:39.0130 5396 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
08:47:39.0144 5396 amdide - ok
08:47:39.0243 5396 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
08:47:39.0266 5396 AmdK8 - ok
08:47:39.0368 5396 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
08:47:39.0372 5396 AmdPPM - ok
08:47:39.0478 5396 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
08:47:39.0492 5396 amdsata - ok
08:47:39.0776 5396 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
08:47:39.0796 5396 amdsbs - ok
08:47:40.0037 5396 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
08:47:40.0039 5396 amdxata - ok
08:47:40.0173 5396 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
08:47:40.0190 5396 AppID - ok
08:47:40.0384 5396 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
08:47:40.0392 5396 arc - ok
08:47:40.0537 5396 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
08:47:40.0549 5396 arcsas - ok
08:47:40.0664 5396 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
08:47:40.0677 5396 AsyncMac - ok
08:47:40.0768 5396 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
08:47:40.0769 5396 atapi - ok
08:47:41.0057 5396 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
08:47:41.0115 5396 athr - ok
08:47:41.0252 5396 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
08:47:41.0274 5396 b06bdrv - ok
08:47:41.0498 5396 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
08:47:41.0517 5396 b57nd60a - ok
08:47:41.0640 5396 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
08:47:41.0642 5396 Beep - ok
08:47:42.0022 5396 BHDrvx64 (82c695630676079f7ad68c85a5e662e5) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx64.sys
08:47:42.0037 5396 BHDrvx64 - ok
08:47:42.0215 5396 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
08:47:42.0227 5396 blbdrive - ok
08:47:42.0334 5396 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
08:47:42.0350 5396 bowser - ok
08:47:42.0442 5396 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
08:47:42.0449 5396 BrFiltLo - ok
08:47:42.0481 5396 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
08:47:42.0484 5396 BrFiltUp - ok
08:47:42.0670 5396 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
08:47:42.0693 5396 BridgeMP - ok
08:47:42.0819 5396 BrSerIb (6df544e72ff139e8fbbba6d0e569bea5) C:\windows\system32\DRIVERS\BrSerIb.sys
08:47:42.0854 5396 BrSerIb - ok
08:47:42.0959 5396 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
08:47:42.0969 5396 Brserid - ok
08:47:43.0188 5396 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
08:47:43.0198 5396 BrSerWdm - ok
08:47:43.0344 5396 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
08:47:43.0347 5396 BrUsbMdm - ok
08:47:43.0450 5396 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
08:47:43.0453 5396 BrUsbSer - ok
08:47:43.0597 5396 BrUsbSIb (80082ad46578f0d3270d2e56d6433082) C:\windows\system32\DRIVERS\BrUsbSIb.sys
08:47:43.0605 5396 BrUsbSIb - ok
08:47:43.0778 5396 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
08:47:43.0785 5396 BTHMODEM - ok
08:47:43.0894 5396 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
08:47:43.0898 5396 cdfs - ok
08:47:44.0004 5396 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
08:47:44.0008 5396 cdrom - ok
08:47:44.0122 5396 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
08:47:44.0136 5396 circlass - ok
08:47:44.0299 5396 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
08:47:44.0330 5396 CLFS - ok
08:47:44.0687 5396 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
08:47:44.0701 5396 CmBatt - ok
08:47:44.0889 5396 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
08:47:44.0891 5396 cmdide - ok
08:47:45.0043 5396 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys
08:47:45.0065 5396 CNG - ok
08:47:45.0149 5396 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
08:47:45.0150 5396 Compbatt - ok
08:47:45.0255 5396 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
08:47:45.0258 5396 CompositeBus - ok
08:47:45.0408 5396 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
08:47:45.0410 5396 crcdisk - ok
08:47:45.0556 5396 CSC (4a6173c2279b498cd8f57cae504564cb) C:\windows\system32\drivers\csc.sys
08:47:45.0594 5396 CSC - ok
08:47:45.0727 5396 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
08:47:45.0742 5396 DfsC - ok
08:47:45.0901 5396 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
08:47:45.0903 5396 discache - ok
08:47:46.0140 5396 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
08:47:46.0182 5396 Disk - ok
08:47:46.0404 5396 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
08:47:46.0423 5396 Dot4 - ok
08:47:46.0619 5396 Dot4Print (85135ad27e79b689335c08167d917cde) C:\windows\system32\DRIVERS\Dot4Prt.sys
08:47:46.0652 5396 Dot4Print - ok
08:47:46.0896 5396 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
08:47:46.0935 5396 dot4usb - ok
08:47:47.0128 5396 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
08:47:47.0148 5396 drmkaud - ok
08:47:47.0354 5396 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys
08:47:47.0378 5396 DXGKrnl - ok
08:47:48.0010 5396 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
08:47:48.0127 5396 ebdrv - ok
08:47:48.0250 5396 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:47:48.0272 5396 eeCtrl - ok
08:47:48.0433 5396 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
08:47:48.0490 5396 elxstor - ok
08:47:48.0734 5396 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:47:48.0737 5396 EraserUtilRebootDrv - ok
08:47:48.0917 5396 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
08:47:48.0931 5396 ErrDev - ok
08:47:49.0038 5396 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
08:47:49.0083 5396 exfat - ok
08:47:49.0298 5396 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
08:47:49.0308 5396 fastfat - ok
08:47:49.0641 5396 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
08:47:49.0669 5396 fdc - ok
08:47:49.0823 5396 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
08:47:49.0831 5396 FileInfo - ok
08:47:49.0976 5396 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
08:47:49.0985 5396 Filetrace - ok
08:47:50.0072 5396 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
08:47:50.0074 5396 flpydisk - ok
08:47:50.0265 5396 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
08:47:50.0287 5396 FltMgr - ok
08:47:50.0407 5396 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
08:47:50.0410 5396 FsDepends - ok
08:47:50.0496 5396 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
08:47:50.0498 5396 Fs_Rec - ok
08:47:50.0728 5396 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
08:47:50.0757 5396 fvevol - ok
08:47:50.0946 5396 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
08:47:50.0953 5396 FwLnk - ok
08:47:51.0162 5396 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
08:47:51.0167 5396 gagp30kx - ok
08:47:51.0283 5396 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
08:47:51.0285 5396 GEARAspiWDM - ok
08:47:51.0423 5396 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
08:47:51.0425 5396 hcw85cir - ok
08:47:51.0611 5396 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
08:47:51.0629 5396 HdAudAddService - ok
08:47:51.0827 5396 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
08:47:51.0835 5396 HDAudBus - ok
08:47:51.0970 5396 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
08:47:51.0973 5396 HECIx64 - ok
08:47:52.0060 5396 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
08:47:52.0075 5396 HidBatt - ok
08:47:52.0129 5396 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
08:47:52.0158 5396 HidBth - ok
08:47:52.0278 5396 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
08:47:52.0304 5396 HidIr - ok
08:47:52.0417 5396 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
08:47:52.0436 5396 HidUsb - ok
08:47:52.0562 5396 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
08:47:52.0582 5396 HpSAMD - ok
08:47:52.0684 5396 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
08:47:52.0717 5396 HTTP - ok
08:47:52.0879 5396 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
08:47:52.0881 5396 hwpolicy - ok
08:47:53.0001 5396 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
08:47:53.0005 5396 i8042prt - ok
08:47:53.0114 5396 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\windows\system32\DRIVERS\iaStor.sys
08:47:53.0121 5396 iaStor - ok
08:47:53.0232 5396 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
08:47:53.0255 5396 iaStorV - ok
08:47:53.0437 5396 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120106.002\IDSvia64.sys
08:47:53.0444 5396 IDSVia64 - ok
08:47:53.0975 5396 igfx (0372c154226f7074cd150f475a4870a6) C:\windows\system32\DRIVERS\igdkmd64.sys
08:47:54.0158 5396 igfx - ok
08:47:54.0254 5396 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
08:47:54.0257 5396 iirsp - ok
08:47:54.0357 5396 Impcd (36fdf367a1dabff903e2214023d71368) C:\windows\system32\DRIVERS\Impcd.sys
08:47:54.0375 5396 Impcd - ok
08:47:54.0717 5396 IntcAzAudAddService (450bec18b45bccfdc923e11f856dbda7) C:\windows\system32\drivers\RTKVHD64.sys
08:47:54.0740 5396 IntcAzAudAddService - ok
08:47:54.0844 5396 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\windows\system32\DRIVERS\IntcDAud.sys
08:47:54.0864 5396 IntcDAud - ok
08:47:54.0973 5396 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
08:47:54.0983 5396 intelide - ok
08:47:55.0064 5396 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
08:47:55.0066 5396 intelppm - ok
08:47:55.0205 5396 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:47:55.0223 5396 IpFilterDriver - ok
08:47:55.0326 5396 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
08:47:55.0330 5396 IPMIDRV - ok
08:47:55.0418 5396 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
08:47:55.0423 5396 IPNAT - ok
08:47:55.0521 5396 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
08:47:55.0524 5396 IRENUM - ok
08:47:55.0633 5396 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
08:47:55.0644 5396 isapnp - ok
08:47:55.0760 5396 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
08:47:55.0801 5396 iScsiPrt - ok
08:47:55.0957 5396 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
08:47:55.0983 5396 kbdclass - ok
08:47:56.0163 5396 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
08:47:56.0173 5396 kbdhid - ok
08:47:56.0343 5396 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys
08:47:56.0362 5396 KSecDD - ok
08:47:56.0448 5396 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys
08:47:56.0453 5396 KSecPkg - ok
08:47:56.0664 5396 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
08:47:56.0677 5396 ksthunk - ok
08:47:56.0891 5396 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
08:47:56.0905 5396 lltdio - ok
08:47:57.0155 5396 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
08:47:57.0165 5396 LSI_FC - ok
08:47:57.0272 5396 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
08:47:57.0291 5396 LSI_SAS - ok
08:47:57.0386 5396 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
08:47:57.0390 5396 LSI_SAS2 - ok
08:47:57.0625 5396 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
08:47:57.0638 5396 LSI_SCSI - ok
08:47:57.0795 5396 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
08:47:57.0816 5396 luafv - ok
08:47:57.0982 5396 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
08:47:58.0000 5396 megasas - ok
08:47:58.0201 5396 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
08:47:58.0222 5396 MegaSR - ok
08:47:58.0330 5396 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
08:47:58.0333 5396 Modem - ok
08:47:58.0421 5396 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
08:47:58.0422 5396 monitor - ok
08:47:58.0530 5396 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
08:47:58.0532 5396 mouclass - ok
08:47:58.0722 5396 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
08:47:58.0724 5396 mouhid - ok
08:47:58.0801 5396 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
08:47:58.0805 5396 mountmgr - ok
08:47:59.0057 5396 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
08:47:59.0103 5396 mpio - ok
08:47:59.0193 5396 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
08:47:59.0214 5396 mpsdrv - ok
08:47:59.0438 5396 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
08:47:59.0450 5396 MRxDAV - ok
08:47:59.0640 5396 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
08:47:59.0669 5396 mrxsmb - ok
08:47:59.0838 5396 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:47:59.0870 5396 mrxsmb10 - ok
08:48:00.0046 5396 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:48:00.0061 5396 mrxsmb20 - ok
08:48:00.0198 5396 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
08:48:00.0199 5396 msahci - ok
08:48:00.0416 5396 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
08:48:00.0421 5396 msdsm - ok
08:48:00.0570 5396 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
08:48:00.0575 5396 Msfs - ok
08:48:00.0729 5396 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
08:48:00.0737 5396 mshidkmdf - ok
08:48:00.0836 5396 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
08:48:00.0838 5396 msisadrv - ok
08:48:01.0006 5396 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
08:48:01.0020 5396 MSKSSRV - ok
08:48:01.0169 5396 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
08:48:01.0181 5396 MSPCLOCK - ok
08:48:01.0317 5396 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
08:48:01.0361 5396 MSPQM - ok
08:48:01.0461 5396 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
08:48:01.0484 5396 MsRPC - ok
08:48:01.0619 5396 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
08:48:01.0620 5396 mssmbios - ok
08:48:01.0767 5396 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
08:48:01.0776 5396 MSTEE - ok
08:48:01.0872 5396 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
08:48:01.0881 5396 MTConfig - ok
08:48:01.0958 5396 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
08:48:01.0961 5396 Mup - ok
08:48:02.0175 5396 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
08:48:02.0198 5396 NativeWifiP - ok
08:48:02.0408 5396 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120107.009\ENG64.SYS
08:48:02.0410 5396 NAVENG - ok
08:48:02.0892 5396 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120107.009\EX64.SYS
08:48:02.0914 5396 NAVEX15 - ok
08:48:03.0070 5396 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
08:48:03.0103 5396 NDIS - ok
08:48:03.0183 5396 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
08:48:03.0201 5396 NdisCap - ok
08:48:03.0360 5396 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
08:48:03.0369 5396 NdisTapi - ok
08:48:03.0540 5396 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
08:48:03.0546 5396 Ndisuio - ok
08:48:03.0669 5396 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
08:48:03.0680 5396 NdisWan - ok
08:48:03.0805 5396 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
08:48:03.0813 5396 NDProxy - ok
08:48:03.0916 5396 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
08:48:03.0919 5396 NetBIOS - ok
08:48:04.0095 5396 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
08:48:04.0102 5396 NetBT - ok
08:48:04.0219 5396 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
08:48:04.0223 5396 nfrd960 - ok
08:48:04.0462 5396 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
08:48:04.0465 5396 Npfs - ok
08:48:04.0556 5396 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
08:48:04.0558 5396 nsiproxy - ok
08:48:04.0818 5396 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
08:48:04.0874 5396 Ntfs - ok
08:48:05.0033 5396 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
08:48:05.0035 5396 Null - ok
08:48:05.0218 5396 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
08:48:05.0236 5396 nvraid - ok
08:48:05.0443 5396 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
08:48:05.0478 5396 nvstor - ok
08:48:05.0629 5396 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
08:48:05.0649 5396 nv_agp - ok
08:48:05.0812 5396 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
08:48:05.0817 5396 ohci1394 - ok
08:48:06.0129 5396 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
08:48:06.0137 5396 Parport - ok
08:48:06.0240 5396 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
08:48:06.0243 5396 partmgr - ok
08:48:06.0328 5396 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
08:48:06.0332 5396 pci - ok
08:48:06.0437 5396 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
08:48:06.0439 5396 pciide - ok
08:48:06.0528 5396 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
08:48:06.0541 5396 pcmcia - ok
08:48:06.0599 5396 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
08:48:06.0602 5396 pcw - ok
08:48:06.0912 5396 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
08:48:06.0958 5396 PEAUTH - ok
08:48:07.0097 5396 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
08:48:07.0121 5396 PGEffect - ok
08:48:07.0276 5396 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
08:48:07.0300 5396 PptpMiniport - ok
08:48:07.0390 5396 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
08:48:07.0393 5396 Processor - ok
08:48:07.0614 5396 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
08:48:07.0630 5396 Psched - ok
08:48:07.0980 5396 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
08:48:08.0048 5396 ql2300 - ok
08:48:08.0243 5396 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
08:48:08.0259 5396 ql40xx - ok
08:48:08.0387 5396 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
08:48:08.0396 5396 QWAVEdrv - ok
08:48:08.0491 5396 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
08:48:08.0494 5396 RasAcd - ok
08:48:08.0559 5396 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
08:48:08.0562 5396 RasAgileVpn - ok
08:48:08.0652 5396 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
08:48:08.0666 5396 Rasl2tp - ok
08:48:08.0839 5396 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
08:48:08.0868 5396 RasPppoe - ok
08:48:09.0060 5396 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
08:48:09.0064 5396 RasSstp - ok
08:48:09.0270 5396 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
08:48:09.0277 5396 rdbss - ok
08:48:09.0416 5396 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
08:48:09.0430 5396 rdpbus - ok
08:48:09.0522 5396 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
08:48:09.0525 5396 RDPCDD - ok
08:48:09.0610 5396 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\windows\system32\drivers\rdpdr.sys
08:48:09.0629 5396 RDPDR - ok
08:48:09.0759 5396 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
08:48:09.0783 5396 RDPENCDD - ok
08:48:10.0003 5396 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
08:48:10.0012 5396 RDPREFMP - ok
08:48:10.0181 5396 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
08:48:10.0208 5396 RDPWD - ok
08:48:10.0349 5396 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
08:48:10.0372 5396 rdyboost - ok
08:48:10.0525 5396 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
08:48:10.0538 5396 rspndr - ok
08:48:10.0699 5396 RSUSBSTOR (a48f861547fdd1d68201c9216acfe6dc) C:\windows\system32\Drivers\RtsUStor.sys
08:48:10.0706 5396 RSUSBSTOR - ok
08:48:10.0859 5396 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\windows\system32\DRIVERS\Rt64win7.sys
08:48:10.0865 5396 RTL8167 - ok
08:48:11.0004 5396 rtl8192se (a8ed9726734d403217a4861a6788b144) C:\windows\system32\DRIVERS\rtl8192se.sys
08:48:11.0043 5396 rtl8192se - ok
08:48:11.0165 5396 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\windows\system32\DRIVERS\vms3cap.sys
08:48:11.0177 5396 s3cap - ok
08:48:11.0342 5396 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
08:48:11.0360 5396 sbp2port - ok
08:48:11.0501 5396 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
08:48:11.0533 5396 scfilter - ok
08:48:11.0637 5396 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
08:48:11.0640 5396 secdrv - ok
08:48:11.0780 5396 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
08:48:11.0784 5396 Serenum - ok
08:48:11.0922 5396 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
08:48:11.0952 5396 Serial - ok
08:48:12.0091 5396 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
08:48:12.0095 5396 sermouse - ok
08:48:12.0234 5396 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
08:48:12.0249 5396 sffdisk - ok
08:48:12.0346 5396 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
08:48:12.0362 5396 sffp_mmc - ok
08:48:12.0441 5396 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
08:48:12.0463 5396 sffp_sd - ok
08:48:12.0604 5396 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
08:48:12.0606 5396 sfloppy - ok
08:48:12.0724 5396 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
08:48:12.0732 5396 SiSRaid2 - ok
08:48:12.0838 5396 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
08:48:12.0844 5396 SiSRaid4 - ok
08:48:13.0004 5396 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
08:48:13.0011 5396 Smb - ok
08:48:13.0265 5396 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
08:48:13.0268 5396 spldr - ok
08:48:13.0660 5396 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\windows\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS
08:48:13.0670 5396 SRTSP - ok
08:48:14.0118 5396 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\windows\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS
08:48:14.0143 5396 SRTSPX - ok
08:48:14.0403 5396 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
08:48:14.0448 5396 srv - ok
08:48:14.0681 5396 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
08:48:14.0710 5396 srv2 - ok
08:48:14.0890 5396 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
08:48:14.0918 5396 srvnet - ok
08:48:15.0110 5396 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
08:48:15.0137 5396 stexstor - ok
08:48:15.0360 5396 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\windows\system32\DRIVERS\vmstorfl.sys
08:48:15.0362 5396 storflt - ok
08:48:15.0460 5396 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\windows\system32\DRIVERS\storvsc.sys
08:48:15.0463 5396 storvsc - ok
08:48:15.0707 5396 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
08:48:15.0709 5396 swenum - ok
08:48:15.0892 5396 sxuptp (52eb25bd8ab4e331028c48b178441b36) C:\windows\system32\DRIVERS\sxuptp.sys
08:48:15.0909 5396 sxuptp - ok
08:48:16.0134 5396 SymDS (6160145c7a87fc7672e8e3b886888176) C:\windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS
08:48:16.0155 5396 SymDS - ok
08:48:16.0467 5396 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS
08:48:16.0505 5396 SymEFA - ok
08:48:16.0717 5396 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
08:48:16.0740 5396 SymEvent - ok
08:48:16.0954 5396 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS
08:48:16.0958 5396 SymIRON - ok
08:48:17.0182 5396 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\windows\System32\Drivers\N360x64\0501000.01D\SYMNETS.SYS
08:48:17.0186 5396 SymNetS - ok
08:48:17.0424 5396 SynTP (e28ca52ecf8cb6eb04b34de440ba260e) C:\windows\system32\DRIVERS\SynTP.sys
08:48:17.0429 5396 SynTP - ok
08:48:17.0944 5396 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys
08:48:18.0011 5396 Tcpip - ok
08:48:18.0399 5396 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys
08:48:18.0421 5396 TCPIP6 - ok
08:48:18.0526 5396 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
08:48:18.0545 5396 tcpipreg - ok
08:48:18.0658 5396 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
08:48:18.0673 5396 tdcmdpst - ok
08:48:18.0961 5396 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
08:48:18.0973 5396 TDPIPE - ok
08:48:19.0148 5396 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
08:48:19.0174 5396 TDTCP - ok
08:48:19.0301 5396 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
08:48:19.0330 5396 tdx - ok
08:48:19.0459 5396 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
08:48:19.0461 5396 TermDD - ok
08:48:19.0633 5396 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
08:48:19.0678 5396 tos_sps64 - ok
08:48:19.0890 5396 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
08:48:19.0905 5396 tssecsrv - ok
08:48:20.0115 5396 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
08:48:20.0130 5396 tunnel - ok
08:48:20.0376 5396 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:48:20.0378 5396 TVALZ - ok
08:48:20.0621 5396 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
08:48:20.0635 5396 uagp35 - ok
08:48:20.0870 5396 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
08:48:20.0892 5396 udfs - ok
08:48:21.0036 5396 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
08:48:21.0049 5396 uliagpkx - ok
08:48:21.0259 5396 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
08:48:21.0266 5396 umbus - ok
08:48:21.0354 5396 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
08:48:21.0357 5396 UmPass - ok
08:48:21.0569 5396 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
08:48:21.0581 5396 USBAAPL64 - ok
08:48:21.0699 5396 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\windows\system32\drivers\usbaudio.sys
08:48:21.0707 5396 usbaudio - ok
08:48:21.0777 5396 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\windows\system32\DRIVERS\usbccgp.sys
08:48:21.0794 5396 usbccgp - ok
08:48:21.0903 5396 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
08:48:21.0937 5396 usbcir - ok
08:48:22.0187 5396 usbehci (92969ba5ac44e229c55a332864f79677) C:\windows\system32\drivers\usbehci.sys
08:48:22.0208 5396 usbehci - ok
08:48:22.0368 5396 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\windows\system32\DRIVERS\usbhub.sys
08:48:22.0404 5396 usbhub - ok
08:48:22.0777 5396 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\windows\system32\drivers\usbohci.sys
08:48:22.0798 5396 usbohci - ok
08:48:22.0907 5396 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
08:48:22.0923 5396 usbprint - ok
08:48:23.0139 5396 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
08:48:23.0158 5396 usbscan - ok
08:48:23.0374 5396 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:48:23.0384 5396 USBSTOR - ok
08:48:23.0526 5396 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\windows\system32\drivers\usbuhci.sys
08:48:23.0537 5396 usbuhci - ok
08:48:23.0769 5396 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys
08:48:23.0787 5396 usbvideo - ok
08:48:23.0952 5396 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
08:48:23.0954 5396 vdrvroot - ok
08:48:24.0082 5396 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
08:48:24.0117 5396 vga - ok
08:48:24.0213 5396 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
08:48:24.0224 5396 VgaSave - ok
08:48:24.0466 5396 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
08:48:24.0472 5396 vhdmp - ok
08:48:24.0715 5396 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
08:48:24.0728 5396 viaide - ok
08:48:24.0903 5396 vmbus (1501699d7eda984abc4155a7da5738d1) C:\windows\system32\DRIVERS\vmbus.sys
08:48:24.0926 5396 vmbus - ok
08:48:25.0102 5396 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\windows\system32\DRIVERS\VMBusHID.sys
08:48:25.0117 5396 VMBusHID - ok
08:48:25.0283 5396 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
08:48:25.0313 5396 volmgr - ok
08:48:25.0404 5396 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
08:48:25.0416 5396 volmgrx - ok
08:48:25.0622 5396 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
08:48:25.0650 5396 volsnap - ok
08:48:25.0800 5396 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
08:48:25.0825 5396 vsmraid - ok
08:48:26.0043 5396 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
08:48:26.0053 5396 vwifibus - ok
08:48:26.0262 5396 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
08:48:26.0276 5396 vwififlt - ok
08:48:26.0445 5396 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
08:48:26.0448 5396 WacomPen - ok
08:48:26.0723 5396 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
08:48:26.0731 5396 WANARP - ok
08:48:26.0746 5396 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
08:48:26.0748 5396 Wanarpv6 - ok
08:48:27.0034 5396 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
08:48:27.0036 5396 Wd - ok
08:48:27.0291 5396 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
08:48:27.0325 5396 Wdf01000 - ok
08:48:27.0567 5396 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
08:48:27.0579 5396 WfpLwf - ok
08:48:27.0687 5396 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
08:48:27.0689 5396 WIMMount - ok
08:48:27.0985 5396 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
08:48:27.0991 5396 WmiAcpi - ok
08:48:28.0151 5396 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
08:48:28.0158 5396 ws2ifsl - ok
08:48:28.0403 5396 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
08:48:28.0407 5396 WudfPf - ok
08:48:28.0593 5396 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
08:48:28.0611 5396 WUDFRd - ok
08:48:28.0663 5396 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
08:48:28.0741 5396 \Device\Harddisk0\DR0 - ok
08:48:28.0771 5396 Boot (0x1200) (679e8d3ac775d9205b1f1ccbb5f90861) \Device\Harddisk0\DR0\Partition0
08:48:28.0794 5396 \Device\Harddisk0\DR0\Partition0 - ok
08:48:28.0795 5396 ============================================================
08:48:28.0795 5396 Scan finished
08:48:28.0795 5396 ============================================================
08:48:28.0814 2720 Detected object count: 0
08:48:28.0814 2720 Actual detected object count: 0

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:45 PM

Posted 08 January 2012 - 02:47 PM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:45 PM

Posted 10 January 2012 - 11:26 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Lilysdad0823

Lilysdad0823
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 11 January 2012 - 07:57 AM

Hi Gringo,

yes I still need help. Sorry for the delay. My wife dropped the laptop on the powercord and bent the AC jack inside the machine. I took it to a repair shop yesterday, and it's going to be 7-10 days to fix it because they've got to order the part. Please leave this topic open. As soon as I get the machine back, I'll post the scan results and continue. Again, I apologize for the delay, and appreciate your help.

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:45 PM

Posted 11 January 2012 - 08:58 AM

No problem and if it does get closed just send me a pm and I will be glad to reopen it


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:45 PM

Posted 02 February 2012 - 09:40 AM

Greetings

just checking in on you. How are things going?


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:45 PM

Posted 04 February 2012 - 11:31 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:45 PM

Posted 09 February 2012 - 11:58 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users