Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need some help...3 Different Trojans have Attacked my computer


  • Please log in to reply
19 replies to this topic

#1 catiballard

catiballard

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 27 December 2011 - 07:51 PM

Hi! I hope that Im posting this in the proper place. If for some reason Im in the wrong area, I appologize. Here is my issues.

My Norton keeps popping up that it is blocking threats. My Security History is showing 2 different trojans & 2 other items, and they can't be removed. They are as follows:

Trojan.Maljava

Trojan.Gen.2

w32.silly.fdc.bdp

1bbb.temp

Can some one please help & advise me on what to do to get rid of these issues so my laptop will be somewhat normal again.

Thank you for any help/advice you can give me!

~Cati~

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:27 PM

Posted 28 December 2011 - 11:22 AM

Trojan.Maljava is a detection name used by Symantec to identify malicious Java files that exploit vulnerabilities.

When a browser runs an applet, the Java Runtime Environment (JRE) stores the downloaded files into its cache folder for quick execution later and better performance. Both legitimate and malicious applets, malicious Java class files are stored in the Java cache directory and your anti-virus may detect them as threats. The detection can indicate the presence of malicious code which could attempt to exploit a vulnerability in the JRE. For more specific information about Java exploits, please refer to Virus found in the Java cache directory.

Notification of these files as a threat does not always mean that a machine has been infected; it indicates that a program included the viral class file but this does not mean that it used the malicious functionality. As a precaution, I recommend clearing the entire cache manually to ensure everything is cleaned out:If you want to perform a more thorough browser clean up, please refer to:
Also be aware that older versions of Java have vulnerabilities that malicious sites can use to exploit and infect your system. That's why it is important to always use the most current Java Version and remove outdated Java components.You can verify (test) your JAVA Software Installation & Version here.

Trojan.Gen.2 is a generic detection of potentially malicious code. Symantec recommends such detections be submitted (uploaded) to Symantec Security Response via this link to ensure they are not false-positives.

W32.SillyFDC.BDP is a worm that spreads through removable drives and downloads other files onto the compromised computer.


Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

Note: A 14-day trial of Malwarebytes Anti-Malware PRO is available as an option when first installing the free version so all users can test the real-time protection component for a period of two weeks. When the limited time period expires those features will be deactivated and locked. Enabling the Protection Module feature again requires registration and purchase of a license key that includes free lifetime upgrades and support. If you continue to use the free version, there is no requirement to buy a license...you can just use it as a stand-alone scanner.


Please download and scan with the Kaspersky Virus Removal Tool from one of the links provided below and save it to your desktop.
Link 1
Link 2
Link 3Be sure to print out and read the instructions provided in:How to Install Kaspersky Virus Removal Tool
How to use the Kaspersky Virus Removal Tool to automatically remove viruses
  • Double-click the setup file (i.e. setup_9.0.0.722_22.01.2010_10-04.exe), select your language and install the utility.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • At the 'Setup page', click Next, check the box to accept the license agreement and click Next twice more to extract the required files.
  • Setup may recommend to scan the computer in Safe Mode. Click Ok.
  • A window will open with a tab that says Autoscan. Click the green Start scan button on the Autoscan tab in the main window.
  • If malware is detected, you will see the Scan Alert screen.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • After the scan finishes, if any threats are left unneutralized in the Scan window (Red exclamation point), click the Neutralize all button.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • If advised that a special disinfection procedure is required which demands system reboot, click the Ok button to close the window.
  • In the Scan window click the Reports button, choose Critical events and select Save to save the results to a file (name it avptool.txt).
  • Copy and paste the report results of any threats detected. Do not include the longer list marked Events.
  • When finished, follow these instructions on How to uninstall Kaspersky Virus Removal Tool 2011.
-- If you cannot run this tool in normal mode, then try using it in "safe mode".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 catiballard

catiballard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 29 December 2011 - 10:31 AM

Thank you so much for you help. Here is the log file from the Malwarebytes scan:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2011.12.29.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Chuck :: D630-CPH [administrator]

12/28/2011 11:18:47 PM
mbam-log-2011-12-29 (09-47-41).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 283136
Time elapsed: 3 hour(s), 17 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Chuck\Local Settings\Temp\1CD7.tmp (Trojan.Dropper) -> No action taken.

(end)

#4 catiballard

catiballard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 29 December 2011 - 10:33 AM

Here is the log after I selected to remove the malware found by malwarebyte:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2011.12.29.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Chuck :: D630-CPH [administrator]

12/28/2011 11:18:47 PM
mbam-log-2011-12-28 (23-18-47).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 283136
Time elapsed: 3 hour(s), 17 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Chuck\Local Settings\Temp\1CD7.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.

(end)

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:27 PM

Posted 29 December 2011 - 10:41 AM

Did you do the scan with Kaspersky Virus Removal Tool?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 catiballard

catiballard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 29 December 2011 - 10:46 AM

That is the step Im doing at this moment. I will post as soon as it is complete. Thank you again for taking the time to help me. It is very much appreciated!

#7 TommyBoat

TommyBoat

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Woodlands Texas
  • Local time:06:27 PM

Posted 29 December 2011 - 11:05 AM

Run SPYBOT www.safer-networking.com

after you are done. :clapping:

Tom

#8 catiballard

catiballard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 29 December 2011 - 11:05 AM

Kaspersky is installed...detected threat

MEM:Rootkit.Win.32.TDSS.fc

Selected to disinfect & now it is saying disinfection failed and the only option I have now is to skip. Should I go on & skip?

#9 catiballard

catiballard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 29 December 2011 - 11:12 AM

Tommyboat: should I go on & select skip on the Kaspersky?

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:27 PM

Posted 29 December 2011 - 11:15 AM

Yes skip and do this.

Before doing anything further, if you have not already done so, you should back up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. If that occurs there may be no option but to reformat and reinstall the OS or perform a full system recovery. The safest practice is not to backup any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.


Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!
Be sure to print out and follow the instructions for performing a scan.
  • Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
  • Alternatively, you can download TDSSKiller.exe and use that instead.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If an update is available, TDSSKiller will prompt you to update and download the most current version. Click Load Update. Close TDSSKiller and start again.
  • When the program opens, click the Change parameters.

    Posted Image

  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image

  • Click the Start Scan button.

    Posted Image

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If 'Suspicious objects' are detected, the default action will be Skip. Leave the default set to Skip and click on Continue.
  • If Malicious objects are detected, they will show in the Scan results - Select action for found objects and offer three options.

    Posted Image

  • Ensure Cure is selected...then click Continue -> Reboot computer for cure completion.

    Posted Image

  • Important! -> If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else before beginning the download and saving to the computer or to perform the scan in "safe mode".

-- For any files detected as 'Suspicious' (except those identified as Forged or infected to be cured after reboot) get a second opinion by submitting to Jotti's virusscan or VirusTotal. In the "File to Scan" (Upload or Submit) box, browse to the location of the suspicious file(s) and submit (upload) it for scanning/analysis. If you get a message saying "File has already been analyzed", click Reanalyze or Scan again.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:27 PM

Posted 29 December 2011 - 11:18 AM

FYI: mvps.org is no longer recommending Spybot S&D or Ad-Aware due to poor testing results. See here - (scroll down and read under Freeware Antispyware Products). Further, most people don't understand how to use Spybot's TeaTimer and that feature can cause more problems than it's worth. TeaTimer monitors changes to certain critical keys in Windows registry but does not indicate if the change is normal or a modification made by a malware infection. The user must have an understanding of the registry and how TeaTimer works in order to make informed decisions to allow or deny the detected changes. If you don't have understanding how a particular security tool works, then you probably should not be using it. Additionally, TeaTimer may conflict with other security tools which do a much better job of protecting your computer and in some cases it will even prevent disinfection of malware by those tools.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 catiballard

catiballard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 29 December 2011 - 11:24 AM

Thank you! Working on it now

#13 TommyBoat

TommyBoat

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Woodlands Texas
  • Local time:06:27 PM

Posted 29 December 2011 - 11:51 AM

On the Contrary... Spybot will and shall catch many things
that Norton, Symantec, AVG, Avast, Kaspersky and Malwarebytes
never catch.

Do not worry about the teatimer nor be concerned with it in this session.

www.safer-networking.org is the site to download SPYBOT.

I would do these steps first:
______________________________________________________________________________
1) Backup your photos, *.doc, *.xls, *.jpg files and your Outlook
emails. Go into Outlook to see how to backup your Outlook emails. If you
are not a user of Outlook, ignore this step.


2) Boot PC in safe mode. Go into Control Panel and remove ANY
toolbars like coupon toolbars, ASK.com, Yahoo, Google, Target, NYTimes etc etc.


Remove ANY unwanted GAMES.
Remove ANYTHING from ASK.COM


3) Reboot PC, start windows normally.

4) DISABLE whatever ANTI-VIRUS you have running on your PC.
It will cause problems in the removal process.

5) Run your specific removal tool. Available at Kaspersky(gasp- hate them)
Norton-Symantec(better) never use AVG anti-virus (ever) free or paid for.

6) Reboot PC, start windows normally.

7) Run MALWAREBYTES and download the link from this search ONLY! :angry:

>>>> Google.com "bleepingcomputer malwarebytes" <<<<

DO NOT GO ANYWHERE ELSE to get it.

8) Download SPYBOT from safer-networking.org site. Run its updates including
the tea timer.

9) Run SPYBOT 3 times! It will take about 3 hours depending on the speed of
your Rig...(PC). ASK Spybot to fix and remove the problems.

10) Remove SPYBOT from your computer...(Control Panel, add/remove programs)

Spybot, despite its bad press, is a fine fine tool to remove Malware, Trojans,
and extra things that other programs tend to MISS.

I USE IT IN MY BUSINESS of repairing and tuning up computers. Amongst other tools
and techniques.

11) RE ENABLE your ANTI-VIRUS program. Norton, Symantec, McAfee, Avast

12) Do not use AVG or Kaspersky anti-virus programs if you wish to have
a smooth running PC. Do not use experimental or free anti-virus programs
ever. Industry recognized anti-virus programs from known companies
are the best way to protect your PC. However, they may not stop all instances
of Trojan and Virus infestation. A good regular PC tune-up from a reputable
computer technician (not a gamer or a back-yard techie) in business with a
city-business-license is a BEST PRACTICE.

13) Update your Security Patches with www.windowsupdate.microsoft.com
14) In Control Panel, remove old versions of JAVA
15) In Control Panel, remove old versions of ADOBE tools
16) reboot
17) Go to www.JAVA.com and add the latest version of JAVA
18) Go to ADOBE.com and download the lastest versions of Flash, Reader,
and Shockwave.
19) Reboot
20) Never have any extra toolbars unless its from Norton/Symantec/McAfee
21) Regularly clear cookies

Let me know how you make out

#14 catiballard

catiballard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 29 December 2011 - 11:51 AM

Here is the log from the tdsskiller. It found two supicious files and I chose the skip action as you indicated. Let me know what I need to do next. Thank you!






11:43:47.0500 5752 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
11:43:49.0515 5752 ============================================================
11:43:49.0515 5752 Current date / time: 2011/12/29 11:43:49.0515
11:43:49.0515 5752 SystemInfo:
11:43:49.0515 5752
11:43:49.0515 5752 OS Version: 5.1.2600 ServicePack: 3.0
11:43:49.0515 5752 Product type: Workstation
11:43:49.0515 5752 ComputerName: D630-CPH
11:43:49.0515 5752 UserName: Chuck
11:43:49.0515 5752 Windows directory: C:\WINDOWS
11:43:49.0515 5752 System windows directory: C:\WINDOWS
11:43:49.0515 5752 Processor architecture: Intel x86
11:43:49.0515 5752 Number of processors: 2
11:43:49.0515 5752 Page size: 0x1000
11:43:49.0515 5752 Boot type: Normal boot
11:43:49.0515 5752 ============================================================
11:43:51.0390 5752 Initialize success
11:43:54.0796 5808 ============================================================
11:43:54.0796 5808 Scan started
11:43:54.0796 5808 Mode: Manual;
11:43:54.0796 5808 ============================================================
11:43:56.0000 5808 Abiosdsk - ok
11:43:56.0015 5808 abp480n5 - ok
11:43:56.0078 5808 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:43:56.0093 5808 ACPI - ok
11:43:56.0125 5808 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:43:56.0125 5808 ACPIEC - ok
11:43:56.0140 5808 adpu160m - ok
11:43:56.0203 5808 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:43:56.0203 5808 aec - ok
11:43:56.0250 5808 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
11:43:56.0265 5808 AFD - ok
11:43:56.0359 5808 Aha154x - ok
11:43:56.0375 5808 aic78u2 - ok
11:43:56.0390 5808 aic78xx - ok
11:43:56.0421 5808 AliIde - ok
11:43:56.0437 5808 amsint - ok
11:43:56.0500 5808 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:43:56.0500 5808 ApfiltrService - ok
11:43:56.0546 5808 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
11:43:56.0546 5808 APPDRV - ok
11:43:56.0578 5808 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:43:56.0578 5808 Arp1394 - ok
11:43:56.0593 5808 asc - ok
11:43:56.0609 5808 asc3350p - ok
11:43:56.0625 5808 asc3550 - ok
11:43:56.0671 5808 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:43:56.0671 5808 AsyncMac - ok
11:43:56.0781 5808 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:43:56.0781 5808 atapi - ok
11:43:56.0796 5808 Atdisk - ok
11:43:56.0828 5808 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:43:56.0828 5808 Atmarpc - ok
11:43:56.0875 5808 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:43:56.0875 5808 audstub - ok
11:43:56.0906 5808 b57w2k (452649bd89ce0775cf3e25ec2a5b348d) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
11:43:56.0906 5808 b57w2k - ok
11:43:57.0062 5808 BCM43XX (345d38f298368dd6b0df5c4f37457a22) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
11:43:57.0125 5808 BCM43XX - ok
11:43:57.0250 5808 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:43:57.0250 5808 Beep - ok
11:43:57.0468 5808 BHDrvx86 (9d14d76e4e7b9b2ead17149011db2b11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
11:43:57.0484 5808 BHDrvx86 - ok
11:43:57.0625 5808 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:43:57.0625 5808 cbidf2k - ok
11:43:57.0656 5808 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:43:57.0656 5808 CCDECODE - ok
11:43:57.0750 5808 ccHP (1fa1c0e73eca849bed29a47c508f7f17) C:\WINDOWS\system32\drivers\NIS\1109000.00C\ccHPx86.sys
11:43:57.0765 5808 ccHP - ok
11:43:57.0859 5808 cd20xrnt - ok
11:43:57.0906 5808 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:43:57.0906 5808 Cdaudio - ok
11:43:57.0968 5808 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:43:57.0968 5808 Cdfs - ok
11:43:58.0015 5808 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:43:58.0015 5808 Cdrom - ok
11:43:58.0031 5808 Changer - ok
11:43:58.0062 5808 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:43:58.0062 5808 CmBatt - ok
11:43:58.0078 5808 CmdIde - ok
11:43:58.0109 5808 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:43:58.0109 5808 Compbatt - ok
11:43:58.0140 5808 Cpqarray - ok
11:43:58.0156 5808 dac2w2k - ok
11:43:58.0171 5808 dac960nt - ok
11:43:58.0203 5808 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:43:58.0203 5808 Disk - ok
11:43:58.0281 5808 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:43:58.0296 5808 dmboot - ok
11:43:58.0421 5808 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:43:58.0421 5808 dmio - ok
11:43:58.0453 5808 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:43:58.0453 5808 dmload - ok
11:43:58.0484 5808 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:43:58.0484 5808 DMusic - ok
11:43:58.0515 5808 dpti2o - ok
11:43:58.0531 5808 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:43:58.0531 5808 drmkaud - ok
11:43:58.0656 5808 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:43:58.0671 5808 eeCtrl - ok
11:43:58.0703 5808 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:43:58.0703 5808 EraserUtilRebootDrv - ok
11:43:58.0859 5808 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:43:58.0859 5808 Fastfat - ok
11:43:58.0921 5808 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:43:58.0921 5808 Fdc - ok
11:43:58.0968 5808 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:43:58.0968 5808 Fips - ok
11:43:58.0984 5808 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:43:58.0984 5808 Flpydisk - ok
11:43:59.0015 5808 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:43:59.0031 5808 FltMgr - ok
11:43:59.0046 5808 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:43:59.0046 5808 Fs_Rec - ok
11:43:59.0062 5808 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:43:59.0078 5808 Ftdisk - ok
11:43:59.0125 5808 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:43:59.0125 5808 GEARAspiWDM - ok
11:43:59.0171 5808 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:43:59.0171 5808 Gpc - ok
11:43:59.0296 5808 guardian2 (c0bdab85f3e8b2138c513255e2bcc4d8) C:\WINDOWS\system32\Drivers\oz776.sys
11:43:59.0312 5808 guardian2 - ok
11:43:59.0375 5808 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:43:59.0375 5808 HDAudBus - ok
11:43:59.0437 5808 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:43:59.0437 5808 HidUsb - ok
11:43:59.0453 5808 hpn - ok
11:43:59.0515 5808 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:43:59.0515 5808 HPZid412 - ok
11:43:59.0546 5808 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:43:59.0546 5808 HPZius12 - ok
11:43:59.0593 5808 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
11:43:59.0593 5808 HSFHWAZL - ok
11:43:59.0734 5808 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
11:43:59.0765 5808 HSF_DPV - ok
11:43:59.0828 5808 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:43:59.0828 5808 HTTP - ok
11:43:59.0843 5808 i2omgmt - ok
11:43:59.0875 5808 i2omp - ok
11:43:59.0921 5808 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:43:59.0921 5808 i8042prt - ok
11:44:00.0312 5808 ialm (37eb2dc75d8f6451ae55071610dc24e1) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:44:00.0562 5808 ialm - ok
11:44:00.0765 5808 IDSxpx86 (e72d3894d42355e9cd5fd77e1e4fea11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20111228.001\IDSxpx86.sys
11:44:00.0781 5808 IDSxpx86 - ok
11:44:00.0953 5808 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:44:00.0953 5808 Imapi - ok
11:44:01.0218 5808 ini910u - ok
11:44:01.0265 5808 IntelIde - ok
11:44:01.0421 5808 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:44:01.0437 5808 intelppm - ok
11:44:01.0625 5808 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:44:01.0625 5808 Ip6Fw - ok
11:44:01.0656 5808 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:44:01.0656 5808 IpFilterDriver - ok
11:44:01.0687 5808 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:44:01.0687 5808 IpInIp - ok
11:44:01.0781 5808 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:44:01.0781 5808 IpNat - ok
11:44:01.0859 5808 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:44:01.0859 5808 IPSec - ok
11:44:01.0890 5808 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:44:01.0890 5808 IRENUM - ok
11:44:01.0937 5808 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:44:01.0937 5808 isapnp - ok
11:44:02.0000 5808 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:44:02.0000 5808 Kbdclass - ok
11:44:02.0046 5808 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:44:02.0046 5808 kbdhid - ok
11:44:02.0390 5808 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:44:02.0390 5808 kmixer - ok
11:44:02.0468 5808 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:44:02.0484 5808 KSecDD - ok
11:44:02.0515 5808 lbrtfdc - ok
11:44:02.0593 5808 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:44:02.0593 5808 mdmxsdk - ok
11:44:02.0640 5808 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:44:02.0640 5808 mnmdd - ok
11:44:02.0687 5808 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:44:02.0687 5808 Modem - ok
11:44:02.0781 5808 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:44:02.0781 5808 Mouclass - ok
11:44:02.0843 5808 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:44:02.0843 5808 mouhid - ok
11:44:02.0890 5808 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:44:02.0890 5808 MountMgr - ok
11:44:02.0906 5808 mraid35x - ok
11:44:02.0921 5808 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:44:02.0921 5808 MRxDAV - ok
11:44:02.0984 5808 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:44:03.0000 5808 MRxSmb - ok
11:44:03.0062 5808 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:44:03.0078 5808 Msfs - ok
11:44:03.0093 5808 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:44:03.0093 5808 MSKSSRV - ok
11:44:03.0125 5808 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:44:03.0140 5808 MSPCLOCK - ok
11:44:03.0203 5808 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:44:03.0218 5808 MSPQM - ok
11:44:03.0250 5808 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:44:03.0265 5808 mssmbios - ok
11:44:03.0312 5808 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:44:03.0312 5808 MSTEE - ok
11:44:03.0359 5808 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:44:03.0359 5808 Mup - ok
11:44:03.0437 5808 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:44:03.0453 5808 NABTSFEC - ok
11:44:03.0609 5808 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20111228.039\NAVENG.SYS
11:44:03.0609 5808 NAVENG - ok
11:44:03.0703 5808 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20111228.039\NAVEX15.SYS
11:44:03.0750 5808 NAVEX15 - ok
11:44:03.0875 5808 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:44:03.0890 5808 NDIS - ok
11:44:03.0937 5808 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:44:03.0937 5808 NdisIP - ok
11:44:03.0984 5808 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:44:03.0984 5808 NdisTapi - ok
11:44:04.0031 5808 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:44:04.0046 5808 Ndisuio - ok
11:44:04.0062 5808 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:44:04.0062 5808 NdisWan - ok
11:44:04.0109 5808 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:44:04.0125 5808 NDProxy - ok
11:44:04.0156 5808 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:44:04.0156 5808 NetBIOS - ok
11:44:04.0296 5808 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:44:04.0296 5808 NetBT - ok
11:44:04.0546 5808 NETw5x32 (91f027c242d3ff6e5c09f92a0518297f) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
11:44:04.0718 5808 NETw5x32 - ok
11:44:04.0843 5808 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:44:04.0843 5808 NIC1394 - ok
11:44:04.0890 5808 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:44:04.0890 5808 Npfs - ok
11:44:04.0953 5808 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:44:04.0968 5808 Ntfs - ok
11:44:05.0000 5808 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:44:05.0000 5808 Null - ok
11:44:05.0296 5808 nv (96601379e76522e144a795629fd3e2db) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:44:05.0546 5808 nv - ok
11:44:05.0687 5808 NvtSp50 (dfbbb46e406d6cd7bcb58af493ba80f8) C:\WINDOWS\system32\DRIVERS\NvtSp50.sys
11:44:05.0687 5808 NvtSp50 - ok
11:44:05.0718 5808 NWADI (2f49369ddcc5ca3cdcd944b637efacad) C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
11:44:05.0718 5808 NWADI - ok
11:44:05.0750 5808 NWDellModem (c4ec827bc90f5f4fa8e772b254ce1b6c) C:\WINDOWS\system32\DRIVERS\nwdelmdm.sys
11:44:05.0765 5808 NWDellModem - ok
11:44:05.0781 5808 NWDellPort (c4ec827bc90f5f4fa8e772b254ce1b6c) C:\WINDOWS\system32\DRIVERS\nwdelser.sys
11:44:05.0781 5808 NWDellPort - ok
11:44:05.0812 5808 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:44:05.0812 5808 NwlnkFlt - ok
11:44:05.0843 5808 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:44:05.0843 5808 NwlnkFwd - ok
11:44:05.0890 5808 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:44:05.0890 5808 ohci1394 - ok
11:44:05.0937 5808 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
11:44:05.0937 5808 Parport - ok
11:44:06.0046 5808 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:44:06.0046 5808 PartMgr - ok
11:44:06.0078 5808 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:44:06.0078 5808 ParVdm - ok
11:44:06.0093 5808 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
11:44:06.0093 5808 PBADRV - ok
11:44:06.0109 5808 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:44:06.0125 5808 PCI - ok
11:44:06.0125 5808 PCIDump - ok
11:44:06.0156 5808 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:44:06.0156 5808 PCIIde - ok
11:44:06.0171 5808 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:44:06.0171 5808 Pcmcia - ok
11:44:06.0187 5808 PDCOMP - ok
11:44:06.0203 5808 PDFRAME - ok
11:44:06.0218 5808 PDRELI - ok
11:44:06.0234 5808 PDRFRAME - ok
11:44:06.0250 5808 perc2 - ok
11:44:06.0265 5808 perc2hib - ok
11:44:06.0328 5808 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:44:06.0328 5808 PptpMiniport - ok
11:44:06.0343 5808 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:44:06.0359 5808 PSched - ok
11:44:06.0375 5808 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:44:06.0375 5808 Ptilink - ok
11:44:06.0390 5808 ql1080 - ok
11:44:06.0406 5808 Ql10wnt - ok
11:44:06.0421 5808 ql12160 - ok
11:44:06.0437 5808 ql1240 - ok
11:44:06.0453 5808 ql1280 - ok
11:44:06.0484 5808 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:44:06.0484 5808 RasAcd - ok
11:44:06.0500 5808 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:44:06.0515 5808 Rasl2tp - ok
11:44:06.0531 5808 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:44:06.0531 5808 RasPppoe - ok
11:44:06.0546 5808 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:44:06.0546 5808 Raspti - ok
11:44:06.0578 5808 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:44:06.0593 5808 Rdbss - ok
11:44:06.0734 5808 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:44:06.0734 5808 RDPCDD - ok
11:44:07.0031 5808 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:44:07.0109 5808 rdpdr - ok
11:44:07.0328 5808 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:44:07.0343 5808 RDPWD - ok
11:44:07.0390 5808 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:44:07.0390 5808 redbook - ok
11:44:07.0562 5808 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:44:07.0562 5808 Secdrv - ok
11:44:07.0640 5808 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:44:07.0656 5808 serenum - ok
11:44:07.0687 5808 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:44:07.0687 5808 Serial - ok
11:44:07.0765 5808 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:44:07.0765 5808 Sfloppy - ok
11:44:07.0812 5808 Simbad - ok
11:44:07.0875 5808 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:44:07.0875 5808 SLIP - ok
11:44:07.0890 5808 Sparrow - ok
11:44:07.0953 5808 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:44:07.0953 5808 splitter - ok
11:44:08.0031 5808 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:44:08.0031 5808 sr - ok
11:44:08.0484 5808 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\WINDOWS\System32\Drivers\NIS\1109000.00C\SRTSP.SYS
11:44:08.0500 5808 SRTSP - ok
11:44:08.0578 5808 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\WINDOWS\system32\drivers\NIS\1109000.00C\SRTSPX.SYS
11:44:08.0578 5808 SRTSPX - ok
11:44:08.0671 5808 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:44:08.0703 5808 Srv - ok
11:44:08.0890 5808 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
11:44:09.0015 5808 STHDA - ok
11:44:09.0312 5808 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
11:44:09.0312 5808 StillCam - ok
11:44:09.0359 5808 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:44:09.0359 5808 streamip - ok
11:44:09.0437 5808 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:44:09.0437 5808 swenum - ok
11:44:09.0500 5808 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:44:09.0500 5808 swmidi - ok
11:44:09.0531 5808 symc810 - ok
11:44:09.0546 5808 symc8xx - ok
11:44:09.0625 5808 SymDS (56890bf9d9204b93042089d4b45ae671) C:\WINDOWS\system32\drivers\NIS\1109000.00C\SYMDS.SYS
11:44:09.0640 5808 SymDS - ok
11:44:09.0687 5808 SymEFA (10ba64273feff4df0a7ccb0ff3b9b26b) C:\WINDOWS\system32\drivers\NIS\1109000.00C\SYMEFA.SYS
11:44:09.0687 5808 SymEFA - ok
11:44:09.0765 5808 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
11:44:09.0765 5808 SymEvent - ok
11:44:09.0859 5808 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\WINDOWS\system32\drivers\NIS\1109000.00C\Ironx86.SYS
11:44:09.0859 5808 SymIRON - ok
11:44:09.0906 5808 SYMTDI (be6de8fbf2df9f13a90b8b6e943871b7) C:\WINDOWS\System32\Drivers\NIS\1109000.00C\SYMTDI.SYS
11:44:09.0921 5808 SYMTDI - ok
11:44:09.0953 5808 sym_hi - ok
11:44:09.0968 5808 sym_u3 - ok
11:44:10.0015 5808 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:44:10.0031 5808 sysaudio - ok
11:44:10.0109 5808 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:44:10.0125 5808 Tcpip - ok
11:44:10.0187 5808 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:44:10.0203 5808 TDPIPE - ok
11:44:10.0234 5808 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:44:10.0234 5808 TDTCP - ok
11:44:10.0296 5808 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:44:10.0296 5808 TermDD - ok
11:44:10.0328 5808 TosIde - ok
11:44:10.0375 5808 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:44:10.0375 5808 Udfs - ok
11:44:10.0421 5808 ultra - ok
11:44:10.0453 5808 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:44:10.0468 5808 Update - ok
11:44:10.0500 5808 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:44:10.0515 5808 USBAAPL - ok
11:44:10.0546 5808 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
11:44:10.0546 5808 usbaudio - ok
11:44:10.0625 5808 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:44:10.0625 5808 usbccgp - ok
11:44:10.0687 5808 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:44:10.0687 5808 usbehci - ok
11:44:10.0734 5808 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:44:10.0750 5808 usbhub - ok
11:44:10.0796 5808 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:44:10.0796 5808 usbprint - ok
11:44:10.0875 5808 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:44:10.0875 5808 usbscan - ok
11:44:10.0921 5808 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:44:10.0921 5808 USBSTOR - ok
11:44:10.0953 5808 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:44:10.0968 5808 usbuhci - ok
11:44:11.0015 5808 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
11:44:11.0015 5808 usbvideo - ok
11:44:11.0093 5808 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:44:11.0093 5808 VgaSave - ok
11:44:11.0140 5808 ViaIde - ok
11:44:11.0187 5808 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:44:11.0203 5808 VolSnap - ok
11:44:11.0234 5808 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:44:11.0234 5808 Wanarp - ok
11:44:11.0265 5808 WavxDMgr (dee09de5c10b329567b17e879fa8c4bd) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
11:44:11.0281 5808 WavxDMgr - ok
11:44:11.0343 5808 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:44:11.0359 5808 Wdf01000 - ok
11:44:11.0421 5808 WDICA - ok
11:44:11.0484 5808 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:44:11.0484 5808 wdmaud - ok
11:44:11.0578 5808 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:44:11.0593 5808 winachsf - ok
11:44:11.0750 5808 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:44:11.0750 5808 WmiAcpi - ok
11:44:11.0843 5808 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:44:11.0843 5808 WSTCODEC - ok
11:44:11.0921 5808 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:44:12.0140 5808 \Device\Harddisk0\DR0 - ok
11:44:12.0140 5808 Boot (0x1200) (1fc9e201f7a3d63edd93a6bb5de7eee6) \Device\Harddisk0\DR0\Partition0
11:44:12.0140 5808 \Device\Harddisk0\DR0\Partition0 - ok
11:44:12.0140 5808 ============================================================
11:44:12.0140 5808 Scan finished
11:44:12.0140 5808 ============================================================
11:44:12.0156 6044 Detected object count: 0
11:44:12.0156 6044 Actual detected object count: 0
11:44:54.0531 4072 ============================================================
11:44:54.0531 4072 Scan started
11:44:54.0531 4072 Mode: Manual; SigCheck; TDLFS;
11:44:54.0531 4072 ============================================================
11:44:55.0125 4072 Abiosdsk - ok
11:44:55.0140 4072 abp480n5 - ok
11:44:55.0187 4072 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:44:55.0875 4072 ACPI - ok
11:44:55.0984 4072 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:44:56.0218 4072 ACPIEC - ok
11:44:56.0234 4072 adpu160m - ok
11:44:56.0281 4072 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:44:56.0546 4072 aec - ok
11:44:56.0609 4072 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
11:44:56.0718 4072 AFD - ok
11:44:56.0796 4072 Aha154x - ok
11:44:56.0812 4072 aic78u2 - ok
11:44:56.0828 4072 aic78xx - ok
11:44:56.0843 4072 AliIde - ok
11:44:56.0859 4072 amsint - ok
11:44:56.0921 4072 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:44:56.0968 4072 ApfiltrService - ok
11:44:57.0015 4072 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
11:44:57.0062 4072 APPDRV ( UnsignedFile.Multi.Generic ) - warning
11:44:57.0062 4072 APPDRV - detected UnsignedFile.Multi.Generic (1)
11:44:57.0156 4072 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:44:57.0406 4072 Arp1394 - ok
11:44:57.0406 4072 asc - ok
11:44:57.0421 4072 asc3350p - ok
11:44:57.0437 4072 asc3550 - ok
11:44:57.0500 4072 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:44:57.0656 4072 AsyncMac - ok
11:44:57.0750 4072 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:44:57.0968 4072 atapi - ok
11:44:58.0046 4072 Atdisk - ok
11:44:58.0093 4072 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:44:58.0281 4072 Atmarpc - ok
11:44:58.0328 4072 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:44:58.0531 4072 audstub - ok
11:44:58.0562 4072 b57w2k (452649bd89ce0775cf3e25ec2a5b348d) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
11:44:58.0812 4072 b57w2k - ok
11:44:59.0015 4072 BCM43XX (345d38f298368dd6b0df5c4f37457a22) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
11:44:59.0156 4072 BCM43XX - ok
11:44:59.0281 4072 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:44:59.0515 4072 Beep - ok
11:45:00.0234 4072 BHDrvx86 (9d14d76e4e7b9b2ead17149011db2b11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
11:45:15.0546 4072 BHDrvx86 - ok
11:45:15.0687 4072 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:45:15.0921 4072 cbidf2k - ok
11:45:16.0000 4072 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:45:16.0156 4072 CCDECODE - ok
11:45:16.0234 4072 ccHP (1fa1c0e73eca849bed29a47c508f7f17) C:\WINDOWS\system32\drivers\NIS\1109000.00C\ccHPx86.sys
11:45:16.0296 4072 ccHP - ok
11:45:16.0390 4072 cd20xrnt - ok
11:45:16.0437 4072 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:45:16.0625 4072 Cdaudio - ok
11:45:16.0703 4072 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:45:16.0859 4072 Cdfs - ok
11:45:16.0875 4072 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:45:17.0140 4072 Cdrom - ok
11:45:17.0234 4072 Changer - ok
11:45:17.0296 4072 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:45:17.0531 4072 CmBatt - ok
11:45:17.0546 4072 CmdIde - ok
11:45:17.0578 4072 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:45:17.0781 4072 Compbatt - ok
11:45:17.0796 4072 Cpqarray - ok
11:45:17.0812 4072 dac2w2k - ok
11:45:17.0828 4072 dac960nt - ok
11:45:17.0843 4072 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:45:18.0000 4072 Disk - ok
11:45:18.0046 4072 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:45:18.0203 4072 dmboot - ok
11:45:18.0328 4072 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:45:18.0484 4072 dmio - ok
11:45:18.0515 4072 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:45:18.0687 4072 dmload - ok
11:45:18.0718 4072 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:45:18.0890 4072 DMusic - ok
11:45:18.0906 4072 dpti2o - ok
11:45:18.0921 4072 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:45:19.0062 4072 drmkaud - ok
11:45:19.0171 4072 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:45:19.0234 4072 eeCtrl - ok
11:45:19.0265 4072 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:45:19.0328 4072 EraserUtilRebootDrv - ok
11:45:19.0468 4072 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:45:19.0750 4072 Fastfat - ok
11:45:19.0796 4072 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:45:20.0046 4072 Fdc - ok
11:45:20.0187 4072 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:45:20.0437 4072 Fips - ok
11:45:20.0453 4072 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:45:20.0734 4072 Flpydisk - ok
11:45:20.0765 4072 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:45:20.0890 4072 FltMgr - ok
11:45:20.0906 4072 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:45:21.0062 4072 Fs_Rec - ok
11:45:21.0078 4072 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:45:21.0234 4072 Ftdisk - ok
11:45:21.0265 4072 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:45:21.0296 4072 GEARAspiWDM - ok
11:45:21.0421 4072 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:45:21.0578 4072 Gpc - ok
11:45:21.0625 4072 guardian2 (c0bdab85f3e8b2138c513255e2bcc4d8) C:\WINDOWS\system32\Drivers\oz776.sys
11:45:21.0656 4072 guardian2 - ok
11:45:21.0687 4072 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:45:21.0859 4072 HDAudBus - ok
11:45:21.0890 4072 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:45:22.0062 4072 HidUsb - ok
11:45:22.0062 4072 hpn - ok
11:45:22.0109 4072 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:45:22.0171 4072 HPZid412 - ok
11:45:22.0281 4072 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:45:22.0343 4072 HPZius12 - ok
11:45:22.0406 4072 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
11:45:22.0437 4072 HSFHWAZL - ok
11:45:22.0484 4072 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
11:45:22.0578 4072 HSF_DPV - ok
11:45:22.0703 4072 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:45:22.0765 4072 HTTP - ok
11:45:22.0781 4072 i2omgmt - ok
11:45:22.0796 4072 i2omp - ok
11:45:22.0859 4072 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:45:23.0062 4072 i8042prt - ok
11:45:23.0312 4072 ialm (37eb2dc75d8f6451ae55071610dc24e1) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:45:23.0578 4072 ialm - ok
11:45:23.0765 4072 IDSxpx86 (e72d3894d42355e9cd5fd77e1e4fea11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20111228.001\IDSxpx86.sys
11:45:23.0843 4072 IDSxpx86 - ok
11:45:23.0968 4072 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:45:24.0203 4072 Imapi - ok
11:45:24.0234 4072 ini910u - ok
11:45:24.0250 4072 IntelIde - ok
11:45:24.0296 4072 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:45:24.0453 4072 intelppm - ok
11:45:24.0484 4072 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:45:24.0640 4072 Ip6Fw - ok
11:45:24.0656 4072 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:45:24.0796 4072 IpFilterDriver - ok
11:45:24.0875 4072 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:45:25.0031 4072 IpInIp - ok
11:45:25.0187 4072 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:45:25.0453 4072 IpNat - ok
11:45:25.0484 4072 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:45:25.0703 4072 IPSec - ok
11:45:25.0812 4072 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:45:25.0921 4072 IRENUM - ok
11:45:25.0953 4072 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:45:26.0109 4072 isapnp - ok
11:45:26.0187 4072 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:45:26.0437 4072 Kbdclass - ok
11:45:26.0593 4072 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:45:26.0718 4072 kbdhid - ok
11:45:26.0843 4072 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:45:27.0000 4072 kmixer - ok
11:45:27.0093 4072 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:45:27.0171 4072 KSecDD - ok
11:45:27.0187 4072 lbrtfdc - ok
11:45:27.0265 4072 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:45:27.0312 4072 mdmxsdk - ok
11:45:27.0343 4072 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:45:27.0562 4072 mnmdd - ok
11:45:27.0687 4072 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:45:27.0843 4072 Modem - ok
11:45:27.0875 4072 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:45:28.0015 4072 Mouclass - ok
11:45:28.0062 4072 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:45:28.0234 4072 mouhid - ok
11:45:28.0265 4072 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:45:28.0406 4072 MountMgr - ok
11:45:28.0484 4072 mraid35x - ok
11:45:28.0515 4072 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:45:28.0656 4072 MRxDAV - ok
11:45:28.0703 4072 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:45:28.0765 4072 MRxSmb - ok
11:45:28.0796 4072 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:45:28.0937 4072 Msfs - ok
11:45:29.0031 4072 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:45:29.0171 4072 MSKSSRV - ok
11:45:29.0187 4072 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:45:29.0328 4072 MSPCLOCK - ok
11:45:29.0343 4072 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:45:29.0484 4072 MSPQM - ok
11:45:29.0515 4072 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:45:29.0656 4072 mssmbios - ok
11:45:29.0703 4072 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:45:29.0828 4072 MSTEE - ok
11:45:29.0953 4072 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:45:29.0984 4072 Mup - ok
11:45:30.0015 4072 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:45:30.0140 4072 NABTSFEC - ok
11:45:30.0312 4072 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20111228.039\NAVENG.SYS
11:45:30.0375 4072 NAVENG - ok
11:45:30.0437 4072 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20111228.039\NAVEX15.SYS
11:45:30.0546 4072 NAVEX15 - ok
11:45:30.0671 4072 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:45:30.0921 4072 NDIS - ok
11:45:31.0031 4072 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:45:31.0171 4072 NdisIP - ok
11:45:31.0218 4072 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:45:31.0250 4072 NdisTapi - ok
11:45:31.0281 4072 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:45:31.0421 4072 Ndisuio - ok
11:45:31.0453 4072 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:45:31.0640 4072 NdisWan - ok
11:45:31.0750 4072 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:45:31.0812 4072 NDProxy - ok
11:45:31.0843 4072 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:45:32.0000 4072 NetBIOS - ok
11:45:32.0062 4072 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:45:32.0203 4072 NetBT - ok
11:45:32.0421 4072 NETw5x32 (91f027c242d3ff6e5c09f92a0518297f) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
11:45:32.0625 4072 NETw5x32 - ok
11:45:32.0750 4072 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:45:33.0015 4072 NIC1394 - ok
11:45:33.0062 4072 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:45:33.0281 4072 Npfs - ok
11:45:33.0390 4072 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:45:33.0609 4072 Ntfs - ok
11:45:33.0656 4072 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:45:33.0859 4072 Null - ok
11:45:34.0109 4072 nv (96601379e76522e144a795629fd3e2db) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:45:34.0343 4072 nv - ok
11:45:34.0484 4072 NvtSp50 (dfbbb46e406d6cd7bcb58af493ba80f8) C:\WINDOWS\system32\DRIVERS\NvtSp50.sys
11:45:34.0562 4072 NvtSp50 - ok
11:45:34.0593 4072 NWADI (2f49369ddcc5ca3cdcd944b637efacad) C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
11:45:34.0687 4072 NWADI - ok
11:45:34.0718 4072 NWDellModem (c4ec827bc90f5f4fa8e772b254ce1b6c) C:\WINDOWS\system32\DRIVERS\nwdelmdm.sys
11:45:34.0812 4072 NWDellModem - ok
11:45:34.0828 4072 NWDellPort (c4ec827bc90f5f4fa8e772b254ce1b6c) C:\WINDOWS\system32\DRIVERS\nwdelser.sys
11:45:34.0906 4072 NWDellPort - ok
11:45:34.0937 4072 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:45:35.0062 4072 NwlnkFlt - ok
11:45:35.0078 4072 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:45:35.0218 4072 NwlnkFwd - ok
11:45:35.0359 4072 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:45:35.0500 4072 ohci1394 - ok
11:45:35.0546 4072 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
11:45:35.0687 4072 Parport - ok
11:45:35.0765 4072 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:45:35.0921 4072 PartMgr - ok
11:45:35.0953 4072 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:45:36.0078 4072 ParVdm - ok
11:45:36.0265 4072 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
11:45:36.0328 4072 PBADRV - ok
11:45:36.0343 4072 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:45:36.0484 4072 PCI - ok
11:45:36.0500 4072 PCIDump - ok
11:45:36.0515 4072 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:45:36.0765 4072 PCIIde - ok
11:45:36.0796 4072 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:45:36.0921 4072 Pcmcia - ok
11:45:36.0937 4072 PDCOMP - ok
11:45:36.0953 4072 PDFRAME - ok
11:45:36.0968 4072 PDRELI - ok
11:45:36.0984 4072 PDRFRAME - ok
11:45:37.0000 4072 perc2 - ok
11:45:37.0015 4072 perc2hib - ok
11:45:37.0062 4072 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:45:37.0234 4072 PptpMiniport - ok
11:45:37.0312 4072 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:45:37.0453 4072 PSched - ok
11:45:37.0468 4072 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:45:37.0640 4072 Ptilink - ok
11:45:37.0656 4072 ql1080 - ok
11:45:37.0671 4072 Ql10wnt - ok
11:45:37.0687 4072 ql12160 - ok
11:45:37.0703 4072 ql1240 - ok
11:45:37.0718 4072 ql1280 - ok
11:45:37.0750 4072 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:45:37.0875 4072 RasAcd - ok
11:45:37.0968 4072 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:45:38.0093 4072 Rasl2tp - ok
11:45:38.0109 4072 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:45:38.0296 4072 RasPppoe - ok
11:45:38.0406 4072 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:45:38.0593 4072 Raspti - ok
11:45:38.0656 4072 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:45:38.0859 4072 Rdbss - ok
11:45:38.0875 4072 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:45:39.0078 4072 RDPCDD - ok
11:45:39.0171 4072 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:45:39.0328 4072 rdpdr - ok
11:45:39.0437 4072 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:45:39.0500 4072 RDPWD - ok
11:45:39.0531 4072 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:45:39.0781 4072 redbook - ok
11:45:39.0875 4072 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:45:40.0046 4072 Secdrv - ok
11:45:40.0140 4072 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:45:40.0296 4072 serenum - ok
11:45:40.0328 4072 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:45:40.0453 4072 Serial - ok
11:45:40.0484 4072 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:45:40.0609 4072 Sfloppy - ok
11:45:40.0625 4072 Simbad - ok
11:45:40.0656 4072 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:45:40.0781 4072 SLIP - ok
11:45:40.0796 4072 Sparrow - ok
11:45:40.0843 4072 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:45:40.0953 4072 splitter - ok
11:45:41.0078 4072 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:45:41.0171 4072 sr - ok
11:45:41.0250 4072 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\WINDOWS\System32\Drivers\NIS\1109000.00C\SRTSP.SYS
11:45:41.0312 4072 SRTSP - ok
11:45:41.0343 4072 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\WINDOWS\system32\drivers\NIS\1109000.00C\SRTSPX.SYS
11:45:41.0406 4072 SRTSPX - ok
11:45:41.0453 4072 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:45:41.0531 4072 Srv - ok
11:45:41.0703 4072 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
11:45:41.0843 4072 STHDA - ok
11:45:41.0953 4072 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
11:45:42.0171 4072 StillCam - ok
11:45:42.0218 4072 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:45:42.0437 4072 streamip - ok
11:45:42.0484 4072 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:45:42.0625 4072 swenum - ok
11:45:42.0656 4072 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:45:42.0812 4072 swmidi - ok
11:45:42.0828 4072 symc810 - ok
11:45:42.0828 4072 symc8xx - ok
11:45:42.0906 4072 SymDS (56890bf9d9204b93042089d4b45ae671) C:\WINDOWS\system32\drivers\NIS\1109000.00C\SYMDS.SYS
11:45:42.0968 4072 SymDS - ok
11:45:43.0093 4072 SymEFA (10ba64273feff4df0a7ccb0ff3b9b26b) C:\WINDOWS\system32\drivers\NIS\1109000.00C\SYMEFA.SYS
11:45:43.0156 4072 SymEFA - ok
11:45:43.0187 4072 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
11:45:43.0250 4072 SymEvent - ok
11:45:43.0281 4072 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\WINDOWS\system32\drivers\NIS\1109000.00C\Ironx86.SYS
11:45:43.0343 4072 SymIRON - ok
11:45:43.0390 4072 SYMTDI (be6de8fbf2df9f13a90b8b6e943871b7) C:\WINDOWS\System32\Drivers\NIS\1109000.00C\SYMTDI.SYS
11:45:43.0453 4072 SYMTDI - ok
11:45:43.0468 4072 sym_hi - ok
11:45:43.0484 4072 sym_u3 - ok
11:45:43.0531 4072 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:45:43.0671 4072 sysaudio - ok
11:45:43.0843 4072 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:45:43.0921 4072 Tcpip - ok
11:45:43.0953 4072 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:45:44.0078 4072 TDPIPE - ok
11:45:44.0109 4072 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:45:44.0281 4072 TDTCP - ok
11:45:44.0312 4072 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:45:44.0531 4072 TermDD - ok
11:45:44.0546 4072 TosIde - ok
11:45:44.0593 4072 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:45:44.0734 4072 Udfs - ok
11:45:44.0812 4072 ultra - ok
11:45:44.0828 4072 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:45:44.0968 4072 Update - ok
11:45:45.0046 4072 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:45:45.0093 4072 USBAAPL - ok
11:45:45.0125 4072 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
11:45:45.0265 4072 usbaudio - ok
11:45:45.0296 4072 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:45:45.0421 4072 usbccgp - ok
11:45:45.0578 4072 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:45:45.0718 4072 usbehci - ok
11:45:45.0750 4072 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:45:45.0968 4072 usbhub - ok
11:45:46.0078 4072 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:45:46.0281 4072 usbprint - ok
11:45:46.0328 4072 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:45:46.0578 4072 usbscan - ok
11:45:46.0656 4072 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:45:46.0796 4072 USBSTOR - ok
11:45:46.0828 4072 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:45:46.0953 4072 usbuhci - ok
11:45:47.0062 4072 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
11:45:47.0218 4072 usbvideo - ok
11:45:47.0250 4072 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:45:47.0437 4072 VgaSave - ok
11:45:47.0453 4072 ViaIde - ok
11:45:47.0484 4072 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:45:47.0671 4072 VolSnap - ok
11:45:47.0765 4072 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:45:47.0937 4072 Wanarp - ok
11:45:48.0031 4072 WavxDMgr (dee09de5c10b329567b17e879fa8c4bd) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
11:45:48.0078 4072 WavxDMgr - ok
11:45:48.0140 4072 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:45:48.0203 4072 Wdf01000 - ok
11:45:48.0218 4072 WDICA - ok
11:45:48.0281 4072 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:45:48.0500 4072 wdmaud - ok
11:45:48.0671 4072 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:45:48.0781 4072 winachsf - ok
11:45:48.0859 4072 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:45:49.0328 4072 WmiAcpi - ok
11:45:49.0421 4072 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:45:49.0640 4072 WSTCODEC - ok
11:45:49.0703 4072 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:45:49.0968 4072 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:45:49.0968 4072 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:45:49.0968 4072 Boot (0x1200) (1fc9e201f7a3d63edd93a6bb5de7eee6) \Device\Harddisk0\DR0\Partition0
11:45:49.0968 4072 \Device\Harddisk0\DR0\Partition0 - ok
11:45:49.0984 4072 ============================================================
11:45:49.0984 4072 Scan finished
11:45:49.0984 4072 ============================================================
11:45:50.0093 6024 Detected object count: 2
11:45:50.0093 6024 Actual detected object count: 2
11:46:45.0328 6024 APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:45.0328 6024 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:45.0328 6024 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:46:45.0328 6024 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#15 catiballard

catiballard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 29 December 2011 - 11:57 AM

Quietman 7....

I just read the part of your post to go to the Jottis malware. Where it states to upload the file, is the file im looking for the tdsskiller report?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users