Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with a solved problem quite similar to mine


  • This topic is locked This topic is locked
48 replies to this topic

#1 DumbGuy1

DumbGuy1

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 04 January 2012 - 05:26 PM

Hello everybody. I am a user of Windows Vista 64 bit. Recently, I have scanned my computer and I've discovered that I have a trojan named Tojan:Win32/Bamital!dat. I do realize that there is a thread already on this trojan/topic and it has been resolved. The link to the previous thread is: http://www.bleepingcomputer.com/forums/topic431321.html. I do not know if I should follow the steps that are listed here because I do not know much about computers and does not wish to risk it. The problem I have is quite similar to the person in the above link has. I want to know how I can fix this trojan and if anybody can help, that would be great. By the way, I used Microsoft Security Essentials to fully scan my computer and the trojan appeared to be in the file C:\Users\Public\Documents\Server\hlp.dat. If this helps, I am running on an administrator account.

On an unrelated note, I have been encountering a problem in which a black cmd box keeps popping up, but disappears after 3 seconds or so. Is this related to that trojan I have?

Edited by DumbGuy1, 04 January 2012 - 05:28 PM.


BC AdBot (Login to Remove)

 


#2 DumbGuy1

DumbGuy1
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 07 January 2012 - 07:41 PM

Bump

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:49 AM

Posted 08 January 2012 - 03:07 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:49 AM

Posted 10 January 2012 - 11:25 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 DumbGuy1

DumbGuy1
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 12 January 2012 - 11:46 PM

Hello Gringo. Sorry I've been a little busy. Here are my logs: .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 7.0.6001.18000
Run by Henry at 20:42:24 on 2012-01-12
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.4085.1241 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Bradford\CFUpdater\nuserv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxducoms.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AIM\aim.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduMsdMon.exe
C:\Users\Henry\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopCrawl.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Users\Henry\AppData\Local\Akamai\netsession_win.exe
c:\program files (x86)\real\realplayer\update\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\conime.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\ieuser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
c:\program files (x86)\aim toolbar\aimtbServer.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://yahoo.com.hk/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ?????: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: AOL Messaging Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
TB: AOL Messaging Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [Akamai NetSession Interface] "C:\Users\Henry\AppData\Local\Akamai\netsession_win.exe"
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Lexmark 5600-6600 Series] "C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe" /s
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBServerUtilityMgr.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: $talisma_url$
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install-ie/alttiff.cab
DPF: {88D969C0-F192-11D4-A65F-0040963251E5} - hxxps://www.spmloans.com/xml/msxml4.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {EC55014B-4D8D-4C8E-AC98-BFA7C1B315F7} - hxxp://70.133.189.238:8080/PVRemoteViewX.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{7F792401-0163-4780-BF3C-1B8E1AA4B757} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{B1ED7668-1D48-4344-ACEB-5117F42A39B1} : DhcpNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~3\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ?????: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: AOL Messaging Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
BHO-X64: AOL Messaging Toolbar Loader - No File
BHO-X64: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB-X64: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
TB-X64: AOL Messaging Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun-x64: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [Lexmark 5600-6600 Series] "C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe" /s
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
AppInit_DLLs-X64: C:\PROGRA~2\Google\GOOGLE~3\GOEC62~1.DLL
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\s5wda0n9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=20100814191901471&tb_oid=14-08-2010&tb_mrud=21-09-2010
FF - prefs.js: browser.search.selectedEngine - Dictionary.com
FF - prefs.js: browser.startup.homepage - youtube.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&q=
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\s5wda0n9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\system32\npmproxy.dll
FF - plugin: C:\Windows\system32\npOGPPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 DRVECDB;DRVECDB;C:\Windows\system32\Drivers\DRVECDB.SYS --> C:\Windows\system32\Drivers\DRVECDB.SYS [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111223.001\BHDrvx64.sys [2011-11-30 1157240]
R1 DLARTL_E;DLARTL_E;C:\Windows\system32\Drivers\DLARTL_E.SYS --> C:\Windows\system32\Drivers\DLARTL_E.SYS [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120112.002\IDSviA64.sys [2012-1-12 488568]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMTDIV.SYS --> C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMTDIV.SYS [?]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/05/29 21:26:34];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-10-21 146928]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2008-1-20 21504]
R2 CFUpdaterService;ClickFORMS Updater;C:\Program Files (x86)\Bradford\CFUpdater\nuserv.exe [2009-5-29 839168]
R2 DLABMFSE;DLABMFSE;C:\Windows\system32\DLA\DLABMFSE.SYS --> C:\Windows\system32\DLA\DLABMFSE.SYS [?]
R2 DLABOIOE;DLABOIOE;C:\Windows\system32\DLA\DLABOIOE.SYS --> C:\Windows\system32\DLA\DLABOIOE.SYS [?]
R2 DLADResE;DLADResE;C:\Windows\system32\DLA\DLADResE.SYS --> C:\Windows\system32\DLA\DLADResE.SYS [?]
R2 DLAIFS_E;DLAIFS_E;C:\Windows\system32\DLA\DLAIFS_E.SYS --> C:\Windows\system32\DLA\DLAIFS_E.SYS [?]
R2 DLAOPIOE;DLAOPIOE;C:\Windows\system32\DLA\DLAOPIOE.SYS --> C:\Windows\system32\DLA\DLAOPIOE.SYS [?]
R2 DLAPoolE;DLAPoolE;C:\Windows\system32\DLA\DLAPoolE.SYS --> C:\Windows\system32\DLA\DLAPoolE.SYS [?]
R2 DLAUDF_E;DLAUDF_E;C:\Windows\system32\DLA\DLAUDF_E.SYS --> C:\Windows\system32\DLA\DLAUDF_E.SYS [?]
R2 DLAUDFAE;DLAUDFAE;C:\Windows\system32\DLA\DLAUDFAE.SYS --> C:\Windows\system32\DLA\DLAUDFAE.SYS [?]
R2 DRVEDDM;DRVEDDM;C:\Windows\system32\Drivers\DRVEDDM.SYS --> C:\Windows\system32\Drivers\DRVEDDM.SYS [?]
R2 lxdu_device;lxdu_device;C:\Windows\system32\lxducoms.exe -service --> C:\Windows\system32\lxducoms.exe -service [?]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-12-14 517632]
R2 McciServiceHost;McciServiceHost;C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe [2010-12-14 315392]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe [2011-10-4 130008]
R2 QuickBooksDB17;QuickBooksDB17;C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 --> C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-9 138360]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S1 DLACDBHE;DLACDBHE;C:\Windows\system32\Drivers\DLACDBHE.SYS --> C:\Windows\system32\Drivers\DLACDBHE.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxduserv.exe [2008-5-23 33960]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [2008-9-9 25888]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-5-28 93184]
.
=============== Created Last 30 ================
.
2012-01-13 00:56:38 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FDDCD768-3C37-423C-B589-8616FAB65282}\offreg.dll
2012-01-13 00:56:30 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FDDCD768-3C37-423C-B589-8616FAB65282}\mpengine.dll
2012-01-10 06:33:11 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-10 06:33:11 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-10 06:33:11 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-10 06:33:11 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2011-12-14 22:20:12 -------- d-----w- C:\Users\Henry\AppData\Local\SanctionedMedia
.
==================== Find3M ====================
.
2011-12-06 02:07:55 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 20:44:01.81 ===============

I did not have any problems running DDS.

Edited by DumbGuy1, 12 January 2012 - 11:48 PM.


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:49 AM

Posted 13 January 2012 - 12:16 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

:multiple Anti Virus programs:

It looks like you are operating your computer with multiple Anti Virus programs running in memory at once:

AV: Microsoft Security Essentials
AV: Norton Security Suite


Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

Please remove all but one of them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 DumbGuy1

DumbGuy1
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 13 January 2012 - 12:49 AM

Hello Gringo. Unfortunately, I am going to be out of town for a few days, so I cannot perform the operations required on this computer. However, I can still keep track of this thread, so please do NOT close this. In addition, which Antivirus would you recommend I uninstall?
I will return on Tuesday or Wednesday of next week.

Edited by DumbGuy1, 13 January 2012 - 12:50 AM.


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:49 AM

Posted 13 January 2012 - 02:48 AM

me I would uninstall norton but it is probably a paid version so that is up to you


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:49 AM

Posted 19 January 2012 - 12:53 AM

Hello


just checking on you - how are things going?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 DumbGuy1

DumbGuy1
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 19 January 2012 - 03:08 AM

Hello Gringo. Unfortunately, I have a few dire matters that I must deal with at this point in time. I will have to be gone for a few days again. I will update this thread with the ComboFix log next week.

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:49 AM

Posted 19 January 2012 - 03:16 AM

nO PROBLEM AND i WILL CHECK ON YOU IN A COUPLE OF DAYS


GRINGO
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:49 AM

Posted 23 January 2012 - 11:12 PM

just checking in on you how are things going


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 DumbGuy1

DumbGuy1
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 24 January 2012 - 09:05 PM

Hello Gringo, I look forward to working with you again. I tried using ComboFix. Unfortunately, it frozen on "Completed Stage 4". It has been saying that for a very long time.

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:49 AM

Posted 25 January 2012 - 08:13 AM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 DumbGuy1

DumbGuy1
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 25 January 2012 - 07:37 PM

16:35:43.0727 7948 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
16:35:44.0451 7948 ============================================================
16:35:44.0451 7948 Current date / time: 2012/01/25 16:35:44.0451
16:35:44.0451 7948 SystemInfo:
16:35:44.0451 7948
16:35:44.0451 7948 OS Version: 6.0.6001 ServicePack: 1.0
16:35:44.0451 7948 Product type: Workstation
16:35:44.0451 7948 ComputerName: HENRY-PC
16:35:44.0452 7948 UserName: Henry
16:35:44.0452 7948 Windows directory: C:\Windows
16:35:44.0452 7948 System windows directory: C:\Windows
16:35:44.0452 7948 Running under WOW64
16:35:44.0452 7948 Processor architecture: Intel x64
16:35:44.0452 7948 Number of processors: 2
16:35:44.0452 7948 Page size: 0x1000
16:35:44.0452 7948 Boot type: Normal boot
16:35:44.0452 7948 ============================================================
16:35:45.0474 7948 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:35:45.0655 7948 Initialize success
16:35:49.0521 8180 ============================================================
16:35:49.0521 8180 Scan started
16:35:49.0521 8180 Mode: Manual;
16:35:49.0521 8180 ============================================================
16:35:51.0343 8180 ACPI (375243251c24028da6c9761645b43f21) C:\Windows\system32\drivers\acpi.sys
16:35:51.0368 8180 ACPI - ok
16:35:51.0427 8180 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
16:35:51.0486 8180 adp94xx - ok
16:35:51.0530 8180 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
16:35:51.0539 8180 adpahci - ok
16:35:51.0564 8180 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
16:35:51.0569 8180 adpu160m - ok
16:35:51.0598 8180 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
16:35:51.0631 8180 adpu320 - ok
16:35:51.0704 8180 AFD (9bb97042fa331a0fb4bdd98b9280a50a) C:\Windows\system32\drivers\afd.sys
16:35:51.0730 8180 AFD - ok
16:35:51.0883 8180 AgereSoftModem (55fcdb10e31c22eb67454aaef42b6725) C:\Windows\system32\DRIVERS\agrsm64.sys
16:35:51.0926 8180 AgereSoftModem - ok
16:35:51.0976 8180 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
16:35:52.0043 8180 agp440 - ok
16:35:52.0065 8180 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
16:35:52.0070 8180 aic78xx - ok
16:35:52.0112 8180 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
16:35:52.0116 8180 aliide - ok
16:35:52.0144 8180 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
16:35:52.0147 8180 amdide - ok
16:35:52.0198 8180 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
16:35:52.0248 8180 AmdK8 - ok
16:35:52.0327 8180 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
16:35:52.0369 8180 arc - ok
16:35:52.0425 8180 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
16:35:52.0467 8180 arcsas - ok
16:35:52.0562 8180 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
16:35:52.0566 8180 AsyncMac - ok
16:35:52.0597 8180 atapi (1898fae8e07d97f2f6c2d5326c633fac) C:\Windows\system32\drivers\atapi.sys
16:35:52.0601 8180 atapi - ok
16:35:52.0929 8180 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120121.002\BHDrvx64.sys
16:35:53.0046 8180 BHDrvx64 - ok
16:35:53.0099 8180 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
16:35:53.0104 8180 blbdrive - ok
16:35:53.0158 8180 bowser (f0f035fcec3554cc1b70c5611bd87951) C:\Windows\system32\DRIVERS\bowser.sys
16:35:53.0186 8180 bowser - ok
16:35:53.0262 8180 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
16:35:53.0296 8180 BrFiltLo - ok
16:35:53.0326 8180 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
16:35:53.0329 8180 BrFiltUp - ok
16:35:53.0381 8180 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
16:35:53.0396 8180 Brserid - ok
16:35:53.0547 8180 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
16:35:53.0554 8180 BrSerWdm - ok
16:35:53.0615 8180 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
16:35:53.0618 8180 BrUsbMdm - ok
16:35:53.0649 8180 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
16:35:53.0653 8180 BrUsbSer - ok
16:35:53.0691 8180 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
16:35:53.0695 8180 BTHMODEM - ok
16:35:53.0726 8180 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
16:35:53.0731 8180 cdfs - ok
16:35:53.0786 8180 cdrom (3b2fb35363423ed60c8fbf15fc8680bd) C:\Windows\system32\DRIVERS\cdrom.sys
16:35:53.0792 8180 cdrom - ok
16:35:53.0867 8180 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
16:35:53.0909 8180 circlass - ok
16:35:53.0963 8180 CLFS (caeda2572b7042b11062f327f099251d) C:\Windows\system32\CLFS.sys
16:35:53.0990 8180 CLFS - ok
16:35:54.0073 8180 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
16:35:54.0083 8180 cmdide - ok
16:35:54.0122 8180 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
16:35:54.0125 8180 Compbatt - ok
16:35:54.0142 8180 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
16:35:54.0146 8180 crcdisk - ok
16:35:54.0272 8180 DfsC (3725c43c9e90731eca651d506cc599a3) C:\Windows\system32\Drivers\dfsc.sys
16:35:54.0280 8180 DfsC - ok
16:35:54.0327 8180 disk (2dc415fc05fb8a079f896cbbacb19324) C:\Windows\system32\drivers\disk.sys
16:35:54.0332 8180 disk - ok
16:35:54.0380 8180 DLABMFSE (17e6a205960c775a6f2bed1dd9e56214) C:\Windows\system32\DLA\DLABMFSE.SYS
16:35:54.0416 8180 DLABMFSE - ok
16:35:54.0429 8180 DLABOIOE (92e787b6af9b75a39c99d0a31c05b857) C:\Windows\system32\DLA\DLABOIOE.SYS
16:35:54.0460 8180 DLABOIOE - ok
16:35:54.0474 8180 DLACDBHE (b345278ecd8ed4b8d33684cdbf396436) C:\Windows\system32\Drivers\DLACDBHE.SYS
16:35:54.0504 8180 DLACDBHE - ok
16:35:54.0535 8180 DLADResE (b207bcf0307b191a5068a003c520283a) C:\Windows\system32\DLA\DLADResE.SYS
16:35:54.0561 8180 DLADResE - ok
16:35:54.0605 8180 DLAIFS_E (9448aad0502e570de2275b5f2927c314) C:\Windows\system32\DLA\DLAIFS_E.SYS
16:35:54.0626 8180 DLAIFS_E - ok
16:35:54.0682 8180 DLAOPIOE (02923de961a916675059d44a32ed7a90) C:\Windows\system32\DLA\DLAOPIOE.SYS
16:35:54.0710 8180 DLAOPIOE - ok
16:35:54.0770 8180 DLAPoolE (9c82599cc61e3a467cb5bbe66c111e3a) C:\Windows\system32\DLA\DLAPoolE.SYS
16:35:54.0808 8180 DLAPoolE - ok
16:35:54.0841 8180 DLARTL_E (f24ae7967965cc29fb709191401ab8b7) C:\Windows\system32\Drivers\DLARTL_E.SYS
16:35:54.0857 8180 DLARTL_E - ok
16:35:54.0897 8180 DLAUDFAE (e8fed969b01cacec08ffe88914d992d4) C:\Windows\system32\DLA\DLAUDFAE.SYS
16:35:54.0944 8180 DLAUDFAE - ok
16:35:55.0003 8180 DLAUDF_E (e5a481115ccc2506d5b425e913170df1) C:\Windows\system32\DLA\DLAUDF_E.SYS
16:35:55.0025 8180 DLAUDF_E - ok
16:35:55.0110 8180 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
16:35:55.0128 8180 Dot4 - ok
16:35:55.0202 8180 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:35:55.0244 8180 Dot4Print - ok
16:35:55.0288 8180 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
16:35:55.0338 8180 dot4usb - ok
16:35:55.0398 8180 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
16:35:55.0401 8180 drmkaud - ok
16:35:55.0415 8180 DRVECDB (5e049ca729a0e763c73de4de39ff83e0) C:\Windows\system32\Drivers\DRVECDB.SYS
16:35:55.0446 8180 DRVECDB - ok
16:35:55.0457 8180 DRVEDDM (67e67b1a6f4f42d737962f8e0860b6c2) C:\Windows\system32\Drivers\DRVEDDM.SYS
16:35:55.0474 8180 DRVEDDM - ok
16:35:55.0593 8180 dump_wmimmc - ok
16:35:55.0630 8180 DXGKrnl (412964040ce920ff83aff6b5b551bf99) C:\Windows\System32\drivers\dxgkrnl.sys
16:35:55.0663 8180 DXGKrnl - ok
16:35:55.0719 8180 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
16:35:55.0726 8180 E1G60 - ok
16:35:55.0758 8180 EagleX64 - ok
16:35:55.0807 8180 Ecache (7343d950a34a95dcb7441642e3e6beef) C:\Windows\system32\drivers\ecache.sys
16:35:55.0840 8180 Ecache - ok
16:35:55.0894 8180 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:35:55.0913 8180 eeCtrl - ok
16:35:56.0040 8180 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
16:35:56.0059 8180 elxstor - ok
16:35:56.0115 8180 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:35:56.0119 8180 EraserUtilRebootDrv - ok
16:35:56.0137 8180 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
16:35:56.0140 8180 ErrDev - ok
16:35:56.0183 8180 exfat (2a546b9a84658b0554b1ec35cd9adaf5) C:\Windows\system32\drivers\exfat.sys
16:35:56.0234 8180 exfat - ok
16:35:56.0268 8180 fastfat (fe731d345ed9eeabbc72a59b35941834) C:\Windows\system32\drivers\fastfat.sys
16:35:56.0274 8180 fastfat - ok
16:35:56.0318 8180 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
16:35:56.0320 8180 fdc - ok
16:35:56.0342 8180 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
16:35:56.0345 8180 FileInfo - ok
16:35:56.0362 8180 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
16:35:56.0365 8180 Filetrace - ok
16:35:56.0400 8180 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:35:56.0442 8180 flpydisk - ok
16:35:56.0481 8180 FltMgr (7dacf1a3a4219575070c6dc7c957428a) C:\Windows\system32\drivers\fltmgr.sys
16:35:56.0499 8180 FltMgr - ok
16:35:56.0539 8180 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
16:35:56.0543 8180 Fs_Rec - ok
16:35:56.0562 8180 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
16:35:56.0566 8180 gagp30kx - ok
16:35:56.0624 8180 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:35:56.0628 8180 GEARAspiWDM - ok
16:35:56.0704 8180 HDAudBus (0c0d0f8a3ff09ecc81963d09ec6a0a84) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:35:56.0706 8180 HDAudBus - ok
16:35:56.0763 8180 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
16:35:56.0830 8180 HidBth - ok
16:35:56.0869 8180 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
16:35:56.0874 8180 HidIr - ok
16:35:56.0933 8180 HidUsb (128e2da8483fdd4dd0c7b3f9abd6f323) C:\Windows\system32\DRIVERS\hidusb.sys
16:35:56.0943 8180 HidUsb - ok
16:35:57.0076 8180 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
16:35:57.0080 8180 HpCISSs - ok
16:35:57.0288 8180 HTTP (e690736da6c543f5d99c8fa27bea31db) C:\Windows\system32\drivers\HTTP.sys
16:35:57.0323 8180 HTTP - ok
16:35:57.0362 8180 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
16:35:57.0367 8180 i2omp - ok
16:35:57.0414 8180 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
16:35:57.0439 8180 i8042prt - ok
16:35:57.0527 8180 iaStor (5979854e6fda990107e3170327022117) C:\Windows\system32\drivers\iastor.sys
16:35:57.0532 8180 iaStor - ok
16:35:57.0581 8180 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
16:35:57.0615 8180 iaStorV - ok
16:35:57.0795 8180 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120124.005\IDSvia64.sys
16:35:57.0849 8180 IDSVia64 - ok
16:35:58.0104 8180 igfx (312e18684051457a275da878c75d69c2) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:35:58.0280 8180 igfx - ok
16:35:58.0327 8180 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
16:35:58.0330 8180 iirsp - ok
16:35:58.0392 8180 IntcAzAudAddService (5f885046a7f420989c8366324fd2ef60) C:\Windows\system32\drivers\RTKVHD64.sys
16:35:58.0600 8180 IntcAzAudAddService - ok
16:35:58.0654 8180 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
16:35:58.0706 8180 intelide - ok
16:35:58.0844 8180 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
16:35:58.0845 8180 intelppm - ok
16:35:58.0995 8180 IpFilterDriver (99b821f5bebd6a3cc3fe564f802ae0fd) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:35:59.0005 8180 IpFilterDriver - ok
16:35:59.0052 8180 IpInIp - ok
16:35:59.0087 8180 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
16:35:59.0091 8180 IPMIDRV - ok
16:35:59.0124 8180 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
16:35:59.0129 8180 IPNAT - ok
16:35:59.0154 8180 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
16:35:59.0157 8180 IRENUM - ok
16:35:59.0190 8180 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
16:35:59.0194 8180 isapnp - ok
16:35:59.0248 8180 iScsiPrt (49e4ccbf74783fce5d2cc1ff6480e1f4) C:\Windows\system32\DRIVERS\msiscsi.sys
16:35:59.0253 8180 iScsiPrt - ok
16:35:59.0291 8180 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
16:35:59.0294 8180 iteatapi - ok
16:35:59.0321 8180 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
16:35:59.0325 8180 iteraid - ok
16:35:59.0355 8180 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
16:35:59.0359 8180 kbdclass - ok
16:35:59.0380 8180 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
16:35:59.0384 8180 kbdhid - ok
16:35:59.0425 8180 KSecDD (ccdcce6224e1e207e953af826b98a9d9) C:\Windows\system32\Drivers\ksecdd.sys
16:35:59.0469 8180 KSecDD - ok
16:35:59.0517 8180 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
16:35:59.0521 8180 ksthunk - ok
16:35:59.0568 8180 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
16:35:59.0572 8180 lltdio - ok
16:35:59.0607 8180 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
16:35:59.0612 8180 LSI_FC - ok
16:35:59.0634 8180 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
16:35:59.0639 8180 LSI_SAS - ok
16:35:59.0668 8180 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
16:35:59.0673 8180 LSI_SCSI - ok
16:35:59.0700 8180 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
16:35:59.0703 8180 luafv - ok
16:35:59.0793 8180 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
16:35:59.0797 8180 megasas - ok
16:35:59.0835 8180 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
16:35:59.0847 8180 MegaSR - ok
16:35:59.0876 8180 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
16:35:59.0879 8180 Modem - ok
16:35:59.0934 8180 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
16:35:59.0936 8180 monitor - ok
16:35:59.0964 8180 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
16:35:59.0968 8180 mouclass - ok
16:35:59.0999 8180 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
16:36:00.0009 8180 mouhid - ok
16:36:00.0031 8180 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
16:36:00.0036 8180 MountMgr - ok
16:36:00.0144 8180 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
16:36:00.0150 8180 MpFilter - ok
16:36:00.0178 8180 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
16:36:00.0182 8180 mpio - ok
16:36:00.0259 8180 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
16:36:00.0263 8180 MpNWMon - ok
16:36:00.0284 8180 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
16:36:00.0288 8180 mpsdrv - ok
16:36:00.0330 8180 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
16:36:00.0333 8180 Mraid35x - ok
16:36:00.0423 8180 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
16:36:00.0426 8180 MREMP50 - ok
16:36:00.0498 8180 MREMP50a64 (c2758df79c83a0d12a5599a040ca1818) C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
16:36:00.0566 8180 MREMP50a64 - ok
16:36:00.0574 8180 MREMPR5 - ok
16:36:00.0583 8180 MRENDIS5 - ok
16:36:00.0624 8180 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
16:36:00.0628 8180 MRESP50 - ok
16:36:00.0663 8180 MRESP50a64 (38bd5b32e0722752be8465d2a6da43d9) C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
16:36:00.0686 8180 MRESP50a64 - ok
16:36:00.0714 8180 MRxDAV (fe2706c15f8345c342820e4e4583fea0) C:\Windows\system32\drivers\mrxdav.sys
16:36:00.0721 8180 MRxDAV - ok
16:36:00.0769 8180 mrxsmb (b698eb9acc7ecd4927d99d268918f912) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:36:00.0775 8180 mrxsmb - ok
16:36:00.0813 8180 mrxsmb10 (9a797e27fd28500ee13d43000c931435) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:36:00.0822 8180 mrxsmb10 - ok
16:36:00.0844 8180 mrxsmb20 (f9425d610712533107a264e2d5b2154b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:36:00.0849 8180 mrxsmb20 - ok
16:36:00.0885 8180 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
16:36:00.0889 8180 msahci - ok
16:36:00.0920 8180 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
16:36:00.0926 8180 msdsm - ok
16:36:00.0955 8180 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
16:36:00.0960 8180 Msfs - ok
16:36:01.0074 8180 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
16:36:01.0087 8180 msisadrv - ok
16:36:01.0169 8180 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
16:36:01.0172 8180 MSKSSRV - ok
16:36:01.0197 8180 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
16:36:01.0200 8180 MSPCLOCK - ok
16:36:01.0221 8180 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
16:36:01.0223 8180 MSPQM - ok
16:36:01.0256 8180 MsRPC (b8e32e6103fbba9fbb1d0c11ff0d13b5) C:\Windows\system32\drivers\MsRPC.sys
16:36:01.0267 8180 MsRPC - ok
16:36:01.0291 8180 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
16:36:01.0294 8180 mssmbios - ok
16:36:01.0355 8180 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
16:36:01.0391 8180 MSTEE - ok
16:36:01.0415 8180 Mup (ddf133501f68d6988a0f55dfa88637b4) C:\Windows\system32\Drivers\mup.sys
16:36:01.0417 8180 Mup - ok
16:36:01.0570 8180 NativeWifiP (73b99c98fa3a2ed1566e02d6fe1913a5) C:\Windows\system32\DRIVERS\nwifi.sys
16:36:01.0578 8180 NativeWifiP - ok
16:36:01.0866 8180 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120125.003\ENG64.SYS
16:36:01.0869 8180 NAVENG - ok
16:36:02.0057 8180 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120125.003\EX64.SYS
16:36:02.0099 8180 NAVEX15 - ok
16:36:02.0170 8180 NDIS (2a2ee457af36c5c9a6808c768bd3a12b) C:\Windows\system32\drivers\ndis.sys
16:36:02.0192 8180 NDIS - ok
16:36:02.0214 8180 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
16:36:02.0221 8180 NdisTapi - ok
16:36:02.0263 8180 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
16:36:02.0267 8180 Ndisuio - ok
16:36:02.0290 8180 NdisWan (52e3e8e35101399be9b2938c992aa087) C:\Windows\system32\DRIVERS\ndiswan.sys
16:36:02.0308 8180 NdisWan - ok
16:36:02.0323 8180 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
16:36:02.0328 8180 NDProxy - ok
16:36:02.0393 8180 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
16:36:02.0396 8180 NetBIOS - ok
16:36:02.0423 8180 netbt (7a29ca243a629230799754162d80120f) C:\Windows\system32\DRIVERS\netbt.sys
16:36:02.0430 8180 netbt - ok
16:36:02.0565 8180 netr7364 (0e27af88b9c2291d2fde9faaebd2e9a3) C:\Windows\system32\DRIVERS\netr7364.sys
16:36:02.0587 8180 netr7364 - ok
16:36:02.0624 8180 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
16:36:02.0627 8180 nfrd960 - ok
16:36:02.0671 8180 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:36:02.0675 8180 NisDrv - ok
16:36:02.0706 8180 Npfs (b06154e2a2c91e9be5599fca53bc4cd0) C:\Windows\system32\drivers\Npfs.sys
16:36:02.0710 8180 Npfs - ok
16:36:02.0727 8180 NPPTNT2 - ok
16:36:02.0769 8180 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
16:36:02.0773 8180 nsiproxy - ok
16:36:02.0820 8180 Ntfs (fe86ba5ac3b50e2ca911e9c60c07b638) C:\Windows\system32\drivers\Ntfs.sys
16:36:02.0857 8180 Ntfs - ok
16:36:02.0883 8180 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
16:36:02.0885 8180 Null - ok
16:36:02.0910 8180 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
16:36:02.0916 8180 nvraid - ok
16:36:02.0940 8180 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
16:36:02.0944 8180 nvstor - ok
16:36:02.0986 8180 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
16:36:02.0992 8180 nv_agp - ok
16:36:03.0006 8180 NwlnkFlt - ok
16:36:03.0022 8180 NwlnkFwd - ok
16:36:03.0067 8180 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
16:36:03.0072 8180 ohci1394 - ok
16:36:03.0121 8180 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
16:36:03.0126 8180 Parport - ok
16:36:03.0154 8180 partmgr (5ab40c36894f4c06bdab0c9a2fba282d) C:\Windows\system32\drivers\partmgr.sys
16:36:03.0157 8180 partmgr - ok
16:36:03.0240 8180 PCD5SRVC{8AAF211B-043E02A9-05040000} (7204f835a4355d1ab2853e57c9ff177c) C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms
16:36:03.0350 8180 PCD5SRVC{8AAF211B-043E02A9-05040000} - ok
16:36:03.0367 8180 pci (2a5b2a51559066ea84742909b5b2cd69) C:\Windows\system32\drivers\pci.sys
16:36:03.0374 8180 pci - ok
16:36:03.0398 8180 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
16:36:03.0402 8180 pciide - ok
16:36:03.0435 8180 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
16:36:03.0442 8180 pcmcia - ok
16:36:03.0482 8180 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
16:36:03.0524 8180 PEAUTH - ok
16:36:03.0591 8180 PptpMiniport (f5739f2c6db2534c384ad5150808e8f5) C:\Windows\system32\DRIVERS\raspptp.sys
16:36:03.0595 8180 PptpMiniport - ok
16:36:03.0617 8180 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
16:36:03.0620 8180 Processor - ok
16:36:03.0694 8180 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys
16:36:03.0697 8180 Ps2 - ok
16:36:03.0717 8180 PSched (0e0e205a296095fe4c631e6a4775ad6c) C:\Windows\system32\DRIVERS\pacer.sys
16:36:03.0720 8180 PSched - ok
16:36:03.0757 8180 PxHlpa64 (001cec347ed6cd01f186056bac6c0da9) C:\Windows\system32\Drivers\PxHlpa64.sys
16:36:03.0787 8180 PxHlpa64 - ok
16:36:03.0943 8180 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
16:36:04.0100 8180 ql2300 - ok
16:36:04.0171 8180 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
16:36:04.0175 8180 ql40xx - ok
16:36:04.0221 8180 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
16:36:04.0225 8180 QWAVEdrv - ok
16:36:04.0256 8180 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
16:36:04.0260 8180 RasAcd - ok
16:36:04.0313 8180 Rasl2tp (3b9085f91ef00abd15a6f36570e90e12) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:36:04.0318 8180 Rasl2tp - ok
16:36:04.0349 8180 RasPppoe (2ce1703c27196094fb6e4c6e439f2c21) C:\Windows\system32\DRIVERS\raspppoe.sys
16:36:04.0353 8180 RasPppoe - ok
16:36:04.0375 8180 RasSstp (fcd04fa67e8b40fa0ad361dd38593942) C:\Windows\system32\DRIVERS\rassstp.sys
16:36:04.0380 8180 RasSstp - ok
16:36:04.0411 8180 rdbss (33fa5b6136d92ee0f53f021c79091300) C:\Windows\system32\DRIVERS\rdbss.sys
16:36:04.0429 8180 rdbss - ok
16:36:04.0451 8180 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:36:04.0455 8180 RDPCDD - ok
16:36:04.0499 8180 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
16:36:04.0509 8180 rdpdr - ok
16:36:04.0548 8180 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
16:36:04.0551 8180 RDPENCDD - ok
16:36:04.0591 8180 RDPWD (7747082f672aa2846235c9cea42e2e72) C:\Windows\system32\drivers\RDPWD.sys
16:36:04.0598 8180 RDPWD - ok
16:36:04.0674 8180 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
16:36:04.0678 8180 rspndr - ok
16:36:04.0753 8180 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys
16:36:04.0759 8180 RTL8169 - ok
16:36:04.0785 8180 RxFilter (2dddd6e3fadee0d89365bfb90b1beeb9) C:\Windows\system32\DRIVERS\RxFilter.sys
16:36:04.0822 8180 RxFilter - ok
16:36:04.0858 8180 sbp2port (ee92f9b915e7933a2c181a601d01ddce) C:\Windows\system32\DRIVERS\sbp2port.sys
16:36:04.0863 8180 sbp2port - ok
16:36:04.0906 8180 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:36:04.0910 8180 secdrv - ok
16:36:04.0942 8180 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
16:36:04.0946 8180 Serenum - ok
16:36:05.0043 8180 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
16:36:05.0048 8180 Serial - ok
16:36:05.0090 8180 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
16:36:05.0093 8180 sermouse - ok
16:36:05.0132 8180 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
16:36:05.0135 8180 sffdisk - ok
16:36:05.0152 8180 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
16:36:05.0156 8180 sffp_mmc - ok
16:36:05.0176 8180 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
16:36:05.0179 8180 sffp_sd - ok
16:36:05.0202 8180 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
16:36:05.0212 8180 sfloppy - ok
16:36:05.0251 8180 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
16:36:05.0255 8180 SiSRaid2 - ok
16:36:05.0279 8180 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
16:36:05.0283 8180 SiSRaid4 - ok
16:36:05.0320 8180 Smb (41eb2e8e005feedcafce301983eff932) C:\Windows\system32\DRIVERS\smb.sys
16:36:05.0324 8180 Smb - ok
16:36:05.0356 8180 spldr (f9cb0672162f7f04248e2b82c1ff4617) C:\Windows\system32\drivers\spldr.sys
16:36:05.0359 8180 spldr - ok
16:36:05.0460 8180 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS
16:36:05.0487 8180 SRTSP - ok
16:36:05.0532 8180 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS
16:36:05.0535 8180 SRTSPX - ok
16:36:05.0575 8180 srv (a8abd7d0d907b45cf3831f4dd8644349) C:\Windows\system32\DRIVERS\srv.sys
16:36:05.0588 8180 srv - ok
16:36:05.0626 8180 srv2 (6c72eea39e1c37b436a6d1532999f9ec) C:\Windows\system32\DRIVERS\srv2.sys
16:36:05.0631 8180 srv2 - ok
16:36:05.0669 8180 srvnet (7f69bcf9e6fa3d93c82ee6b87812666d) C:\Windows\system32\DRIVERS\srvnet.sys
16:36:05.0676 8180 srvnet - ok
16:36:05.0738 8180 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
16:36:05.0742 8180 StillCam - ok
16:36:05.0811 8180 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
16:36:05.0814 8180 swenum - ok
16:36:05.0856 8180 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
16:36:05.0860 8180 Symc8xx - ok
16:36:05.0933 8180 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS
16:36:05.0944 8180 SymDS - ok
16:36:06.0108 8180 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS
16:36:06.0133 8180 SymEFA - ok
16:36:06.0182 8180 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:36:06.0188 8180 SymEvent - ok
16:36:06.0260 8180 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS
16:36:06.0266 8180 SymIRON - ok
16:36:06.0345 8180 SYMTDIv (6cb70a5d30e4322bab4ad52866b0a4b8) C:\Windows\System32\Drivers\N360x64\0501000.01D\SYMTDIV.SYS
16:36:06.0356 8180 SYMTDIv - ok
16:36:06.0390 8180 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
16:36:06.0394 8180 Sym_hi - ok
16:36:06.0416 8180 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
16:36:06.0422 8180 Sym_u3 - ok
16:36:06.0560 8180 Tcpip (d43d5336be9dd93e02ee124297295713) C:\Windows\system32\drivers\tcpip.sys
16:36:06.0590 8180 Tcpip - ok
16:36:06.0640 8180 Tcpip6 (d43d5336be9dd93e02ee124297295713) C:\Windows\system32\DRIVERS\tcpip.sys
16:36:06.0650 8180 Tcpip6 - ok
16:36:06.0687 8180 tcpipreg (c29d4b3b08ad0b7e8564814e4ff6a57b) C:\Windows\system32\drivers\tcpipreg.sys
16:36:06.0691 8180 tcpipreg - ok
16:36:06.0717 8180 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
16:36:06.0720 8180 TDPIPE - ok
16:36:06.0748 8180 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
16:36:06.0751 8180 TDTCP - ok
16:36:06.0786 8180 tdx (8c39c72e0e853de04748c0337d9b9216) C:\Windows\system32\DRIVERS\tdx.sys
16:36:06.0790 8180 tdx - ok
16:36:06.0815 8180 TermDD (3f0ebf6ee609f2a276c0d5faf244ec90) C:\Windows\system32\DRIVERS\termdd.sys
16:36:06.0819 8180 TermDD - ok
16:36:06.0873 8180 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:36:06.0876 8180 tssecsrv - ok
16:36:06.0914 8180 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
16:36:06.0917 8180 tunmp - ok
16:36:06.0951 8180 tunnel (2dc2c423572946e9a3131425bda73cb6) C:\Windows\system32\DRIVERS\tunnel.sys
16:36:06.0963 8180 tunnel - ok
16:36:07.0053 8180 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
16:36:07.0058 8180 uagp35 - ok
16:36:07.0103 8180 udfs (655156d84ec37559ee230b888a4f23c5) C:\Windows\system32\DRIVERS\udfs.sys
16:36:07.0112 8180 udfs - ok
16:36:07.0158 8180 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
16:36:07.0162 8180 uliagpkx - ok
16:36:07.0212 8180 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
16:36:07.0237 8180 uliahci - ok
16:36:07.0257 8180 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
16:36:07.0263 8180 UlSata - ok
16:36:07.0285 8180 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
16:36:07.0291 8180 ulsata2 - ok
16:36:07.0320 8180 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
16:36:07.0324 8180 umbus - ok
16:36:07.0398 8180 USBAAPL64 (9e58997a211c8c9ac9e6cffa53614a73) C:\Windows\system32\Drivers\usbaapl64.sys
16:36:07.0402 8180 USBAAPL64 - ok
16:36:07.0465 8180 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
16:36:07.0470 8180 usbccgp - ok
16:36:07.0504 8180 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
16:36:07.0510 8180 usbcir - ok
16:36:07.0549 8180 usbehci (da6d8d8ed0a53c63ac6f4bd40fe83fbe) C:\Windows\system32\DRIVERS\usbehci.sys
16:36:07.0572 8180 usbehci - ok
16:36:07.0600 8180 usbhub (99045369ae3216216573d0775fd7ed56) C:\Windows\system32\DRIVERS\usbhub.sys
16:36:07.0609 8180 usbhub - ok
16:36:07.0636 8180 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
16:36:07.0643 8180 usbohci - ok
16:36:07.0679 8180 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
16:36:07.0683 8180 usbprint - ok
16:36:07.0743 8180 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
16:36:07.0747 8180 usbscan - ok
16:36:07.0785 8180 USBSTOR (586d9876a4945779c8eea926c0d16889) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:36:07.0790 8180 USBSTOR - ok
16:36:07.0820 8180 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
16:36:07.0836 8180 usbuhci - ok
16:36:07.0905 8180 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
16:36:07.0909 8180 vga - ok
16:36:07.0944 8180 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
16:36:07.0948 8180 VgaSave - ok
16:36:07.0976 8180 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
16:36:07.0981 8180 viaide - ok
16:36:08.0073 8180 volmgr (793d9b32a1c462c91f6f70358283ac97) C:\Windows\system32\drivers\volmgr.sys
16:36:08.0078 8180 volmgr - ok
16:36:08.0128 8180 volmgrx (5aa217da5dc4ff5b9ac9ab86563b3223) C:\Windows\system32\drivers\volmgrx.sys
16:36:08.0140 8180 volmgrx - ok
16:36:08.0173 8180 volsnap (de4307412d98050239026e56a7dff3c0) C:\Windows\system32\drivers\volsnap.sys
16:36:08.0183 8180 volsnap - ok
16:36:08.0208 8180 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
16:36:08.0250 8180 vsmraid - ok
16:36:08.0286 8180 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
16:36:08.0289 8180 WacomPen - ok
16:36:08.0317 8180 Wanarp (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
16:36:08.0322 8180 Wanarp - ok
16:36:08.0329 8180 Wanarpv6 (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
16:36:08.0330 8180 Wanarpv6 - ok
16:36:08.0357 8180 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
16:36:08.0360 8180 Wd - ok
16:36:08.0402 8180 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
16:36:08.0427 8180 Wdf01000 - ok
16:36:08.0501 8180 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
16:36:08.0510 8180 WmiAcpi - ok
16:36:08.0557 8180 WpdUsb (6329d1990db931073b86ab5946d8e317) C:\Windows\system32\DRIVERS\wpdusb.sys
16:36:08.0560 8180 WpdUsb - ok
16:36:08.0620 8180 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
16:36:08.0623 8180 ws2ifsl - ok
16:36:08.0683 8180 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:36:08.0687 8180 WUDFRd - ok
16:36:08.0803 8180 X6va003 - ok
16:36:08.0815 8180 X6va005 - ok
16:36:08.0916 8180 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
16:36:08.0923 8180 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
16:36:08.0944 8180 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
16:36:09.0261 8180 \Device\Harddisk0\DR0 - ok
16:36:09.0267 8180 Boot (0x1200) (706a37b829b6eb9cfe236c2ddb9127ee) \Device\Harddisk0\DR0\Partition0
16:36:09.0268 8180 \Device\Harddisk0\DR0\Partition0 - ok
16:36:09.0275 8180 Boot (0x1200) (b034675d991f97af70f76bfe07765b3e) \Device\Harddisk0\DR0\Partition1
16:36:09.0276 8180 \Device\Harddisk0\DR0\Partition1 - ok
16:36:09.0278 8180 ============================================================
16:36:09.0278 8180 Scan finished
16:36:09.0278 8180 ============================================================
16:36:09.0298 3024 Detected object count: 0
16:36:09.0298 3024 Actual detected object count: 0
16:36:17.0498 7312 ============================================================
16:36:17.0498 7312 Scan started
16:36:17.0498 7312 Mode: Manual;
16:36:17.0498 7312 ============================================================
16:36:17.0960 7312 ACPI (375243251c24028da6c9761645b43f21) C:\Windows\system32\drivers\acpi.sys
16:36:17.0963 7312 ACPI - ok
16:36:18.0036 7312 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
16:36:18.0039 7312 adp94xx - ok
16:36:18.0073 7312 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
16:36:18.0076 7312 adpahci - ok
16:36:18.0098 7312 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
16:36:18.0100 7312 adpu160m - ok
16:36:18.0132 7312 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
16:36:18.0133 7312 adpu320 - ok
16:36:18.0172 7312 AFD (9bb97042fa331a0fb4bdd98b9280a50a) C:\Windows\system32\drivers\afd.sys
16:36:18.0175 7312 AFD - ok
16:36:18.0232 7312 AgereSoftModem (55fcdb10e31c22eb67454aaef42b6725) C:\Windows\system32\DRIVERS\agrsm64.sys
16:36:18.0240 7312 AgereSoftModem - ok
16:36:18.0269 7312 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
16:36:18.0270 7312 agp440 - ok
16:36:18.0291 7312 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
16:36:18.0292 7312 aic78xx - ok
16:36:18.0322 7312 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
16:36:18.0323 7312 aliide - ok
16:36:18.0353 7312 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
16:36:18.0354 7312 amdide - ok
16:36:18.0374 7312 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
16:36:18.0375 7312 AmdK8 - ok
16:36:18.0411 7312 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
16:36:18.0412 7312 arc - ok
16:36:18.0434 7312 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
16:36:18.0436 7312 arcsas - ok
16:36:18.0464 7312 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
16:36:18.0464 7312 AsyncMac - ok
16:36:18.0490 7312 atapi (1898fae8e07d97f2f6c2d5326c633fac) C:\Windows\system32\drivers\atapi.sys
16:36:18.0491 7312 atapi - ok
16:36:18.0677 7312 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120121.002\BHDrvx64.sys
16:36:18.0686 7312 BHDrvx64 - ok
16:36:18.0767 7312 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
16:36:18.0769 7312 blbdrive - ok
16:36:18.0817 7312 bowser (f0f035fcec3554cc1b70c5611bd87951) C:\Windows\system32\DRIVERS\bowser.sys
16:36:18.0819 7312 bowser - ok
16:36:18.0839 7312 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
16:36:18.0839 7312 BrFiltLo - ok
16:36:18.0869 7312 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
16:36:18.0870 7312 BrFiltUp - ok
16:36:18.0908 7312 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
16:36:18.0909 7312 Brserid - ok
16:36:18.0940 7312 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
16:36:18.0941 7312 BrSerWdm - ok
16:36:18.0966 7312 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
16:36:18.0973 7312 BrUsbMdm - ok
16:36:19.0059 7312 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
16:36:19.0060 7312 BrUsbSer - ok
16:36:19.0092 7312 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
16:36:19.0093 7312 BTHMODEM - ok
16:36:19.0128 7312 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
16:36:19.0129 7312 cdfs - ok
16:36:19.0154 7312 cdrom (3b2fb35363423ed60c8fbf15fc8680bd) C:\Windows\system32\DRIVERS\cdrom.sys
16:36:19.0155 7312 cdrom - ok
16:36:19.0202 7312 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
16:36:19.0203 7312 circlass - ok
16:36:19.0274 7312 CLFS (caeda2572b7042b11062f327f099251d) C:\Windows\system32\CLFS.sys
16:36:19.0278 7312 CLFS - ok
16:36:19.0324 7312 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
16:36:19.0325 7312 cmdide - ok
16:36:19.0365 7312 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
16:36:19.0366 7312 Compbatt - ok
16:36:19.0389 7312 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
16:36:19.0391 7312 crcdisk - ok
16:36:19.0456 7312 DfsC (3725c43c9e90731eca651d506cc599a3) C:\Windows\system32\Drivers\dfsc.sys
16:36:19.0458 7312 DfsC - ok
16:36:19.0488 7312 disk (2dc415fc05fb8a079f896cbbacb19324) C:\Windows\system32\drivers\disk.sys
16:36:19.0490 7312 disk - ok
16:36:19.0540 7312 DLABMFSE (17e6a205960c775a6f2bed1dd9e56214) C:\Windows\system32\DLA\DLABMFSE.SYS
16:36:19.0541 7312 DLABMFSE - ok
16:36:19.0558 7312 DLABOIOE (92e787b6af9b75a39c99d0a31c05b857) C:\Windows\system32\DLA\DLABOIOE.SYS
16:36:19.0559 7312 DLABOIOE - ok
16:36:19.0584 7312 DLACDBHE (b345278ecd8ed4b8d33684cdbf396436) C:\Windows\system32\Drivers\DLACDBHE.SYS
16:36:19.0585 7312 DLACDBHE - ok
16:36:19.0612 7312 DLADResE (b207bcf0307b191a5068a003c520283a) C:\Windows\system32\DLA\DLADResE.SYS
16:36:19.0613 7312 DLADResE - ok
16:36:19.0641 7312 DLAIFS_E (9448aad0502e570de2275b5f2927c314) C:\Windows\system32\DLA\DLAIFS_E.SYS
16:36:19.0643 7312 DLAIFS_E - ok
16:36:19.0666 7312 DLAOPIOE (02923de961a916675059d44a32ed7a90) C:\Windows\system32\DLA\DLAOPIOE.SYS
16:36:19.0668 7312 DLAOPIOE - ok
16:36:19.0697 7312 DLAPoolE (9c82599cc61e3a467cb5bbe66c111e3a) C:\Windows\system32\DLA\DLAPoolE.SYS
16:36:19.0698 7312 DLAPoolE - ok
16:36:19.0714 7312 DLARTL_E (f24ae7967965cc29fb709191401ab8b7) C:\Windows\system32\Drivers\DLARTL_E.SYS
16:36:19.0715 7312 DLARTL_E - ok
16:36:19.0741 7312 DLAUDFAE (e8fed969b01cacec08ffe88914d992d4) C:\Windows\system32\DLA\DLAUDFAE.SYS
16:36:19.0743 7312 DLAUDFAE - ok
16:36:19.0762 7312 DLAUDF_E (e5a481115ccc2506d5b425e913170df1) C:\Windows\system32\DLA\DLAUDF_E.SYS
16:36:19.0765 7312 DLAUDF_E - ok
16:36:19.0814 7312 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
16:36:19.0816 7312 Dot4 - ok
16:36:19.0855 7312 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:36:19.0857 7312 Dot4Print - ok
16:36:19.0898 7312 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
16:36:19.0900 7312 dot4usb - ok
16:36:19.0942 7312 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
16:36:19.0943 7312 drmkaud - ok
16:36:19.0960 7312 DRVECDB (5e049ca729a0e763c73de4de39ff83e0) C:\Windows\system32\Drivers\DRVECDB.SYS
16:36:19.0963 7312 DRVECDB - ok
16:36:19.0978 7312 DRVEDDM (67e67b1a6f4f42d737962f8e0860b6c2) C:\Windows\system32\Drivers\DRVEDDM.SYS
16:36:19.0979 7312 DRVEDDM - ok
16:36:20.0062 7312 dump_wmimmc - ok
16:36:20.0097 7312 DXGKrnl (412964040ce920ff83aff6b5b551bf99) C:\Windows\System32\drivers\dxgkrnl.sys
16:36:20.0103 7312 DXGKrnl - ok
16:36:20.0122 7312 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
16:36:20.0123 7312 E1G60 - ok
16:36:20.0133 7312 EagleX64 - ok
16:36:20.0154 7312 Ecache (7343d950a34a95dcb7441642e3e6beef) C:\Windows\system32\drivers\ecache.sys
16:36:20.0155 7312 Ecache - ok
16:36:20.0212 7312 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:36:20.0215 7312 eeCtrl - ok
16:36:20.0265 7312 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
16:36:20.0267 7312 elxstor - ok
16:36:20.0309 7312 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:36:20.0310 7312 EraserUtilRebootDrv - ok
16:36:20.0331 7312 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
16:36:20.0332 7312 ErrDev - ok
16:36:20.0377 7312 exfat (2a546b9a84658b0554b1ec35cd9adaf5) C:\Windows\system32\drivers\exfat.sys
16:36:20.0379 7312 exfat - ok
16:36:20.0412 7312 fastfat (fe731d345ed9eeabbc72a59b35941834) C:\Windows\system32\drivers\fastfat.sys
16:36:20.0414 7312 fastfat - ok
16:36:20.0445 7312 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
16:36:20.0446 7312 fdc - ok
16:36:20.0465 7312 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
16:36:20.0467 7312 FileInfo - ok
16:36:20.0490 7312 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
16:36:20.0491 7312 Filetrace - ok
16:36:20.0544 7312 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:36:20.0545 7312 flpydisk - ok
16:36:20.0576 7312 FltMgr (7dacf1a3a4219575070c6dc7c957428a) C:\Windows\system32\drivers\fltmgr.sys
16:36:20.0578 7312 FltMgr - ok
16:36:20.0600 7312 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
16:36:20.0601 7312 Fs_Rec - ok
16:36:20.0623 7312 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
16:36:20.0624 7312 gagp30kx - ok
16:36:20.0660 7312 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:36:20.0661 7312 GEARAspiWDM - ok
16:36:20.0698 7312 HDAudBus (0c0d0f8a3ff09ecc81963d09ec6a0a84) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:36:20.0699 7312 HDAudBus - ok
16:36:20.0732 7312 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
16:36:20.0733 7312 HidBth - ok
16:36:20.0772 7312 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
16:36:20.0773 7312 HidIr - ok
16:36:20.0802 7312 HidUsb (128e2da8483fdd4dd0c7b3f9abd6f323) C:\Windows\system32\DRIVERS\hidusb.sys
16:36:20.0803 7312 HidUsb - ok
16:36:20.0845 7312 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
16:36:20.0846 7312 HpCISSs - ok
16:36:20.0908 7312 HTTP (e690736da6c543f5d99c8fa27bea31db) C:\Windows\system32\drivers\HTTP.sys
16:36:20.0913 7312 HTTP - ok
16:36:20.0940 7312 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
16:36:20.0941 7312 i2omp - ok
16:36:20.0975 7312 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
16:36:20.0976 7312 i8042prt - ok
16:36:21.0026 7312 iaStor (5979854e6fda990107e3170327022117) C:\Windows\system32\drivers\iastor.sys
16:36:21.0030 7312 iaStor - ok
16:36:21.0067 7312 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
16:36:21.0072 7312 iaStorV - ok
16:36:21.0289 7312 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120124.005\IDSvia64.sys
16:36:21.0295 7312 IDSVia64 - ok
16:36:21.0518 7312 igfx (312e18684051457a275da878c75d69c2) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:36:21.0579 7312 igfx - ok
16:36:21.0605 7312 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
16:36:21.0606 7312 iirsp - ok
16:36:21.0670 7312 IntcAzAudAddService (5f885046a7f420989c8366324fd2ef60) C:\Windows\system32\drivers\RTKVHD64.sys
16:36:21.0680 7312 IntcAzAudAddService - ok
16:36:21.0707 7312 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
16:36:21.0708 7312 intelide - ok
16:36:21.0738 7312 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
16:36:21.0740 7312 intelppm - ok
16:36:21.0765 7312 IpFilterDriver (99b821f5bebd6a3cc3fe564f802ae0fd) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:36:21.0766 7312 IpFilterDriver - ok
16:36:21.0782 7312 IpInIp - ok
16:36:21.0807 7312 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
16:36:21.0808 7312 IPMIDRV - ok
16:36:21.0836 7312 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
16:36:21.0837 7312 IPNAT - ok
16:36:21.0865 7312 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
16:36:21.0866 7312 IRENUM - ok
16:36:21.0893 7312 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
16:36:21.0894 7312 isapnp - ok
16:36:21.0918 7312 iScsiPrt (49e4ccbf74783fce5d2cc1ff6480e1f4) C:\Windows\system32\DRIVERS\msiscsi.sys
16:36:21.0920 7312 iScsiPrt - ok
16:36:21.0952 7312 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
16:36:21.0953 7312 iteatapi - ok
16:36:21.0974 7312 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
16:36:21.0975 7312 iteraid - ok
16:36:22.0009 7312 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
16:36:22.0010 7312 kbdclass - ok
16:36:22.0022 7312 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
16:36:22.0023 7312 kbdhid - ok
16:36:22.0071 7312 KSecDD (ccdcce6224e1e207e953af826b98a9d9) C:\Windows\system32\Drivers\ksecdd.sys
16:36:22.0075 7312 KSecDD - ok
16:36:22.0095 7312 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
16:36:22.0096 7312 ksthunk - ok
16:36:22.0139 7312 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
16:36:22.0140 7312 lltdio - ok
16:36:22.0169 7312 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
16:36:22.0171 7312 LSI_FC - ok
16:36:22.0188 7312 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
16:36:22.0190 7312 LSI_SAS - ok
16:36:22.0221 7312 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
16:36:22.0223 7312 LSI_SCSI - ok
16:36:22.0253 7312 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
16:36:22.0255 7312 luafv - ok
16:36:22.0320 7312 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
16:36:22.0321 7312 megasas - ok
16:36:22.0364 7312 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
16:36:22.0368 7312 MegaSR - ok
16:36:22.0396 7312 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
16:36:22.0397 7312 Modem - ok
16:36:22.0421 7312 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
16:36:22.0422 7312 monitor - ok
16:36:22.0443 7312 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
16:36:22.0445 7312 mouclass - ok
16:36:22.0461 7312 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
16:36:22.0462 7312 mouhid - ok
16:36:22.0477 7312 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
16:36:22.0478 7312 MountMgr - ok
16:36:22.0556 7312 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
16:36:22.0558 7312 MpFilter - ok
16:36:22.0576 7312 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
16:36:22.0578 7312 mpio - ok
16:36:22.0613 7312 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
16:36:22.0614 7312 MpNWMon - ok
16:36:22.0637 7312 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
16:36:22.0639 7312 mpsdrv - ok
16:36:22.0683 7312 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
16:36:22.0684 7312 Mraid35x - ok
16:36:22.0760 7312 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
16:36:22.0761 7312 MREMP50 - ok
16:36:22.0851 7312 MREMP50a64 (c2758df79c83a0d12a5599a040ca1818) C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
16:36:22.0853 7312 MREMP50a64 - ok
16:36:22.0861 7312 MREMPR5 - ok
16:36:22.0871 7312 MRENDIS5 - ok
16:36:22.0911 7312 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
16:36:22.0912 7312 MRESP50 - ok
16:36:22.0942 7312 MRESP50a64 (38bd5b32e0722752be8465d2a6da43d9) C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
16:36:22.0944 7312 MRESP50a64 - ok
16:36:22.0970 7312 MRxDAV (fe2706c15f8345c342820e4e4583fea0) C:\Windows\system32\drivers\mrxdav.sys
16:36:22.0972 7312 MRxDAV - ok
16:36:23.0040 7312 mrxsmb (b698eb9acc7ecd4927d99d268918f912) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:36:23.0041 7312 mrxsmb - ok
16:36:23.0084 7312 mrxsmb10 (9a797e27fd28500ee13d43000c931435) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:36:23.0087 7312 mrxsmb10 - ok
16:36:23.0114 7312 mrxsmb20 (f9425d610712533107a264e2d5b2154b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:36:23.0116 7312 mrxsmb20 - ok
16:36:23.0147 7312 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
16:36:23.0148 7312 msahci - ok
16:36:23.0173 7312 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
16:36:23.0175 7312 msdsm - ok
16:36:23.0195 7312 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
16:36:23.0196 7312 Msfs - ok
16:36:23.0225 7312 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
16:36:23.0226 7312 msisadrv - ok
16:36:23.0272 7312 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
16:36:23.0273 7312 MSKSSRV - ok
16:36:23.0299 7312 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
16:36:23.0300 7312 MSPCLOCK - ok
16:36:23.0321 7312 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
16:36:23.0321 7312 MSPQM - ok
16:36:23.0350 7312 MsRPC (b8e32e6103fbba9fbb1d0c11ff0d13b5) C:\Windows\system32\drivers\MsRPC.sys
16:36:23.0353 7312 MsRPC - ok
16:36:23.0378 7312 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
16:36:23.0379 7312 mssmbios - ok
16:36:23.0408 7312 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
16:36:23.0409 7312 MSTEE - ok
16:36:23.0427 7312 Mup (ddf133501f68d6988a0f55dfa88637b4) C:\Windows\system32\Drivers\mup.sys
16:36:23.0428 7312 Mup - ok
16:36:23.0458 7312 NativeWifiP (73b99c98fa3a2ed1566e02d6fe1913a5) C:\Windows\system32\DRIVERS\nwifi.sys
16:36:23.0459 7312 NativeWifiP - ok
16:36:23.0628 7312 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120125.003\ENG64.SYS
16:36:23.0629 7312 NAVENG - ok
16:36:23.0728 7312 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120125.003\EX64.SYS
16:36:23.0741 7312 NAVEX15 - ok
16:36:23.0783 7312 NDIS (2a2ee457af36c5c9a6808c768bd3a12b) C:\Windows\system32\drivers\ndis.sys
16:36:23.0788 7312 NDIS - ok
16:36:23.0810 7312 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
16:36:23.0811 7312 NdisTapi - ok
16:36:23.0833 7312 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
16:36:23.0834 7312 Ndisuio - ok
16:36:23.0854 7312 NdisWan (52e3e8e35101399be9b2938c992aa087) C:\Windows\system32\DRIVERS\ndiswan.sys
16:36:23.0856 7312 NdisWan - ok
16:36:23.0873 7312 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
16:36:23.0875 7312 NDProxy - ok
16:36:23.0893 7312 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
16:36:23.0895 7312 NetBIOS - ok
16:36:23.0919 7312 netbt (7a29ca243a629230799754162d80120f) C:\Windows\system32\DRIVERS\netbt.sys
16:36:23.0922 7312 netbt - ok
16:36:24.0054 7312 netr7364 (0e27af88b9c2291d2fde9faaebd2e9a3) C:\Windows\system32\DRIVERS\netr7364.sys
16:36:24.0060 7312 netr7364 - ok
16:36:24.0103 7312 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
16:36:24.0104 7312 nfrd960 - ok
16:36:24.0142 7312 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:36:24.0144 7312 NisDrv - ok
16:36:24.0170 7312 Npfs (b06154e2a2c91e9be5599fca53bc4cd0) C:\Windows\system32\drivers\Npfs.sys
16:36:24.0171 7312 Npfs - ok
16:36:24.0188 7312 NPPTNT2 - ok
16:36:24.0216 7312 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
16:36:24.0217 7312 nsiproxy - ok
16:36:24.0293 7312 Ntfs (fe86ba5ac3b50e2ca911e9c60c07b638) C:\Windows\system32\drivers\Ntfs.sys
16:36:24.0306 7312 Ntfs - ok
16:36:24.0335 7312 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
16:36:24.0336 7312 Null - ok
16:36:24.0356 7312 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
16:36:24.0358 7312 nvraid - ok
16:36:24.0378 7312 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
16:36:24.0379 7312 nvstor - ok
16:36:24.0416 7312 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
16:36:24.0417 7312 nv_agp - ok
16:36:24.0432 7312 NwlnkFlt - ok
16:36:24.0454 7312 NwlnkFwd - ok
16:36:24.0513 7312 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
16:36:24.0514 7312 ohci1394 - ok
16:36:24.0567 7312 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
16:36:24.0569 7312 Parport - ok
16:36:24.0582 7312 partmgr (5ab40c36894f4c06bdab0c9a2fba282d) C:\Windows\system32\drivers\partmgr.sys
16:36:24.0584 7312 partmgr - ok
16:36:24.0669 7312 PCD5SRVC{8AAF211B-043E02A9-05040000} (7204f835a4355d1ab2853e57c9ff177c) C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms
16:36:24.0671 7312 PCD5SRVC{8AAF211B-043E02A9-05040000} - ok
16:36:24.0704 7312 pci (2a5b2a51559066ea84742909b5b2cd69) C:\Windows\system32\drivers\pci.sys
16:36:24.0706 7312 pci - ok
16:36:24.0735 7312 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
16:36:24.0736 7312 pciide - ok
16:36:24.0774 7312 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
16:36:24.0777 7312 pcmcia - ok
16:36:24.0821 7312 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
16:36:24.0829 7312 PEAUTH - ok
16:36:24.0912 7312 PptpMiniport (f5739f2c6db2534c384ad5150808e8f5) C:\Windows\system32\DRIVERS\raspptp.sys
16:36:24.0914 7312 PptpMiniport - ok
16:36:24.0938 7312 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
16:36:24.0939 7312 Processor - ok
16:36:25.0005 7312 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys
16:36:25.0006 7312 Ps2 - ok
16:36:25.0063 7312 PSched (0e0e205a296095fe4c631e6a4775ad6c) C:\Windows\system32\DRIVERS\pacer.sys
16:36:25.0065 7312 PSched - ok
16:36:25.0095 7312 PxHlpa64 (001cec347ed6cd01f186056bac6c0da9) C:\Windows\system32\Drivers\PxHlpa64.sys
16:36:25.0096 7312 PxHlpa64 - ok
16:36:25.0147 7312 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
16:36:25.0160 7312 ql2300 - ok
16:36:25.0208 7312 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
16:36:25.0210 7312 ql40xx - ok
16:36:25.0259 7312 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
16:36:25.0260 7312 QWAVEdrv - ok
16:36:25.0302 7312 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
16:36:25.0303 7312 RasAcd - ok
16:36:25.0335 7312 Rasl2tp (3b9085f91ef00abd15a6f36570e90e12) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:36:25.0336 7312 Rasl2tp - ok
16:36:25.0362 7312 RasPppoe (2ce1703c27196094fb6e4c6e439f2c21) C:\Windows\system32\DRIVERS\raspppoe.sys
16:36:25.0363 7312 RasPppoe - ok
16:36:25.0389 7312 RasSstp (fcd04fa67e8b40fa0ad361dd38593942) C:\Windows\system32\DRIVERS\rassstp.sys
16:36:25.0391 7312 RasSstp - ok
16:36:25.0419 7312 rdbss (33fa5b6136d92ee0f53f021c79091300) C:\Windows\system32\DRIVERS\rdbss.sys
16:36:25.0422 7312 rdbss - ok
16:36:25.0447 7312 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:36:25.0448 7312 RDPCDD - ok
16:36:25.0498 7312 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
16:36:25.0502 7312 rdpdr - ok
16:36:25.0515 7312 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
16:36:25.0517 7312 RDPENCDD - ok
16:36:25.0562 7312 RDPWD (7747082f672aa2846235c9cea42e2e72) C:\Windows\system32\drivers\RDPWD.sys
16:36:25.0564 7312 RDPWD - ok
16:36:25.0620 7312 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
16:36:25.0621 7312 rspndr - ok
16:36:25.0649 7312 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys
16:36:25.0650 7312 RTL8169 - ok
16:36:25.0681 7312 RxFilter (2dddd6e3fadee0d89365bfb90b1beeb9) C:\Windows\system32\DRIVERS\RxFilter.sys
16:36:25.0682 7312 RxFilter - ok
16:36:25.0720 7312 sbp2port (ee92f9b915e7933a2c181a601d01ddce) C:\Windows\system32\DRIVERS\sbp2port.sys
16:36:25.0721 7312 sbp2port - ok
16:36:25.0761 7312 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:36:25.0762 7312 secdrv - ok
16:36:25.0789 7312 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
16:36:25.0789 7312 Serenum - ok
16:36:25.0823 7312 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
16:36:25.0824 7312 Serial - ok
16:36:25.0853 7312 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
16:36:25.0854 7312 sermouse - ok
16:36:25.0886 7312 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
16:36:25.0887 7312 sffdisk - ok
16:36:25.0915 7312 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
16:36:25.0916 7312 sffp_mmc - ok
16:36:25.0939 7312 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
16:36:25.0940 7312 sffp_sd - ok
16:36:25.0965 7312 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
16:36:25.0966 7312 sfloppy - ok
16:36:26.0081 7312 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
16:36:26.0082 7312 SiSRaid2 - ok
16:36:26.0142 7312 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
16:36:26.0143 7312 SiSRaid4 - ok
16:36:26.0216 7312 Smb (41eb2e8e005feedcafce301983eff932) C:\Windows\system32\DRIVERS\smb.sys
16:36:26.0217 7312 Smb - ok
16:36:26.0252 7312 spldr (f9cb0672162f7f04248e2b82c1ff4617) C:\Windows\system32\drivers\spldr.sys
16:36:26.0253 7312 spldr - ok
16:36:26.0598 7312 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS
16:36:26.0604 7312 SRTSP - ok
16:36:26.0628 7312 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS
16:36:26.0629 7312 SRTSPX - ok
16:36:26.0747 7312 srv (a8abd7d0d907b45cf3831f4dd8644349) C:\Windows\system32\DRIVERS\srv.sys
16:36:26.0751 7312 srv - ok
16:36:26.0797 7312 srv2 (6c72eea39e1c37b436a6d1532999f9ec) C:\Windows\system32\DRIVERS\srv2.sys
16:36:26.0801 7312 srv2 - ok
16:36:26.0848 7312 srvnet (7f69bcf9e6fa3d93c82ee6b87812666d) C:\Windows\system32\DRIVERS\srvnet.sys
16:36:26.0850 7312 srvnet - ok
16:36:26.0909 7312 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
16:36:26.0911 7312 StillCam - ok
16:36:26.0998 7312 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
16:36:26.0999 7312 swenum - ok
16:36:27.0035 7312 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
16:36:27.0037 7312 Symc8xx - ok
16:36:27.0072 7312 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS
16:36:27.0077 7312 SymDS - ok
16:36:27.0123 7312 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS
16:36:27.0132 7312 SymEFA - ok
16:36:27.0170 7312 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:36:27.0173 7312 SymEvent - ok
16:36:27.0224 7312 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS
16:36:27.0226 7312 SymIRON - ok
16:36:27.0274 7312 SYMTDIv (6cb70a5d30e4322bab4ad52866b0a4b8) C:\Windows\System32\Drivers\N360x64\0501000.01D\SYMTDIV.SYS
16:36:27.0277 7312 SYMTDIv - ok
16:36:27.0311 7312 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
16:36:27.0312 7312 Sym_hi - ok
16:36:27.0337 7312 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
16:36:27.0338 7312 Sym_u3 - ok
16:36:27.0428 7312 Tcpip (d43d5336be9dd93e02ee124297295713) C:\Windows\system32\drivers\tcpip.sys
16:36:27.0437 7312 Tcpip - ok
16:36:27.0486 7312 Tcpip6 (d43d5336be9dd93e02ee124297295713) C:\Windows\system32\DRIVERS\tcpip.sys
16:36:27.0497 7312 Tcpip6 - ok
16:36:27.0550 7312 tcpipreg (c29d4b3b08ad0b7e8564814e4ff6a57b) C:\Windows\system32\drivers\tcpipreg.sys
16:36:27.0551 7312 tcpipreg - ok
16:36:27.0571 7312 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
16:36:27.0572 7312 TDPIPE - ok
16:36:27.0603 7312 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
16:36:27.0604 7312 TDTCP - ok
16:36:27.0632 7312 tdx (8c39c72e0e853de04748c0337d9b9216) C:\Windows\system32\DRIVERS\tdx.sys
16:36:27.0633 7312 tdx - ok
16:36:27.0654 7312 TermDD (3f0ebf6ee609f2a276c0d5faf244ec90) C:\Windows\system32\DRIVERS\termdd.sys
16:36:27.0655 7312 TermDD - ok
16:36:27.0719 7312 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:36:27.0720 7312 tssecsrv - ok
16:36:27.0752 7312 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
16:36:27.0753 7312 tunmp - ok
16:36:27.0789 7312 tunnel (2dc2c423572946e9a3131425bda73cb6) C:\Windows\system32\DRIVERS\tunnel.sys
16:36:27.0790 7312 tunnel - ok
16:36:27.0808 7312 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
16:36:27.0809 7312 uagp35 - ok
16:36:27.0849 7312 udfs (655156d84ec37559ee230b888a4f23c5) C:\Windows\system32\DRIVERS\udfs.sys
16:36:27.0852 7312 udfs - ok
16:36:27.0904 7312 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
16:36:27.0905 7312 uliagpkx - ok
16:36:27.0949 7312 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
16:36:27.0951 7312 uliahci - ok
16:36:27.0979 7312 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
16:36:27.0981 7312 UlSata - ok
16:36:28.0015 7312 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
16:36:28.0017 7312 ulsata2 - ok
16:36:28.0049 7312 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
16:36:28.0050 7312 umbus - ok
16:36:28.0094 7312 USBAAPL64 (9e58997a211c8c9ac9e6cffa53614a73) C:\Windows\system32\Drivers\usbaapl64.sys
16:36:28.0095 7312 USBAAPL64 - ok
16:36:28.0136 7312 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
16:36:28.0138 7312 usbccgp - ok
16:36:28.0184 7312 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
16:36:28.0185 7312 usbcir - ok
16:36:28.0221 7312 usbehci (da6d8d8ed0a53c63ac6f4bd40fe83fbe) C:\Windows\system32\DRIVERS\usbehci.sys
16:36:28.0222 7312 usbehci - ok
16:36:28.0262 7312 usbhub (99045369ae3216216573d0775fd7ed56) C:\Windows\system32\DRIVERS\usbhub.sys
16:36:28.0264 7312 usbhub - ok
16:36:28.0282 7312 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
16:36:28.0283 7312 usbohci - ok
16:36:28.0316 7312 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
16:36:28.0317 7312 usbprint - ok
16:36:28.0347 7312 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
16:36:28.0348 7312 usbscan - ok
16:36:28.0373 7312 USBSTOR (586d9876a4945779c8eea926c0d16889) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:36:28.0374 7312 USBSTOR - ok
16:36:28.0400 7312 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
16:36:28.0401 7312 usbuhci - ok
16:36:28.0434 7312 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
16:36:28.0435 7312 vga - ok
16:36:28.0465 7312 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
16:36:28.0466 7312 VgaSave - ok
16:36:28.0564 7312 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
16:36:28.0565 7312 viaide - ok
16:36:28.0586 7312 volmgr (793d9b32a1c462c91f6f70358283ac97) C:\Windows\system32\drivers\volmgr.sys
16:36:28.0588 7312 volmgr - ok
16:36:28.0616 7312 volmgrx (5aa217da5dc4ff5b9ac9ab86563b3223) C:\Windows\system32\drivers\volmgrx.sys
16:36:28.0619 7312 volmgrx - ok
16:36:28.0644 7312 volsnap (de4307412d98050239026e56a7dff3c0) C:\Windows\system32\drivers\volsnap.sys
16:36:28.0646 7312 volsnap - ok
16:36:28.0670 7312 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
16:36:28.0672 7312 vsmraid - ok
16:36:28.0707 7312 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
16:36:28.0708 7312 WacomPen - ok
16:36:28.0730 7312 Wanarp (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
16:36:28.0731 7312 Wanarp - ok
16:36:28.0740 7312 Wanarpv6 (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
16:36:28.0741 7312 Wanarpv6 - ok
16:36:28.0770 7312 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
16:36:28.0771 7312 Wd - ok
16:36:28.0807 7312 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
16:36:28.0812 7312 Wdf01000 - ok
16:36:28.0881 7312 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
16:36:28.0882 7312 WmiAcpi - ok
16:36:28.0928 7312 WpdUsb (6329d1990db931073b86ab5946d8e317) C:\Windows\system32\DRIVERS\wpdusb.sys
16:36:28.0929 7312 WpdUsb - ok
16:36:28.0950 7312 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
16:36:28.0951 7312 ws2ifsl - ok
16:36:28.0988 7312 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:36:28.0989 7312 WUDFRd - ok
16:36:29.0075 7312 X6va003 - ok
16:36:29.0099 7312 X6va005 - ok
16:36:29.0163 7312 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
16:36:29.0164 7312 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
16:36:29.0182 7312 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
16:36:29.0375 7312 \Device\Harddisk0\DR0 - ok
16:36:29.0379 7312 Boot (0x1200) (706a37b829b6eb9cfe236c2ddb9127ee) \Device\Harddisk0\DR0\Partition0
16:36:29.0380 7312 \Device\Harddisk0\DR0\Partition0 - ok
16:36:29.0387 7312 Boot (0x1200) (b034675d991f97af70f76bfe07765b3e) \Device\Harddisk0\DR0\Partition1
16:36:29.0388 7312 \Device\Harddisk0\DR0\Partition1 - ok
16:36:29.0391 7312 ============================================================
16:36:29.0391 7312 Scan finished
16:36:29.0391 7312 ============================================================
16:36:29.0410 6024 Detected object count: 0
16:36:29.0410 6024 Actual detected object count: 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users