Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Norton Suite hijacked & hanging webpages


  • This topic is locked This topic is locked
7 replies to this topic

#1 commonalias

commonalias

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft. Lauderdale, Florida
  • Local time:01:01 PM

Posted 11 November 2012 - 12:22 PM

Norton has been disabled with a red X next over the icon, when I try to open it, there's a message that says the service has been cancelled, would I like to purchase a new package?; Constant Guard will not open; the firewall was turned off (but I just turned it back on); webpages might function normally, but may freeze for no apparent reason. Thanks in advance, your help is greatly appreciated!

DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by user at 10:47:41 on 2012-11-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1272 [GMT -5:00]
.
AV: Norton Security Suite *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SFT\GuardedID\gidd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Constant Guard Protection Suite\IDVault.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.my.yahoo.com/
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\5.2.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\5.2.2.3\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Constant Guard Protection Suite: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - c:\documents and settings\all users\application data\white sky, inc\id vault\iebho1.12.1012.1\NativeBHO.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\5.2.2.3\coieplg.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\5.2.2.3\coieplg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [GIDDesktop] c:\program files\sft\guardedid\gidd.exe /s
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\consta~1.lnk - c:\program files\constant guard protection suite\IDVault.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1278447772640
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{48B4C6D3-E9A2-4953-BABE-D9E02CB6BC36} : NameServer = 75.75.75.75,75.75.76.76
TCP: Interfaces\{48B4C6D3-E9A2-4953-BABE-D9E02CB6BC36} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{4C4CC5B6-3D3C-423A-95D3-62A1CBCC738E} : DHCPNameServer = 4.2.2.1 4.2.2.2 68.87.66.209
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: GIDLogonXP - GIDLogonXP.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - c:\program files\sft\guardedid\gidi.exe /v
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502020.003\symds.sys [2012-7-16 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502020.003\symefa.sys [2012-7-16 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20121030.002\BHDrvx86.sys [2012-11-10 995488]
R1 GIDv2;GIDv2;c:\windows\system32\drivers\gidv2.sys [2012-11-10 25232]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502020.003\ironx86.sys [2012-7-16 136312]
R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2011-5-6 1085440]
R2 IDVaultSvc;CGPS Service;c:\program files\constant guard protection suite\IDVaultSvc.exe [2012-10-16 61552]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\5.2.2.3\ccsvchst.exe [2012-7-16 130008]
R2 WDRulesService;WDRulesService;c:\program files\western digital\wd smartware\WDRulesEngine.exe [2011-8-1 1091984]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-10 106656]
S0 cerc6;cerc6; [x]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2010-7-6 20160]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2007-6-11 968064]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20121109.001\IDSXpx86.sys [2012-11-10 373728]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys --> c:\windows\system32\drivers\ivusb.sys [?]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2011-2-5 30576]
S3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20121109.020\NAVENG.SYS [2012-11-10 92704]
S3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20121109.020\NAVEX15.SYS [2012-11-10 1601184]
S3 Normandy;Normandy SR2; [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2011-8-27 11520]
S4 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2010-12-5 249616]
S4 WDDMService;WDDMService;c:\program files\western digital\wd smartware\WDDMService.exe [2011-8-1 263056]
S4 WDFMEService;WDFMEService;c:\program files\western digital\wd smartware\WDFME.exe [2011-8-1 1592208]
.
=============== Created Last 30 ================
.
2012-11-10 22:25:07 -------- d-----w- c:\documents and settings\user\local settings\application data\White_Sky,_Inc
2012-11-10 22:24:27 25232 ------w- c:\windows\system32\drivers\gidv2.sys
2012-11-10 22:24:24 -------- d-----w- c:\documents and settings\all users\GID
2012-11-10 22:24:23 -------- d-----w- c:\program files\SFT
2012-10-30 22:23:51 -------- d-----w- c:\program files\iPod
2012-10-30 22:23:48 -------- d-----w- c:\program files\iTunes
2012-10-30 22:23:48 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
.
==================== Find3M ====================
.
2012-11-10 15:35:37 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-10 15:35:36 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-04 22:46:46 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-10-04 22:46:46 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-09-24 19:32:24 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-24 19:32:20 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-24 17:51:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 17:01:22 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 17:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-21 13:33:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58:09 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
c:\windows\system32\drivers\iastor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\Harddisk0\DR0[0x8A662AB8]
3 CLASSPNP[0xBA108FD7] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\Ide\IAAStorageDevice-0[0x8A0A1028]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
.
============= FINISH: 10:48:14.03 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:01 PM

Posted 12 November 2012 - 08:23 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 commonalias

commonalias
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft. Lauderdale, Florida
  • Local time:01:01 PM

Posted 13 November 2012 - 10:23 PM

Hello, the problem has continued, I'm ready for instructions. Thanks.

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:01 PM

Posted 14 November 2012 - 09:02 PM

Please run TDSSKiller

  • Download TDSSKiller and save it to your Desktop.

  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.

  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l report.txt

  • Now click Start Scan.
  • If Malicious objects are found, ensure Cure is selected then click Continue > Reboot now.
  • Click Close
  • Finally press Report and copy and paste the contents into your next reply. If you've rebooted then the log will be found at C:\

Posted Image
m0le is a proud member of UNITE

#5 commonalias

commonalias
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft. Lauderdale, Florida
  • Local time:01:01 PM

Posted 14 November 2012 - 09:47 PM

21:40:04.0734 1244 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:40:05.0031 1244 ============================================================
21:40:05.0031 1244 Current date / time: 2012/11/14 21:40:05.0031
21:40:05.0031 1244 SystemInfo:
21:40:05.0031 1244
21:40:05.0031 1244 OS Version: 5.1.2600 ServicePack: 3.0
21:40:05.0031 1244 Product type: Workstation
21:40:05.0031 1244 ComputerName: 62ECCB2B65314A8
21:40:05.0031 1244 UserName: user
21:40:05.0031 1244 Windows directory: C:\WINDOWS
21:40:05.0031 1244 System windows directory: C:\WINDOWS
21:40:05.0031 1244 Processor architecture: Intel x86
21:40:05.0031 1244 Number of processors: 2
21:40:05.0031 1244 Page size: 0x1000
21:40:05.0031 1244 Boot type: Normal boot
21:40:05.0031 1244 ============================================================
21:40:05.0484 1244 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:40:05.0500 1244 ============================================================
21:40:05.0500 1244 \Device\Harddisk0\DR0:
21:40:05.0500 1244 MBR partitions:
21:40:05.0500 1244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
21:40:05.0500 1244 ============================================================
21:40:05.0531 1244 C: <-> \Device\Harddisk0\DR0\Partition1
21:40:05.0531 1244 ============================================================
21:40:05.0531 1244 Initialize success
21:40:05.0531 1244 ============================================================
21:40:13.0203 2860 ============================================================
21:40:13.0203 2860 Scan started
21:40:13.0203 2860 Mode: Manual;
21:40:13.0203 2860 ============================================================
21:40:13.0406 2860 ================ Scan system memory ========================
21:40:13.0406 2860 System memory - ok
21:40:13.0406 2860 ================ Scan services =============================
21:40:13.0531 2860 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINDOWS\system32\DRIVERS\61883.sys
21:40:13.0531 2860 61883 - ok
21:40:13.0546 2860 Abiosdsk - ok
21:40:13.0546 2860 abp480n5 - ok
21:40:13.0578 2860 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:40:13.0578 2860 ACPI - ok
21:40:13.0625 2860 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:40:13.0640 2860 ACPIEC - ok
21:40:13.0671 2860 [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511 C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
21:40:13.0671 2860 ADM8511 - ok
21:40:13.0765 2860 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:40:13.0765 2860 AdobeFlashPlayerUpdateSvc - ok
21:40:13.0765 2860 adpu160m - ok
21:40:13.0828 2860 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:40:13.0843 2860 aec - ok
21:40:13.0906 2860 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:40:13.0906 2860 AFD - ok
21:40:13.0906 2860 Aha154x - ok
21:40:13.0906 2860 aic78u2 - ok
21:40:13.0921 2860 aic78xx - ok
21:40:13.0968 2860 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:40:13.0968 2860 Alerter - ok
21:40:14.0015 2860 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
21:40:14.0015 2860 ALG - ok
21:40:14.0015 2860 AliIde - ok
21:40:14.0031 2860 amsint - ok
21:40:14.0125 2860 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:40:14.0125 2860 Apple Mobile Device - ok
21:40:14.0203 2860 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:40:14.0203 2860 AppMgmt - ok
21:40:14.0218 2860 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:40:14.0218 2860 Arp1394 - ok
21:40:14.0234 2860 asc - ok
21:40:14.0234 2860 asc3350p - ok
21:40:14.0250 2860 asc3550 - ok
21:40:14.0343 2860 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:40:14.0359 2860 aspnet_state - ok
21:40:14.0390 2860 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:40:14.0390 2860 AsyncMac - ok
21:40:14.0437 2860 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:40:14.0437 2860 atapi - ok
21:40:14.0437 2860 Atdisk - ok
21:40:14.0453 2860 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:40:14.0453 2860 Atmarpc - ok
21:40:14.0500 2860 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:40:14.0500 2860 AudioSrv - ok
21:40:14.0546 2860 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:40:14.0546 2860 audstub - ok
21:40:14.0578 2860 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINDOWS\system32\DRIVERS\avc.sys
21:40:14.0578 2860 Avc - ok
21:40:14.0625 2860 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:40:14.0625 2860 Beep - ok
21:40:14.0812 2860 [ 684B12018A54ADC1F856372EC5762B48 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20121030.002\BHDrvx86.sys
21:40:14.0828 2860 BHDrvx86 - ok
21:40:14.0875 2860 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
21:40:14.0921 2860 BITS - ok
21:40:14.0984 2860 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:40:14.0984 2860 Bonjour Service - ok
21:40:15.0031 2860 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
21:40:15.0031 2860 Browser - ok
21:40:15.0171 2860 catchme - ok
21:40:15.0203 2860 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:40:15.0203 2860 cbidf2k - ok
21:40:15.0250 2860 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:40:15.0250 2860 CCDECODE - ok
21:40:15.0250 2860 cd20xrnt - ok
21:40:15.0296 2860 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:40:15.0296 2860 Cdaudio - ok
21:40:15.0359 2860 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:40:15.0359 2860 Cdfs - ok
21:40:15.0421 2860 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:40:15.0421 2860 Cdrom - ok
21:40:15.0421 2860 cerc6 - ok
21:40:15.0421 2860 Changer - ok
21:40:15.0468 2860 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:40:15.0484 2860 CiSvc - ok
21:40:15.0484 2860 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:40:15.0484 2860 ClipSrv - ok
21:40:15.0515 2860 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:40:15.0531 2860 clr_optimization_v2.0.50727_32 - ok
21:40:15.0546 2860 CmdIde - ok
21:40:15.0546 2860 COMSysApp - ok
21:40:15.0562 2860 Cpqarray - ok
21:40:15.0609 2860 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:40:15.0609 2860 CryptSvc - ok
21:40:15.0609 2860 dac2w2k - ok
21:40:15.0609 2860 dac960nt - ok
21:40:15.0671 2860 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:40:15.0687 2860 DcomLaunch - ok
21:40:15.0734 2860 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:40:15.0734 2860 Dhcp - ok
21:40:15.0734 2860 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:40:15.0734 2860 Disk - ok
21:40:15.0750 2860 dmadmin - ok
21:40:15.0796 2860 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:40:15.0812 2860 dmboot - ok
21:40:15.0812 2860 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:40:15.0828 2860 dmio - ok
21:40:15.0828 2860 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:40:15.0828 2860 dmload - ok
21:40:15.0859 2860 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:40:15.0859 2860 dmserver - ok
21:40:15.0906 2860 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:40:15.0906 2860 DMusic - ok
21:40:15.0953 2860 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:40:15.0953 2860 Dnscache - ok
21:40:15.0984 2860 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:40:15.0984 2860 Dot3svc - ok
21:40:15.0984 2860 dpti2o - ok
21:40:16.0015 2860 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:40:16.0015 2860 drmkaud - ok
21:40:16.0062 2860 [ AC9CF17EE2AE003C98EB4F5336C38058 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
21:40:16.0062 2860 E100B - ok
21:40:16.0093 2860 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:40:16.0093 2860 EapHost - ok
21:40:16.0187 2860 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
21:40:16.0203 2860 eeCtrl - ok
21:40:16.0203 2860 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:40:16.0203 2860 EraserUtilRebootDrv - ok
21:40:16.0218 2860 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:40:16.0218 2860 ERSvc - ok
21:40:16.0250 2860 esgiguard - ok
21:40:16.0281 2860 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
21:40:16.0312 2860 Eventlog - ok
21:40:16.0343 2860 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
21:40:16.0359 2860 EventSystem - ok
21:40:16.0406 2860 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:40:16.0406 2860 Fastfat - ok
21:40:16.0453 2860 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:40:16.0453 2860 FastUserSwitchingCompatibility - ok
21:40:16.0468 2860 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:40:16.0468 2860 Fdc - ok
21:40:16.0484 2860 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:40:16.0484 2860 Fips - ok
21:40:16.0546 2860 [ B8602C90D3C427D8A86CE60437615CF5 ] FlipShare Service C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
21:40:16.0562 2860 FlipShare Service - ok
21:40:16.0593 2860 [ AC5FB7094F31534594CAE48306972CBD ] FlipShareServer C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
21:40:16.0609 2860 FlipShareServer - ok
21:40:16.0609 2860 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:40:16.0609 2860 Flpydisk - ok
21:40:16.0671 2860 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:40:16.0671 2860 FltMgr - ok
21:40:16.0765 2860 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:40:16.0765 2860 FontCache3.0.0.0 - ok
21:40:16.0765 2860 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:40:16.0765 2860 Fs_Rec - ok
21:40:16.0765 2860 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:40:16.0781 2860 Ftdisk - ok
21:40:16.0828 2860 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:40:16.0828 2860 GEARAspiWDM - ok
21:40:16.0859 2860 [ 20F6C49E2C410FCD32D781F521579BF5 ] GIDv2 C:\WINDOWS\system32\drivers\GIDv2.sys
21:40:16.0859 2860 GIDv2 - ok
21:40:16.0890 2860 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:40:16.0890 2860 Gpc - ok
21:40:16.0968 2860 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:40:16.0968 2860 gupdate - ok
21:40:16.0968 2860 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:40:16.0968 2860 gupdatem - ok
21:40:17.0031 2860 [ E73B3865F5BCE5B445D18EF39380844A ] HCW85BDA C:\WINDOWS\system32\drivers\HCW85BDA.sys
21:40:17.0046 2860 HCW85BDA - ok
21:40:17.0078 2860 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:40:17.0078 2860 HDAudBus - ok
21:40:17.0125 2860 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:40:17.0125 2860 helpsvc - ok
21:40:17.0156 2860 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:40:17.0156 2860 HidServ - ok
21:40:17.0171 2860 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:40:17.0171 2860 HidUsb - ok
21:40:17.0234 2860 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:40:17.0234 2860 hkmsvc - ok
21:40:17.0234 2860 hpn - ok
21:40:17.0281 2860 [ 5DF616ADDB75C1AD36C1F9E4DE0F7654 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
21:40:17.0296 2860 HSFHWBS2 - ok
21:40:17.0328 2860 [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
21:40:17.0343 2860 HSF_DP - ok
21:40:17.0390 2860 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:40:17.0390 2860 HTTP - ok
21:40:17.0437 2860 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:40:17.0437 2860 HTTPFilter - ok
21:40:17.0437 2860 i2omgmt - ok
21:40:17.0437 2860 i2omp - ok
21:40:17.0484 2860 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:40:17.0484 2860 i8042prt - ok
21:40:17.0671 2860 [ 28423512370705AEDA6A652FEDB25468 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:40:17.0750 2860 ialm - ok
21:40:17.0796 2860 [ 707C1692214B1C290271067197F075F6 ] iastor C:\WINDOWS\system32\drivers\iastor.sys
21:40:17.0812 2860 iastor - ok
21:40:17.0875 2860 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:40:17.0890 2860 idsvc - ok
21:40:18.0000 2860 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20121109.001\IDSxpx86.sys
21:40:18.0000 2860 IDSxpx86 - ok
21:40:18.0062 2860 [ 9995160D6F69A603FA5B8DA9A42E8F9F ] IDVaultSvc C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
21:40:18.0062 2860 IDVaultSvc - ok
21:40:18.0093 2860 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:40:18.0093 2860 Imapi - ok
21:40:18.0140 2860 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:40:18.0140 2860 ImapiService - ok
21:40:18.0156 2860 ini910u - ok
21:40:18.0328 2860 [ 14B48553BE78472D2BD3A518658A1710 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:40:18.0359 2860 IntcAzAudAddService - ok
21:40:18.0375 2860 IntelIde - ok
21:40:18.0421 2860 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:40:18.0421 2860 intelppm - ok
21:40:18.0437 2860 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:40:18.0437 2860 Ip6Fw - ok
21:40:18.0468 2860 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:40:18.0468 2860 IpFilterDriver - ok
21:40:18.0468 2860 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:40:18.0468 2860 IpInIp - ok
21:40:18.0500 2860 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:40:18.0500 2860 IpNat - ok
21:40:18.0578 2860 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:40:18.0593 2860 iPod Service - ok
21:40:18.0609 2860 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:40:18.0609 2860 IPSec - ok
21:40:18.0625 2860 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:40:18.0625 2860 IRENUM - ok
21:40:18.0671 2860 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:40:18.0671 2860 isapnp - ok
21:40:18.0671 2860 ivusb - ok
21:40:18.0750 2860 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
21:40:18.0765 2860 JavaQuickStarterService - ok
21:40:18.0812 2860 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:40:18.0812 2860 Kbdclass - ok
21:40:18.0859 2860 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:40:18.0859 2860 kbdhid - ok
21:40:18.0859 2860 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:40:18.0875 2860 kmixer - ok
21:40:18.0906 2860 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:40:18.0906 2860 KSecDD - ok
21:40:18.0921 2860 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
21:40:18.0937 2860 LanmanServer - ok
21:40:18.0984 2860 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:40:18.0984 2860 lanmanworkstation - ok
21:40:18.0984 2860 lbrtfdc - ok
21:40:19.0000 2860 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:40:19.0000 2860 LmHosts - ok
21:40:19.0031 2860 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:40:19.0031 2860 mdmxsdk - ok
21:40:19.0031 2860 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:40:19.0031 2860 Messenger - ok
21:40:19.0109 2860 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:40:19.0109 2860 Microsoft Office Groove Audit Service - ok
21:40:19.0125 2860 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:40:19.0125 2860 mnmdd - ok
21:40:19.0140 2860 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:40:19.0140 2860 mnmsrvc - ok
21:40:19.0187 2860 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:40:19.0187 2860 Modem - ok
21:40:19.0234 2860 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:40:19.0234 2860 Mouclass - ok
21:40:19.0250 2860 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:40:19.0250 2860 mouhid - ok
21:40:19.0281 2860 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:40:19.0281 2860 MountMgr - ok
21:40:19.0312 2860 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
21:40:19.0312 2860 MPE - ok
21:40:19.0312 2860 mraid35x - ok
21:40:19.0343 2860 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:40:19.0343 2860 MRxDAV - ok
21:40:19.0421 2860 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:40:19.0421 2860 MRxSmb - ok
21:40:19.0468 2860 [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe
21:40:19.0468 2860 MSCamSvc - ok
21:40:19.0500 2860 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:40:19.0500 2860 MSDTC - ok
21:40:19.0531 2860 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINDOWS\system32\DRIVERS\msdv.sys
21:40:19.0531 2860 MSDV - ok
21:40:19.0546 2860 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:40:19.0546 2860 Msfs - ok
21:40:19.0562 2860 [ 5119FFC2A6B51089CDB0EFDC75808C97 ] MSHUSBVideo C:\WINDOWS\system32\Drivers\nx6000.sys
21:40:19.0562 2860 MSHUSBVideo - ok
21:40:19.0578 2860 MSIServer - ok
21:40:19.0593 2860 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:40:19.0593 2860 MSKSSRV - ok
21:40:19.0609 2860 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:40:19.0609 2860 MSPCLOCK - ok
21:40:19.0609 2860 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:40:19.0625 2860 MSPQM - ok
21:40:19.0656 2860 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:40:19.0656 2860 mssmbios - ok
21:40:19.0687 2860 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:40:19.0687 2860 MSTEE - ok
21:40:19.0703 2860 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:40:19.0718 2860 Mup - ok
21:40:19.0750 2860 [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360 C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
21:40:19.0765 2860 N360 - ok
21:40:19.0781 2860 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:40:19.0781 2860 NABTSFEC - ok
21:40:19.0812 2860 [ 428C611928DF3E96538A482117E659F7 ] NAL C:\WINDOWS\system32\Drivers\iqvw32.sys
21:40:19.0812 2860 NAL - ok
21:40:19.0843 2860 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:40:19.0843 2860 napagent - ok
21:40:19.0921 2860 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20121109.020\NAVENG.SYS
21:40:19.0921 2860 NAVENG - ok
21:40:20.0000 2860 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20121109.020\NAVEX15.SYS
21:40:20.0015 2860 NAVEX15 - ok
21:40:20.0046 2860 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:40:20.0062 2860 NDIS - ok
21:40:20.0093 2860 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:40:20.0093 2860 NdisIP - ok
21:40:20.0125 2860 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:40:20.0125 2860 NdisTapi - ok
21:40:20.0171 2860 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:40:20.0171 2860 Ndisuio - ok
21:40:20.0187 2860 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:40:20.0187 2860 NdisWan - ok
21:40:20.0234 2860 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:40:20.0234 2860 NDProxy - ok
21:40:20.0281 2860 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:40:20.0281 2860 NetBIOS - ok
21:40:20.0296 2860 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:40:20.0296 2860 NetBT - ok
21:40:20.0343 2860 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
21:40:20.0343 2860 NetDDE - ok
21:40:20.0359 2860 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:40:20.0359 2860 NetDDEdsdm - ok
21:40:20.0390 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:40:20.0390 2860 Netlogon - ok
21:40:20.0453 2860 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
21:40:20.0468 2860 Netman - ok
21:40:20.0515 2860 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:40:20.0515 2860 NetTcpPortSharing - ok
21:40:20.0531 2860 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:40:20.0531 2860 NIC1394 - ok
21:40:20.0562 2860 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
21:40:20.0578 2860 Nla - ok
21:40:20.0578 2860 Normandy - ok
21:40:20.0578 2860 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:40:20.0578 2860 Npfs - ok
21:40:20.0609 2860 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:40:20.0625 2860 Ntfs - ok
21:40:20.0625 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:40:20.0625 2860 NtLmSsp - ok
21:40:20.0656 2860 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:40:20.0671 2860 NtmsSvc - ok
21:40:20.0687 2860 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:40:20.0687 2860 Null - ok
21:40:20.0734 2860 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:40:20.0734 2860 NwlnkFlt - ok
21:40:20.0734 2860 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:40:20.0734 2860 NwlnkFwd - ok
21:40:20.0828 2860 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:40:20.0828 2860 odserv - ok
21:40:20.0843 2860 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:40:20.0843 2860 ohci1394 - ok
21:40:20.0859 2860 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:40:20.0875 2860 ose - ok
21:40:20.0906 2860 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:40:20.0906 2860 Parport - ok
21:40:20.0906 2860 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:40:20.0906 2860 PartMgr - ok
21:40:20.0937 2860 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:40:20.0953 2860 ParVdm - ok
21:40:20.0968 2860 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:40:20.0968 2860 PCI - ok
21:40:20.0968 2860 PCIDump - ok
21:40:20.0968 2860 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:40:20.0968 2860 PCIIde - ok
21:40:21.0000 2860 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:40:21.0000 2860 Pcmcia - ok
21:40:21.0031 2860 [ D01C7ECB9A1DE9C6615326C8B3F3A013 ] pctgntdi C:\WINDOWS\system32\drivers\pctgntdi.sys
21:40:21.0046 2860 pctgntdi - ok
21:40:21.0046 2860 PDCOMP - ok
21:40:21.0046 2860 PDFRAME - ok
21:40:21.0062 2860 PDRELI - ok
21:40:21.0062 2860 PDRFRAME - ok
21:40:21.0062 2860 perc2 - ok
21:40:21.0078 2860 perc2hib - ok
21:40:21.0109 2860 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
21:40:21.0109 2860 PlugPlay - ok
21:40:21.0125 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:40:21.0125 2860 PolicyAgent - ok
21:40:21.0140 2860 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:40:21.0140 2860 PptpMiniport - ok
21:40:21.0140 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:40:21.0140 2860 ProtectedStorage - ok
21:40:21.0140 2860 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:40:21.0156 2860 PSched - ok
21:40:21.0156 2860 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:40:21.0156 2860 Ptilink - ok
21:40:21.0171 2860 ql1080 - ok
21:40:21.0171 2860 Ql10wnt - ok
21:40:21.0187 2860 ql12160 - ok
21:40:21.0187 2860 ql1240 - ok
21:40:21.0203 2860 ql1280 - ok
21:40:21.0234 2860 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:40:21.0250 2860 RasAcd - ok
21:40:21.0281 2860 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:40:21.0281 2860 RasAuto - ok
21:40:21.0281 2860 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:40:21.0281 2860 Rasl2tp - ok
21:40:21.0328 2860 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:40:21.0328 2860 RasMan - ok
21:40:21.0328 2860 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:40:21.0328 2860 RasPppoe - ok
21:40:21.0328 2860 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:40:21.0343 2860 Raspti - ok
21:40:21.0359 2860 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:40:21.0359 2860 Rdbss - ok
21:40:21.0359 2860 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:40:21.0359 2860 RDPCDD - ok
21:40:21.0437 2860 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:40:21.0437 2860 rdpdr - ok
21:40:21.0484 2860 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:40:21.0484 2860 RDPWD - ok
21:40:21.0515 2860 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:40:21.0515 2860 RDSessMgr - ok
21:40:21.0531 2860 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:40:21.0531 2860 redbook - ok
21:40:21.0578 2860 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:40:21.0578 2860 RemoteAccess - ok
21:40:21.0609 2860 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:40:21.0609 2860 RemoteRegistry - ok
21:40:21.0625 2860 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
21:40:21.0640 2860 RpcLocator - ok
21:40:21.0671 2860 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
21:40:21.0671 2860 RpcSs - ok
21:40:21.0718 2860 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:40:21.0718 2860 RSVP - ok
21:40:21.0734 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
21:40:21.0750 2860 SamSs - ok
21:40:21.0781 2860 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:40:21.0781 2860 SCardSvr - ok
21:40:21.0812 2860 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:40:21.0828 2860 Schedule - ok
21:40:21.0843 2860 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:40:21.0843 2860 Secdrv - ok
21:40:21.0875 2860 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:40:21.0875 2860 seclogon - ok
21:40:21.0875 2860 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
21:40:21.0890 2860 SENS - ok
21:40:21.0890 2860 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
21:40:21.0890 2860 Serial - ok
21:40:21.0921 2860 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:40:21.0921 2860 Sfloppy - ok
21:40:21.0937 2860 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:40:21.0937 2860 SharedAccess - ok
21:40:21.0953 2860 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:40:21.0968 2860 ShellHWDetection - ok
21:40:21.0968 2860 Simbad - ok
21:40:22.0015 2860 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:40:22.0015 2860 SkypeUpdate - ok
21:40:22.0062 2860 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:40:22.0062 2860 SLIP - ok
21:40:22.0062 2860 Sparrow - ok
21:40:22.0093 2860 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:40:22.0093 2860 splitter - ok
21:40:22.0125 2860 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:40:22.0140 2860 Spooler - ok
21:40:22.0187 2860 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:40:22.0187 2860 sr - ok
21:40:22.0250 2860 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
21:40:22.0265 2860 srservice - ok
21:40:22.0390 2860 [ 83726CF02ECED69138948083E06B6EAC ] SRTSP C:\WINDOWS\System32\Drivers\N360\0502020.003\SRTSP.SYS
21:40:22.0390 2860 SRTSP - ok
21:40:22.0406 2860 [ 4E7EAB2E5615D39CF1F1DF9C71E5E225 ] SRTSPX C:\WINDOWS\system32\drivers\N360\0502020.003\SRTSPX.SYS
21:40:22.0406 2860 SRTSPX - ok
21:40:22.0468 2860 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:40:22.0468 2860 Srv - ok
21:40:22.0500 2860 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:40:22.0500 2860 SSDPSRV - ok
21:40:22.0531 2860 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:40:22.0546 2860 stisvc - ok
21:40:22.0578 2860 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:40:22.0578 2860 streamip - ok
21:40:22.0593 2860 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:40:22.0609 2860 swenum - ok
21:40:22.0609 2860 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:40:22.0625 2860 swmidi - ok
21:40:22.0625 2860 SwPrv - ok
21:40:22.0687 2860 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
21:40:22.0703 2860 Symantec RemoteAssist - ok
21:40:22.0703 2860 symc810 - ok
21:40:22.0703 2860 symc8xx - ok
21:40:22.0734 2860 [ 9BBEB8C6258E72D62E7560E6667AAD39 ] SymDS C:\WINDOWS\system32\drivers\N360\0502020.003\SYMDS.SYS
21:40:22.0734 2860 SymDS - ok
21:40:22.0781 2860 [ D5C02629C02A820A7E71BCA3D44294A3 ] SymEFA C:\WINDOWS\system32\drivers\N360\0502020.003\SYMEFA.SYS
21:40:22.0796 2860 SymEFA - ok
21:40:22.0828 2860 [ AB33C3B196197CA467CBDDA717860DBA ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
21:40:22.0828 2860 SymEvent - ok
21:40:22.0875 2860 [ A73399804D5D4A8B20BA60FCF70C9F1F ] SymIRON C:\WINDOWS\system32\drivers\N360\0502020.003\Ironx86.SYS
21:40:22.0875 2860 SymIRON - ok
21:40:22.0890 2860 [ 336CACE58F0359D5CBB1AE6B8A2FB205 ] SYMTDI C:\WINDOWS\System32\Drivers\N360\0502020.003\SYMTDI.SYS
21:40:22.0890 2860 SYMTDI - ok
21:40:22.0906 2860 sym_hi - ok
21:40:22.0906 2860 sym_u3 - ok
21:40:22.0953 2860 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:40:22.0953 2860 sysaudio - ok
21:40:22.0984 2860 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:40:22.0984 2860 SysmonLog - ok
21:40:23.0031 2860 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:40:23.0031 2860 TapiSrv - ok
21:40:23.0062 2860 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:40:23.0062 2860 Tcpip - ok
21:40:23.0093 2860 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:40:23.0109 2860 TDPIPE - ok
21:40:23.0109 2860 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:40:23.0109 2860 TDTCP - ok
21:40:23.0140 2860 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:40:23.0140 2860 TermDD - ok
21:40:23.0156 2860 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
21:40:23.0156 2860 TermService - ok
21:40:23.0250 2860 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
21:40:23.0250 2860 Themes - ok
21:40:23.0265 2860 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:40:23.0281 2860 TlntSvr - ok
21:40:23.0281 2860 TosIde - ok
21:40:23.0328 2860 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:40:23.0328 2860 TrkWks - ok
21:40:23.0359 2860 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:40:23.0359 2860 Udfs - ok
21:40:23.0359 2860 ultra - ok
21:40:23.0406 2860 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:40:23.0406 2860 Update - ok
21:40:23.0437 2860 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:40:23.0468 2860 upnphost - ok
21:40:23.0500 2860 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
21:40:23.0500 2860 UPS - ok
21:40:23.0531 2860 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
21:40:23.0531 2860 USBAAPL - ok
21:40:23.0562 2860 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:40:23.0562 2860 usbaudio - ok
21:40:23.0593 2860 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:40:23.0593 2860 usbccgp - ok
21:40:23.0640 2860 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:40:23.0640 2860 usbehci - ok
21:40:23.0656 2860 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:40:23.0656 2860 usbhub - ok
21:40:23.0687 2860 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:40:23.0687 2860 usbscan - ok
21:40:23.0703 2860 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:40:23.0703 2860 USBSTOR - ok
21:40:23.0734 2860 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:40:23.0734 2860 usbuhci - ok
21:40:23.0781 2860 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
21:40:23.0781 2860 usbvideo - ok
21:40:23.0781 2860 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:40:23.0781 2860 VgaSave - ok
21:40:23.0781 2860 ViaIde - ok
21:40:23.0812 2860 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:40:23.0812 2860 VolSnap - ok
21:40:23.0859 2860 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
21:40:23.0875 2860 VSS - ok
21:40:23.0906 2860 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
21:40:23.0921 2860 W32Time - ok
21:40:23.0937 2860 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:40:23.0937 2860 Wanarp - ok
21:40:23.0968 2860 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
21:40:23.0968 2860 WDC_SAM - ok
21:40:24.0046 2860 [ C1768DAF1C32E91C7F0D87AB06310334 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
21:40:24.0046 2860 WDDMService - ok
21:40:24.0093 2860 [ ABD9E20F561AAB189FD2D766B1774BEB ] WDFMEService C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
21:40:24.0109 2860 WDFMEService - ok
21:40:24.0109 2860 WDICA - ok
21:40:24.0140 2860 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:40:24.0140 2860 wdmaud - ok
21:40:24.0187 2860 [ FF7808BD8B3C56CCC5E9369001E294DB ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
21:40:24.0187 2860 WDRulesService - ok
21:40:24.0250 2860 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:40:24.0250 2860 WebClient - ok
21:40:24.0343 2860 [ 473EE64C368CE2EED110376C11960259 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
21:40:24.0359 2860 winachsf - ok
21:40:24.0453 2860 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:40:24.0453 2860 winmgmt - ok
21:40:24.0515 2860 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:40:24.0515 2860 WmdmPmSN - ok
21:40:24.0578 2860 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:40:24.0578 2860 Wmi - ok
21:40:24.0609 2860 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:40:24.0609 2860 WmiApSrv - ok
21:40:24.0687 2860 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
21:40:24.0703 2860 WMPNetworkSvc - ok
21:40:24.0718 2860 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:40:24.0718 2860 WS2IFSL - ok
21:40:24.0765 2860 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:40:24.0765 2860 wscsvc - ok
21:40:24.0812 2860 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:40:24.0812 2860 WSTCODEC - ok
21:40:24.0843 2860 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:40:24.0843 2860 wuauserv - ok
21:40:24.0890 2860 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:40:24.0890 2860 WudfPf - ok
21:40:24.0921 2860 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:40:24.0921 2860 WudfSvc - ok
21:40:24.0968 2860 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:40:24.0968 2860 WZCSVC - ok
21:40:25.0000 2860 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:40:25.0000 2860 xmlprov - ok
21:40:25.0093 2860 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
21:40:25.0093 2860 YahooAUService - ok
21:40:25.0109 2860 ================ Scan global ===============================
21:40:25.0156 2860 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:40:25.0203 2860 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:40:25.0203 2860 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:40:25.0265 2860 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:40:25.0265 2860 [Global] - ok
21:40:25.0265 2860 ================ Scan MBR ==================================
21:40:25.0281 2860 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:40:25.0531 2860 \Device\Harddisk0\DR0 - ok
21:40:25.0531 2860 ================ Scan VBR ==================================
21:40:25.0531 2860 [ DE53DF7102053DB3FF7CF6D4AA84C0A1 ] \Device\Harddisk0\DR0\Partition1
21:40:25.0531 2860 \Device\Harddisk0\DR0\Partition1 - ok
21:40:25.0531 2860 ============================================================
21:40:25.0531 2860 Scan finished
21:40:25.0531 2860 ============================================================
21:40:25.0546 0628 Detected object count: 0
21:40:25.0546 0628 Actual detected object count: 0

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:01 PM

Posted 15 November 2012 - 08:42 PM

Okay, first thing to check is Norton. Reinstall the antivirus and see if it stays on.
Posted Image
m0le is a proud member of UNITE

#7 commonalias

commonalias
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft. Lauderdale, Florida
  • Local time:01:01 PM

Posted 17 November 2012 - 09:44 AM

Thanks for the advise, I contacted my ISP Comcast, who guided me with the reinstall. Everthing's normal now. I appreciate the check-up.

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:01 PM

Posted 17 November 2012 - 02:16 PM

No problem, glad I could help :thumbup2:

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users