• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
testpilot

MBAM won't remove Trojan.Agent; TDSSKiller won't remove Rootkit.boot.Pihar.c

5 posts in this topic

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org

 

Database version: v2012.10.12.08

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

DragonPearl :: DRAGONPEARL-PC [limited]

 

10/13/2012 10:10:28 AM

mbam-log-2012-10-13 (10-10-28).txt

 

Scan type: Full scan (C:\|D:\|E:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 366135

Time elapsed: 51 minute(s), 11 second(s)

 

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 3804 -> Delete on reboot.

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

 

(end)

 

=======================================================================

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_35

Run by DragonPearl at 0:10:18 on 2012-10-13

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3071.1714 [GMT -4:00]

.

AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\crypserv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\vsnp2std.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe

C:\Windows\FixCamera.exe

C:\Program Files (x86)\SFT\GuardedID\GIDD.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\taskmgr.exe

-netsvcs

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

mWinlogon: Userinit=userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coIEPlg.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\IPS\IPSBHO.DLL

BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Constant Guard Protection Suite: {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.12.1002.3\NativeBHO.dll

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coIEPlg.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [googletalk] C:\Users\DragonPearl\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [FixCamera] C:\Windows\FixCamera.exe

mRun: [tsnp2std] C:\Windows\tsnp2std.exe

mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

mRun: [startNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s

mRun: [<NO NAME>]

mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\DRAGON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{497C428C-4E49-4476-968E-9E4DF3A0E3E3} : DhcpNameServer = 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v

BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO-X64: 0x1 - No File

BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO-X64: HP Print Enhancer - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coIEPlg.dll

BHO-X64: Norton Identity Protection - No File

BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\IPS\IPSBHO.DLL

BHO-X64: Norton Vulnerability Protection - No File

BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO-X64: StartNow Toolbar Helper - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Constant Guard Protection Suite: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.12.1002.3\NativeBHO.dll

BHO-X64: Constant Guard Protection Suite - No File

BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO-X64: Ask Toolbar BHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

BHO-X64: HP Smart BHO Class - No File

TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coIEPlg.dll

TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun-x64: [FixCamera] C:\Windows\FixCamera.exe

mRun-x64: [tsnp2std] C:\Windows\tsnp2std.exe

mRun-x64: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

mRun-x64: [startNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s

mRun-x64: [(Default)]

mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\DragonPearl\AppData\Roaming\Mozilla\Firefox\Profiles\u9cnbchz.default\

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - www.google.com

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=B012FB61-5048-4AAF-803D-32ADB72C75D1&apn_ptnrs=&apn_sauid=D13F0565-4689-414D-A3F1-7CD8C6515DF5&apn_dtid=OSJ000&&q=

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

FF - component: C:\ProgramData\White Sky, Inc\ID Vault\XPCOM3\components\IdVault.XPCOM3.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\DragonPearl\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Users\DragonPearl\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\DragonPearl\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\npMSDM.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - plugin: E:\myPictures\picasa38-sw\Picasa3\npPicasa3.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [2012-9-28 1385120]

R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys [?]

R1 GIDv2;GIDv2;C:\Windows\system32\drivers\GIDv2.sys --> C:\Windows\system32\drivers\GIDv2.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121012.001\IDSviA64.sys [2012-10-12 513184]

R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0604000.009\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0604000.009\SYMNETS.SYS [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-10-3 61552]

R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccsvchst.exe [2012-10-9 138272]

R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-7-27 267488]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-10-6 138912]

R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys --> C:\Windows\system32\drivers\HCW85BDA.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 VST64_DPV;VST64_DPV;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

R3 VST64HWBS2;VST64HWBS2;C:\Windows\system32\DRIVERS\VSTBS26.SYS --> C:\Windows\system32\DRIVERS\VSTBS26.SYS [?]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-3 135664]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 250808]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-3 135664]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-7 113120]

S3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2010-12-5 24176]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]

.

=============== File Associations ===============

.

vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*

vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*

jsefile\shell\open2\command=C:\Windows\System32\CScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2012-10-13 03:42:13 20480 ----a-w- C:\Windows\svchost.exe

2012-10-13 03:10:17 -------- d-----w- C:\Users\DragonPearl\AppData\Roaming\Malwarebytes

2012-10-13 03:09:37 -------- d-----w- C:\ProgramData\Malwarebytes

2012-10-13 03:09:36 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-10-13 03:09:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-10-09 22:21:04 737952 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\srtsp64.sys

2012-10-09 22:21:04 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\symds64.sys

2012-10-09 22:21:04 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\symnets.sys

2012-10-09 22:21:04 37536 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\srtspx64.sys

2012-10-09 22:21:04 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\ironx64.sys

2012-10-09 22:21:04 167072 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\ccsetx64.sys

2012-10-09 22:21:04 1129120 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\symefa64.sys

2012-10-09 22:20:51 -------- d-----w- C:\Windows\System32\drivers\N360x64\0604000.009

2012-10-09 16:57:42 -------- d-----w- C:\Users\DragonPearl\AppData\Roaming\webex

2012-10-09 16:57:16 -------- d-----w- C:\ProgramData\WebEx

2012-10-08 13:44:48 -------- d-----w- C:\Users\DragonPearl\AppData\Local\{71CCF9EA-8082-4DF0-B724-8FAD1B7D22AF}

2012-10-06 14:59:58 -------- d-----w- C:\Program Files (x86)\Ask.com

2012-10-06 14:49:34 -------- d-----w- C:\ProgramData\Ask

2012-10-06 14:49:04 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2012-10-06 14:45:51 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-10-06 14:45:50 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-10-06 14:45:50 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-10-06 14:45:50 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-10-06 14:45:50 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-10-06 14:45:50 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-10-06 14:40:01 956928 ----a-w- C:\Windows\System32\localspl.dll

2012-09-29 16:22:10 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2012-09-29 16:22:10 -------- d-----w- C:\Program Files\Symantec

2012-09-29 16:22:10 -------- d-----w- C:\Program Files\Common Files\Symantec Shared

2012-09-29 16:21:09 -------- d-----w- C:\Windows\System32\drivers\N360x64

2012-09-29 16:21:08 -------- d-----w- C:\Program Files (x86)\Norton Security Suite

2012-09-29 16:20:47 -------- d-----w- C:\Program Files (x86)\NortonInstaller

2012-09-29 15:54:12 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A929AF29-2AEA-4465-90DA-605262B6AE22}\mpengine.dll

.

==================== Find3M ====================

.

2012-10-09 22:01:05 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 22:01:05 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-10-06 14:47:59 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys

2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys

2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe

2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll

2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll

2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys

2011-12-15 05:37:25 1287016 ----a-w- C:\Program Files\wlsetup-web.exe

.

============= FINISH: 0:11:02.15 ===============

Results of screen317's Security Check version 0.99.51

Windows 7 Service Pack 1 x64 (UAC is disabled!)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Norton Security Suite

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.65.0.1400

Java 7 Update 7

Adobe Flash Player 11.4.402.287

Adobe Reader X (10.1.4)

Mozilla Firefox 13.0.1 Firefox out of Date!

Google Chrome 21.0.1180.83

Google Chrome 21.0.1180.89

Google Chrome 22.0.1229.79

Google Chrome 22.0.1229.92

Google Chrome 22.0.1229.94

Google Chrome CommonDotNET.dll..

Google Chrome IdVaultCore.dll..

Google Chrome IdVaultCore.XmlSerializers.dll.

Google Chrome Microsoft.mshtml.dll.

Google Chrome plugins...

````````Process Check: objlist.exe by Laurent````````

Norton ccSvcHst.exe

DragonPearl Desktop Malware_removal winrscmde_121012\SecurityCheck.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 8%

````````````````````End of Log``````````````````````

Share this post


Link to post
Share on other sites

Welcome testpilot to SpywareInfo. I am The Dark Knight and will be assisting you. Please ask questions if anything is unclear. :)

 

Please download to your Desktop:

  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

 

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
     
  • If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue tdsskiller2.png
     
  • If a suspicious file is detected, the default action will be Skip, click on Continue tdsskiller3.png
     
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.

Share this post


Link to post
Share on other sites

Thank you Dark Knight for your service and expediance! This has resolved the issue and this thread can be closed. Donation time!

 

 

 

05:02:38.0784 1988 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

05:02:38.0875 1988 ============================================================

05:02:38.0875 1988 Current date / time: 2012/10/14 05:02:38.0875

05:02:38.0875 1988 SystemInfo:

05:02:38.0875 1988

05:02:38.0875 1988 OS Version: 6.1.7601 ServicePack: 1.0

05:02:38.0875 1988 Product type: Workstation

05:02:38.0875 1988 ComputerName: DRAGONPEARL-PC

05:02:38.0875 1988 UserName: DragonPearl

05:02:38.0875 1988 Windows directory: C:\Windows

05:02:38.0875 1988 System windows directory: C:\Windows

05:02:38.0875 1988 Running under WOW64

05:02:38.0875 1988 Processor architecture: Intel x64

05:02:38.0875 1988 Number of processors: 4

05:02:38.0875 1988 Page size: 0x1000

05:02:38.0875 1988 Boot type: Safe boot

05:02:38.0875 1988 ============================================================

05:02:40.0225 1988 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

05:02:40.0237 1988 ============================================================

05:02:40.0237 1988 \Device\Harddisk0\DR0:

05:02:40.0242 1988 MBR partitions:

05:02:40.0262 1988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0xC34F28D

05:02:40.0275 1988 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC3531CC, BlocksNum 0x21CE27A9

05:02:40.0275 1988 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2E035975, BlocksNum 0xC34F2CC

05:02:40.0275 1988 ============================================================

05:02:40.0325 1988 C: <-> \Device\Harddisk0\DR0\Partition3

05:02:40.0364 1988 D: <-> \Device\Harddisk0\DR0\Partition1

05:02:40.0418 1988 E: <-> \Device\Harddisk0\DR0\Partition2

05:02:40.0418 1988 ============================================================

05:02:40.0419 1988 Initialize success

05:02:40.0419 1988 ============================================================

05:02:43.0182 2028 ============================================================

05:02:43.0182 2028 Scan started

05:02:43.0182 2028 Mode: Manual;

05:02:43.0182 2028 ============================================================

05:02:44.0597 2028 ================ Scan system memory ========================

05:02:44.0597 2028 System memory - ok

05:02:44.0597 2028 ================ Scan services =============================

05:02:45.0238 2028 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

05:02:45.0239 2028 1394ohci - ok

05:02:45.0270 2028 77927105 - ok

05:02:45.0356 2028 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

05:02:45.0357 2028 ACDaemon - ok

05:02:45.0414 2028 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

05:02:45.0416 2028 ACPI - ok

05:02:45.0453 2028 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

05:02:45.0453 2028 AcpiPmi - ok

05:02:45.0597 2028 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

05:02:45.0598 2028 AdobeARMservice - ok

05:02:45.0913 2028 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

05:02:45.0914 2028 AdobeFlashPlayerUpdateSvc - ok

05:02:46.0025 2028 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

05:02:46.0029 2028 adp94xx - ok

05:02:46.0109 2028 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

05:02:46.0112 2028 adpahci - ok

05:02:46.0142 2028 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

05:02:46.0143 2028 adpu320 - ok

05:02:46.0186 2028 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

05:02:46.0187 2028 AeLookupSvc - ok

05:02:46.0262 2028 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

05:02:46.0265 2028 AFD - ok

05:02:46.0313 2028 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

05:02:46.0314 2028 agp440 - ok

05:02:46.0356 2028 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

05:02:46.0372 2028 ALG - ok

05:02:46.0416 2028 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

05:02:46.0416 2028 aliide - ok

05:02:46.0502 2028 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

05:02:46.0505 2028 AMD External Events Utility - ok

05:02:46.0526 2028 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

05:02:46.0527 2028 amdide - ok

05:02:46.0578 2028 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

05:02:46.0578 2028 AmdK8 - ok

05:02:46.0591 2028 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

05:02:46.0591 2028 AmdPPM - ok

05:02:46.0619 2028 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

05:02:46.0620 2028 amdsata - ok

05:02:46.0684 2028 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

05:02:46.0692 2028 amdsbs - ok

05:02:46.0719 2028 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

05:02:46.0719 2028 amdxata - ok

05:02:46.0760 2028 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

05:02:46.0761 2028 AppID - ok

05:02:46.0793 2028 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

05:02:46.0794 2028 AppIDSvc - ok

05:02:46.0864 2028 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

05:02:46.0866 2028 Appinfo - ok

05:02:46.0893 2028 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

05:02:46.0894 2028 arc - ok

05:02:46.0910 2028 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

05:02:46.0911 2028 arcsas - ok

05:02:46.0969 2028 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

05:02:46.0969 2028 AsyncMac - ok

05:02:46.0997 2028 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

05:02:46.0997 2028 atapi - ok

05:02:47.0436 2028 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

05:02:47.0505 2028 atikmdag - ok

05:02:47.0646 2028 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

05:02:47.0660 2028 AudioEndpointBuilder - ok

05:02:47.0714 2028 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

05:02:47.0717 2028 AudioSrv - ok

05:02:47.0776 2028 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

05:02:47.0788 2028 AxInstSV - ok

05:02:47.0887 2028 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

05:02:47.0903 2028 b06bdrv - ok

05:02:47.0994 2028 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

05:02:47.0996 2028 b57nd60a - ok

05:02:48.0102 2028 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

05:02:48.0112 2028 BDESVC - ok

05:02:48.0187 2028 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

05:02:48.0188 2028 Beep - ok

05:02:48.0324 2028 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

05:02:48.0341 2028 BFE - ok

05:02:48.0610 2028 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120928.001\BHDrvx64.sys

05:02:48.0624 2028 BHDrvx64 - ok

05:02:48.0726 2028 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

05:02:48.0741 2028 BITS - ok

05:02:48.0768 2028 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

05:02:48.0769 2028 blbdrive - ok

05:02:48.0855 2028 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

05:02:48.0856 2028 bowser - ok

05:02:48.0896 2028 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

05:02:48.0896 2028 BrFiltLo - ok

05:02:48.0918 2028 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

05:02:48.0918 2028 BrFiltUp - ok

05:02:48.0952 2028 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

05:02:48.0966 2028 Browser - ok

05:02:48.0995 2028 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

05:02:48.0997 2028 Brserid - ok

05:02:49.0031 2028 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

05:02:49.0031 2028 BrSerWdm - ok

05:02:49.0065 2028 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

05:02:49.0066 2028 BrUsbMdm - ok

05:02:49.0088 2028 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

05:02:49.0088 2028 BrUsbSer - ok

05:02:49.0107 2028 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

05:02:49.0108 2028 BTHMODEM - ok

05:02:49.0130 2028 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

05:02:49.0143 2028 bthserv - ok

05:02:49.0306 2028 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys

05:02:49.0308 2028 ccSet_N360 - ok

05:02:49.0370 2028 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

05:02:49.0371 2028 cdfs - ok

05:02:49.0432 2028 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

05:02:49.0433 2028 cdrom - ok

05:02:49.0493 2028 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

05:02:49.0494 2028 CertPropSvc - ok

05:02:49.0527 2028 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

05:02:49.0528 2028 circlass - ok

05:02:49.0612 2028 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

05:02:49.0621 2028 CLFS - ok

05:02:49.0713 2028 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

05:02:49.0723 2028 clr_optimization_v2.0.50727_32 - ok

05:02:49.0833 2028 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

05:02:49.0848 2028 clr_optimization_v2.0.50727_64 - ok

05:02:49.0911 2028 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

05:02:49.0912 2028 CmBatt - ok

05:02:49.0941 2028 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

05:02:49.0942 2028 cmdide - ok

05:02:50.0053 2028 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

05:02:50.0064 2028 CNG - ok

05:02:50.0093 2028 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

05:02:50.0093 2028 Compbatt - ok

05:02:50.0136 2028 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

05:02:50.0137 2028 CompositeBus - ok

05:02:50.0148 2028 COMSysApp - ok

05:02:50.0335 2028 cpuz132 - ok

05:02:50.0364 2028 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

05:02:50.0371 2028 crcdisk - ok

05:02:50.0406 2028 Crypkey License - ok

05:02:50.0491 2028 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

05:02:50.0492 2028 CryptSvc - ok

05:02:50.0610 2028 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

05:02:50.0614 2028 DcomLaunch - ok

05:02:50.0689 2028 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

05:02:50.0702 2028 defragsvc - ok

05:02:50.0752 2028 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

05:02:50.0753 2028 DfsC - ok

05:02:50.0828 2028 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

05:02:50.0836 2028 Dhcp - ok

05:02:50.0874 2028 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

05:02:50.0874 2028 discache - ok

05:02:50.0923 2028 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

05:02:50.0924 2028 Disk - ok

05:02:50.0976 2028 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

05:02:50.0986 2028 Dnscache - ok

05:02:51.0042 2028 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

05:02:51.0055 2028 dot3svc - ok

05:02:51.0123 2028 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

05:02:51.0124 2028 Dot4 - ok

05:02:51.0188 2028 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys

05:02:51.0189 2028 Dot4Print - ok

05:02:51.0263 2028 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

05:02:51.0264 2028 dot4usb - ok

05:02:51.0317 2028 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

05:02:51.0325 2028 DPS - ok

05:02:51.0409 2028 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

05:02:51.0409 2028 drmkaud - ok

05:02:51.0507 2028 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

05:02:51.0513 2028 DXGKrnl - ok

05:02:51.0560 2028 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

05:02:51.0571 2028 EapHost - ok

05:02:51.0916 2028 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

05:02:51.0956 2028 ebdrv - ok

05:02:52.0049 2028 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

05:02:52.0053 2028 eeCtrl - ok

05:02:52.0082 2028 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

05:02:52.0083 2028 EFS - ok

05:02:52.0216 2028 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

05:02:52.0237 2028 ehRecvr - ok

05:02:52.0308 2028 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

05:02:52.0309 2028 ehSched - ok

05:02:52.0412 2028 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

05:02:52.0427 2028 elxstor - ok

05:02:52.0486 2028 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

05:02:52.0487 2028 EraserUtilRebootDrv - ok

05:02:52.0499 2028 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

05:02:52.0500 2028 ErrDev - ok

05:02:52.0566 2028 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

05:02:52.0569 2028 EventSystem - ok

05:02:52.0642 2028 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

05:02:52.0643 2028 exfat - ok

05:02:52.0673 2028 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

05:02:52.0674 2028 fastfat - ok

05:02:52.0773 2028 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

05:02:52.0782 2028 Fax - ok

05:02:52.0801 2028 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

05:02:52.0802 2028 fdc - ok

05:02:52.0830 2028 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

05:02:52.0845 2028 fdPHost - ok

05:02:52.0871 2028 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

05:02:52.0880 2028 FDResPub - ok

05:02:52.0901 2028 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

05:02:52.0902 2028 FileInfo - ok

05:02:52.0930 2028 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

05:02:52.0930 2028 Filetrace - ok

05:02:52.0969 2028 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

05:02:52.0969 2028 flpydisk - ok

05:02:53.0038 2028 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

05:02:53.0039 2028 FltMgr - ok

05:02:53.0192 2028 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll

05:02:53.0206 2028 FontCache - ok

05:02:53.0272 2028 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

05:02:53.0273 2028 FontCache3.0.0.0 - ok

05:02:53.0315 2028 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

05:02:53.0316 2028 FsDepends - ok

05:02:53.0350 2028 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

05:02:53.0350 2028 Fs_Rec - ok

05:02:53.0423 2028 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

05:02:53.0424 2028 fvevol - ok

05:02:53.0451 2028 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

05:02:53.0451 2028 gagp30kx - ok

05:02:53.0461 2028 GEARAspiWDM - ok

05:02:53.0550 2028 [ 9BA22AEE7F531EF9CE085CC2E1112BC4 ] GIDv2 C:\Windows\system32\drivers\GIDv2.sys

05:02:53.0550 2028 GIDv2 - ok

05:02:53.0642 2028 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

05:02:53.0654 2028 gpsvc - ok

05:02:53.0787 2028 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

05:02:53.0788 2028 gupdate - ok

05:02:53.0839 2028 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

05:02:53.0840 2028 gupdatem - ok

05:02:53.0986 2028 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

05:02:53.0987 2028 gusvc - ok

05:02:54.0174 2028 [ 9E308D0BC9A9CF6E50AA25639C9CCCB3 ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys

05:02:54.0182 2028 HCW85BDA - ok

05:02:54.0205 2028 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

05:02:54.0206 2028 hcw85cir - ok

05:02:54.0275 2028 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

05:02:54.0277 2028 HdAudAddService - ok

05:02:54.0365 2028 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

05:02:54.0366 2028 HDAudBus - ok

05:02:54.0397 2028 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

05:02:54.0398 2028 HidBatt - ok

05:02:54.0431 2028 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

05:02:54.0432 2028 HidBth - ok

05:02:54.0459 2028 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

05:02:54.0460 2028 HidIr - ok

05:02:54.0499 2028 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

05:02:54.0506 2028 hidserv - ok

05:02:54.0576 2028 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

05:02:54.0577 2028 HidUsb - ok

05:02:54.0622 2028 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

05:02:54.0638 2028 hkmsvc - ok

05:02:54.0674 2028 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

05:02:54.0689 2028 HomeGroupListener - ok

05:02:54.0739 2028 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

05:02:54.0751 2028 HomeGroupProvider - ok

05:02:54.0910 2028 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

05:02:54.0932 2028 hpqcxs08 - ok

05:02:54.0970 2028 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

05:02:54.0981 2028 hpqddsvc - ok

05:02:55.0037 2028 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

05:02:55.0038 2028 HpSAMD - ok

05:02:55.0164 2028 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

05:02:55.0180 2028 HPSLPSVC - ok

05:02:55.0256 2028 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

05:02:55.0260 2028 HTTP - ok

05:02:55.0296 2028 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

05:02:55.0296 2028 hwpolicy - ok

05:02:55.0400 2028 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

05:02:55.0401 2028 i8042prt - ok

05:02:55.0474 2028 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

05:02:55.0485 2028 iaStorV - ok

05:02:55.0578 2028 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

05:02:55.0601 2028 idsvc - ok

05:02:55.0757 2028 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121012.001\IDSvia64.sys

05:02:55.0760 2028 IDSVia64 - ok

05:02:55.0886 2028 [ 6A6CDC596E0B56808D25B524400EC774 ] IDVaultSvc C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe

05:02:55.0886 2028 IDVaultSvc - ok

05:02:55.0912 2028 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

05:02:55.0912 2028 iirsp - ok

05:02:56.0039 2028 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

05:02:56.0053 2028 IKEEXT - ok

05:02:56.0080 2028 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

05:02:56.0080 2028 intelide - ok

05:02:56.0119 2028 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

05:02:56.0120 2028 intelppm - ok

05:02:56.0162 2028 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

05:02:56.0176 2028 IPBusEnum - ok

05:02:56.0221 2028 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

05:02:56.0222 2028 IpFilterDriver - ok

05:02:56.0310 2028 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

05:02:56.0328 2028 iphlpsvc - ok

05:02:56.0358 2028 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

05:02:56.0359 2028 IPMIDRV - ok

05:02:56.0423 2028 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

05:02:56.0423 2028 IPNAT - ok

05:02:56.0469 2028 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

05:02:56.0469 2028 IRENUM - ok

05:02:56.0492 2028 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

05:02:56.0493 2028 isapnp - ok

05:02:56.0544 2028 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

05:02:56.0554 2028 iScsiPrt - ok

05:02:56.0575 2028 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

05:02:56.0576 2028 kbdclass - ok

05:02:56.0594 2028 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

05:02:56.0594 2028 kbdhid - ok

05:02:56.0610 2028 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

05:02:56.0611 2028 KeyIso - ok

05:02:56.0652 2028 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

05:02:56.0652 2028 KSecDD - ok

05:02:56.0697 2028 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

05:02:56.0698 2028 KSecPkg - ok

05:02:56.0729 2028 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

05:02:56.0730 2028 ksthunk - ok

05:02:56.0789 2028 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

05:02:56.0800 2028 KtmRm - ok

05:02:56.0876 2028 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

05:02:56.0880 2028 LanmanServer - ok

05:02:56.0930 2028 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

05:02:56.0946 2028 LanmanWorkstation - ok

05:02:56.0988 2028 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

05:02:56.0988 2028 lltdio - ok

05:02:57.0054 2028 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

05:02:57.0067 2028 lltdsvc - ok

05:02:57.0089 2028 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

05:02:57.0091 2028 lmhosts - ok

05:02:57.0097 2028 lmimirr - ok

05:02:57.0139 2028 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

05:02:57.0140 2028 LSI_FC - ok

05:02:57.0204 2028 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

05:02:57.0205 2028 LSI_SAS - ok

05:02:57.0246 2028 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

05:02:57.0246 2028 LSI_SAS2 - ok

05:02:57.0301 2028 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

05:02:57.0302 2028 LSI_SCSI - ok

05:02:57.0343 2028 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

05:02:57.0344 2028 luafv - ok

05:02:57.0359 2028 LVPr2M64 - ok

05:02:57.0449 2028 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

05:02:57.0460 2028 Mcx2Svc - ok

05:02:57.0495 2028 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

05:02:57.0495 2028 megasas - ok

05:02:57.0524 2028 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

05:02:57.0537 2028 MegaSR - ok

05:02:57.0578 2028 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

05:02:57.0586 2028 MMCSS - ok

05:02:57.0606 2028 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

05:02:57.0606 2028 Modem - ok

05:02:57.0652 2028 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

05:02:57.0652 2028 monitor - ok

05:02:57.0702 2028 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

05:02:57.0703 2028 mouclass - ok

05:02:57.0747 2028 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

05:02:57.0747 2028 mouhid - ok

05:02:57.0798 2028 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

05:02:57.0799 2028 mountmgr - ok

05:02:57.0931 2028 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

05:02:57.0932 2028 MozillaMaintenance - ok

05:02:57.0981 2028 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

05:02:57.0982 2028 mpio - ok

05:02:58.0015 2028 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

05:02:58.0016 2028 mpsdrv - ok

05:02:58.0088 2028 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

05:02:58.0102 2028 MpsSvc - ok

05:02:58.0170 2028 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

05:02:58.0171 2028 MRxDAV - ok

05:02:58.0227 2028 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

05:02:58.0228 2028 mrxsmb - ok

05:02:58.0278 2028 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

05:02:58.0280 2028 mrxsmb10 - ok

05:02:58.0338 2028 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

05:02:58.0339 2028 mrxsmb20 - ok

05:02:58.0362 2028 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

05:02:58.0362 2028 msahci - ok

05:02:58.0400 2028 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

05:02:58.0401 2028 msdsm - ok

05:02:58.0460 2028 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

05:02:58.0480 2028 MSDTC - ok

05:02:58.0519 2028 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

05:02:58.0520 2028 Msfs - ok

05:02:58.0552 2028 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

05:02:58.0552 2028 mshidkmdf - ok

05:02:58.0587 2028 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

05:02:58.0587 2028 msisadrv - ok

05:02:58.0652 2028 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

05:02:58.0661 2028 MSiSCSI - ok

05:02:58.0664 2028 msiserver - ok

05:02:58.0705 2028 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

05:02:58.0705 2028 MSKSSRV - ok

05:02:58.0737 2028 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

05:02:58.0737 2028 MSPCLOCK - ok

05:02:58.0765 2028 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

05:02:58.0765 2028 MSPQM - ok

05:02:58.0834 2028 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

05:02:58.0842 2028 MsRPC - ok

05:02:58.0864 2028 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

05:02:58.0865 2028 mssmbios - ok

05:02:58.0873 2028 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

05:02:58.0873 2028 MSTEE - ok

05:02:58.0912 2028 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

05:02:58.0913 2028 MTConfig - ok

05:02:58.0935 2028 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

05:02:58.0935 2028 Mup - ok

05:02:59.0119 2028 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe

05:02:59.0120 2028 N360 - ok

05:02:59.0169 2028 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

05:02:59.0178 2028 napagent - ok

05:02:59.0257 2028 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

05:02:59.0259 2028 NativeWifiP - ok

05:02:59.0350 2028 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121013.007\ENG64.SYS

05:02:59.0351 2028 NAVENG - ok

05:02:59.0600 2028 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121013.007\EX64.SYS

05:02:59.0624 2028 NAVEX15 - ok

05:02:59.0774 2028 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

05:02:59.0779 2028 NDIS - ok

05:02:59.0834 2028 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

05:02:59.0835 2028 NdisCap - ok

05:02:59.0882 2028 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

05:02:59.0883 2028 NdisTapi - ok

05:02:59.0944 2028 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

05:02:59.0944 2028 Ndisuio - ok

05:03:00.0010 2028 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

05:03:00.0011 2028 NdisWan - ok

05:03:00.0050 2028 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

05:03:00.0050 2028 NDProxy - ok

05:03:00.0122 2028 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

05:03:00.0128 2028 Net Driver HPZ12 - ok

05:03:00.0151 2028 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

05:03:00.0152 2028 NetBIOS - ok

05:03:00.0188 2028 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

05:03:00.0189 2028 NetBT - ok

05:03:00.0242 2028 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

05:03:00.0243 2028 Netlogon - ok

05:03:00.0336 2028 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

05:03:00.0344 2028 Netman - ok

05:03:00.0403 2028 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

05:03:00.0414 2028 netprofm - ok

05:03:00.0450 2028 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

05:03:00.0476 2028 NetTcpPortSharing - ok

05:03:00.0571 2028 [ 5FB58975533513D98F9EA0860BBF1E63 ] NetworkX C:\Windows\system32\ckldrv.sys

05:03:00.0572 2028 NetworkX - ok

05:03:00.0598 2028 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

05:03:00.0598 2028 nfrd960 - ok

05:03:00.0655 2028 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

05:03:00.0669 2028 NlaSvc - ok

05:03:00.0687 2028 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

05:03:00.0688 2028 Npfs - ok

05:03:00.0712 2028 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

05:03:00.0714 2028 nsi - ok

05:03:00.0735 2028 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

05:03:00.0735 2028 nsiproxy - ok

05:03:00.0906 2028 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

05:03:00.0915 2028 Ntfs - ok

05:03:00.0944 2028 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

05:03:00.0944 2028 Null - ok

05:03:00.0982 2028 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

05:03:00.0983 2028 nvraid - ok

05:03:01.0040 2028 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

05:03:01.0041 2028 nvstor - ok

05:03:01.0068 2028 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

05:03:01.0069 2028 nv_agp - ok

05:03:01.0093 2028 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

05:03:01.0093 2028 ohci1394 - ok

05:03:01.0172 2028 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

05:03:01.0187 2028 p2pimsvc - ok

05:03:01.0234 2028 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

05:03:01.0249 2028 p2psvc - ok

05:03:01.0272 2028 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

05:03:01.0273 2028 Parport - ok

05:03:01.0307 2028 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

05:03:01.0308 2028 partmgr - ok

05:03:01.0453 2028 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys

05:03:01.0453 2028 pbfilter - ok

05:03:01.0489 2028 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

05:03:01.0501 2028 PcaSvc - ok

05:03:01.0561 2028 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

05:03:01.0562 2028 pci - ok

05:03:01.0604 2028 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

05:03:01.0604 2028 pciide - ok

05:03:01.0641 2028 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

05:03:01.0642 2028 pcmcia - ok

05:03:01.0670 2028 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

05:03:01.0671 2028 pcw - ok

05:03:01.0751 2028 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

05:03:01.0755 2028 PEAUTH - ok

05:03:02.0045 2028 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

05:03:02.0047 2028 PerfHost - ok

05:03:02.0157 2028 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

05:03:02.0174 2028 pla - ok

05:03:02.0257 2028 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

05:03:02.0265 2028 PlugPlay - ok

05:03:02.0299 2028 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

05:03:02.0307 2028 Pml Driver HPZ12 - ok

05:03:02.0341 2028 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

05:03:02.0357 2028 PNRPAutoReg - ok

05:03:02.0416 2028 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

05:03:02.0418 2028 PNRPsvc - ok

05:03:02.0492 2028 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

05:03:02.0503 2028 PolicyAgent - ok

05:03:02.0544 2028 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

05:03:02.0547 2028 Power - ok

05:03:02.0581 2028 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

05:03:02.0582 2028 PptpMiniport - ok

05:03:02.0643 2028 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

05:03:02.0643 2028 Processor - ok

05:03:02.0702 2028 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

05:03:02.0716 2028 ProfSvc - ok

05:03:02.0730 2028 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

05:03:02.0731 2028 ProtectedStorage - ok

05:03:02.0816 2028 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

05:03:02.0817 2028 Psched - ok

05:03:02.0959 2028 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

05:03:02.0989 2028 ql2300 - ok

05:03:03.0011 2028 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

05:03:03.0012 2028 ql40xx - ok

05:03:03.0049 2028 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

05:03:03.0059 2028 QWAVE - ok

05:03:03.0081 2028 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

05:03:03.0081 2028 QWAVEdrv - ok

05:03:03.0248 2028 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll

05:03:03.0263 2028 RapiMgr - ok

05:03:03.0285 2028 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

05:03:03.0286 2028 RasAcd - ok

05:03:03.0366 2028 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

05:03:03.0366 2028 RasAgileVpn - ok

05:03:03.0392 2028 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

05:03:03.0399 2028 RasAuto - ok

05:03:03.0449 2028 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

05:03:03.0450 2028 Rasl2tp - ok

05:03:03.0500 2028 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

05:03:03.0524 2028 RasMan - ok

05:03:03.0559 2028 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

05:03:03.0560 2028 RasPppoe - ok

05:03:03.0609 2028 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

05:03:03.0609 2028 RasSstp - ok

05:03:03.0695 2028 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

05:03:03.0697 2028 rdbss - ok

05:03:03.0715 2028 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

05:03:03.0716 2028 rdpbus - ok

05:03:03.0734 2028 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

05:03:03.0735 2028 RDPCDD - ok

05:03:03.0780 2028 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

05:03:03.0781 2028 RDPENCDD - ok

05:03:03.0811 2028 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

05:03:03.0812 2028 RDPREFMP - ok

05:03:03.0845 2028 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

05:03:03.0846 2028 RDPWD - ok

05:03:03.0906 2028 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

05:03:03.0912 2028 rdyboost - ok

05:03:03.0960 2028 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

05:03:03.0971 2028 RemoteAccess - ok

05:03:04.0022 2028 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

05:03:04.0025 2028 RemoteRegistry - ok

05:03:04.0075 2028 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

05:03:04.0076 2028 RpcEptMapper - ok

05:03:04.0102 2028 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

05:03:04.0103 2028 RpcLocator - ok

05:03:04.0169 2028 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

05:03:04.0173 2028 RpcSs - ok

05:03:04.0206 2028 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

05:03:04.0207 2028 rspndr - ok

05:03:04.0283 2028 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

05:03:04.0284 2028 RTL8167 - ok

05:03:04.0314 2028 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

05:03:04.0315 2028 SamSs - ok

05:03:04.0350 2028 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

05:03:04.0351 2028 sbp2port - ok

05:03:04.0377 2028 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

05:03:04.0386 2028 SCardSvr - ok

05:03:04.0426 2028 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

05:03:04.0426 2028 scfilter - ok

05:03:04.0566 2028 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

05:03:04.0584 2028 Schedule - ok

05:03:04.0610 2028 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

05:03:04.0611 2028 SCPolicySvc - ok

05:03:04.0701 2028 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

05:03:04.0716 2028 SDRSVC - ok

05:03:04.0765 2028 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

05:03:04.0766 2028 secdrv - ok

05:03:04.0798 2028 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

05:03:04.0808 2028 seclogon - ok

05:03:04.0849 2028 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

05:03:04.0859 2028 SENS - ok

05:03:04.0937 2028 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

05:03:04.0938 2028 SensrSvc - ok

05:03:04.0961 2028 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

05:03:04.0961 2028 Serenum - ok

05:03:04.0988 2028 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

05:03:04.0989 2028 Serial - ok

05:03:05.0011 2028 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

05:03:05.0011 2028 sermouse - ok

05:03:05.0045 2028 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

05:03:05.0056 2028 SessionEnv - ok

05:03:05.0087 2028 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

05:03:05.0088 2028 sffdisk - ok

05:03:05.0109 2028 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

05:03:05.0109 2028 sffp_mmc - ok

05:03:05.0118 2028 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

05:03:05.0119 2028 sffp_sd - ok

05:03:05.0161 2028 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

05:03:05.0161 2028 sfloppy - ok

05:03:05.0256 2028 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

05:03:05.0266 2028 SharedAccess - ok

05:03:05.0342 2028 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

05:03:05.0354 2028 ShellHWDetection - ok

05:03:05.0403 2028 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

05:03:05.0403 2028 SiSRaid2 - ok

05:03:05.0444 2028 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

05:03:05.0445 2028 SiSRaid4 - ok

05:03:05.0544 2028 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

05:03:05.0545 2028 SkypeUpdate - ok

05:03:05.0581 2028 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

05:03:05.0582 2028 Smb - ok

05:03:05.0634 2028 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

05:03:05.0643 2028 SNMPTRAP - ok

05:03:06.0651 2028 [ 87E3E14F4A0D7C52BA3C0317320CD954 ] SNP2STD C:\Windows\system32\DRIVERS\snp2sxp.sys

05:03:06.0940 2028 SNP2STD - ok

05:03:06.0965 2028 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

05:03:06.0966 2028 spldr - ok

05:03:07.0048 2028 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

05:03:07.0064 2028 Spooler - ok

05:03:07.0388 2028 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

05:03:07.0429 2028 sppsvc - ok

05:03:07.0468 2028 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

05:03:07.0477 2028 sppuinotify - ok

05:03:07.0652 2028 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0604000.009\SRTSP64.SYS

05:03:07.0669 2028 SRTSP - ok

05:03:07.0686 2028 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0604000.009\SRTSPX64.SYS

05:03:07.0687 2028 SRTSPX - ok

05:03:07.0778 2028 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

05:03:07.0780 2028 srv - ok

05:03:07.0866 2028 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

05:03:07.0869 2028 srv2 - ok

05:03:07.0916 2028 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

05:03:07.0917 2028 srvnet - ok

05:03:08.0005 2028 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

05:03:08.0020 2028 SSDPSRV - ok

05:03:08.0054 2028 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

05:03:08.0068 2028 SstpSvc - ok

05:03:08.0096 2028 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

05:03:08.0096 2028 stexstor - ok

05:03:08.0202 2028 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

05:03:08.0212 2028 stisvc - ok

05:03:08.0245 2028 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

05:03:08.0246 2028 swenum - ok

05:03:08.0331 2028 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

05:03:08.0340 2028 swprv - ok

05:03:08.0462 2028 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS

05:03:08.0468 2028 SymDS - ok

05:03:08.0561 2028 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS

05:03:08.0576 2028 SymEFA - ok

05:03:08.0624 2028 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

05:03:08.0625 2028 SymEvent - ok

05:03:08.0670 2028 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS

05:03:08.0672 2028 SymIRON - ok

05:03:08.0757 2028 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0604000.009\SYMNETS.SYS

05:03:08.0760 2028 SymNetS - ok

05:03:08.0952 2028 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

05:03:08.0994 2028 SysMain - ok

05:03:09.0047 2028 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

05:03:09.0058 2028 TabletInputService - ok

05:03:09.0130 2028 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

05:03:09.0138 2028 TapiSrv - ok

05:03:09.0181 2028 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

05:03:09.0192 2028 TBS - ok

05:03:09.0353 2028 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

05:03:09.0365 2028 Tcpip - ok

05:03:09.0446 2028 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

05:03:09.0457 2028 TCPIP6 - ok

05:03:09.0533 2028 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

05:03:09.0533 2028 tcpipreg - ok

05:03:09.0659 2028 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

05:03:09.0659 2028 TDPIPE - ok

05:03:09.0677 2028 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

05:03:09.0678 2028 TDTCP - ok

05:03:09.0758 2028 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

05:03:09.0759 2028 tdx - ok

05:03:09.0842 2028 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

05:03:09.0843 2028 TermDD - ok

05:03:10.0049 2028 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

05:03:10.0060 2028 TermService - ok

05:03:10.0117 2028 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

05:03:10.0129 2028 Themes - ok

05:03:10.0201 2028 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

05:03:10.0202 2028 THREADORDER - ok

05:03:10.0253 2028 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

05:03:10.0267 2028 TrkWks - ok

05:03:10.0414 2028 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

05:03:10.0431 2028 TrustedInstaller - ok

05:03:10.0491 2028 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

05:03:10.0492 2028 tssecsrv - ok

05:03:10.0555 2028 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

05:03:10.0555 2028 TsUsbFlt - ok

05:03:10.0616 2028 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

05:03:10.0617 2028 tunnel - ok

05:03:10.0658 2028 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

05:03:10.0658 2028 uagp35 - ok

05:03:10.0699 2028 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

05:03:10.0701 2028 udfs - ok

05:03:10.0737 2028 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

05:03:10.0749 2028 UI0Detect - ok

05:03:10.0764 2028 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

05:03:10.0765 2028 uliagpkx - ok

05:03:10.0821 2028 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

05:03:10.0821 2028 umbus - ok

05:03:10.0950 2028 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

05:03:10.0951 2028 UmPass - ok

05:03:11.0108 2028 [ 7CCF424450AF71461CA5ACA14FB45B72 ] Updater Service for StartNow Toolbar C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe

05:03:11.0110 2028 Updater Service for StartNow Toolbar - ok

05:03:11.0142 2028 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

05:03:11.0155 2028 upnphost - ok

05:03:11.0237 2028 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

05:03:11.0238 2028 usbccgp - ok

05:03:11.0299 2028 [ AF08

Share this post


Link to post
Share on other sites

Hello testpilot,

 

TDSSKiller shows that it has removed the infection but to be sure please re-run TDSSKiller and post its log in your reply.

 

Thank you Dark Knight for your service and expediance! This has resolved the issue and this thread can be closed. Donation time!

You are very welcome. Your donation will be greatly appreciated once all seems well on your computer. :thumbup:

Share this post


Link to post
Share on other sites

Due to the lack of feedback this Topic is closed.

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0