Jump to content

mandre87

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Done on the Java install, here is the log: C:\ProgramData\Microsoft\Windows\DRM\3413.tmp Win64/Olmarik.AD trojan cleaned by deleting - quarantined C:\ProgramData\Microsoft\Windows\DRM\3433.tmp Win64/Olmarik.AD trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\10.03.2012_11.16.00\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Olmarik.AYH trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\10.03.2012_11.16.00\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.KB trojan cleaned by deleting - quarantined
  2. The computer is running pretty much normally now, although the browser may be a bit slow. I never noticed the SVChost.exe this much memory before, but in terms of function, the computer is much better after all the help you've given me. Thank you again!
  3. It's pretty constant, staying around 120,000K now for the last 20 minutes or so.
  4. So I disabled all startup items and all non-microsoft services, but after rebooting, svchost.exe was still running at about 110,000K
  5. After booting in safe mode with networking the svchost.exe is only taking up 10,000K (vs. the 130,000K when I boot normally).
  6. Thank you again for all the help!! The security suite shows that everything is "secure". Norton's "quick scan" runs when I try it and only catches tracking cookies. As far as I know it seems to be working. Should SVChost.exe be taking up as much memory as firefox to run? I have many different processes of SVChost.exe running, but one of them is taking up 130,000K memory (from windows task manager).
  7. Nothing was detected, here is the log: 00:08:17.0026 1372 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39 00:08:18.0335 1372 ============================================================ 00:08:18.0335 1372 Current date / time: 2012/03/11 00:08:18.0335 00:08:18.0335 1372 SystemInfo: 00:08:18.0335 1372 00:08:18.0335 1372 OS Version: 6.1.7601 ServicePack: 1.0 00:08:18.0335 1372 Product type: Workstation 00:08:18.0336 1372 ComputerName: MARK-PC 00:08:18.0336 1372 UserName: Mark 00:08:18.0336 1372 Windows directory: C:\Windows 00:08:18.0336 1372 System windows directory: C:\Windows 00:08:18.0336 1372 Running under WOW64 00:08:18.0336 1372 Processor architecture: Intel x64 00:08:18.0336 1372 Number of processors: 8 00:08:18.0336 1372 Page size: 0x1000 00:08:18.0336 1372 Boot type: Normal boot 00:08:18.0336 1372 ============================================================ 00:08:19.0040 1372 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 00:08:19.0046 1372 \Device\Harddisk0\DR0: 00:08:19.0046 1372 MBR used 00:08:19.0046 1372 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0xE8E0909 00:08:19.0065 1372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x113DB000, BlocksNum 0x28FAA800 00:08:19.0145 1372 Initialize success 00:08:19.0145 1372 ============================================================ 00:08:21.0176 2916 ============================================================ 00:08:21.0176 2916 Scan started 00:08:21.0176 2916 Mode: Manual; 00:08:21.0176 2916 ============================================================ 00:08:23.0666 2916 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 00:08:23.0671 2916 1394ohci - ok 00:08:23.0726 2916 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 00:08:23.0759 2916 ACPI - ok 00:08:23.0803 2916 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 00:08:23.0821 2916 AcpiPmi - ok 00:08:23.0924 2916 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 00:08:23.0944 2916 adp94xx - ok 00:08:23.0993 2916 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 00:08:23.0999 2916 adpahci - ok 00:08:24.0041 2916 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 00:08:24.0046 2916 adpu320 - ok 00:08:24.0132 2916 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 00:08:24.0140 2916 AFD - ok 00:08:24.0186 2916 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 00:08:24.0203 2916 agp440 - ok 00:08:24.0259 2916 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 00:08:24.0271 2916 aliide - ok 00:08:24.0313 2916 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 00:08:24.0316 2916 amdide - ok 00:08:24.0363 2916 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 00:08:24.0379 2916 AmdK8 - ok 00:08:24.0418 2916 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 00:08:24.0421 2916 AmdPPM - ok 00:08:24.0469 2916 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 00:08:24.0472 2916 amdsata - ok 00:08:24.0506 2916 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 00:08:24.0511 2916 amdsbs - ok 00:08:24.0544 2916 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 00:08:24.0546 2916 amdxata - ok 00:08:24.0615 2916 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS 00:08:24.0625 2916 AmUStor - ok 00:08:24.0688 2916 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 00:08:24.0706 2916 AppID - ok 00:08:24.0807 2916 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 00:08:24.0810 2916 arc - ok 00:08:24.0842 2916 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 00:08:24.0846 2916 arcsas - ok 00:08:24.0908 2916 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 00:08:24.0927 2916 ASMMAP64 - ok 00:08:24.0971 2916 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 00:08:24.0973 2916 AsyncMac - ok 00:08:25.0036 2916 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 00:08:25.0054 2916 atapi - ok 00:08:25.0104 2916 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys 00:08:25.0108 2916 AthBTPort - ok 00:08:25.0205 2916 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys 00:08:25.0263 2916 athr - ok 00:08:25.0343 2916 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 00:08:25.0368 2916 ATKWMIACPIIO - ok 00:08:25.0457 2916 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 00:08:25.0490 2916 b06bdrv - ok 00:08:25.0533 2916 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 00:08:25.0538 2916 b57nd60a - ok 00:08:25.0579 2916 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 00:08:25.0591 2916 Beep - ok 00:08:25.0768 2916 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120302.001\BHDrvx64.sys 00:08:25.0793 2916 BHDrvx64 - ok 00:08:25.0846 2916 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 00:08:25.0849 2916 blbdrive - ok 00:08:25.0930 2916 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 00:08:25.0945 2916 bowser - ok 00:08:25.0986 2916 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 00:08:25.0988 2916 BrFiltLo - ok 00:08:26.0021 2916 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 00:08:26.0023 2916 BrFiltUp - ok 00:08:26.0081 2916 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 00:08:26.0084 2916 BridgeMP - ok 00:08:26.0137 2916 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 00:08:26.0143 2916 Brserid - ok 00:08:26.0178 2916 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 00:08:26.0181 2916 BrSerWdm - ok 00:08:26.0202 2916 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 00:08:26.0204 2916 BrUsbMdm - ok 00:08:26.0227 2916 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 00:08:26.0229 2916 BrUsbSer - ok 00:08:26.0280 2916 BTATH_A2DP (227c8f308de4af4808e587465ceab838) C:\Windows\system32\drivers\btath_a2dp.sys 00:08:26.0285 2916 BTATH_A2DP - ok 00:08:26.0333 2916 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys 00:08:26.0350 2916 BTATH_BUS - ok 00:08:26.0394 2916 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys 00:08:26.0399 2916 BTATH_HCRP - ok 00:08:26.0443 2916 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys 00:08:26.0446 2916 BTATH_LWFLT - ok 00:08:26.0478 2916 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys 00:08:26.0483 2916 BTATH_RCP - ok 00:08:26.0529 2916 BtFilter (0f4c980b9612abdb25bcabf0c660c058) C:\Windows\system32\DRIVERS\btfilter.sys 00:08:26.0535 2916 BtFilter - ok 00:08:26.0586 2916 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 00:08:26.0603 2916 BthEnum - ok 00:08:26.0759 2916 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 00:08:26.0761 2916 BTHMODEM - ok 00:08:26.0778 2916 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 00:08:26.0782 2916 BthPan - ok 00:08:26.0813 2916 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 00:08:26.0822 2916 BTHPORT - ok 00:08:26.0859 2916 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 00:08:26.0862 2916 BTHUSB - ok 00:08:26.0882 2916 catchme - ok 00:08:26.0908 2916 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 00:08:26.0911 2916 cdfs - ok 00:08:26.0959 2916 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 00:08:26.0973 2916 cdrom - ok 00:08:27.0011 2916 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 00:08:27.0014 2916 circlass - ok 00:08:27.0051 2916 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 00:08:27.0057 2916 CLFS - ok 00:08:27.0141 2916 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 00:08:27.0143 2916 CmBatt - ok 00:08:27.0171 2916 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 00:08:27.0174 2916 cmdide - ok 00:08:27.0222 2916 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 00:08:27.0229 2916 CNG - ok 00:08:27.0257 2916 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 00:08:27.0260 2916 Compbatt - ok 00:08:27.0310 2916 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 00:08:27.0313 2916 CompositeBus - ok 00:08:27.0331 2916 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 00:08:27.0349 2916 crcdisk - ok 00:08:27.0416 2916 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 00:08:27.0424 2916 CSC - ok 00:08:27.0503 2916 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys 00:08:27.0505 2916 CVirtA - ok 00:08:27.0562 2916 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys 00:08:27.0585 2916 CVPNDRVA - ok 00:08:27.0664 2916 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 00:08:27.0667 2916 DfsC - ok 00:08:27.0707 2916 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 00:08:27.0710 2916 discache - ok 00:08:27.0757 2916 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 00:08:27.0761 2916 Disk - ok 00:08:27.0801 2916 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys 00:08:27.0821 2916 DNE - ok 00:08:27.0888 2916 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 00:08:27.0904 2916 Dot4 - ok 00:08:27.0941 2916 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys 00:08:27.0943 2916 Dot4Print - ok 00:08:27.0979 2916 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 00:08:27.0982 2916 dot4usb - ok 00:08:28.0022 2916 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 00:08:28.0024 2916 drmkaud - ok 00:08:28.0087 2916 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 00:08:28.0099 2916 dtsoftbus01 - ok 00:08:28.0150 2916 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 00:08:28.0192 2916 DXGKrnl - ok 00:08:28.0274 2916 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 00:08:28.0358 2916 ebdrv - ok 00:08:28.0444 2916 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 00:08:28.0451 2916 eeCtrl - ok 00:08:28.0520 2916 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 00:08:28.0528 2916 elxstor - ok 00:08:28.0565 2916 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 00:08:28.0584 2916 EraserUtilRebootDrv - ok 00:08:28.0630 2916 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 00:08:28.0632 2916 ErrDev - ok 00:08:28.0688 2916 ETD (05b0dcda418e297a1b4cd8d7b8ade403) C:\Windows\system32\DRIVERS\ETD.sys 00:08:28.0706 2916 ETD - ok 00:08:28.0764 2916 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 00:08:28.0775 2916 exfat - ok 00:08:28.0802 2916 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 00:08:28.0806 2916 fastfat - ok 00:08:28.0845 2916 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 00:08:28.0848 2916 fdc - ok 00:08:28.0885 2916 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 00:08:28.0888 2916 FileInfo - ok 00:08:28.0914 2916 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 00:08:28.0917 2916 Filetrace - ok 00:08:28.0946 2916 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 00:08:28.0957 2916 flpydisk - ok 00:08:29.0020 2916 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 00:08:29.0027 2916 FltMgr - ok 00:08:29.0092 2916 FLxHCIc (d0adbcf2a5316d23ef67dfaa02d5d544) C:\Windows\system32\DRIVERS\FLxHCIc.sys 00:08:29.0106 2916 FLxHCIc - ok 00:08:29.0141 2916 FLxHCIh (f9b6db9727ad2f14ecf84e43eb5279f7) C:\Windows\system32\DRIVERS\FLxHCIh.sys 00:08:29.0157 2916 FLxHCIh - ok 00:08:29.0228 2916 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 00:08:29.0231 2916 FsDepends - ok 00:08:29.0253 2916 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 00:08:29.0268 2916 Fs_Rec - ok 00:08:29.0336 2916 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 00:08:29.0341 2916 fvevol - ok 00:08:29.0384 2916 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 00:08:29.0387 2916 gagp30kx - ok 00:08:29.0453 2916 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 00:08:29.0472 2916 GEARAspiWDM - ok 00:08:29.0520 2916 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 00:08:29.0523 2916 hcw85cir - ok 00:08:29.0578 2916 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 00:08:29.0596 2916 HdAudAddService - ok 00:08:29.0646 2916 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 00:08:29.0649 2916 HDAudBus - ok 00:08:29.0679 2916 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 00:08:29.0695 2916 HidBatt - ok 00:08:29.0732 2916 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 00:08:29.0735 2916 HidBth - ok 00:08:29.0775 2916 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 00:08:29.0778 2916 HidIr - ok 00:08:29.0818 2916 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 00:08:29.0821 2916 HidUsb - ok 00:08:29.0894 2916 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 00:08:29.0897 2916 HpSAMD - ok 00:08:29.0973 2916 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 00:08:29.0993 2916 HTTP - ok 00:08:30.0038 2916 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 00:08:30.0055 2916 hwpolicy - ok 00:08:30.0108 2916 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 00:08:30.0111 2916 i8042prt - ok 00:08:30.0165 2916 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys 00:08:30.0167 2916 iaStor - ok 00:08:30.0254 2916 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 00:08:30.0260 2916 iaStorV - ok 00:08:30.0415 2916 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120309.002\IDSvia64.sys 00:08:30.0422 2916 IDSVia64 - ok 00:08:30.0657 2916 igfx (0089b53f1befd34b7d8ca4ab021335fa) C:\Windows\system32\DRIVERS\igdkmd64.sys 00:08:30.0849 2916 igfx - ok 00:08:30.0910 2916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 00:08:30.0913 2916 iirsp - ok 00:08:30.0999 2916 IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys 00:08:31.0074 2916 IntcAzAudAddService - ok 00:08:31.0142 2916 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 00:08:31.0158 2916 IntcDAud - ok 00:08:31.0203 2916 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 00:08:31.0206 2916 intelide - ok 00:08:31.0245 2916 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 00:08:31.0261 2916 intelppm - ok 00:08:31.0336 2916 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 00:08:31.0339 2916 IpFilterDriver - ok 00:08:31.0374 2916 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 00:08:31.0377 2916 IPMIDRV - ok 00:08:31.0412 2916 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 00:08:31.0415 2916 IPNAT - ok 00:08:31.0466 2916 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 00:08:31.0468 2916 IRENUM - ok 00:08:31.0499 2916 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 00:08:31.0501 2916 isapnp - ok 00:08:31.0536 2916 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 00:08:31.0542 2916 iScsiPrt - ok 00:08:31.0570 2916 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 00:08:31.0573 2916 kbdclass - ok 00:08:31.0602 2916 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 00:08:31.0613 2916 kbdhid - ok 00:08:31.0672 2916 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 00:08:31.0691 2916 kbfiltr - ok 00:08:31.0752 2916 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 00:08:31.0766 2916 KSecDD - ok 00:08:31.0824 2916 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 00:08:31.0828 2916 KSecPkg - ok 00:08:31.0869 2916 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 00:08:31.0871 2916 ksthunk - ok 00:08:31.0923 2916 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 00:08:31.0926 2916 lltdio - ok 00:08:31.0988 2916 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 00:08:31.0992 2916 LSI_FC - ok 00:08:32.0033 2916 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 00:08:32.0036 2916 LSI_SAS - ok 00:08:32.0062 2916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 00:08:32.0077 2916 LSI_SAS2 - ok 00:08:32.0110 2916 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 00:08:32.0113 2916 LSI_SCSI - ok 00:08:32.0146 2916 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 00:08:32.0150 2916 luafv - ok 00:08:32.0178 2916 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 00:08:32.0180 2916 megasas - ok 00:08:32.0219 2916 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 00:08:32.0224 2916 MegaSR - ok 00:08:32.0259 2916 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 00:08:32.0262 2916 MEIx64 - ok 00:08:32.0284 2916 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 00:08:32.0286 2916 Modem - ok 00:08:32.0313 2916 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 00:08:32.0315 2916 monitor - ok 00:08:32.0352 2916 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 00:08:32.0355 2916 mouclass - ok 00:08:32.0386 2916 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 00:08:32.0389 2916 mouhid - ok 00:08:32.0430 2916 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 00:08:32.0433 2916 mountmgr - ok 00:08:32.0471 2916 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 00:08:32.0476 2916 mpio - ok 00:08:32.0503 2916 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 00:08:32.0517 2916 mpsdrv - ok 00:08:32.0574 2916 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 00:08:32.0578 2916 MRxDAV - ok 00:08:32.0629 2916 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 00:08:32.0646 2916 mrxsmb - ok 00:08:32.0688 2916 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 00:08:32.0694 2916 mrxsmb10 - ok 00:08:32.0723 2916 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 00:08:32.0727 2916 mrxsmb20 - ok 00:08:32.0767 2916 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 00:08:32.0769 2916 msahci - ok 00:08:32.0805 2916 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 00:08:32.0809 2916 msdsm - ok 00:08:32.0858 2916 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 00:08:32.0860 2916 Msfs - ok 00:08:32.0893 2916 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 00:08:32.0896 2916 mshidkmdf - ok 00:08:32.0939 2916 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 00:08:32.0942 2916 msisadrv - ok 00:08:32.0979 2916 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 00:08:32.0981 2916 MSKSSRV - ok 00:08:33.0035 2916 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 00:08:33.0037 2916 MSPCLOCK - ok 00:08:33.0067 2916 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 00:08:33.0069 2916 MSPQM - ok 00:08:33.0122 2916 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 00:08:33.0128 2916 MsRPC - ok 00:08:33.0155 2916 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 00:08:33.0158 2916 mssmbios - ok 00:08:33.0184 2916 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 00:08:33.0202 2916 MSTEE - ok 00:08:33.0233 2916 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 00:08:33.0234 2916 MTConfig - ok 00:08:33.0269 2916 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 00:08:33.0272 2916 Mup - ok 00:08:33.0335 2916 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 00:08:33.0349 2916 NativeWifiP - ok 00:08:33.0542 2916 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120309.034\ENG64.SYS 00:08:33.0546 2916 NAVENG - ok 00:08:33.0606 2916 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120309.034\EX64.SYS 00:08:33.0658 2916 NAVEX15 - ok 00:08:33.0780 2916 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 00:08:33.0800 2916 NDIS - ok 00:08:33.0841 2916 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 00:08:33.0843 2916 NdisCap - ok 00:08:33.0883 2916 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 00:08:33.0885 2916 NdisTapi - ok 00:08:33.0924 2916 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 00:08:33.0943 2916 Ndisuio - ok 00:08:33.0997 2916 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 00:08:34.0002 2916 NdisWan - ok 00:08:34.0046 2916 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 00:08:34.0049 2916 NDProxy - ok 00:08:34.0099 2916 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 00:08:34.0102 2916 NetBIOS - ok 00:08:34.0154 2916 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 00:08:34.0168 2916 NetBT - ok 00:08:34.0223 2916 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 00:08:34.0245 2916 nfrd960 - ok 00:08:34.0307 2916 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 00:08:34.0309 2916 Npfs - ok 00:08:34.0339 2916 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 00:08:34.0341 2916 nsiproxy - ok 00:08:34.0399 2916 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 00:08:34.0450 2916 Ntfs - ok 00:08:34.0477 2916 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 00:08:34.0479 2916 Null - ok 00:08:34.0745 2916 nvlddmkm (7328528daf9b8a486e16595a35043db0) C:\Windows\system32\DRIVERS\nvlddmkm.sys 00:08:34.0980 2916 nvlddmkm - ok 00:08:35.0028 2916 nvpciflt (8ae5a124f3b65c3ec531d251a3e9c87f) C:\Windows\system32\DRIVERS\nvpciflt.sys 00:08:35.0046 2916 nvpciflt - ok 00:08:35.0110 2916 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 00:08:35.0115 2916 nvraid - ok 00:08:35.0159 2916 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 00:08:35.0164 2916 nvstor - ok 00:08:35.0277 2916 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 00:08:35.0280 2916 nv_agp - ok 00:08:35.0317 2916 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 00:08:35.0320 2916 ohci1394 - ok 00:08:35.0366 2916 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 00:08:35.0378 2916 Parport - ok 00:08:35.0429 2916 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 00:08:35.0432 2916 partmgr - ok 00:08:35.0474 2916 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 00:08:35.0479 2916 pci - ok 00:08:35.0531 2916 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 00:08:35.0534 2916 pciide - ok 00:08:35.0568 2916 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 00:08:35.0573 2916 pcmcia - ok 00:08:35.0600 2916 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 00:08:35.0603 2916 pcw - ok 00:08:35.0644 2916 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 00:08:35.0653 2916 PEAUTH - ok 00:08:35.0694 2916 pelmouse (7a64358cb01d67dad925d9003f582cbd) C:\Windows\system32\DRIVERS\pelmouse.sys 00:08:35.0697 2916 pelmouse - ok 00:08:35.0722 2916 pelusblf (03980fdaaed3eaf00e4a206f0a632b3d) C:\Windows\system32\DRIVERS\pelusblf.sys 00:08:35.0724 2916 pelusblf - ok 00:08:35.0807 2916 Point64 (33328fa8a580885ab0065be6db266e9f) C:\Windows\system32\DRIVERS\point64.sys 00:08:35.0810 2916 Point64 - ok 00:08:35.0878 2916 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 00:08:35.0912 2916 PptpMiniport - ok 00:08:35.0950 2916 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 00:08:35.0953 2916 Processor - ok 00:08:36.0008 2916 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 00:08:36.0011 2916 Psched - ok 00:08:36.0077 2916 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 00:08:36.0111 2916 ql2300 - ok 00:08:36.0147 2916 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 00:08:36.0164 2916 ql40xx - ok 00:08:36.0206 2916 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 00:08:36.0209 2916 QWAVEdrv - ok 00:08:36.0245 2916 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 00:08:36.0246 2916 RasAcd - ok 00:08:36.0300 2916 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 00:08:36.0303 2916 RasAgileVpn - ok 00:08:36.0353 2916 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 00:08:36.0357 2916 Rasl2tp - ok 00:08:36.0386 2916 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 00:08:36.0389 2916 RasPppoe - ok 00:08:36.0418 2916 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 00:08:36.0421 2916 RasSstp - ok 00:08:36.0460 2916 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 00:08:36.0466 2916 rdbss - ok 00:08:36.0488 2916 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 00:08:36.0491 2916 rdpbus - ok 00:08:36.0524 2916 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 00:08:36.0534 2916 RDPCDD - ok 00:08:36.0584 2916 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 00:08:36.0598 2916 RDPDR - ok 00:08:36.0632 2916 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 00:08:36.0634 2916 RDPENCDD - ok 00:08:36.0660 2916 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 00:08:36.0663 2916 RDPREFMP - ok 00:08:36.0737 2916 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 00:08:36.0739 2916 RdpVideoMiniport - ok 00:08:36.0786 2916 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 00:08:36.0790 2916 RDPWD - ok 00:08:36.0829 2916 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 00:08:36.0834 2916 rdyboost - ok 00:08:36.0878 2916 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 00:08:36.0882 2916 RFCOMM - ok 00:08:36.0914 2916 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 00:08:36.0929 2916 rspndr - ok 00:08:36.0986 2916 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys 00:08:37.0008 2916 RTL8167 - ok 00:08:37.0056 2916 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 00:08:37.0060 2916 sbp2port - ok 00:08:37.0114 2916 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 00:08:37.0116 2916 scfilter - ok 00:08:37.0177 2916 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 00:08:37.0180 2916 secdrv - ok 00:08:37.0228 2916 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 00:08:37.0231 2916 Serenum - ok 00:08:37.0268 2916 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 00:08:37.0270 2916 Serial - ok 00:08:37.0317 2916 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 00:08:37.0320 2916 sermouse - ok 00:08:37.0357 2916 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 00:08:37.0368 2916 sffdisk - ok 00:08:37.0400 2916 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 00:08:37.0402 2916 sffp_mmc - ok 00:08:37.0431 2916 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 00:08:37.0434 2916 sffp_sd - ok 00:08:37.0469 2916 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 00:08:37.0482 2916 sfloppy - ok 00:08:37.0557 2916 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 00:08:37.0560 2916 SiSGbeLH - ok 00:08:37.0590 2916 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 00:08:37.0591 2916 SiSRaid2 - ok 00:08:37.0626 2916 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 00:08:37.0629 2916 SiSRaid4 - ok 00:08:37.0668 2916 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 00:08:37.0671 2916 Smb - ok 00:08:37.0714 2916 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 00:08:37.0717 2916 spldr - ok 00:08:37.0844 2916 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS 00:08:37.0861 2916 SRTSP - ok 00:08:37.0893 2916 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS 00:08:37.0895 2916 SRTSPX - ok 00:08:37.0944 2916 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 00:08:37.0973 2916 srv - ok 00:08:38.0014 2916 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 00:08:38.0021 2916 srv2 - ok 00:08:38.0067 2916 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 00:08:38.0071 2916 srvnet - ok 00:08:38.0124 2916 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 00:08:38.0127 2916 stexstor - ok 00:08:38.0177 2916 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 00:08:38.0180 2916 swenum - ok 00:08:38.0281 2916 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS 00:08:38.0289 2916 SymDS - ok 00:08:38.0326 2916 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS 00:08:38.0351 2916 SymEFA - ok 00:08:38.0409 2916 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 00:08:38.0413 2916 SymEvent - ok 00:08:38.0506 2916 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS 00:08:38.0511 2916 SymIRON - ok 00:08:38.0566 2916 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS 00:08:38.0573 2916 SymNetS - ok 00:08:38.0603 2916 Synth3dVsc - ok 00:08:38.0699 2916 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 00:08:38.0757 2916 Tcpip - ok 00:08:38.0814 2916 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 00:08:38.0823 2916 TCPIP6 - ok 00:08:38.0883 2916 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 00:08:38.0900 2916 tcpipreg - ok 00:08:38.0961 2916 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 00:08:38.0974 2916 TDPIPE - ok 00:08:39.0013 2916 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 00:08:39.0016 2916 TDTCP - ok 00:08:39.0076 2916 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 00:08:39.0079 2916 tdx - ok 00:08:39.0114 2916 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 00:08:39.0116 2916 TermDD - ok 00:08:39.0182 2916 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 00:08:39.0184 2916 tssecsrv - ok 00:08:39.0236 2916 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 00:08:39.0239 2916 TsUsbFlt - ok 00:08:39.0263 2916 tsusbhub - ok 00:08:39.0319 2916 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 00:08:39.0322 2916 tunnel - ok 00:08:39.0365 2916 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys 00:08:39.0374 2916 TurboB - ok 00:08:39.0415 2916 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 00:08:39.0418 2916 uagp35 - ok 00:08:39.0480 2916 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 00:08:39.0486 2916 udfs - ok 00:08:39.0643 2916 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 00:08:39.0648 2916 uliagpkx - ok 00:08:39.0743 2916 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 00:08:39.0746 2916 umbus - ok 00:08:39.0787 2916 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 00:08:39.0789 2916 UmPass - ok 00:08:39.0842 2916 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 00:08:39.0845 2916 usbccgp - ok 00:08:39.0883 2916 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 00:08:39.0886 2916 usbcir - ok 00:08:39.0926 2916 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 00:08:39.0929 2916 usbehci - ok 00:08:39.0971 2916 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 00:08:39.0977 2916 usbhub - ok 00:08:40.0015 2916 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 00:08:40.0018 2916 usbohci - ok 00:08:40.0073 2916 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 00:08:40.0086 2916 usbprint - ok 00:08:40.0134 2916 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 00:08:40.0137 2916 usbscan - ok 00:08:40.0182 2916 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 00:08:40.0185 2916 USBSTOR - ok 00:08:40.0226 2916 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 00:08:40.0239 2916 usbuhci - ok 00:08:40.0296 2916 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 00:08:40.0301 2916 usbvideo - ok 00:08:40.0349 2916 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys 00:08:40.0358 2916 usb_rndisx - ok 00:08:40.0407 2916 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 00:08:40.0410 2916 vdrvroot - ok 00:08:40.0460 2916 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 00:08:40.0463 2916 vga - ok 00:08:40.0494 2916 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 00:08:40.0497 2916 VgaSave - ok 00:08:40.0533 2916 VGPU - ok 00:08:40.0576 2916 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 00:08:40.0581 2916 vhdmp - ok 00:08:40.0629 2916 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 00:08:40.0632 2916 viaide - ok 00:08:40.0665 2916 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 00:08:40.0668 2916 volmgr - ok 00:08:40.0727 2916 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 00:08:40.0743 2916 volmgrx - ok 00:08:40.0791 2916 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 00:08:40.0796 2916 volsnap - ok 00:08:40.0848 2916 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 00:08:40.0853 2916 vsmraid - ok 00:08:40.0891 2916 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 00:08:40.0893 2916 vwifibus - ok 00:08:40.0924 2916 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 00:08:40.0928 2916 vwififlt - ok 00:08:40.0972 2916 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 00:08:40.0975 2916 vwifimp - ok 00:08:41.0013 2916 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 00:08:41.0016 2916 WacomPen - ok 00:08:41.0076 2916 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 00:08:41.0079 2916 WANARP - ok 00:08:41.0083 2916 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 00:08:41.0083 2916 Wanarpv6 - ok 00:08:41.0156 2916 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 00:08:41.0171 2916 Wd - ok 00:08:41.0215 2916 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 00:08:41.0231 2916 Wdf01000 - ok 00:08:41.0293 2916 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 00:08:41.0295 2916 WfpLwf - ok 00:08:41.0355 2916 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 00:08:41.0368 2916 WimFltr - ok 00:08:41.0433 2916 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 00:08:41.0436 2916 WIMMount - ok 00:08:41.0499 2916 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 00:08:41.0501 2916 WmiAcpi - ok 00:08:41.0585 2916 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 00:08:41.0588 2916 ws2ifsl - ok 00:08:41.0654 2916 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 00:08:41.0671 2916 WSDPrintDevice - ok 00:08:41.0742 2916 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 00:08:41.0745 2916 WudfPf - ok 00:08:41.0780 2916 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 00:08:41.0784 2916 WUDFRd - ok 00:08:41.0821 2916 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 00:08:41.0889 2916 \Device\Harddisk0\DR0 - ok 00:08:41.0897 2916 Boot (0x1200) (a76b6a2af9815e2e1f641dff1ae32783) \Device\Harddisk0\DR0\Partition0 00:08:41.0899 2916 \Device\Harddisk0\DR0\Partition0 - ok 00:08:41.0915 2916 Boot (0x1200) (7b56c55d99e128770e4ed3809da5f27c) \Device\Harddisk0\DR0\Partition1 00:08:41.0917 2916 \Device\Harddisk0\DR0\Partition1 - ok 00:08:41.0918 2916 ============================================================ 00:08:41.0918 2916 Scan finished 00:08:41.0918 2916 ============================================================ 00:08:41.0924 3636 Detected object count: 0 00:08:41.0924 3636 Actual detected object count: 0
  8. I got it to work! I'm still getting random problems from the virus: My startup is back to normal, but my wireless adapter is disabled on every startup. I have to turn it off/on again for it to start working. Also, SCVhost.exe still comes up as the most memory using process on my computer. Here is the log: ComboFix 12-03-10.02 - Mark 03/10/2012 20:05:43.4.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4007.2286 [GMT -8:00] Running from: c:\users\Mark\Desktop\ComboFix2.exe AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Security Suite *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\FullRemove.exe . . ((((((((((((((((((((((((( Files Created from 2012-02-11 to 2012-03-11 ))))))))))))))))))))))))))))))) . . 2012-03-11 04:12 . 2012-03-11 04:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-03-11 04:12 . 2012-03-11 04:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-10 19:17 . 2012-03-10 19:17 -------- d-----w- C:\TDSSKiller_Quarantine 2012-03-10 00:06 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5B380895-31F5-4D69-B19F-B63041378905}\mpengine.dll 2012-03-09 16:27 . 2012-03-09 16:27 -------- d-----w- c:\users\Mark\AppData\Local\ElevatedDiagnostics 2012-03-08 08:10 . 2012-03-08 08:10 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\3433.tmp 2012-03-08 08:10 . 2012-03-08 08:10 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\3413.tmp 2012-03-02 06:59 . 2012-03-08 23:37 -------- d-----w- C:\Riot Games 2012-02-15 18:30 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-15 18:30 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-15 18:30 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-15 18:30 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-15 18:30 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-15 18:30 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-15 18:30 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-15 18:30 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-11 04:01 . 2011-05-27 13:42 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-02-23 17:18 . 2011-12-19 18:57 279656 ------w- c:\windows\system32\MpSigStub.exe 2011-12-17 02:34 . 2011-12-17 02:33 279616 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2010-11-19 37888] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ SafeConnect.lnk - c:\program files (x86)\SafeConnect\scClient.exe [2011-7-20 296088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "midi2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-22 51445112] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 135664] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280] R4 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312] R4 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [x] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [2012-03-02 1157240] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120309.002\IDSvia64.sys [2012-03-07 488568] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896] S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe [2011-04-17 130008] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-14 2009704] S2 SCManager;SafeConnect Manager;c:\program files (x86)\SafeConnect\scManager.sys servicestart [x] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-09 138360] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 18:58] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 18:58] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1025305619-3755157546-3709387571-1002Core.job - c:\users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-27 16:45] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1025305619-3755157546-3709387571-1002UA.job - c:\users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-27 16:45] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-11-30 2186856] "AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "Mouse Suite 98 Daemon"="c:\program files\Rocketfish 2.4GHz Ergo Laser Mouse Driver\ICO.EXE" [2009-04-23 118272] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-22 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-22 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-22 416024] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://asus.msn.com mStart Page = hxxp://asus.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 FF - ProfilePath - c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\796abxhh.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-AdobeBridge - (no file) Toolbar-Locked - (no file) HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\5.2.0.13\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-03-10 20:14:03 ComboFix-quarantined-files.txt 2012-03-11 04:14 . Pre-Run: 15,468,834,816 bytes free Post-Run: 16,440,680,448 bytes free . - - End Of File - - 3D614FF9F3289CF9A09AC25A2B1A7414
  9. First off, thank you for all your help so far! I did not get a prompt for the recovery console, but the combofix gets stuck at "Completed Stage_4". I've downloaded/redownloaded/reran it three times. I turned off pretty much everything that my Norton 360 antivirus does. Suggestions?
  10. While my antivirus, Norton security suite, never detected the virus before, it popped up after I ran the TDSSKiller saying it had found and was now blocking tsk0000 (trojan.gen), tsk0001 (trojan horse), task0003 (Backdoor.Pihar), tsk0005 (Backdoor.Pihar), task0009 (Trojan horse), & tsk0010.dta (Trojan horse). Here are the results of the TDSS scan: 11:15:58.0718 1636 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39 11:16:00.0719 1636 ============================================================ 11:16:00.0719 1636 Current date / time: 2012/03/10 11:16:00.0719 11:16:00.0719 1636 SystemInfo: 11:16:00.0719 1636 11:16:00.0720 1636 OS Version: 6.1.7601 ServicePack: 1.0 11:16:00.0720 1636 Product type: Workstation 11:16:00.0720 1636 ComputerName: MARK-PC 11:16:00.0720 1636 UserName: Mark 11:16:00.0720 1636 Windows directory: C:\Windows 11:16:00.0720 1636 System windows directory: C:\Windows 11:16:00.0720 1636 Running under WOW64 11:16:00.0720 1636 Processor architecture: Intel x64 11:16:00.0720 1636 Number of processors: 8 11:16:00.0720 1636 Page size: 0x1000 11:16:00.0720 1636 Boot type: Normal boot 11:16:00.0720 1636 ============================================================ 11:16:01.0722 1636 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:16:01.0728 1636 \Device\Harddisk0\DR0: 11:16:01.0728 1636 MBR used 11:16:01.0728 1636 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0xE8E0909 11:16:01.0741 1636 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x113DB000, BlocksNum 0x28FAA800 11:16:01.0829 1636 Initialize success 11:16:01.0829 1636 ============================================================ 11:16:25.0945 2264 ============================================================ 11:16:25.0945 2264 Scan started 11:16:25.0945 2264 Mode: Manual; 11:16:25.0945 2264 ============================================================ 11:16:26.0433 2264 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:16:26.0446 2264 1394ohci - ok 11:16:26.0502 2264 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:16:26.0508 2264 ACPI - ok 11:16:26.0546 2264 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:16:26.0548 2264 AcpiPmi - ok 11:16:26.0625 2264 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 11:16:26.0649 2264 adp94xx - ok 11:16:26.0694 2264 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 11:16:26.0701 2264 adpahci - ok 11:16:26.0743 2264 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 11:16:26.0748 2264 adpu320 - ok 11:16:26.0833 2264 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:16:26.0852 2264 AFD - ok 11:16:26.0904 2264 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:16:26.0908 2264 agp440 - ok 11:16:26.0960 2264 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:16:26.0963 2264 aliide - ok 11:16:26.0998 2264 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:16:27.0001 2264 amdide - ok 11:16:27.0031 2264 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 11:16:27.0035 2264 AmdK8 - ok 11:16:27.0070 2264 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 11:16:27.0073 2264 AmdPPM - ok 11:16:27.0121 2264 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:16:27.0124 2264 amdsata - ok 11:16:27.0158 2264 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 11:16:27.0163 2264 amdsbs - ok 11:16:27.0196 2264 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:16:27.0199 2264 amdxata - ok 11:16:27.0267 2264 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS 11:16:27.0270 2264 AmUStor - ok 11:16:27.0331 2264 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:16:27.0350 2264 AppID - ok 11:16:27.0443 2264 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 11:16:27.0447 2264 arc - ok 11:16:27.0469 2264 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 11:16:27.0471 2264 arcsas - ok 11:16:27.0543 2264 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 11:16:27.0545 2264 ASMMAP64 - ok 11:16:27.0582 2264 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:16:27.0584 2264 AsyncMac - ok 11:16:27.0639 2264 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:16:27.0642 2264 atapi - ok 11:16:27.0707 2264 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys 11:16:27.0718 2264 AthBTPort - ok 11:16:27.0815 2264 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys 11:16:27.0898 2264 athr - ok 11:16:27.0987 2264 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 11:16:27.0990 2264 ATKWMIACPIIO - ok 11:16:28.0217 2264 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 11:16:37.0500 2264 b06bdrv - ok 11:16:37.0583 2264 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:16:37.0603 2264 b57nd60a - ok 11:16:37.0662 2264 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:16:37.0664 2264 Beep - ok 11:16:37.0842 2264 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120302.001\BHDrvx64.sys 11:16:37.0884 2264 BHDrvx64 - ok 11:16:37.0946 2264 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 11:16:37.0949 2264 blbdrive - ok 11:16:38.0030 2264 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:16:38.0033 2264 bowser - ok 11:16:38.0069 2264 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 11:16:38.0071 2264 BrFiltLo - ok 11:16:38.0104 2264 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 11:16:38.0107 2264 BrFiltUp - ok 11:16:38.0162 2264 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:16:38.0168 2264 Brserid - ok 11:16:38.0204 2264 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:16:38.0206 2264 BrSerWdm - ok 11:16:38.0228 2264 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:16:38.0230 2264 BrUsbMdm - ok 11:16:38.0253 2264 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 11:16:38.0254 2264 BrUsbSer - ok 11:16:38.0305 2264 BTATH_A2DP (227c8f308de4af4808e587465ceab838) C:\Windows\system32\drivers\btath_a2dp.sys 11:16:38.0310 2264 BTATH_A2DP - ok 11:16:38.0358 2264 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys 11:16:38.0361 2264 BTATH_BUS - ok 11:16:38.0403 2264 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys 11:16:38.0419 2264 BTATH_HCRP - ok 11:16:38.0468 2264 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys 11:16:38.0471 2264 BTATH_LWFLT - ok 11:16:38.0504 2264 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys 11:16:38.0508 2264 BTATH_RCP - ok 11:16:38.0563 2264 BtFilter (0f4c980b9612abdb25bcabf0c660c058) C:\Windows\system32\DRIVERS\btfilter.sys 11:16:38.0568 2264 BtFilter - ok 11:16:38.0620 2264 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 11:16:38.0623 2264 BthEnum - ok 11:16:38.0677 2264 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 11:16:38.0680 2264 BTHMODEM - ok 11:16:38.0713 2264 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 11:16:38.0716 2264 BthPan - ok 11:16:38.0773 2264 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 11:16:38.0791 2264 BTHPORT - ok 11:16:38.0852 2264 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 11:16:38.0855 2264 BTHUSB - ok 11:16:38.0892 2264 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:16:38.0896 2264 cdfs - ok 11:16:38.0960 2264 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 11:16:38.0974 2264 cdrom - ok 11:16:39.0021 2264 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 11:16:39.0023 2264 circlass - ok 11:16:39.0068 2264 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:16:39.0074 2264 CLFS - ok 11:16:39.0125 2264 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 11:16:39.0127 2264 CmBatt - ok 11:16:39.0156 2264 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:16:39.0158 2264 cmdide - ok 11:16:39.0200 2264 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 11:16:39.0236 2264 CNG - ok 11:16:39.0291 2264 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 11:16:39.0293 2264 Compbatt - ok 11:16:39.0344 2264 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:16:39.0347 2264 CompositeBus - ok 11:16:39.0365 2264 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 11:16:39.0383 2264 crcdisk - ok 11:16:39.0425 2264 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 11:16:39.0433 2264 CSC - ok 11:16:39.0495 2264 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys 11:16:39.0498 2264 CVirtA - ok 11:16:39.0546 2264 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys 11:16:39.0569 2264 CVPNDRVA - ok 11:16:39.0630 2264 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:16:39.0634 2264 DfsC - ok 11:16:39.0674 2264 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:16:39.0676 2264 discache - ok 11:16:39.0708 2264 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 11:16:39.0710 2264 Disk - ok 11:16:39.0744 2264 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys 11:16:39.0747 2264 DNE - ok 11:16:39.0813 2264 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 11:16:39.0830 2264 Dot4 - ok 11:16:39.0866 2264 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys 11:16:39.0870 2264 Dot4Print - ok 11:16:39.0888 2264 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 11:16:39.0891 2264 dot4usb - ok 11:16:39.0931 2264 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:16:39.0946 2264 drmkaud - ok 11:16:39.0988 2264 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 11:16:39.0993 2264 dtsoftbus01 - ok 11:16:40.0034 2264 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:16:40.0076 2264 DXGKrnl - ok 11:16:40.0142 2264 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 11:16:40.0236 2264 ebdrv - ok 11:16:40.0328 2264 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 11:16:40.0336 2264 eeCtrl - ok 11:16:40.0412 2264 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 11:16:40.0421 2264 elxstor - ok 11:16:40.0458 2264 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 11:16:40.0462 2264 EraserUtilRebootDrv - ok 11:16:40.0498 2264 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:16:40.0501 2264 ErrDev - ok 11:16:40.0556 2264 ETD (05b0dcda418e297a1b4cd8d7b8ade403) C:\Windows\system32\DRIVERS\ETD.sys 11:16:40.0574 2264 ETD - ok 11:16:40.0640 2264 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:16:40.0644 2264 exfat - ok 11:16:40.0678 2264 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:16:40.0682 2264 fastfat - ok 11:16:40.0730 2264 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 11:16:40.0732 2264 fdc - ok 11:16:40.0769 2264 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:16:40.0773 2264 FileInfo - ok 11:16:40.0799 2264 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:16:40.0801 2264 Filetrace - ok 11:16:40.0831 2264 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 11:16:40.0833 2264 flpydisk - ok 11:16:40.0888 2264 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:16:40.0894 2264 FltMgr - ok 11:16:40.0960 2264 FLxHCIc (d0adbcf2a5316d23ef67dfaa02d5d544) C:\Windows\system32\DRIVERS\FLxHCIc.sys 11:16:40.0965 2264 FLxHCIc - ok 11:16:40.0993 2264 FLxHCIh (f9b6db9727ad2f14ecf84e43eb5279f7) C:\Windows\system32\DRIVERS\FLxHCIh.sys 11:16:41.0009 2264 FLxHCIh - ok 11:16:41.0079 2264 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:16:41.0082 2264 FsDepends - ok 11:16:41.0104 2264 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 11:16:41.0106 2264 Fs_Rec - ok 11:16:41.0171 2264 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:16:41.0175 2264 fvevol - ok 11:16:41.0219 2264 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 11:16:41.0222 2264 gagp30kx - ok 11:16:41.0288 2264 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:16:41.0296 2264 GEARAspiWDM - ok 11:16:41.0339 2264 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:16:41.0341 2264 hcw85cir - ok 11:16:41.0396 2264 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:16:41.0403 2264 HdAudAddService - ok 11:16:41.0464 2264 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 11:16:41.0467 2264 HDAudBus - ok 11:16:41.0498 2264 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 11:16:41.0513 2264 HidBatt - ok 11:16:41.0550 2264 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 11:16:41.0553 2264 HidBth - ok 11:16:41.0594 2264 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 11:16:41.0597 2264 HidIr - ok 11:16:41.0653 2264 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 11:16:41.0656 2264 HidUsb - ok 11:16:41.0729 2264 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:16:41.0732 2264 HpSAMD - ok 11:16:41.0808 2264 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:16:41.0828 2264 HTTP - ok 11:16:41.0873 2264 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:16:41.0876 2264 hwpolicy - ok 11:16:41.0951 2264 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 11:16:41.0954 2264 i8042prt - ok 11:16:42.0025 2264 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys 11:16:42.0027 2264 iaStor - ok 11:16:42.0088 2264 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:16:42.0096 2264 iaStorV - ok 11:16:42.0234 2264 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120309.002\IDSvia64.sys 11:16:42.0242 2264 IDSVia64 - ok 11:16:42.0500 2264 igfx (0089b53f1befd34b7d8ca4ab021335fa) C:\Windows\system32\DRIVERS\igdkmd64.sys 11:16:42.0724 2264 igfx - ok 11:16:42.0778 2264 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 11:16:42.0781 2264 iirsp - ok 11:16:42.0874 2264 IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys 11:16:42.0950 2264 IntcAzAudAddService - ok 11:16:43.0019 2264 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 11:16:43.0035 2264 IntcDAud - ok 11:16:43.0080 2264 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:16:43.0083 2264 intelide - ok 11:16:43.0137 2264 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 11:16:43.0141 2264 intelppm - ok 11:16:43.0212 2264 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:16:43.0215 2264 IpFilterDriver - ok 11:16:43.0266 2264 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:16:43.0269 2264 IPMIDRV - ok 11:16:43.0321 2264 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:16:43.0324 2264 IPNAT - ok 11:16:43.0400 2264 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:16:43.0402 2264 IRENUM - ok 11:16:43.0449 2264 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:16:43.0451 2264 isapnp - ok 11:16:43.0487 2264 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:16:43.0492 2264 iScsiPrt - ok 11:16:43.0537 2264 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 11:16:43.0540 2264 kbdclass - ok 11:16:43.0585 2264 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 11:16:43.0596 2264 kbdhid - ok 11:16:43.0647 2264 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 11:16:43.0666 2264 kbfiltr - ok 11:16:43.0727 2264 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 11:16:43.0731 2264 KSecDD - ok 11:16:43.0774 2264 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 11:16:43.0779 2264 KSecPkg - ok 11:16:43.0819 2264 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:16:43.0821 2264 ksthunk - ok 11:16:43.0890 2264 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:16:43.0892 2264 lltdio - ok 11:16:43.0980 2264 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 11:16:43.0984 2264 LSI_FC - ok 11:16:44.0024 2264 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 11:16:44.0027 2264 LSI_SAS - ok 11:16:44.0054 2264 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 11:16:44.0069 2264 LSI_SAS2 - ok 11:16:44.0102 2264 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 11:16:44.0104 2264 LSI_SCSI - ok 11:16:44.0146 2264 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:16:44.0150 2264 luafv - ok 11:16:44.0194 2264 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 11:16:44.0197 2264 megasas - ok 11:16:44.0252 2264 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 11:16:44.0257 2264 MegaSR - ok 11:16:44.0300 2264 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 11:16:44.0302 2264 MEIx64 - ok 11:16:44.0326 2264 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:16:44.0327 2264 Modem - ok 11:16:44.0370 2264 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:16:44.0372 2264 monitor - ok 11:16:44.0434 2264 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 11:16:44.0437 2264 mouclass - ok 11:16:44.0477 2264 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:16:44.0479 2264 mouhid - ok 11:16:44.0546 2264 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:16:44.0550 2264 mountmgr - ok 11:16:44.0595 2264 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:16:44.0600 2264 mpio - ok 11:16:44.0643 2264 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:16:44.0657 2264 mpsdrv - ok 11:16:44.0730 2264 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:16:44.0735 2264 MRxDAV - ok 11:16:44.0786 2264 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:16:44.0802 2264 mrxsmb - ok 11:16:44.0878 2264 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:16:44.0883 2264 mrxsmb10 - ok 11:16:44.0929 2264 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:16:44.0954 2264 mrxsmb20 - ok 11:16:45.0006 2264 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:16:45.0009 2264 msahci - ok 11:16:45.0036 2264 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:16:45.0040 2264 msdsm - ok 11:16:45.0097 2264 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:16:45.0099 2264 Msfs - ok 11:16:45.0132 2264 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:16:45.0135 2264 mshidkmdf - ok 11:16:45.0253 2264 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:16:45.0256 2264 msisadrv - ok 11:16:45.0309 2264 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:16:45.0311 2264 MSKSSRV - ok 11:16:45.0348 2264 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:16:45.0351 2264 MSPCLOCK - ok 11:16:45.0380 2264 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:16:45.0382 2264 MSPQM - ok 11:16:45.0435 2264 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:16:45.0441 2264 MsRPC - ok 11:16:45.0485 2264 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:16:45.0487 2264 mssmbios - ok 11:16:45.0547 2264 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:16:45.0565 2264 MSTEE - ok 11:16:45.0639 2264 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 11:16:45.0641 2264 MTConfig - ok 11:16:45.0673 2264 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:16:45.0676 2264 Mup - ok 11:16:45.0764 2264 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:16:45.0789 2264 NativeWifiP - ok 11:16:46.0021 2264 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120309.034\ENG64.SYS 11:16:46.0024 2264 NAVENG - ok 11:16:46.0208 2264 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120309.034\EX64.SYS 11:16:46.0259 2264 NAVEX15 - ok 11:16:46.0373 2264 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 11:16:46.0399 2264 NDIS - ok 11:16:46.0451 2264 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:16:46.0454 2264 NdisCap - ok 11:16:46.0501 2264 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:16:46.0504 2264 NdisTapi - ok 11:16:46.0551 2264 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:16:46.0554 2264 Ndisuio - ok 11:16:46.0624 2264 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:16:46.0629 2264 NdisWan - ok 11:16:46.0698 2264 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:16:46.0701 2264 NDProxy - ok 11:16:46.0800 2264 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:16:46.0803 2264 NetBIOS - ok 11:16:46.0856 2264 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:16:46.0861 2264 NetBT - ok 11:16:46.0967 2264 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 11:16:46.0980 2264 nfrd960 - ok 11:16:47.0166 2264 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:16:47.0168 2264 Npfs - ok 11:16:47.0198 2264 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:16:47.0200 2264 nsiproxy - ok 11:16:47.0258 2264 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:16:47.0292 2264 Ntfs - ok 11:16:47.0369 2264 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:16:47.0371 2264 Null - ok 11:16:47.0809 2264 nvlddmkm (7328528daf9b8a486e16595a35043db0) C:\Windows\system32\DRIVERS\nvlddmkm.sys 11:16:48.0093 2264 nvlddmkm - ok 11:16:48.0183 2264 nvpciflt (8ae5a124f3b65c3ec531d251a3e9c87f) C:\Windows\system32\DRIVERS\nvpciflt.sys 11:16:48.0186 2264 nvpciflt - ok 11:16:48.0242 2264 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:16:48.0259 2264 nvraid - ok 11:16:48.0299 2264 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:16:48.0302 2264 nvstor - ok 11:16:48.0359 2264 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:16:48.0362 2264 nv_agp - ok 11:16:48.0398 2264 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:16:48.0402 2264 ohci1394 - ok 11:16:48.0440 2264 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 11:16:48.0451 2264 Parport - ok 11:16:48.0502 2264 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 11:16:48.0505 2264 partmgr - ok 11:16:48.0556 2264 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 11:16:48.0560 2264 pci - ok 11:16:48.0605 2264 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:16:48.0608 2264 pciide - ok 11:16:48.0641 2264 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 11:16:48.0645 2264 pcmcia - ok 11:16:48.0674 2264 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:16:48.0676 2264 pcw - ok 11:16:48.0718 2264 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:16:48.0726 2264 PEAUTH - ok 11:16:48.0768 2264 pelmouse (7a64358cb01d67dad925d9003f582cbd) C:\Windows\system32\DRIVERS\pelmouse.sys 11:16:48.0770 2264 pelmouse - ok 11:16:48.0795 2264 pelusblf (03980fdaaed3eaf00e4a206f0a632b3d) C:\Windows\system32\DRIVERS\pelusblf.sys 11:16:48.0797 2264 pelusblf - ok 11:16:48.0864 2264 Point64 (33328fa8a580885ab0065be6db266e9f) C:\Windows\system32\DRIVERS\point64.sys 11:16:48.0867 2264 Point64 - ok 11:16:48.0935 2264 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:16:48.0938 2264 PptpMiniport - ok 11:16:48.0974 2264 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 11:16:48.0978 2264 Processor - ok 11:16:49.0040 2264 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:16:49.0043 2264 Psched - ok 11:16:49.0109 2264 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 11:16:49.0143 2264 ql2300 - ok 11:16:49.0179 2264 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 11:16:49.0196 2264 ql40xx - ok 11:16:49.0239 2264 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:16:49.0241 2264 QWAVEdrv - ok 11:16:49.0260 2264 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:16:49.0261 2264 RasAcd - ok 11:16:49.0308 2264 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:16:49.0310 2264 RasAgileVpn - ok 11:16:49.0361 2264 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:16:49.0364 2264 Rasl2tp - ok 11:16:49.0394 2264 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:16:49.0396 2264 RasPppoe - ok 11:16:49.0425 2264 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:16:49.0428 2264 RasSstp - ok 11:16:49.0467 2264 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:16:49.0472 2264 rdbss - ok 11:16:49.0496 2264 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 11:16:49.0498 2264 rdpbus - ok 11:16:49.0539 2264 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:16:49.0541 2264 RDPCDD - ok 11:16:49.0593 2264 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 11:16:49.0596 2264 RDPDR - ok 11:16:49.0672 2264 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:16:49.0679 2264 RDPENCDD - ok 11:16:49.0838 2264 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:16:49.0839 2264 RDPREFMP - ok 11:16:49.0984 2264 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 11:16:49.0986 2264 RdpVideoMiniport - ok 11:16:50.0032 2264 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 11:16:50.0036 2264 RDPWD - ok 11:16:50.0109 2264 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:16:50.0113 2264 rdyboost - ok 11:16:50.0166 2264 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 11:16:50.0170 2264 RFCOMM - ok 11:16:50.0202 2264 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:16:50.0214 2264 rspndr - ok 11:16:50.0282 2264 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys 11:16:50.0304 2264 RTL8167 - ok 11:16:50.0352 2264 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:16:50.0356 2264 sbp2port - ok 11:16:50.0410 2264 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:16:50.0412 2264 scfilter - ok 11:16:50.0465 2264 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:16:50.0467 2264 secdrv - ok 11:16:50.0516 2264 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 11:16:50.0519 2264 Serenum - ok 11:16:50.0556 2264 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 11:16:50.0559 2264 Serial - ok 11:16:50.0605 2264 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 11:16:50.0608 2264 sermouse - ok 11:16:50.0645 2264 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:16:50.0656 2264 sffdisk - ok 11:16:50.0688 2264 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:16:50.0690 2264 sffp_mmc - ok 11:16:50.0719 2264 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:16:50.0722 2264 sffp_sd - ok 11:16:50.0766 2264 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 11:16:50.0769 2264 sfloppy - ok 11:16:50.0804 2264 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 11:16:50.0807 2264 SiSGbeLH - ok 11:16:50.0828 2264 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 11:16:50.0830 2264 SiSRaid2 - ok 11:16:50.0865 2264 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 11:16:50.0868 2264 SiSRaid4 - ok 11:16:50.0915 2264 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:16:50.0917 2264 Smb - ok 11:16:50.0961 2264 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:16:50.0963 2264 spldr - ok 11:16:51.0058 2264 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS 11:16:51.0075 2264 SRTSP - ok 11:16:51.0115 2264 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS 11:16:51.0128 2264 SRTSPX - ok 11:16:51.0174 2264 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:16:51.0203 2264 srv - ok 11:16:51.0244 2264 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:16:51.0250 2264 srv2 - ok 11:16:51.0288 2264 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:16:51.0305 2264 srvnet - ok 11:16:51.0363 2264 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 11:16:51.0366 2264 stexstor - ok 11:16:51.0415 2264 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:16:51.0429 2264 swenum - ok 11:16:51.0535 2264 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS 11:16:51.0569 2264 SymDS - ok 11:16:51.0614 2264 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS 11:16:51.0655 2264 SymEFA - ok 11:16:51.0721 2264 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 11:16:51.0725 2264 SymEvent - ok 11:16:51.0794 2264 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS 11:16:51.0799 2264 SymIRON - ok 11:16:51.0846 2264 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS 11:16:51.0852 2264 SymNetS - ok 11:16:51.0882 2264 Synth3dVsc - ok 11:16:51.0970 2264 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 11:16:52.0028 2264 Tcpip - ok 11:16:52.0118 2264 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 11:16:52.0127 2264 TCPIP6 - ok 11:16:52.0171 2264 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:16:52.0174 2264 tcpipreg - ok 11:16:52.0208 2264 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:16:52.0221 2264 TDPIPE - ok 11:16:52.0414 2264 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 11:16:52.0417 2264 TDTCP - ok 11:16:52.0471 2264 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:16:52.0474 2264 tdx - ok 11:16:52.0517 2264 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:16:52.0520 2264 TermDD - ok 11:16:52.0585 2264 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:16:52.0588 2264 tssecsrv - ok 11:16:52.0640 2264 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:16:52.0643 2264 TsUsbFlt - ok 11:16:52.0666 2264 tsusbhub - ok 11:16:52.0722 2264 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:16:52.0725 2264 tunnel - ok 11:16:52.0768 2264 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys 11:16:52.0775 2264 TurboB - ok 11:16:52.0819 2264 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 11:16:52.0823 2264 uagp35 - ok 11:16:52.0875 2264 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:16:52.0881 2264 udfs - ok 11:16:52.0931 2264 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:16:52.0934 2264 uliagpkx - ok 11:16:52.0965 2264 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 11:16:52.0967 2264 umbus - ok 11:16:53.0000 2264 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 11:16:53.0003 2264 UmPass - ok 11:16:53.0048 2264 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 11:16:53.0051 2264 usbccgp - ok 11:16:53.0080 2264 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:16:53.0083 2264 usbcir - ok 11:16:53.0132 2264 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 11:16:53.0134 2264 usbehci - ok 11:16:53.0185 2264 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 11:16:53.0191 2264 usbhub - ok 11:16:53.0229 2264 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 11:16:53.0231 2264 usbohci - ok 11:16:53.0278 2264 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 11:16:53.0292 2264 usbprint - ok 11:16:53.0340 2264 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 11:16:53.0355 2264 usbscan - ok 11:16:53.0404 2264 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:16:53.0407 2264 USBSTOR - ok 11:16:53.0440 2264 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 11:16:53.0443 2264 usbuhci - ok 11:16:53.0493 2264 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 11:16:53.0496 2264 usbvideo - ok 11:16:53.0530 2264 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys 11:16:53.0555 2264 usb_rndisx - ok 11:16:53.0604 2264 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:16:53.0607 2264 vdrvroot - ok 11:16:53.0649 2264 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:16:53.0652 2264 vga - ok 11:16:53.0683 2264 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:16:53.0685 2264 VgaSave - ok 11:16:53.0714 2264 VGPU - ok 11:16:53.0748 2264 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:16:53.0753 2264 vhdmp - ok 11:16:53.0793 2264 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:16:53.0796 2264 viaide - ok 11:16:53.0837 2264 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 11:16:53.0841 2264 volmgr - ok 11:16:53.0899 2264 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:16:53.0905 2264 volmgrx - ok 11:16:53.0933 2264 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 11:16:53.0938 2264 volsnap - ok 11:16:53.0987 2264 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 11:16:53.0991 2264 vsmraid - ok 11:16:54.0038 2264 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 11:16:54.0041 2264 vwifibus - ok 11:16:54.0072 2264 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 11:16:54.0074 2264 vwififlt - ok 11:16:54.0120 2264 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 11:16:54.0123 2264 vwifimp - ok 11:16:54.0161 2264 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 11:16:54.0163 2264 WacomPen - ok 11:16:54.0232 2264 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:16:54.0235 2264 WANARP - ok 11:16:54.0239 2264 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:16:54.0240 2264 Wanarpv6 - ok 11:16:54.0287 2264 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 11:16:54.0303 2264 Wd - ok 11:16:54.0346 2264 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:16:54.0363 2264 Wdf01000 - ok 11:16:54.0399 2264 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:16:54.0401 2264 WfpLwf - ok 11:16:54.0469 2264 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 11:16:54.0473 2264 WimFltr - ok 11:16:54.0507 2264 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:16:54.0509 2264 WIMMount - ok 11:16:54.0589 2264 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:16:54.0590 2264 WmiAcpi - ok 11:16:54.0626 2264 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:16:54.0628 2264 ws2ifsl - ok 11:16:54.0686 2264 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 11:16:54.0703 2264 WSDPrintDevice - ok 11:16:54.0758 2264 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:16:54.0760 2264 WudfPf - ok 11:16:54.0795 2264 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:16:54.0800 2264 WUDFRd - ok 11:16:54.0829 2264 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0 11:16:54.0861 2264 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected 11:16:54.0861 2264 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0) 11:16:54.0904 2264 Boot (0x1200) (a76b6a2af9815e2e1f641dff1ae32783) \Device\Harddisk0\DR0\Partition0 11:16:54.0906 2264 \Device\Harddisk0\DR0\Partition0 - ok 11:16:54.0923 2264 Boot (0x1200) (7b56c55d99e128770e4ed3809da5f27c) \Device\Harddisk0\DR0\Partition1 11:16:54.0925 2264 \Device\Harddisk0\DR0\Partition1 - ok 11:16:54.0925 2264 ============================================================ 11:16:54.0925 2264 Scan finished 11:16:54.0925 2264 ============================================================ 11:16:54.0927 2088 Detected object count: 1 11:16:54.0927 2088 Actual detected object count: 1 11:17:12.0379 2088 \Device\Harddisk0\DR0\# - copied to quarantine 11:17:12.0379 2088 \Device\Harddisk0\DR0 - copied to quarantine 11:17:12.0468 2088 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 11:17:12.0471 2088 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine 11:17:12.0481 2088 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 11:17:12.0513 2088 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 11:17:12.0548 2088 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine 11:17:12.0567 2088 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine 11:17:12.0569 2088 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine 11:17:12.0571 2088 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine 11:17:12.0573 2088 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine 11:17:12.0577 2088 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine 11:17:12.0581 2088 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine 11:17:12.0584 2088 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine 11:17:12.0615 2088 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot 11:17:12.0618 2088 \Device\Harddisk0\DR0 - ok 11:17:12.0619 2088 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
  11. Also, I keep getting redirected when I use google. I forgot to include it before, but here is my latest Malwarebytes quick scan log: Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.09.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Mark :: MARK-PC [administrator] 3/9/2012 2:23:03 PM mbam-log-2012-03-09 (14-23-03).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 205243 Time elapsed: 52 second(s) Memory Processes Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> 5728 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot. (end)
  12. I have an ASUS laptop running windows 7 ultimate. I noticed my browser (I only use FireFox) slowing significantly, and when I closed my laptop lid to "sleep" it until I used it next, everytime I would turn it back on it would state that windows had shutdown inappropriately/unsafely, and gave me the screen prompting "start windows normally", try "startup repair", etc. I ran norton antivirus and the virus was not caught. I have no previous system restore points to go back to unfortunately. Malwarebytes was the only thing that caught the trojan. I tried clicking the remove option, and was prompted that I needed to restart my computer to completely delete the trojan. I followed the instructions. On reboot I reran Malwarebytes, but the trojan was still present. I repeated this 2 more times with no luck, the trojan will not stay removed. Here is a picture of my scan results: What do I do? Here are the posting requirements: 1) Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2 Install Date: 5/27/2011 6:42:18 AM System Uptime: 3/8/2012 6:22:53 PM (0 hours ago) . Motherboard: ASUSTeK Computer Inc. | | N53SV Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz | CPU 1 | 2001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 116 GiB total, 14.816 GiB free. D: is FIXED (NTFS) - 328 GiB total, 327.185 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet 4500 G510n-z Device ID: ROOT\MULTIFUNCTION\0011 Manufacturer: HP Name: Officejet 4500 G510n-z PNP Device ID: ROOT\MULTIFUNCTION\0011 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0031 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0031 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0012 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0012 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart 5510 series Device ID: ROOT\MULTIFUNCTION\0032 Manufacturer: HP Name: Photosmart 5510 series PNP Device ID: ROOT\MULTIFUNCTION\0032 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0013 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0013 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0033 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0033 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0014 Manufacturer: HP Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0014 Service: . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco Systems VPN Adapter for 64-bit Windows Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco Systems VPN Adapter for 64-bit Windows PNP Device ID: ROOT\NET\0000 Service: CVirtA . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8000 A809 Device ID: ROOT\MULTIFUNCTION\0015 Manufacturer: HP Name: Officejet Pro 8000 A809 PNP Device ID: ROOT\MULTIFUNCTION\0015 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0016 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0016 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart Premium C309g-m Device ID: ROOT\MULTIFUNCTION\0017 Manufacturer: HP Name: Photosmart Premium C309g-m PNP Device ID: ROOT\MULTIFUNCTION\0017 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0018 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0018 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet 6500 E710n-z Device ID: ROOT\MULTIFUNCTION\0019 Manufacturer: HP Name: Officejet 6500 E710n-z PNP Device ID: ROOT\MULTIFUNCTION\0019 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP LaserJet Professional P1102w Device ID: ROOT\MULTIFUNCTION\0020 Manufacturer: Hewlett-Packard Name: HP LaserJet Professional P1102w PNP Device ID: ROOT\MULTIFUNCTION\0020 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Envy 100 D410 series Device ID: ROOT\MULTIFUNCTION\0021 Manufacturer: HP Name: Envy 100 D410 series PNP Device ID: ROOT\MULTIFUNCTION\0021 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: . Class GUID: Description: Officejet 6500 E710n-z Device ID: ROOT\MULTIFUNCTION\0022 Manufacturer: Name: Officejet 6500 E710n-z PNP Device ID: ROOT\MULTIFUNCTION\0022 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP LaserJet Professional P1102w Device ID: ROOT\MULTIFUNCTION\0003 Manufacturer: Hewlett-Packard Name: HP LaserJet Professional P1102w PNP Device ID: ROOT\MULTIFUNCTION\0003 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0023 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0023 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0004 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0004 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart Prem C310 series Device ID: ROOT\MULTIFUNCTION\0024 Manufacturer: HP Name: Photosmart Prem C310 series PNP Device ID: ROOT\MULTIFUNCTION\0024 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart Plus B210 series Device ID: ROOT\MULTIFUNCTION\0005 Manufacturer: HP Name: Photosmart Plus B210 series PNP Device ID: ROOT\MULTIFUNCTION\0005 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050A J611 series Device ID: ROOT\MULTIFUNCTION\0025 Manufacturer: HP Name: Deskjet 3050A J611 series PNP Device ID: ROOT\MULTIFUNCTION\0025 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0006 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0006 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0026 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0026 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0007 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0007 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0027 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0027 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0008 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0008 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0028 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0028 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0009 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0009 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0029 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0029 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP LaserJet Professional P1102w Device ID: ROOT\MULTIFUNCTION\0010 Manufacturer: Hewlett-Packard Name: HP LaserJet Professional P1102w PNP Device ID: ROOT\MULTIFUNCTION\0010 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart Premium C309g-m Device ID: ROOT\MULTIFUNCTION\0030 Manufacturer: HP Name: Photosmart Premium C309g-m PNP Device ID: ROOT\MULTIFUNCTION\0030 Service: . ==== System Restore Points =================== . RP120: 3/8/2012 4:43:44 PM - Trojan Infected =( . ==== Installed Programs ====================== . 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min Adobe AIR Adobe Community Help Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Reader X (10.1.2) Adobe Shockwave Player 11.5 Alcor Micro USB Card Reader Apple Application Support Apple Software Update ASUS AI Recovery ASUS FancyStart ASUS LifeFrame3 ASUS Splendid Video Enhancement Technology ASUS Video Magic ASUS Virtual Camera ASUS_Screensaver Atheros WLAN and Bluetooth Client Installation Program ATK Package BitTorrent BufferChm D3DX10 DAEMON Tools Lite Destinations DeviceDiscovery DocMgr DocProc Dropbox ExpressGate Cloud Fax Galeria de Fotografias do Windows Live Galerie de photos Windows Live Galería fotográfica de Windows Live Google Chrome Google Update Helper GPBaseService2 High-Definition Video Playback 10 HP Update HPProductAssistant HPSSupply Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Java Auto Updater Java™ 6 Update 26 League of Legends Malwarebytes Anti-Malware version 1.60.1.1000 MarketResearch Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mozilla Firefox 10.0.2 (x86 en-US) MSVCRT MSXML 4.0 SP3 Parser (KB973685) Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) Netscape Navigator (9.0.0.6) Norton Security Suite Notepad++ PDF Settings CS5 QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver RealUpgrade 1.1 SafeConnect Scan Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Skype™ 5.3 SmartWebPrinting SolutionCenter SonicMaster Status System Requirements Lab Toolbox TrayApp Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) VLC media player 1.1.9 WebReg Windows Live Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinFlash Wireless Console 3 . ==== Event Viewer Messages From Past Week ======== . 3/8/2012 6:24:27 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/8/2012 6:23:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. 3/8/2012 6:23:25 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/8/2012 5:38:27 PM, Error: Service Control Manager [7038] - The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 3/8/2012 5:38:27 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not start due to a logon failure. 3/8/2012 5:38:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 3/8/2012 5:38:26 PM, Error: Service Control Manager [7034] - The Cisco Systems, Inc. VPN Service service terminated unexpectedly. It has done this 1 time(s). 3/8/2012 5:37:16 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 3/8/2012 5:37:16 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/8/2012 5:36:02 PM, Error: Service Control Manager [7024] - The Power service terminated with service-specific error The operation completed successfully.. 3/8/2012 5:36:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1115" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 3/8/2012 4:39:33 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 3/8/2012 1:19:03 AM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 0, function 0. Please contact your system vendor for technical assistance. 3/8/2012 1:09:19 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 3/7/2012 2:41:08 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer RON-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{358434BC-67C6-4BBE-BC51-C316E9B5F9A5}. The master browser is stopping or an election is being forced. 3/4/2012 1:04:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 3/3/2012 8:08:06 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Atheros Bt&Wlan Coex Agent service. 3/2/2012 5:10:49 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. . ==== End Of File =========================== 2) DDS: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by Mark at 18:29:12 on 2012-03-08 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4007.1448 [GMT -8:00] . AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Windows\system32\RunFDS.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\taskhost.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\SafeConnect\scManager.sys C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\P4G\BatteryLife.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\Dwm.exe C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\System32\rundll32.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe C:\Program Files\Rocketfish 2.4GHz Ergo Laser Mouse Driver\ICO.EXE C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\SafeConnect\scClient.exe C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files\Rocketfish 2.4GHz Ergo Laser Mouse Driver\Pelmiced.exe C:\Windows\AsScrPro.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -netsvcs C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\rstrui.exe C:\Windows\system32\wbengine.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\System32\vds.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Windows\system32\SearchFilterHost.exe C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.54\deploy\LoLLauncher.exe \\?\C:\Windows\system32\wbem\WMIADAP.EXE C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://asus.msn.com uDefault_Page_URL = hxxp://asus.msn.com mStart Page = hxxp://asus.msn.com uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\IPS\IPSBHO.DLL BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [AdobeBridge] mRun: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAFECO~1.LNK - C:\Program Files (x86)\SafeConnect\scClient.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{338131A1-356A-4E24-A5F4-B75ADF52BFC8} : DhcpNameServer = 192.168.42.129 TCP: Interfaces\{358434BC-67C6-4BBE-BC51-C316E9B5F9A5} : DhcpNameServer = 75.75.75.75 75.75.76.76 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\IPS\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll BHO-X64: IESpeakDoc - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO-X64: Google Dictionary Compression sdch - No File BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\796abxhh.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Mark\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Users\Mark\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [?] R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [2012-3-2 1157240] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120307.002\IDSviA64.sys [2012-3-7 488568] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [?] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2011-4-12 151552] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe [2010-11-25 52896] R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccsvchst.exe [2012-2-7 130008] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-12 2009704] R2 SCManager;SafeConnect Manager;C:\Program Files (x86)\SafeConnect\scManager.sys servicestart --> C:\Program Files (x86)\SafeConnect\scManager.sys servicestart [?] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-12 2656280] R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?] R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?] R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?] R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?] R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-15 138360] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\system32\DRIVERS\FLxHCIc.sys --> C:\Windows\system32\DRIVERS\FLxHCIc.sys [?] R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\system32\DRIVERS\FLxHCIh.sys --> C:\Windows\system32\DRIVERS\FLxHCIh.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-12 135664] S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 51445112] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?] S4 VideAceWindowsService;VideAceWindowsService;C:\ExpressGateUtil\VAWinService.exe [2010-8-20 77312] . =============== Created Last 30 ================ . 2012-03-09 02:24:15 20480 ----a-w- C:\Windows\svchost.exe 2012-03-08 08:10:45 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\3433.tmp 2012-03-08 08:10:45 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\3413.tmp 2012-03-06 16:22:55 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4557DA22-4D41-4A39-8DD0-FFA7AA5798BC}\mpengine.dll 2012-03-02 06:59:06 -------- d-----w- C:\Riot Games 2012-02-15 18:30:37 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-15 18:30:37 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-15 18:30:35 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-15 18:30:35 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-15 18:30:34 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-15 18:30:34 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-15 18:30:30 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-15 18:30:30 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-08 03:06:43 912504 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symefa64.sys 2012-02-08 03:06:43 744568 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\srtsp64.sys 2012-02-08 03:06:43 450680 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symds64.sys 2012-02-08 03:06:43 40568 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\srtspx64.sys 2012-02-08 03:06:43 386168 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symnets.sys 2012-02-08 03:06:43 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0502000.00D\ironx64.sys 2012-02-08 03:06:25 -------- d-----w- C:\Windows\System32\drivers\N360x64\0502000.00D . ==================== Find3M ==================== . 2012-03-09 02:23:35 45056 ----a-w- C:\Windows\System32\acovcnt.exe 2012-02-23 17:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe 2011-12-17 02:34:17 279616 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-12-10 23:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 18:31:38.08 =============== Thank you! DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.