Jump to content

Help... "Mystart" has taken over Google Chrome


Recommended Posts

Hi, hoping you can help me. It seems a search engine called "Mystart" has taken over Google Chrome and I can't get rid of it. DDS logs attached below. Thanks for your help! Nick

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by Nick at 19:02:53 on 2012-05-22

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.61.1033.18.3710.2428 [GMT -4:00]

.

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Kontiki\KService.exe

c:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\hp\support\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe

C:\Program Files\Brownie\BrStsWnd.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe

C:\Program Files\HP Connections\6811507\Program\HP Connections.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\ehome\ehsched.exe

C:\Windows\ehome\ehRecvr.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Brownie\brpjp04a.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\hp\kbd\kbd.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\mmc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://search.myheritage.com

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: MHURLSearchHook Class: {1c4ab6a5-595f-4e86-b15f-f93cce2bbd48} - c:\program files\family toolbar\tbhelper.dll

BHO: MHTBPos00 Class: {0c37b053-fd68-456a-82e1-d788ee342e6f} - c:\program files\family toolbar\tbcore3.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\6.2.1.5\coIEPlg.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\6.2.1.5\ips\IPSBHO.DLL

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Family Toolbar: {fd2fd708-1f6f-4b68-b141-c5778f0c19bb} - c:\program files\family toolbar\tbcore3.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\6.2.1.5\coIEPlg.dll

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup

uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe

mRun: [KBD] c:\hp\kbd\KbdStub.EXE

mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [CCUTRAYICON] FactoryMode

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [EEventManager] c:\program files\epson\creativity suite\event manager\EEventManager.exe

mRun: [updatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"

mRun: [Family Tree Builder Update] c:\program files\myheritage\bin\FTBCheckUpdates.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [brStsWnd] c:\program files\brownie\BrstsWnd.exe Autorun

mRun: [brdefprn] c:\program files\brother\brhl3070\Brdefprn.exe -d

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

StartupFolder: c:\users\nick\appdata\roaming\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\logitech webcam software\eReg.exe

StartupFolder: c:\users\nick\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\users\nick\appdata\roaming\microsoft\windows\start menu\programs\startup\OneNote Table Of Contents.onetoc2

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpconn~1.lnk - c:\program files\hp connections\6811507\program\HP Connections.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {363D09D0-9D94-4880-86B2-7A8801920854} - hxxp://org-au.anytime-tv.com/anytime_au/cab/AnytimeAU_3_5_0_20.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CE7D2BF2-D173-4CE2-9DAF-15EA153B5B43} - hxxp://org-au.anytime-tv.com/anytime_au/cab/Entriq_3_7_0_2_Silent.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{5F936592-C249-46FD-BE32-76BD917395A6} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{B155EA8A-F1B9-4530-BEC3-170402C6D935} : DhcpNameServer = 192.168.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0602010.005\symds.sys [2012-5-19 340088]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0602010.005\symefa.sys [2012-5-19 905336]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.0.9\definitions\bashdefs\20120507.001\BHDrvx86.sys [2012-5-19 821880]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\0602010.005\ccsetx86.sys [2012-5-19 132744]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.0.9\definitions\ipsdefs\20120518.002\IDSvix86.sys [2012-5-21 368248]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0602010.005\ironx86.sys [2012-5-19 149624]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0602010.005\symtdiv.sys [2012-5-19 345208]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]

R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-9-3 208896]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-4 21504]

R2 N360;Norton 360;c:\program files\norton 360\engine\6.2.1.5\ccsvchst.exe [2012-5-19 138232]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-1-23 92592]

R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [2007-1-25 2831232]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-5-19 106104]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-17 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-4-8 116648]

S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-5-10 29696]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-1-31 158856]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-2 257696]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-4-8 116648]

S3 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-9-11 167936]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-17 753504]

.

=============== Created Last 30 ================

.

2012-05-20 00:12:47 345208 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symtdiv.sys

2012-05-20 00:12:47 318584 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symnets.sys

2012-05-20 00:12:46 905336 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symefa.sys

2012-05-20 00:12:46 574072 ----a-w- c:\windows\system32\drivers\n360\0602010.005\srtsp.sys

2012-05-20 00:12:46 340088 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symds.sys

2012-05-20 00:12:46 32888 ----a-w- c:\windows\system32\drivers\n360\0602010.005\srtspx.sys

2012-05-20 00:12:46 149624 ----a-r- c:\windows\system32\drivers\n360\0602010.005\ironx86.sys

2012-05-20 00:12:46 132744 ----a-r- c:\windows\system32\drivers\n360\0602010.005\ccsetx86.sys

2012-05-20 00:12:42 -------- d-----w- c:\windows\system32\drivers\n360\0602010.005

2012-05-20 00:09:41 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-05-20 00:09:41 -------- d-----w- c:\program files\Symantec

2012-05-20 00:09:08 -------- d-----w- c:\windows\system32\drivers\N360

2012-05-20 00:09:06 -------- d-----w- c:\program files\Norton 360

2012-05-20 00:08:48 -------- d-----w- c:\program files\NortonInstaller

2012-05-16 16:29:23 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-05-16 16:29:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-05-16 16:07:54 -------- d-----w- c:\users\nick\appdata\local\temp

2012-05-16 16:07:02 -------- d-sh--w- C:\$RECYCLE.BIN

2012-05-16 15:46:06 98816 ----a-w- c:\windows\sed.exe

2012-05-16 15:46:06 518144 ----a-w- c:\windows\SWREG.exe

2012-05-16 15:46:06 256000 ----a-w- c:\windows\PEV.exe

2012-05-16 15:46:06 208896 ----a-w- c:\windows\MBR.exe

2012-05-16 15:36:58 -------- d-----w- c:\programdata\blekko toolbars

2012-05-16 15:36:54 -------- d-----w- c:\program files\blekkotb_soc

2012-05-16 15:09:58 107368 ----a-r- c:\windows\system32\GEARAspi.dll

2012-05-16 14:40:58 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-16 14:40:58 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-16 14:40:57 2044928 ----a-w- c:\windows\system32\win32k.sys

2012-05-03 01:53:10 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-05-03 01:35:39 -------- d-----w- c:\users\nick\appdata\roaming\Malwarebytes

2012-05-03 01:35:33 -------- d-----w- c:\programdata\Malwarebytes

2012-05-02 03:54:01 -------- d-----w- c:\users\nick\appdata\local\NPE

.

==================== Find3M ====================

.

2012-05-16 14:56:14 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-30 12:39:11 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-03-20 23:28:50 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-03-01 14:46:01 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-03-01 14:46:01 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2012-02-29 15:11:45 5120 ----a-w- c:\windows\system32\wmi.dll

2012-02-29 15:11:42 172032 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 15:09:53 157696 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 14:08:47 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2012-02-29 13:44:50 683008 ----a-w- c:\windows\system32\d2d1.dll

2012-02-29 13:41:40 1069056 ----a-w- c:\windows\system32\DWrite.dll

2012-02-29 13:32:37 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll

2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll

2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb

.

============= FINISH: 19:03:58.68 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 17/04/2007 3:28:31 AM

System Uptime: 22/05/2012 6:47:16 PM (1 hours ago)

.

Motherboard: ASUSTek Computer INC. | | LEONITE

Processor: Intel® Core2 CPU 6400 @ 2.13GHz | Socket 775 | 2133/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 292 GiB total, 31.964 GiB free.

D: is FIXED (NTFS) - 6 GiB total, 0.584 GiB free.

E: is FIXED (NTFS) - 466 GiB total, 165.66 GiB free.

I: is Removable

J: is Removable

K: is Removable

L: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: HP 802.11b/g Wireless Network Adapter

Device ID: PCI\VEN_168C&DEV_001B&SUBSYS_500111AD&REV_01\4&33087CF&0&28F0

Manufacturer: Atheros Communications Inc.

Name: HP 802.11b/g Wireless Network Adapter

PNP Device ID: PCI\VEN_168C&DEV_001B&SUBSYS_500111AD&REV_01\4&33087CF&0&28F0

Service: athr

.

Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}

Description: CD-ROM Drive

Device ID: IDE\CDROMHL-DT-ST_DVDRRW_GSA-H30L________________S755____\4&30F406D4&1&0.1.0

Manufacturer: (Standard CD-ROM drives)

Name: HL-DT-ST DVDRRW GSA-H30L

PNP Device ID: IDE\CDROMHL-DT-ST_DVDRRW_GSA-H30L________________S755____\4&30F406D4&1&0.1.0

Service: cdrom

.

Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}

Description: CD-ROM Drive

Device ID: IDE\CDROMHL-DT-ST_DVDRAM_GH22NS40________________NL01____\4&30F406D4&1&0.3.0

Manufacturer: (Standard CD-ROM drives)

Name: HL-DT-ST DVDRAM GH22NS40

PNP Device ID: IDE\CDROMHL-DT-ST_DVDRAM_GH22NS40________________NL01____\4&30F406D4&1&0.3.0

Service: cdrom

.

==== System Restore Points ===================

.

RP1599: 19/05/2012 6:24:42 PM - Windows Update

RP1600: 20/05/2012 4:03:05 PM - Scheduled Checkpoint

RP1601: 21/05/2012 9:55:38 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

ABBYY FineReader 6.0 Sprint

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.3)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft PhotoImpression 5

Audacity 1.2.6

AutoUpdate

Bonjour

Brother HL-3070CW

ComparatorPro

CyberLink PhotoNow

CyberLink PowerDirector

DivX

Enhanced Multimedia Keyboard Solution

EPSON Attach To Email

EPSON Copy Utility 3

EPSON Event Manager

EPSON File Manager

EPSON Scan

EPSON Scan Assistant

Family Tree Maker 2010

GearDrvs

Google Apps Migration For Microsoft Outlook® 2.3.12.34

Google Apps Sync™ for Microsoft Outlook® 3.0.51.96

Google Calendar Sync

Google Chrome

Google Earth Plug-in

Google Toolbar for Internet Explorer

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Connections (remove only)

HP Customer Experience Enhancements

HP Easy Setup - Core

HP Easy Setup - Frontend

HP On-Screen Caps/Num/Scroll Lock Indicator

HP Picasso Media Center Add-In

iCloud

Intel® Matrix Storage Manager

Intel® Viiv™ Software

iPhone Configuration Utility

iTunes

Japanese Fonts Support For Adobe Reader 8

Java Auto Updater

Java 6 Update 29

LightScribe 1.4.142.1

Logitech Webcam Software

MainConcept for Software Encoder

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Primary Interoperability Assemblies 2005

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Microsoft WSE 3.0

MobileMe Control Panel

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

muvee autoProducer 5.0

MyHeritage Family Tree Builder

NETGEAR Print Server Software

Norton 360

NVIDIA Drivers

OGA Notifier 2.0.0048.0

OpenOffice.org Installer 1.0

PerfV350 User's Guide

Photo Viewer V208G2

PowerDirector Express

PowerDVD

PowerProducer

Python 2.4.3

QuickTime

RealPlayer

Realtek High Definition Audio Driver

Roxio Creator Audio

Roxio Creator Basic v9

Roxio Creator Copy

Roxio Creator Data

Roxio Creator EasyArchive

Roxio Creator Tools

Roxio Express Labeler 3

Roxio MyDVD Basic v9

Safari

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB979332)

Skype™ 5.8

SmartSound Quicktracks Plugin

Sony USB Driver

Symantec Technical Support Web Controls

TomTom HOME 2.8.3.2499

TomTom HOME Visual Studio Merge Modules

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

WARP Video 2

Windows Media Encoder 9 Series

Xiph QuickTime Components

.

==== Event Viewer Messages From Past Week ========

.

22/05/2012 6:49:16 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom i8042prt

22/05/2012 6:49:16 PM, Error: Service Control Manager [7001] - The NVIDIA Display Driver Service service depends on the nvlddmkm service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

22/05/2012 6:49:16 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

22/05/2012 6:49:16 PM, Error: Service Control Manager [7000] - The LVSrvLauncher service failed to start due to the following error: The system cannot find the file specified.

22/05/2012 6:47:42 PM, Error: atikmdag [45062] - CRT invalid display type

19/05/2012 8:18:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt

16/05/2012 6:57:53 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom

16/05/2012 12:05:20 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

16/05/2012 11:57:30 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

16/05/2012 11:44:56 AM, Error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites

Hello nanonick and welcome to Malwarebytes! :welcome:

I am D-FRED-BROWN and I will be helping you. :)

Please print or save this topic: it will make it easier for you to follow the instructions and complete all of the necessary steps.

-------------

Please download to your Desktop:

  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue tdsskiller2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue tdsskiller3.png
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

In your next reply, please include the following (you may need to use two posts to get it all in):

  • TDSSKiller_log.txt

how the PC is running now?

-------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

Also, please let me know if any problems still remain.

-------------

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-------------

In your next reply, please include:

  • TDSSKiller logfile
  • C:\ComboFix.txt
  • Security Check checkup.txt

How is your computer running now?

Link to post
Share on other sites

Log from TDSSKiller:

17:50:46.0021 2188 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30

17:50:47.0378 2188 ============================================================

17:50:47.0378 2188 Current date / time: 2012/05/26 17:50:47.0378

17:50:47.0378 2188 SystemInfo:

17:50:47.0378 2188

17:50:47.0378 2188 OS Version: 6.0.6002 ServicePack: 2.0

17:50:47.0378 2188 Product type: Workstation

17:50:47.0378 2188 ComputerName: PRESIDENT

17:50:47.0378 2188 UserName: Nick

17:50:47.0378 2188 Windows directory: C:\Windows

17:50:47.0378 2188 System windows directory: C:\Windows

17:50:47.0378 2188 Processor architecture: Intel x86

17:50:47.0378 2188 Number of processors: 2

17:50:47.0378 2188 Page size: 0x1000

17:50:47.0378 2188 Boot type: Normal boot

17:50:47.0378 2188 ============================================================

17:50:47.0986 2188 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

17:50:47.0986 2188 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

17:50:48.0064 2188 ============================================================

17:50:48.0064 2188 \Device\Harddisk0\DR0:

17:50:48.0064 2188 MBR partitions:

17:50:48.0064 2188 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x247665C0

17:50:48.0064 2188 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x247665FF, BlocksNum 0xCC70C2

17:50:48.0064 2188 \Device\Harddisk1\DR1:

17:50:48.0064 2188 MBR partitions:

17:50:48.0064 2188 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800

17:50:48.0064 2188 ============================================================

17:50:48.0080 2188 C: <-> \Device\Harddisk0\DR0\Partition0

17:50:48.0127 2188 D: <-> \Device\Harddisk0\DR0\Partition1

17:50:48.0189 2188 E: <-> \Device\Harddisk1\DR1\Partition0

17:50:48.0189 2188 ============================================================

17:50:48.0189 2188 Initialize success

17:50:48.0189 2188 ============================================================

17:51:11.0496 2576 ============================================================

17:51:11.0496 2576 Scan started

17:51:11.0496 2576 Mode: Manual;

17:51:11.0496 2576 ============================================================

17:51:13.0071 2576 3xHybrid (3948303f88d035ff1c84aac07a17b9a9) C:\Windows\system32\DRIVERS\3xHybrid.sys

17:51:13.0165 2576 3xHybrid - ok

17:51:13.0446 2576 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys

17:51:13.0446 2576 61883 - ok

17:51:13.0477 2576 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

17:51:13.0492 2576 ACPI - ok

17:51:13.0773 2576 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

17:51:13.0804 2576 AdobeARMservice - ok

17:51:13.0914 2576 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

17:51:13.0929 2576 AdobeFlashPlayerUpdateSvc - ok

17:51:14.0038 2576 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

17:51:14.0054 2576 adp94xx - ok

17:51:14.0350 2576 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

17:51:14.0366 2576 adpahci - ok

17:51:14.0397 2576 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

17:51:14.0397 2576 adpu160m - ok

17:51:14.0428 2576 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

17:51:14.0444 2576 adpu320 - ok

17:51:14.0491 2576 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll

17:51:14.0491 2576 AeLookupSvc - ok

17:51:14.0678 2576 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys

17:51:14.0678 2576 Afc - ok

17:51:14.0896 2576 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

17:51:14.0912 2576 AFD - ok

17:51:15.0115 2576 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

17:51:15.0115 2576 agp440 - ok

17:51:15.0177 2576 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

17:51:15.0177 2576 aic78xx - ok

17:51:15.0255 2576 AlertService (c86d177967d27c80e466d4ed95c26db9) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

17:51:15.0271 2576 AlertService - ok

17:51:15.0302 2576 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe

17:51:15.0302 2576 ALG - ok

17:51:15.0333 2576 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

17:51:15.0333 2576 aliide - ok

17:51:15.0364 2576 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

17:51:15.0364 2576 amdagp - ok

17:51:15.0396 2576 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

17:51:15.0411 2576 amdide - ok

17:51:15.0427 2576 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

17:51:15.0427 2576 AmdK7 - ok

17:51:15.0442 2576 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

17:51:15.0442 2576 AmdK8 - ok

17:51:15.0458 2576 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll

17:51:15.0458 2576 Appinfo - ok

17:51:15.0520 2576 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:51:15.0520 2576 Apple Mobile Device - ok

17:51:15.0567 2576 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

17:51:15.0583 2576 arc - ok

17:51:15.0598 2576 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

17:51:15.0598 2576 arcsas - ok

17:51:15.0630 2576 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

17:51:15.0630 2576 AsyncMac - ok

17:51:15.0661 2576 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

17:51:15.0661 2576 atapi - ok

17:51:15.0942 2576 athr (dcdfc3a5a8b239055aab6bd975ada889) C:\Windows\system32\DRIVERS\athr.sys

17:51:15.0957 2576 athr - ok

17:51:16.0066 2576 Ati External Event Utility (86fb6b8ddbcb6e025ce8a90f77af1ff1) C:\Windows\system32\Ati2evxx.exe

17:51:16.0129 2576 Ati External Event Utility - ok

17:51:16.0846 2576 atikmdag (a23efb72057fed7128eb558866055fdf) C:\Windows\system32\DRIVERS\atikmdag.sys

17:51:16.0956 2576 atikmdag - ok

17:51:17.0377 2576 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

17:51:17.0377 2576 AudioEndpointBuilder - ok

17:51:17.0392 2576 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

17:51:17.0392 2576 Audiosrv - ok

17:51:17.0626 2576 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys

17:51:17.0626 2576 Avc - ok

17:51:17.0751 2576 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

17:51:17.0767 2576 Beep - ok

17:51:17.0814 2576 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll

17:51:17.0814 2576 BFE - ok

17:51:18.0469 2576 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20120507.001\BHDrvx86.sys

17:51:18.0469 2576 BHDrvx86 - ok

17:51:18.0765 2576 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll

17:51:18.0796 2576 BITS - ok

17:51:18.0843 2576 blbdrive - ok

17:51:19.0374 2576 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

17:51:19.0389 2576 Bonjour Service - ok

17:51:19.0420 2576 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

17:51:19.0420 2576 bowser - ok

17:51:19.0467 2576 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

17:51:19.0467 2576 BrFiltLo - ok

17:51:19.0483 2576 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

17:51:19.0483 2576 BrFiltUp - ok

17:51:19.0498 2576 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll

17:51:19.0498 2576 Browser - ok

17:51:19.0514 2576 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

17:51:19.0514 2576 Brserid - ok

17:51:19.0545 2576 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

17:51:19.0545 2576 BrSerWdm - ok

17:51:19.0561 2576 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

17:51:19.0561 2576 BrUsbMdm - ok

17:51:19.0576 2576 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

17:51:19.0576 2576 BrUsbSer - ok

17:51:19.0608 2576 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

17:51:19.0608 2576 BTHMODEM - ok

17:51:19.0888 2576 catchme - ok

17:51:20.0232 2576 ccSet_N360 (599e7f6259a127c174c49938d2aa6a60) C:\Windows\system32\drivers\N360\0602010.005\ccSetx86.sys

17:51:20.0232 2576 ccSet_N360 - ok

17:51:20.0466 2576 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

17:51:20.0466 2576 cdfs - ok

17:51:20.0497 2576 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

17:51:20.0497 2576 cdrom - ok

17:51:20.0544 2576 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

17:51:20.0544 2576 CertPropSvc - ok

17:51:20.0559 2576 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

17:51:20.0559 2576 circlass - ok

17:51:20.0622 2576 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

17:51:20.0637 2576 CLFS - ok

17:51:20.0731 2576 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:51:20.0731 2576 clr_optimization_v2.0.50727_32 - ok

17:51:20.0824 2576 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:51:20.0840 2576 clr_optimization_v4.0.30319_32 - ok

17:51:20.0856 2576 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

17:51:20.0856 2576 cmdide - ok

17:51:20.0902 2576 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys

17:51:20.0902 2576 Compbatt - ok

17:51:20.0902 2576 COMSysApp - ok

17:51:20.0918 2576 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

17:51:20.0918 2576 crcdisk - ok

17:51:20.0934 2576 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

17:51:20.0949 2576 Crusoe - ok

17:51:21.0027 2576 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll

17:51:21.0027 2576 CryptSvc - ok

17:51:21.0292 2576 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

17:51:21.0308 2576 DcomLaunch - ok

17:51:21.0433 2576 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

17:51:21.0433 2576 DfsC - ok

17:51:21.0776 2576 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe

17:51:21.0854 2576 DFSR - ok

17:51:22.0166 2576 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll

17:51:22.0182 2576 Dhcp - ok

17:51:22.0260 2576 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

17:51:22.0260 2576 disk - ok

17:51:22.0306 2576 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll

17:51:22.0306 2576 Dnscache - ok

17:51:22.0462 2576 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll

17:51:22.0462 2576 dot3svc - ok

17:51:22.0494 2576 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll

17:51:22.0494 2576 DPS - ok

17:51:22.0712 2576 DQLWinService (a0b584c33f55545d56f9e71fb4e203ac) C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

17:51:22.0728 2576 DQLWinService - ok

17:51:22.0821 2576 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

17:51:22.0821 2576 drmkaud - ok

17:51:23.0024 2576 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

17:51:23.0024 2576 DXGKrnl - ok

17:51:23.0086 2576 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys

17:51:23.0102 2576 E100B - ok

17:51:23.0164 2576 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

17:51:23.0164 2576 E1G60 - ok

17:51:23.0180 2576 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll

17:51:23.0180 2576 EapHost - ok

17:51:23.0414 2576 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

17:51:23.0445 2576 Ecache - ok

17:51:23.0820 2576 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

17:51:23.0820 2576 eeCtrl - ok

17:51:24.0022 2576 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe

17:51:24.0054 2576 ehRecvr - ok

17:51:24.0397 2576 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe

17:51:24.0397 2576 ehSched - ok

17:51:24.0397 2576 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll

17:51:24.0412 2576 ehstart - ok

17:51:24.0444 2576 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

17:51:24.0444 2576 elxstor - ok

17:51:24.0537 2576 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll

17:51:24.0553 2576 EMDMgmt - ok

17:51:25.0239 2576 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

17:51:25.0239 2576 EraserUtilRebootDrv - ok

17:51:25.0348 2576 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll

17:51:25.0364 2576 EventSystem - ok

17:51:25.0536 2576 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

17:51:25.0551 2576 exfat - ok

17:51:25.0582 2576 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

17:51:25.0582 2576 fastfat - ok

17:51:25.0614 2576 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

17:51:25.0614 2576 fdc - ok

17:51:25.0660 2576 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll

17:51:25.0660 2576 fdPHost - ok

17:51:25.0801 2576 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll

17:51:25.0801 2576 FDResPub - ok

17:51:25.0848 2576 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

17:51:25.0863 2576 FileInfo - ok

17:51:25.0894 2576 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

17:51:25.0894 2576 Filetrace - ok

17:51:25.0941 2576 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

17:51:25.0941 2576 flpydisk - ok

17:51:25.0988 2576 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

17:51:26.0050 2576 FltMgr - ok

17:51:26.0113 2576 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll

17:51:26.0160 2576 FontCache - ok

17:51:26.0534 2576 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

17:51:26.0534 2576 FontCache3.0.0.0 - ok

17:51:26.0565 2576 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys

17:51:26.0565 2576 Fs_Rec - ok

17:51:26.0596 2576 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

17:51:26.0612 2576 gagp30kx - ok

17:51:26.0612 2576 GEARAspiWDM - ok

17:51:26.0846 2576 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll

17:51:26.0862 2576 gpsvc - ok

17:51:27.0080 2576 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe

17:51:27.0080 2576 gupdate - ok

17:51:27.0096 2576 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe

17:51:27.0096 2576 gupdatem - ok

17:51:27.0158 2576 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

17:51:27.0174 2576 gusvc - ok

17:51:27.0220 2576 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

17:51:27.0236 2576 HdAudAddService - ok

17:51:27.0283 2576 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

17:51:27.0298 2576 HDAudBus - ok

17:51:27.0330 2576 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

17:51:27.0330 2576 HidBth - ok

17:51:27.0361 2576 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

17:51:27.0361 2576 HidIr - ok

17:51:27.0408 2576 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll

17:51:27.0408 2576 hidserv - ok

17:51:27.0501 2576 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

17:51:27.0501 2576 HidUsb - ok

17:51:27.0532 2576 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll

17:51:27.0532 2576 hkmsvc - ok

17:51:27.0564 2576 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

17:51:27.0564 2576 HpCISSs - ok

17:51:27.0610 2576 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

17:51:27.0626 2576 HTTP - ok

17:51:27.0673 2576 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

17:51:27.0673 2576 i2omp - ok

17:51:27.0704 2576 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

17:51:27.0704 2576 i8042prt - ok

17:51:28.0016 2576 IAANTMON (974b85eb9380e357d7a1176937f34d1c) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

17:51:28.0016 2576 IAANTMON - ok

17:51:28.0359 2576 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys

17:51:28.0406 2576 ialm - ok

17:51:28.0624 2576 iaStor (de01bf14ffb150c779fd561bd0e3c5c5) C:\Windows\system32\drivers\iastor.sys

17:51:28.0624 2576 iaStor - ok

17:51:28.0812 2576 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

17:51:28.0812 2576 iaStorV - ok

17:51:29.0077 2576 IDriverT (6f95324909b502e2651442c1548ab12f) c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

17:51:29.0077 2576 IDriverT - ok

17:51:29.0529 2576 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

17:51:29.0560 2576 idsvc - ok

17:51:30.0044 2576 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20120522.001\IDSvix86.sys

17:51:30.0044 2576 IDSVix86 - ok

17:51:30.0606 2576 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

17:51:30.0606 2576 iirsp - ok

17:51:30.0652 2576 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll

17:51:30.0668 2576 IKEEXT - ok

17:51:31.0183 2576 IntcAzAudAddService (3914ea9111dbeffaf1c68200817768ad) C:\Windows\system32\drivers\RTKVHDA.sys

17:51:31.0198 2576 IntcAzAudAddService - ok

17:51:31.0682 2576 IntelDHSvcConf (ce5af42679dd85947d2d287594f22ce0) C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe

17:51:31.0682 2576 IntelDHSvcConf - ok

17:51:32.0010 2576 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

17:51:32.0010 2576 intelide - ok

17:51:32.0056 2576 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

17:51:32.0056 2576 intelppm - ok

17:51:32.0103 2576 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll

17:51:32.0103 2576 IPBusEnum - ok

17:51:32.0306 2576 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:51:32.0306 2576 IpFilterDriver - ok

17:51:32.0337 2576 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll

17:51:32.0353 2576 iphlpsvc - ok

17:51:32.0368 2576 IpInIp - ok

17:51:32.0415 2576 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

17:51:32.0415 2576 IPMIDRV - ok

17:51:32.0446 2576 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

17:51:32.0462 2576 IPNAT - ok

17:51:32.0587 2576 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe

17:51:32.0602 2576 iPod Service - ok

17:51:32.0634 2576 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

17:51:32.0649 2576 IRENUM - ok

17:51:32.0680 2576 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

17:51:32.0680 2576 isapnp - ok

17:51:32.0712 2576 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

17:51:32.0712 2576 iScsiPrt - ok

17:51:32.0977 2576 ISSM (e29ba28f76c5a703e7f30f74cf36df22) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

17:51:32.0977 2576 ISSM - ok

17:51:33.0164 2576 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

17:51:33.0164 2576 iteatapi - ok

17:51:33.0195 2576 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

17:51:33.0195 2576 iteraid - ok

17:51:33.0226 2576 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

17:51:33.0226 2576 kbdclass - ok

17:51:33.0367 2576 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

17:51:33.0367 2576 kbdhid - ok

17:51:33.0414 2576 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

17:51:33.0414 2576 KeyIso - ok

17:51:33.0679 2576 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

17:51:33.0710 2576 KSecDD - ok

17:51:34.0506 2576 KService (990cc85cd15497e48cf64937b3217aa7) C:\Program Files\Kontiki\KService.exe

17:51:34.0584 2576 KService - ok

17:51:34.0958 2576 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll

17:51:34.0958 2576 KtmRm - ok

17:51:34.0989 2576 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll

17:51:35.0005 2576 LanmanServer - ok

17:51:35.0052 2576 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll

17:51:35.0067 2576 LanmanWorkstation - ok

17:51:35.0161 2576 LightScribeService (793ff718477345cd5d232c50bed1e452) c:\Program Files\Common Files\LightScribe\LSSrvc.exe

17:51:35.0176 2576 LightScribeService - ok

17:51:35.0473 2576 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

17:51:35.0504 2576 lltdio - ok

17:51:35.0551 2576 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll

17:51:35.0566 2576 lltdsvc - ok

17:51:35.0582 2576 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll

17:51:35.0598 2576 lmhosts - ok

17:51:35.0644 2576 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

17:51:35.0644 2576 LSI_FC - ok

17:51:35.0676 2576 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

17:51:35.0676 2576 LSI_SAS - ok

17:51:35.0707 2576 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

17:51:35.0707 2576 LSI_SCSI - ok

17:51:35.0738 2576 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

17:51:35.0738 2576 luafv - ok

17:51:36.0128 2576 LVcKap (2d0ab9d29e6b0c42cce955b5a8e0d62d) C:\Windows\system32\DRIVERS\LVcKap.sys

17:51:36.0175 2576 LVcKap - ok

17:51:36.0736 2576 LVMVDrv (a3963e3d997c3646e1d3338eb88a48e9) C:\Windows\system32\DRIVERS\LVMVDrv.sys

17:51:36.0752 2576 LVMVDrv - ok

17:51:37.0095 2576 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\Drivers\LVPr2Mon.sys

17:51:37.0095 2576 LVPr2Mon - ok

17:51:37.0641 2576 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

17:51:37.0641 2576 LVPrcSrv - ok

17:51:37.0704 2576 LVRS (87ecce893d8aec5a9337b917742d339c) C:\Windows\system32\DRIVERS\lvrs.sys

17:51:37.0704 2576 LVRS - ok

17:51:37.0735 2576 LVSrvLauncher - ok

17:51:37.0750 2576 LVUSBSta (be5e104be263921d6842c555db6a5c23) C:\Windows\system32\drivers\LVUSBSta.sys

17:51:37.0750 2576 LVUSBSta - ok

17:51:38.0218 2576 M1 Server (7b073fd0133346d0e555353f164057d7) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

17:51:38.0218 2576 M1 Server - ok

17:51:38.0593 2576 MCLServiceATL (7bba15ca5a2aa4e50c7cbfb78d11db25) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

17:51:38.0593 2576 MCLServiceATL - ok

17:51:38.0608 2576 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll

17:51:38.0624 2576 Mcx2Svc - ok

17:51:38.0655 2576 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

17:51:38.0655 2576 megasas - ok

17:51:39.0061 2576 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

17:51:39.0108 2576 Microsoft Office Groove Audit Service - ok

17:51:39.0201 2576 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

17:51:39.0217 2576 MMCSS - ok

17:51:39.0310 2576 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

17:51:39.0310 2576 Modem - ok

17:51:39.0342 2576 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

17:51:39.0342 2576 monitor - ok

17:51:39.0498 2576 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

17:51:39.0498 2576 mouclass - ok

17:51:39.0544 2576 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

17:51:39.0544 2576 mouhid - ok

17:51:39.0576 2576 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

17:51:39.0576 2576 MountMgr - ok

17:51:39.0622 2576 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

17:51:39.0622 2576 mpio - ok

17:51:39.0700 2576 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

17:51:39.0700 2576 mpsdrv - ok

17:51:39.0966 2576 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll

17:51:39.0966 2576 MpsSvc - ok

17:51:40.0012 2576 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

17:51:40.0012 2576 Mraid35x - ok

17:51:40.0059 2576 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

17:51:40.0059 2576 MRxDAV - ok

17:51:40.0090 2576 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

17:51:40.0106 2576 mrxsmb - ok

17:51:40.0512 2576 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:51:40.0527 2576 mrxsmb10 - ok

17:51:40.0543 2576 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:51:40.0558 2576 mrxsmb20 - ok

17:51:40.0574 2576 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

17:51:40.0590 2576 msahci - ok

17:51:40.0605 2576 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

17:51:40.0605 2576 msdsm - ok

17:51:40.0714 2576 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe

17:51:40.0714 2576 MSDTC - ok

17:51:40.0746 2576 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys

17:51:40.0746 2576 MSDV - ok

17:51:40.0777 2576 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

17:51:40.0777 2576 Msfs - ok

17:51:40.0824 2576 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

17:51:40.0824 2576 msisadrv - ok

17:51:40.0855 2576 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll

17:51:40.0855 2576 MSiSCSI - ok

17:51:40.0870 2576 msiserver - ok

17:51:40.0933 2576 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

17:51:40.0933 2576 MSKSSRV - ok

17:51:40.0964 2576 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

17:51:40.0964 2576 MSPCLOCK - ok

17:51:40.0980 2576 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

17:51:40.0980 2576 MSPQM - ok

17:51:40.0995 2576 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

17:51:41.0011 2576 MsRPC - ok

17:51:41.0214 2576 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

17:51:41.0214 2576 mssmbios - ok

17:51:41.0214 2576 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

17:51:41.0214 2576 MSTEE - ok

17:51:41.0416 2576 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

17:51:41.0416 2576 Mup - ok

17:51:42.0118 2576 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

17:51:42.0118 2576 N360 - ok

17:51:42.0477 2576 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll

17:51:42.0493 2576 napagent - ok

17:51:42.0727 2576 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

17:51:42.0742 2576 NativeWifiP - ok

17:51:43.0413 2576 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120522.020\NAVENG.SYS

17:51:43.0413 2576 NAVENG - ok

17:51:43.0803 2576 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120522.020\NAVEX15.SYS

17:51:43.0819 2576 NAVEX15 - ok

17:51:44.0396 2576 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

17:51:44.0412 2576 NDIS - ok

17:51:44.0474 2576 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

17:51:44.0474 2576 NdisTapi - ok

17:51:44.0505 2576 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

17:51:44.0505 2576 Ndisuio - ok

17:51:44.0536 2576 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

17:51:44.0536 2576 NdisWan - ok

17:51:44.0568 2576 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

17:51:44.0568 2576 NDProxy - ok

17:51:44.0568 2576 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

17:51:44.0583 2576 NetBIOS - ok

17:51:44.0614 2576 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

17:51:44.0614 2576 netbt - ok

17:51:44.0661 2576 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

17:51:44.0661 2576 Netlogon - ok

17:51:44.0770 2576 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll

17:51:44.0786 2576 Netman - ok

17:51:44.0833 2576 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll

17:51:44.0848 2576 netprofm - ok

17:51:45.0176 2576 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

17:51:45.0192 2576 NetTcpPortSharing - ok

17:51:45.0207 2576 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

17:51:45.0207 2576 nfrd960 - ok

17:51:45.0238 2576 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll

17:51:45.0285 2576 NlaSvc - ok

17:51:45.0394 2576 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

17:51:45.0394 2576 Npfs - ok

17:51:45.0457 2576 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll

17:51:45.0457 2576 nsi - ok

17:51:45.0535 2576 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

17:51:45.0535 2576 nsiproxy - ok

17:51:45.0738 2576 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

17:51:45.0784 2576 Ntfs - ok

17:51:45.0831 2576 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

17:51:45.0831 2576 ntrigdigi - ok

17:51:45.0878 2576 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

17:51:45.0878 2576 Null - ok

17:51:46.0876 2576 nvlddmkm (b40539857021cb65c640fa18b9e40bb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys

17:51:47.0032 2576 nvlddmkm - ok

17:51:47.0500 2576 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

17:51:47.0516 2576 nvraid - ok

17:51:47.0547 2576 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

17:51:47.0547 2576 nvstor - ok

17:51:47.0594 2576 nvsvc (e0a2dc5d912dd50f9190a6b38110a513) C:\Windows\system32\nvvsvc.exe

17:51:47.0610 2576 nvsvc - ok

17:51:47.0672 2576 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

17:51:47.0688 2576 nv_agp - ok

17:51:47.0688 2576 NwlnkFlt - ok

17:51:47.0703 2576 NwlnkFwd - ok

17:51:47.0937 2576 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

17:51:47.0968 2576 odserv - ok

17:51:48.0000 2576 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

17:51:48.0000 2576 ohci1394 - ok

17:51:48.0031 2576 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:51:48.0031 2576 ose - ok

17:51:48.0124 2576 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

17:51:48.0156 2576 p2pimsvc - ok

17:51:48.0156 2576 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

17:51:48.0171 2576 p2psvc - ok

17:51:48.0468 2576 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

17:51:48.0468 2576 Parport - ok

17:51:48.0514 2576 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys

17:51:48.0514 2576 partmgr - ok

17:51:48.0561 2576 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

17:51:48.0561 2576 Parvdm - ok

17:51:48.0624 2576 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll

17:51:48.0624 2576 PcaSvc - ok

17:51:48.0717 2576 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

17:51:48.0733 2576 pci - ok

17:51:48.0733 2576 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

17:51:48.0748 2576 pciide - ok

17:51:48.0764 2576 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

17:51:48.0780 2576 pcmcia - ok

17:51:48.0873 2576 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

17:51:48.0904 2576 PEAUTH - ok

17:51:48.0951 2576 pepifilter (b20f958b207e6aaac5f70d04dd2c30d8) C:\Windows\system32\DRIVERS\lv302af.sys

17:51:48.0951 2576 pepifilter - ok

17:51:48.0967 2576 PID_08A0 - ok

17:51:49.0622 2576 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\Windows\system32\DRIVERS\LV302V32.SYS

17:51:49.0638 2576 PID_PEPI - ok

17:51:50.0449 2576 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll

17:51:50.0511 2576 pla - ok

17:51:50.0886 2576 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll

17:51:50.0917 2576 PlugPlay - ok

17:51:50.0995 2576 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

17:51:50.0995 2576 PNRPAutoReg - ok

17:51:51.0042 2576 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

17:51:51.0042 2576 PNRPsvc - ok

17:51:51.0166 2576 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll

17:51:51.0182 2576 PolicyAgent - ok

17:51:51.0260 2576 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

17:51:51.0260 2576 PptpMiniport - ok

17:51:51.0291 2576 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

17:51:51.0291 2576 Processor - ok

17:51:51.0322 2576 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll

17:51:51.0322 2576 ProfSvc - ok

17:51:51.0338 2576 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

17:51:51.0338 2576 ProtectedStorage - ok

17:51:51.0556 2576 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys

17:51:51.0556 2576 Ps2 - ok

17:51:51.0603 2576 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

17:51:51.0603 2576 PSched - ok

17:51:51.0650 2576 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys

17:51:51.0650 2576 PxHelp20 - ok

17:51:51.0915 2576 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

17:51:51.0962 2576 ql2300 - ok

17:51:51.0993 2576 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

17:51:52.0009 2576 ql40xx - ok

17:51:52.0040 2576 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll

17:51:52.0056 2576 QWAVE - ok

17:51:52.0102 2576 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

17:51:52.0102 2576 QWAVEdrv - ok

17:51:52.0617 2576 R300 (a23efb72057fed7128eb558866055fdf) C:\Windows\system32\DRIVERS\atikmdag.sys

17:51:52.0633 2576 R300 - ok

17:51:52.0898 2576 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

17:51:52.0898 2576 RasAcd - ok

17:51:52.0914 2576 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll

17:51:52.0929 2576 RasAuto - ok

17:51:52.0945 2576 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

17:51:52.0945 2576 Rasl2tp - ok

17:51:52.0976 2576 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll

17:51:53.0023 2576 RasMan - ok

17:51:53.0054 2576 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

17:51:53.0054 2576 RasPppoe - ok

17:51:53.0085 2576 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

17:51:53.0101 2576 RasSstp - ok

17:51:53.0194 2576 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

17:51:53.0210 2576 rdbss - ok

17:51:53.0257 2576 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

17:51:53.0257 2576 RDPCDD - ok

17:51:53.0350 2576 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

17:51:53.0382 2576 rdpdr - ok

17:51:53.0397 2576 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

17:51:53.0397 2576 RDPENCDD - ok

17:51:53.0428 2576 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys

17:51:53.0444 2576 RDPWD - ok

17:51:53.0647 2576 Remote UI Service (752402f6bd5fa012805813c329f88dd3) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

17:51:53.0662 2576 Remote UI Service - ok

17:51:53.0694 2576 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll

17:51:53.0694 2576 RemoteAccess - ok

17:51:53.0881 2576 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll

17:51:53.0912 2576 RemoteRegistry - ok

17:51:54.0224 2576 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files\CyberLink\Shared Files\RichVideo.exe

17:51:54.0240 2576 RichVideo - ok

17:51:54.0286 2576 RimUsb (5ec6fa6386ab2580b5ae3cf39ac1dfaf) C:\Windows\system32\Drivers\RimUsb.sys

17:51:54.0286 2576 RimUsb - ok

17:51:54.0864 2576 RoxMediaDB9 (00f3e30d63078fc4b543c32fd7337a7b) c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

17:51:54.0910 2576 RoxMediaDB9 - ok

17:51:54.0942 2576 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe

17:51:54.0957 2576 RpcLocator - ok

17:51:55.0222 2576 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

17:51:55.0222 2576 RpcSs - ok

17:51:55.0659 2576 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

17:51:55.0675 2576 rspndr - ok

17:51:55.0722 2576 RTSTOR (59b8716084597c9d6d7165835c8479c1) C:\Windows\system32\drivers\RTSTOR.SYS

17:51:55.0722 2576 RTSTOR - ok

17:51:55.0737 2576 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

17:51:55.0737 2576 SamSs - ok

17:51:55.0893 2576 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

17:51:55.0893 2576 sbp2port - ok

17:51:55.0940 2576 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll

17:51:55.0940 2576 SCardSvr - ok

17:51:55.0987 2576 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll

17:51:56.0049 2576 Schedule - ok

17:51:56.0065 2576 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

17:51:56.0065 2576 SCPolicySvc - ok

17:51:56.0112 2576 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll

17:51:56.0112 2576 SDRSVC - ok

17:51:56.0158 2576 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

17:51:56.0158 2576 secdrv - ok

17:51:56.0190 2576 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll

17:51:56.0190 2576 seclogon - ok

17:51:56.0502 2576 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll

17:51:56.0517 2576 SENS - ok

17:51:56.0533 2576 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

17:51:56.0564 2576 Serenum - ok

17:51:56.0595 2576 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

17:51:56.0595 2576 Serial - ok

17:51:56.0626 2576 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

17:51:56.0626 2576 sermouse - ok

17:51:56.0720 2576 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll

17:51:56.0720 2576 SessionEnv - ok

17:51:56.0767 2576 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys

17:51:56.0767 2576 sffdisk - ok

17:51:56.0860 2576 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

17:51:56.0860 2576 sffp_mmc - ok

17:51:56.0892 2576 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys

17:51:56.0892 2576 sffp_sd - ok

17:51:56.0923 2576 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

17:51:56.0923 2576 sfloppy - ok

17:51:56.0970 2576 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll

17:51:56.0985 2576 SharedAccess - ok

17:51:57.0048 2576 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll

17:51:57.0063 2576 ShellHWDetection - ok

17:51:57.0079 2576 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

17:51:57.0079 2576 sisagp - ok

17:51:57.0094 2576 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

17:51:57.0110 2576 SiSRaid2 - ok

17:51:57.0141 2576 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

17:51:57.0141 2576 SiSRaid4 - ok

17:51:57.0313 2576 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe

17:51:57.0328 2576 SkypeUpdate - ok

17:51:58.0030 2576 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe

17:51:58.0077 2576 slsvc - ok

17:51:58.0436 2576 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll

17:51:58.0436 2576 SLUINotify - ok

17:51:58.0795 2576 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

17:51:58.0795 2576 Smb - ok

17:51:58.0842 2576 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe

17:51:58.0842 2576 SNMPTRAP - ok

17:51:58.0951 2576 sonypvs1 (dfadfc2c86662f40759bf02add27d569) C:\Windows\system32\DRIVERS\sonypvs1.sys

17:51:58.0966 2576 sonypvs1 - ok

17:51:58.0998 2576 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

17:51:58.0998 2576 spldr - ok

17:51:59.0091 2576 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe

17:51:59.0138 2576 Spooler - ok

17:51:59.0310 2576 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\Windows\System32\Drivers\N360\0602010.005\SRTSP.SYS

17:51:59.0310 2576 SRTSP - ok

17:51:59.0637 2576 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\Windows\system32\drivers\N360\0602010.005\SRTSPX.SYS

17:51:59.0637 2576 SRTSPX - ok

17:51:59.0731 2576 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

17:51:59.0746 2576 srv - ok

17:51:59.0778 2576 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

17:51:59.0793 2576 srv2 - ok

17:51:59.0824 2576 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

17:51:59.0824 2576 srvnet - ok

17:51:59.0856 2576 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll

17:51:59.0871 2576 SSDPSRV - ok

17:51:59.0965 2576 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll

17:51:59.0980 2576 SstpSvc - ok

17:52:00.0090 2576 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll

17:52:00.0121 2576 stisvc - ok

17:52:00.0604 2576 stllssvr (d4ce4d370a26ae1bf41be9f69d24d049) c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

17:52:00.0604 2576 stllssvr - ok

17:52:00.0636 2576 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

17:52:00.0636 2576 swenum - ok

17:52:01.0026 2576 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll

17:52:01.0041 2576 swprv - ok

17:52:01.0197 2576 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

17:52:01.0197 2576 Symc8xx - ok

17:52:01.0587 2576 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\N360\0602010.005\SYMDS.SYS

17:52:01.0603 2576 SymDS - ok

17:52:01.0837 2576 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\Windows\system32\drivers\N360\0602010.005\SYMEFA.SYS

17:52:01.0884 2576 SymEFA - ok

17:52:01.0915 2576 SymEvent (74e2521e96176a4449570e50be91954d) C:\Windows\system32\Drivers\SYMEVENT.SYS

17:52:01.0930 2576 SymEvent - ok

17:52:01.0962 2576 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\Windows\system32\drivers\N360\0602010.005\Ironx86.SYS

17:52:01.0962 2576 SymIRON - ok

17:52:02.0008 2576 SYMTDIv (40c6e6417c8b7d7fcf82cfbe71525795) C:\Windows\System32\Drivers\N360\0602010.005\SYMTDIV.SYS

17:52:02.0008 2576 SYMTDIv - ok

17:52:02.0118 2576 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

17:52:02.0133 2576 Sym_hi - ok

17:52:02.0164 2576 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

17:52:02.0164 2576 Sym_u3 - ok

17:52:02.0336 2576 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll

17:52:02.0367 2576 SysMain - ok

17:52:02.0586 2576 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll

17:52:02.0586 2576 TabletInputService - ok

17:52:02.0695 2576 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll

17:52:02.0710 2576 TapiSrv - ok

17:52:02.0804 2576 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll

17:52:02.0804 2576 TBS - ok

17:52:02.0991 2576 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys

17:52:03.0054 2576 Tcpip - ok

17:52:03.0069 2576 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys

17:52:03.0085 2576 Tcpip6 - ok

17:52:03.0256 2576 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

17:52:03.0256 2576 tcpipreg - ok

17:52:03.0288 2576 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

17:52:03.0288 2576 TDPIPE - ok

17:52:03.0334 2576 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

17:52:03.0334 2576 TDTCP - ok

17:52:03.0350 2576 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

17:52:03.0350 2576 tdx - ok

17:52:03.0740 2576 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

17:52:03.0740 2576 TermDD - ok

17:52:04.0052 2576 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll

17:52:04.0068 2576 TermService - ok

17:52:04.0099 2576 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll

17:52:04.0114 2576 Themes - ok

17:52:04.0146 2576 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

17:52:04.0161 2576 THREADORDER - ok

17:52:04.0832 2576 TomTomHOMEService (3199a477f0f06eede41bd55179f8eb05) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

17:52:04.0832 2576 TomTomHOMEService - ok

17:52:04.0879 2576 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll

17:52:04.0879 2576 TrkWks - ok

17:52:04.0941 2576 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe

17:52:04.0941 2576 TrustedInstaller - ok

17:52:05.0082 2576 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

17:52:05.0082 2576 tssecsrv - ok

17:52:05.0128 2576 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

17:52:05.0128 2576 tunmp - ok

17:52:05.0269 2576 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

17:52:05.0284 2576 tunnel - ok

17:52:05.0316 2576 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

17:52:05.0316 2576 uagp35 - ok

17:52:05.0362 2576 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

17:52:05.0362 2576 udfs - ok

17:52:05.0394 2576 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe

17:52:05.0394 2576 UI0Detect - ok

17:52:05.0565 2576 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

17:52:05.0565 2576 uliagpkx - ok

17:52:05.0596 2576 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

17:52:05.0612 2576 uliahci - ok

17:52:05.0659 2576 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

17:52:05.0706 2576 UlSata - ok

17:52:05.0721 2576 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

17:52:05.0721 2576 ulsata2 - ok

17:52:05.0752 2576 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

17:52:05.0752 2576 umbus - ok

17:52:05.0784 2576 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll

17:52:05.0830 2576 upnphost - ok

17:52:05.0893 2576 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys

17:52:05.0893 2576 USBAAPL - ok

17:52:05.0924 2576 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

17:52:05.0924 2576 usbaudio - ok

17:52:06.0064 2576 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

17:52:06.0064 2576 usbccgp - ok

17:52:06.0096 2576 usbcir (47b9770ea21436de4ad5aea7926e0900) C:\Windows\system32\DRIVERS\usbcir.sys

17:52:06.0096 2576 usbcir - ok

17:52:06.0127 2576 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

17:52:06.0127 2576 usbehci - ok

17:52:06.0174 2576 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

17:52:06.0174 2576 usbhub - ok

17:52:06.0205 2576 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

17:52:06.0205 2576 usbohci - ok

17:52:06.0361 2576 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

17:52:06.0392 2576 usbprint - ok

17:52:06.0423 2576 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

17:52:06.0439 2576 usbscan - ok

17:52:06.0470 2576 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:52:06.0470 2576 USBSTOR - ok

17:52:06.0610 2576 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

17:52:06.0610 2576 usbuhci - ok

17:52:06.0720 2576 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll

17:52:06.0720 2576 UxSms - ok

17:52:06.0813 2576 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe

17:52:06.0829 2576 vds - ok

17:52:06.0860 2576 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

17:52:06.0860 2576 vga - ok

17:52:06.0922 2576 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

17:52:06.0922 2576 VgaSave - ok

17:52:06.0938 2576 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

17:52:06.0954 2576 viaagp - ok

17:52:06.0969 2576 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

17:52:06.0969 2576 ViaC7 - ok

17:52:07.0000 2576 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

17:52:07.0000 2576 viaide - ok

17:52:07.0032 2576 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

17:52:07.0032 2576 volmgr - ok

17:52:07.0078 2576 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

17:52:07.0094 2576 volmgrx - ok

17:52:07.0110 2576 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

17:52:07.0125 2576 volsnap - ok

17:52:07.0172 2576 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

17:52:07.0219 2576 vsmraid - ok

17:52:07.0468 2576 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe

17:52:07.0500 2576 VSS - ok

17:52:07.0874 2576 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll

17:52:07.0890 2576 W32Time - ok

17:52:08.0030 2576 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

17:52:08.0030 2576 WacomPen - ok

17:52:08.0077 2576 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

17:52:08.0077 2576 Wanarp - ok

17:52:08.0092 2576 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

17:52:08.0092 2576 Wanarpv6 - ok

17:52:08.0467 2576 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll

17:52:08.0482 2576 wcncsvc - ok

17:52:08.0514 2576 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll

17:52:08.0514 2576 WcsPlugInService - ok

17:52:08.0638 2576 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

17:52:08.0654 2576 Wd - ok

17:52:08.0701 2576 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

17:52:08.0716 2576 Wdf01000 - ok

17:52:08.0935 2576 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

17:52:08.0935 2576 WdiServiceHost - ok

17:52:08.0935 2576 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

17:52:08.0935 2576 WdiSystemHost - ok

17:52:09.0075 2576 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll

17:52:09.0075 2576 WebClient - ok

17:52:09.0122 2576 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll

17:52:09.0122 2576 Wecsvc - ok

17:52:09.0403 2576 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll

17:52:09.0403 2576 wercplsupport - ok

17:52:09.0808 2576 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll

17:52:09.0808 2576 WerSvc - ok

17:52:10.0120 2576 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll

17:52:10.0136 2576 WinDefend - ok

17:52:10.0167 2576 WinHttpAutoProxySvc - ok

17:52:10.0230 2576 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll

17:52:10.0245 2576 Winmgmt - ok

17:52:10.0417 2576 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll

17:52:10.0495 2576 WinRM - ok

17:52:10.0604 2576 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll

17:52:10.0651 2576 Wlansvc - ok

17:52:10.0713 2576 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

17:52:10.0744 2576 WmiAcpi - ok

17:52:11.0025 2576 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe

17:52:11.0025 2576 wmiApSrv - ok

17:52:11.0368 2576 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe

17:52:11.0431 2576 WMPNetworkSvc - ok

17:52:11.0493 2576 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll

17:52:11.0509 2576 WPCSvc - ok

17:52:11.0540 2576 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll

17:52:11.0540 2576 WPDBusEnum - ok

17:52:11.0914 2576 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

17:52:11.0946 2576 WpdUsb - ok

17:52:12.0133 2576 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

17:52:12.0180 2576 WPFFontCache_v0400 - ok

17:52:12.0289 2576 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

17:52:12.0304 2576 ws2ifsl - ok

17:52:12.0336 2576 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll

17:52:12.0336 2576 wscsvc - ok

17:52:12.0336 2576 WSearch - ok

17:52:12.0944 2576 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll

17:52:13.0038 2576 wuauserv - ok

17:52:13.0849 2576 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

17:52:13.0864 2576 WUDFRd - ok

17:52:13.0896 2576 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll

17:52:13.0896 2576 wudfsvc - ok

17:52:13.0958 2576 MBR (0x1B8) (8913823ff508ccf109db74b636c301da) \Device\Harddisk0\DR0

17:52:14.0161 2576 \Device\Harddisk0\DR0 - ok

17:52:14.0161 2576 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1

17:52:14.0176 2576 \Device\Harddisk1\DR1 - ok

17:52:14.0176 2576 Boot (0x1200) (5bdff38800d9439c8a4d93198ae5ce12) \Device\Harddisk0\DR0\Partition0

17:52:14.0176 2576 \Device\Harddisk0\DR0\Partition0 - ok

17:52:14.0176 2576 Boot (0x1200) (808acdac7fb2596427a9540620eb2b81) \Device\Harddisk0\DR0\Partition1

17:52:14.0176 2576 \Device\Harddisk0\DR0\Partition1 - ok

17:52:14.0192 2576 Boot (0x1200) (7b015dc72f5f86fb2f17e8853b3b69b9) \Device\Harddisk1\DR1\Partition0

17:52:14.0192 2576 \Device\Harddisk1\DR1\Partition0 - ok

17:52:14.0192 2576 ============================================================

17:52:14.0192 2576 Scan finished

17:52:14.0192 2576 ============================================================

17:52:14.0208 4464 Detected object count: 0

17:52:14.0208 4464 Actual detected object count: 0

Link to post
Share on other sites

Log from ComboFix:

ComboFix 12-05-26.02 - Nick 26/05/2012 18:14:30.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.61.1033.18.3710.2439 [GMT -4:00]

Running from: c:\users\Nick\Desktop\ComboFix.exe

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

.

((((((((((((((((((((((((( Files Created from 2012-04-26 to 2012-05-26 )))))))))))))))))))))))))))))))

.

.

2012-05-26 22:27 . 2012-05-26 22:58 -------- d-----w- c:\users\Nick\AppData\Local\temp

2012-05-26 22:27 . 2012-05-26 22:27 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp

2012-05-26 22:27 . 2012-05-26 22:27 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-20 00:09 . 2012-05-20 00:09 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-05-20 00:09 . 2012-05-20 00:09 -------- d-----w- c:\program files\Symantec

2012-05-20 00:09 . 2012-05-20 00:18 -------- d-----w- c:\windows\system32\drivers\N360

2012-05-20 00:09 . 2012-05-20 00:09 -------- d-----w- c:\program files\Norton 360

2012-05-20 00:08 . 2012-05-20 00:08 -------- d-----w- c:\program files\NortonInstaller

2012-05-16 16:29 . 2012-05-16 16:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-05-16 16:29 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-05-16 15:36 . 2012-05-22 03:21 -------- d-----w- c:\programdata\blekko toolbars

2012-05-16 15:36 . 2012-05-22 03:21 -------- d-----w- c:\program files\blekkotb_soc

2012-05-16 15:09 . 2008-04-17 20:12 107368 ----a-r- c:\windows\system32\GEARAspi.dll

2012-05-16 14:40 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-16 14:40 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-16 14:40 . 2012-04-02 13:36 2044928 ----a-w- c:\windows\system32\win32k.sys

2012-05-03 01:53 . 2012-05-16 14:56 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-05-03 01:35 . 2012-05-03 01:35 -------- d-----w- c:\users\Nick\AppData\Roaming\Malwarebytes

2012-05-03 01:35 . 2012-05-03 01:35 -------- d-----w- c:\programdata\Malwarebytes

2012-05-02 03:54 . 2012-05-02 04:11 -------- d-----w- c:\users\Nick\AppData\Local\NPE

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-16 14:56 . 2011-08-04 12:21 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-29 15:11 . 2012-04-14 04:31 5120 ----a-w- c:\windows\system32\wmi.dll

2012-02-29 15:11 . 2012-04-14 04:31 172032 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 15:09 . 2012-04-14 04:31 157696 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 13:32 . 2012-04-14 04:31 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-02-28 01:18 . 2012-04-14 04:32 1799168 ----a-w- c:\windows\system32\jscript9.dll

2012-02-28 01:11 . 2012-04-14 04:32 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2012-02-28 01:11 . 2012-04-14 04:32 1127424 ----a-w- c:\windows\system32\wininet.dll

2012-02-28 01:03 . 2012-04-14 04:32 2382848 ----a-w- c:\windows\system32\mshtml.tlb

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840]

.

[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]

[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]

[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]

2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]

.

[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]

[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]

.

[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]

[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CCUTRAYICON"="FactoryMode" [X]

"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]

"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]

"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2006-11-20 155648]

"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-04-19 151552]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-06-28 32768]

"EEventManager"="c:\program files\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2006-10-12 102400]

"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]

"Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 229376]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13535776]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 92704]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]

"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2009-05-20 3618104]

"Brdefprn"="c:\program files\Brother\BRHL3070\Brdefprn.exe" [2008-10-20 45056]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]

"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-25 44136]

.

c:\users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Logitech . Product Registration.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384]

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

OneNote Table Of Contents.onetoc2 [2011-4-7 3656]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]

HP Connections.lnk - c:\program files\HP Connections\6811507\Program\HP Connections.exe [2007-2-28 34520]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4021262407-376930420-1378695997-1001]

"EnableNotificationsRef"=dword:00000001

.

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 257696]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-01-26 2831232]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 14:56]

.

2012-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-08 21:26]

.

2012-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-08 21:26]

.

2012-05-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4021262407-376930420-1378695997-1001Core.job

- c:\users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-11 23:08]

.

2012-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4021262407-376930420-1378695997-1001UA.job

- c:\users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-11 23:08]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://search.myheritage.com

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

DPF: {363D09D0-9D94-4880-86B2-7A8801920854} - hxxp://org-au.anytime-tv.com/anytime_au/cab/AnytimeAU_3_5_0_20.cab

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-05-26 18:58

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\N360]

"ImagePath"="\"c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\6.2.1.5\diMaster.dll\" /prefetch:1"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'Explorer.exe'(7728)

c:\program files\ArcSoft\PhotoImpression 5\share\pihook.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

c:\program files\Kontiki\KService.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\program files\TomTom HOME 2\TomTomHOMEService.exe

c:\windows\system32\WUDFHost.exe

c:\windows\ehome\ehsched.exe

c:\windows\ehome\ehRecvr.exe

c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Completion time: 2012-05-26 19:01:47 - machine was rebooted

ComboFix-quarantined-files.txt 2012-05-26 23:01

ComboFix2.txt 2012-05-16 16:07

.

Pre-Run: 33,126,813,696 bytes free

Post-Run: 32,706,998,272 bytes free

.

- - End Of File - - 52C75E9A985C192B0AF6CFF75DD03A01

Link to post
Share on other sites

Security Check log:

Results of screen317's Security Check version 0.99.38

Windows Vista Service Pack 2 x86 (UAC is enabled)

Internet Explorer 9

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Disabled!

Norton 360

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes Anti-Malware version 1.61.0.1400

Java 6 Update 29

Java version out of date!

Adobe Flash Player 10 Flash Player out of date!

Adobe Flash Player 10.0.32.18 Flash Player out of Date!

Adobe Reader 8 Adobe Reader out of date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Norton ccSvcHst.exe

``````````End of Log````````````

Link to post
Share on other sites

Apologies DFB, I've been travelling and unable to respond. I'm back now and working through your instructions tonight.

Cheers, Nick

No worries, I understand. Welcome back. :)

I'd like to take a closer look at some things, which may give us some further insight as to what else may be causing the problems you're experiencing.

Please print out these instructions or copy them to a Notepad file for an easier reading and download MBRCheck by a_d_13 to your Desktop from one of these locations:

http://ad13.geekstogo.com/MBRCheck.exe

http://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe

http://www.kernelmode.info/MBRCheck.exe

Close all opened programs/ windows and double-click on MBRCheck.exe.

It will produce a log file saved automatically on your Desktop as "MBRCheck_[Date]_[Time].txt".

Press the "Enter" key to close the MBRCheck window and post the contents of the log file.

---------

Please do the following:

  • Please download aswMBR.exe from here and save it to your Desktop.
  • Double click aswMBR.exe to start the tool. (Vista - Win 7 Rt click to run as Administrator)
  • Click Scan
  • Upon completion of the scan, click Save log and save it to your Desktop, and post that log in your next reply. Do NOT attempt any Fix at this time!
  • This will also create a file on your Desktop named MBR.dat. Right click that file and select Send To->Compressed (zipped) folder. Attach that zipped folder in your next reply as well.

(Note: you can opt out of the complimentary Avast scan that is selected as the default action in aswMBR).

---------

Please include both the MBRCheck and aswMBR reports, as well as the MBR.dat zip file in your next reply :).

Link to post
Share on other sites

Thanks again for your help.

MBRCheck log:

MBRCheck, version 1.2.3

© 2010, AD

Command-line:

Windows Version: Windows Vista Home Premium Edition

Windows Information: Service Pack 2 (build 6002), 32-bit

Base Board Manufacturer: ASUSTek Computer INC.

BIOS Manufacturer: Phoenix Technologies, LTD

System Manufacturer: HP-Pavilion

System Product Name: RZ556AA-ABG m8085a

Logical Drives Mask: 0x00000f1c

Kernel Drivers (total 162):

0x8320E000 \SystemRoot\system32\ntkrnlpa.exe

0x835C8000 \SystemRoot\system32\hal.dll

0x80407000 \SystemRoot\system32\kdcom.dll

0x8040E000 \SystemRoot\system32\mcupdate_GenuineIntel.dll

0x8047E000 \SystemRoot\system32\PSHED.dll

0x8048F000 \SystemRoot\system32\BOOTVID.dll

0x80497000 \SystemRoot\system32\CLFS.SYS

0x804D8000 \SystemRoot\system32\CI.dll

0x80605000 \SystemRoot\system32\drivers\Wdf01000.sys

0x80681000 \SystemRoot\system32\drivers\WDFLDR.SYS

0x8068E000 \SystemRoot\system32\drivers\acpi.sys

0x806D4000 \SystemRoot\system32\drivers\WMILIB.SYS

0x806DD000 \SystemRoot\system32\drivers\msisadrv.sys

0x806E5000 \SystemRoot\system32\drivers\pci.sys

0x8070C000 \SystemRoot\System32\drivers\partmgr.sys

0x8071C000 \SystemRoot\system32\drivers\volmgr.sys

0x8072B000 \SystemRoot\System32\drivers\volmgrx.sys

0x80775000 \SystemRoot\system32\drivers\intelide.sys

0x8077C000 \SystemRoot\system32\drivers\PCIIDEX.SYS

0x8078A000 \SystemRoot\System32\drivers\mountmgr.sys

0x83C02000 \SystemRoot\system32\drivers\iastor.sys

0x83CBA000 \SystemRoot\system32\drivers\atapi.sys

0x83CC2000 \SystemRoot\system32\drivers\ataport.SYS

0x83CE0000 \SystemRoot\system32\drivers\fltmgr.sys

0x83D12000 \SystemRoot\system32\drivers\N360\0602010.005\SYMDS.SYS

0x83D69000 \SystemRoot\system32\drivers\fileinfo.sys

0x83E09000 \SystemRoot\system32\drivers\N360\0602010.005\SYMEFA.SYS

0x83EED000 \SystemRoot\System32\Drivers\PxHelp20.sys

0x83EF6000 \SystemRoot\System32\Drivers\ksecdd.sys

0x8CE0E000 \SystemRoot\system32\drivers\ndis.sys

0x8CF19000 \SystemRoot\system32\drivers\msrpc.sys

0x8CF44000 \SystemRoot\system32\drivers\NETIO.SYS

0x8D00B000 \SystemRoot\System32\drivers\tcpip.sys

0x8D0F5000 \SystemRoot\System32\drivers\fwpkclnt.sys

0x8D206000 \SystemRoot\System32\Drivers\Ntfs.sys

0x8D316000 \SystemRoot\system32\drivers\volsnap.sys

0x8D34F000 \SystemRoot\System32\Drivers\spldr.sys

0x8D357000 \SystemRoot\System32\Drivers\mup.sys

0x8D366000 \SystemRoot\System32\drivers\ecache.sys

0x8D38D000 \SystemRoot\system32\drivers\disk.sys

0x8D39E000 \SystemRoot\system32\drivers\CLASSPNP.SYS

0x8D3BF000 \SystemRoot\system32\drivers\crcdisk.sys

0x8D3D5000 \SystemRoot\system32\DRIVERS\tunnel.sys

0x8D3E0000 \SystemRoot\system32\DRIVERS\tunmp.sys

0x8D3E9000 \SystemRoot\system32\DRIVERS\intelppm.sys

0x91A0B000 \SystemRoot\system32\DRIVERS\atikmdag.sys

0x91F1E000 \SystemRoot\System32\drivers\dxgkrnl.sys

0x91FBE000 \SystemRoot\System32\drivers\watchdog.sys

0x83F68000 \SystemRoot\system32\DRIVERS\HDAudBus.sys

0x91FCA000 \SystemRoot\system32\DRIVERS\usbuhci.sys

0x8CF7F000 \SystemRoot\system32\DRIVERS\USBPORT.SYS

0x91FD5000 \SystemRoot\system32\DRIVERS\usbehci.sys

0x91FE4000 \SystemRoot\system32\DRIVERS\ohci1394.sys

0x8D1C8000 \SystemRoot\system32\DRIVERS\1394BUS.SYS

0x92605000 \SystemRoot\system32\DRIVERS\3xHybrid.sys

0x928B9000 \SystemRoot\system32\DRIVERS\ks.sys

0x928E3000 \SystemRoot\system32\DRIVERS\BdaSup.SYS

0x928E6000 \SystemRoot\system32\DRIVERS\athr.sys

0x929A8000 \SystemRoot\system32\DRIVERS\e100b325.sys

0x929CF000 \SystemRoot\system32\DRIVERS\msiscsi.sys

0x8CFBD000 \SystemRoot\system32\DRIVERS\storport.sys

0x91A00000 \SystemRoot\system32\DRIVERS\TDI.SYS

0x8D1D6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys

0x91FF4000 \SystemRoot\system32\DRIVERS\ndistapi.sys

0x83D79000 \SystemRoot\system32\DRIVERS\ndiswan.sys

0x8D1ED000 \SystemRoot\system32\DRIVERS\raspppoe.sys

0x83D9C000 \SystemRoot\system32\DRIVERS\raspptp.sys

0x83DB0000 \SystemRoot\system32\DRIVERS\rassstp.sys

0x83DC5000 \SystemRoot\system32\DRIVERS\termdd.sys

0x8D000000 \SystemRoot\system32\DRIVERS\kbdclass.sys

0x8CE00000 \SystemRoot\system32\DRIVERS\mouclass.sys

0x929FE000 \SystemRoot\system32\DRIVERS\swenum.sys

0x83DD5000 \SystemRoot\system32\DRIVERS\circlass.sys

0x83FF5000 \SystemRoot\system32\DRIVERS\mssmbios.sys

0x83DE3000 \SystemRoot\system32\DRIVERS\umbus.sys

0x8079A000 \SystemRoot\system32\DRIVERS\usbhub.sys

0x807CF000 \SystemRoot\System32\Drivers\NDProxy.SYS

0x97609000 \SystemRoot\system32\drivers\RTKVHDA.sys

0x978A6000 \SystemRoot\system32\drivers\portcls.sys

0x978D3000 \SystemRoot\system32\drivers\drmk.sys

0x97910000 \SystemRoot\system32\drivers\N360\0602010.005\ccSetx86.sys

0x97934000 \SystemRoot\system32\drivers\N360\0602010.005\Ironx86.SYS

0x9795B000 \SystemRoot\System32\Drivers\Fs_Rec.SYS

0x97964000 \SystemRoot\System32\Drivers\Null.SYS

0x9796B000 \SystemRoot\System32\Drivers\Beep.SYS

0x9798E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS

0x97995000 \SystemRoot\System32\drivers\vga.sys

0x979A1000 \SystemRoot\System32\drivers\VIDEOPRT.SYS

0x979C2000 \SystemRoot\system32\DRIVERS\hidusb.sys

0x979CB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS

0x979DB000 \SystemRoot\system32\DRIVERS\USBD.SYS

0x979DD000 \SystemRoot\System32\DRIVERS\RDPCDD.sys

0x979E5000 \SystemRoot\system32\drivers\rdpencdd.sys

0x979ED000 \SystemRoot\System32\Drivers\Msfs.SYS

0x97972000 \SystemRoot\System32\Drivers\Npfs.SYS

0x97980000 \SystemRoot\system32\DRIVERS\mouhid.sys

0x97600000 \SystemRoot\System32\DRIVERS\rasacd.sys

0x807E0000 \SystemRoot\system32\DRIVERS\tdx.sys

0x97C07000 \SystemRoot\System32\Drivers\N360\0602010.005\SYMTDIV.SYS

0x97C62000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS

0x97C8C000 \SystemRoot\system32\DRIVERS\smb.sys

0x97CA0000 \SystemRoot\system32\drivers\afd.sys

0x97CE8000 \SystemRoot\System32\DRIVERS\netbt.sys

0x97D1A000 \SystemRoot\system32\drivers\ws2ifsl.sys

0x97D23000 \SystemRoot\system32\DRIVERS\pacer.sys

0x97D39000 \SystemRoot\system32\DRIVERS\netbios.sys

0x97D47000 \SystemRoot\system32\DRIVERS\wanarp.sys

0x97D5A000 \SystemRoot\system32\drivers\N360\0602010.005\SRTSPX.SYS

0x97D6A000 \SystemRoot\system32\DRIVERS\rdbss.sys

0x97DA6000 \SystemRoot\system32\drivers\nsiproxy.sys

0x98209000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20120525.001\IDSvix86.sys

0x98267000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

0x982C5000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

0x982E3000 \SystemRoot\System32\Drivers\dfsc.sys

0x982FA000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20120517.001\BHDrvx86.sys

0x983C6000 \SystemRoot\system32\DRIVERS\usbprint.sys

0x983D0000 \SystemRoot\system32\DRIVERS\usbccgp.sys

0x983E7000 \SystemRoot\system32\DRIVERS\kbdhid.sys

0x983F0000 \SystemRoot\system32\drivers\RTSTOR.SYS

0x98C03000 \SystemRoot\system32\DRIVERS\LVMVDrv.sys

0x98DDF000 \SystemRoot\system32\drivers\LVUSBSta.sys

0x9900A000 \SystemRoot\system32\DRIVERS\LV302V32.SYS

0x99299000 \SystemRoot\system32\DRIVERS\lv302af.sys

0x9929B000 \SystemRoot\system32\drivers\usbaudio.sys

0x992AD000 \SystemRoot\system32\DRIVERS\lvrs.sys

0x992ED000 \SystemRoot\System32\Drivers\crashdmp.sys

0x992FA000 \SystemRoot\System32\Drivers\dump_iaStor.sys

0x81CB0000 \SystemRoot\System32\win32k.sys

0x993B2000 \SystemRoot\System32\drivers\Dxapi.sys

0x993BC000 \SystemRoot\system32\DRIVERS\monitor.sys

0x81ED0000 \SystemRoot\System32\TSDDD.dll

0x81EF0000 \SystemRoot\System32\cdd.dll

0x993E3000 \SystemRoot\system32\drivers\luafv.sys

0x8D110000 \SystemRoot\system32\drivers\spsys.sys

0x993CB000 \SystemRoot\system32\DRIVERS\lltdio.sys

0x97DB0000 \SystemRoot\system32\DRIVERS\nwifi.sys

0x98DE8000 \SystemRoot\system32\DRIVERS\ndisuio.sys

0x97DDA000 \SystemRoot\system32\DRIVERS\rspndr.sys

0xA4A02000 \SystemRoot\system32\drivers\HTTP.sys

0xA4A6F000 \SystemRoot\System32\DRIVERS\srvnet.sys

0xA4A8C000 \SystemRoot\system32\DRIVERS\bowser.sys

0xA4AA5000 \SystemRoot\System32\drivers\mpsdrv.sys

0xA4ABA000 \SystemRoot\system32\drivers\mrxdav.sys

0xA4ADB000 \SystemRoot\system32\DRIVERS\mrxsmb.sys

0xA4AFA000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys

0xA4B33000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys

0xA4B4B000 \SystemRoot\System32\DRIVERS\srv2.sys

0xA4B73000 \SystemRoot\System32\DRIVERS\srv.sys

0xA640F000 \SystemRoot\system32\drivers\peauth.sys

0xA64ED000 \SystemRoot\System32\Drivers\secdrv.SYS

0xA64F7000 \SystemRoot\System32\drivers\tcpipreg.sys

0xA6503000 \SystemRoot\system32\DRIVERS\WUDFRd.sys

0xA6518000 \SystemRoot\system32\DRIVERS\WUDFPf.sys

0xA652A000 \SystemRoot\system32\Drivers\LVPr2Mon.sys

0xA652F000 \SystemRoot\system32\drivers\tdtcp.sys

0xA653A000 \SystemRoot\System32\DRIVERS\tssecsrv.sys

0xA6546000 \SystemRoot\System32\Drivers\RDPWD.SYS

0xA6579000 \SystemRoot\system32\drivers\MSPQM.sys

0xB8C04000 \SystemRoot\System32\Drivers\N360\0602010.005\SRTSP.SYS

0xB900F000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120526.006\NAVEX15.SYS

0xB9192000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120526.006\NAVENG.SYS

0x770B0000 \Windows\System32\ntdll.dll

Processes (total 70):

0 System Idle Process

4 System

500 C:\Windows\System32\smss.exe

592 csrss.exe

652 C:\Windows\System32\wininit.exe

660 csrss.exe

696 C:\Windows\System32\services.exe

708 C:\Windows\System32\lsass.exe

720 C:\Windows\System32\lsm.exe

828 C:\Windows\System32\winlogon.exe

900 C:\Windows\System32\svchost.exe

968 C:\Windows\System32\svchost.exe

1004 C:\Windows\System32\Ati2evxx.exe

1068 C:\Windows\System32\svchost.exe

1128 C:\Windows\System32\svchost.exe

1144 C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe

1236 C:\Windows\System32\svchost.exe

1272 C:\Windows\System32\audiodg.exe

1296 C:\Windows\System32\svchost.exe

1320 C:\Windows\System32\SLsvc.exe

1376 C:\Windows\System32\svchost.exe

1512 C:\Windows\System32\Ati2evxx.exe

1568 C:\Windows\System32\svchost.exe

1784 C:\Windows\System32\spoolsv.exe

1828 C:\Windows\System32\svchost.exe

2008 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

2024 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

224 C:\Program Files\Bonjour\mDNSResponder.exe

332 C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

436 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

1168 C:\Program Files\Kontiki\KService.exe

1580 C:\Program Files\Common Files\LightScribe\LSSrvc.exe

1808 C:\Program Files\Norton 360\Engine\6.2.1.5\ccsvchst.exe

312 C:\Windows\System32\svchost.exe

2020 C:\Program Files\CyberLink\Shared Files\RichVideo.exe

2176 C:\Windows\System32\svchost.exe

2236 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

2288 C:\Windows\System32\svchost.exe

2308 C:\Windows\System32\SearchIndexer.exe

2564 WUDFHost.exe

2996 C:\Windows\System32\taskeng.exe

3464 C:\Program Files\Norton 360\Engine\6.2.1.5\ccsvchst.exe

3516 C:\Windows\System32\dwm.exe

3592 C:\Windows\System32\taskeng.exe

3684 C:\Windows\explorer.exe

3988 C:\hp\support\hpsysdrv.exe

4016 C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

4032 C:\Windows\RtHDVCpl.exe

4044 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

4056 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

4072 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

4088 C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe

3064 C:\Program Files\iTunes\iTunesHelper.exe

908 C:\Windows\ehome\ehtray.exe

692 C:\Program Files\Windows Media Player\wmpnscfg.exe

2364 C:\Program Files\HP Connections\6811507\Program\HP Connections.exe

3200 C:\Windows\ehome\ehmsas.exe

2948 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

3272 C:\Program Files\Windows Media Player\wmpnetwk.exe

3556 C:\Windows\ehome\ehsched.exe

2836 C:\Windows\ehome\ehrecvr.exe

3816 C:\Program Files\iPod\bin\iPodService.exe

3752 C:\Windows\System32\svchost.exe

5352 C:\hp\KBD\kbd.exe

4428 dllhost.exe

5040 C:\Windows\System32\SearchProtocolHost.exe

2900 C:\Windows\System32\SearchFilterHost.exe

5228 dllhost.exe

5512 dllhost.exe

5328 C:\Users\Nick\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000048`eccbfe00 (NTFS)

\\.\E: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)

PhysicalDrive0 Model Number: ST3320820AS, Rev: 3.AHG

PhysicalDrive1 Model Number: WDCWD5000AAKX-603CA0, Rev: 16.01H16

Size Device Name MBR Status

--------------------------------------------

298 GB \\.\PhysicalDrive0 Hewlett-Packard MBR code detected

SHA1: 161E5DF10EB9B6EAC4AA8DF99305EF77B11BEBD8

465 GB \\.\PhysicalDrive1 Windows XP MBR code detected

SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A

Done!

aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-05-26 23:32:55

-----------------------------

23:32:55.772 OS Version: Windows 6.0.6002 Service Pack 2

23:32:55.772 Number of processors: 2 586 0xF02

23:32:55.772 ComputerName: PRESIDENT UserName: Nick

23:33:38.423 Initialize success

23:34:05.523 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2

23:34:05.523 Disk 0 Vendor: ST332082 3.AH Size: 305245MB BusType: 3

23:34:05.523 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-3

23:34:05.539 Disk 1 Vendor: WDC_WD50 16.0 Size: 476940MB BusType: 3

23:34:05.539 Disk 0 MBR read successfully

23:34:05.539 Disk 0 MBR scan

23:34:05.554 Disk 0 unknown MBR code

23:34:05.554 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 298700 MB offset 63

23:34:05.586 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 6542 MB offset 611739135

23:34:05.617 Disk 0 scanning sectors +625137345

23:34:05.695 Disk 0 scanning C:\Windows\system32\drivers

23:34:12.824 Service scanning

23:34:30.577 Modules scanning

23:34:38.221 Disk 0 trace - called modules:

23:34:38.252 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll

23:34:38.268 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87ce88b8]

23:34:38.268 3 CLASSPNP.SYS[8d3a38b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0x87282030]

23:34:38.283 Scan finished successfully

23:34:50.872 Disk 0 MBR has been saved successfully to "C:\Users\Nick\Desktop\MBR.dat"

23:34:50.872 The log file has been saved successfully to "C:\Users\Nick\Desktop\aswMBR.txt"

Link to post
Share on other sites

See if you can remove it via Manage Extensions- instructions on accessing Extensions is located here: http://support.google.com/chrome/bin/answer.py?hl=en&answer=187443

If that doesn't work, I suggest reinstalling Chrome. That has fixed similar problems in the past. ;)

Let me know how things go.

Link to post
Share on other sites

Well, using the settings option I was able to change the page shown on start-up just to regular goolge search (instead of Mystart). In any event, I then uninstalled and reinstalled Chrome. Right now, it seems to have worked. I will try it again in the morning to be sure and let you know.

Link to post
Share on other sites

Glad to hear that worked!

I'm not seeing anything suspicious in your logs. At this point, let's run an online scan to verify that there's no traces left that we may have missed:

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats is Unchecked and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Please post that log in your next reply, and let me know how things go :).

Link to post
Share on other sites

If it didn't find anything, I'd say you're clean ;). No need to run it again.

Before we move on, let's update some of your programs.

Program updates are a crucial step in preventing malware, as outdated applications are often used by the cybercriminals to gain a foothold on your system.

-----------

First,

Java is out of date and older versions contain vulnerabilities. Please update to the newest version.

Download the newest version from here http://java.com/en/download/index.jsp.

It's important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.

Go to Start > Control Panel and open Add or Remove Programs.

Search in the list for all previous installed versions of Java. (J2SE Runtime Environment).

They will have this icon next to them: javaicon.gif

Select each in turn and click Remove.

Once old versions are gone, please install the newest version.

-----------

You're using an old version of Adobe Acrobat Reader, this can leave your PC open to vulnerabilities, you can update it here (uninstall version 7.0 first):

Adobe Reader X

Note: I suggest you uncheck an optional, third-party download (eg. McAfee Security Scan Plus).

After successfully installing Adobe Reader X, see this article on how to make this program more secure: Adobe Reader X secures itself by playing in the sandbox.

-----------

Your Flash Player is out of date!

To make sure you have the latest version of Adobe Flash Player installed:

1. To uninstall an older version, visit this link: uninstall_flash_player.exe

2. Quit ALL running applications, including all Internet Explorer or other browser windows, and messenger applications (like AOL Instant Messenger, Yahoo Messenger, MSN Messenger).

3. Double-click on the file you've downloaded to uninstall Flash.

4. If uninstalled successfully, go to this site: Install Adobe Flash Player, and choose Agree and install now. This will install the newest version of Flash for your browser (note: Flash plugins for IE and Firefox must be installed separately).

Note: I recommend you uncheck an optional install (Free McAfee Security Scan or Free Google Toolbar).

-----------

Let me know how the program updates go, as failed updates may be a sign of additional malware. ;)

Link to post
Share on other sites

  • 2 weeks later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.