Jump to content

Recommended Posts

Hi,

 

I just started having this problem a couple days ago, where there is an ad playing somewhere. They're real ads that I've heard before, but don't seem to be coming from anything I have open. They continue even if I close my browser. Usually 2 ads will play, then it stops. Sometimes it seems to start again when I open a new window, or refresh one.

 

I had a google redirect virus a few months ago, and malwarebytes got rid of that. This time, Malwarebytes isn't finding anything.

 

I have Windows 7 on an HP laptop.

 

Hope someone can help!! Thanks in advance!

Link to post
Share on other sites

Hello pjg123 and welcome to Malwarebytes!

I am D-FRED-BROWN and I will be helping you. :)

Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.

----------Step 1----------------

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.

    Vista/Windows 7 users right-click and select Run As Administrator.

  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.

  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
----------Step 2----------------

Please download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
----------Step 3----------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

----------Step 4----------------

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
----------Step 5----------------

In your next reply, please include the following:

  • TDSSKiller's logfile
  • MBAR mbar-log.txt and system-log.txt
  • ComboFix's report (C:\ComboFix.txt)
  • Security Check checkup.txt
After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. :)

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Note:

Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly"

 

-------> Your topic will be closed if you haven't replied within 3 days! <--------

(If I don't respond within 24 hours, please send me a PM)

-DFB

Link to post
Share on other sites

I did the first part, and it found something. I ran the Cure and rebooted. Going on to second part now!

 

Here is the log: 11:43:11.0488 3568  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
11:43:12.0129 3568  ============================================================
11:43:12.0129 3568  Current date / time: 2013/06/27 11:43:12.0129
11:43:12.0129 3568  SystemInfo:
11:43:12.0129 3568 
11:43:12.0129 3568  OS Version: 6.1.7601 ServicePack: 1.0
11:43:12.0129 3568  Product type: Workstation
11:43:12.0129 3568  ComputerName: PAM-PC
11:43:12.0129 3568  UserName: Pam
11:43:12.0129 3568  Windows directory: C:\Windows
11:43:12.0129 3568  System windows directory: C:\Windows
11:43:12.0129 3568  Running under WOW64
11:43:12.0129 3568  Processor architecture: Intel x64
11:43:12.0129 3568  Number of processors: 2
11:43:12.0129 3568  Page size: 0x1000
11:43:12.0129 3568  Boot type: Normal boot
11:43:12.0129 3568  ============================================================
11:43:13.0239 3568  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:43:13.0246 3568  ============================================================
11:43:13.0246 3568  \Device\Harddisk0\DR0:
11:43:13.0246 3568  MBR partitions:
11:43:13.0246 3568  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:43:13.0246 3568  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x237AB000
11:43:13.0246 3568  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2380F000, BlocksNum 0x1BEB800
11:43:13.0246 3568  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
11:43:13.0246 3568  ============================================================
11:43:13.0290 3568  C: <-> \Device\Harddisk0\DR0\Partition2
11:43:13.0346 3568  D: <-> \Device\Harddisk0\DR0\Partition3
11:43:13.0368 3568  E: <-> \Device\Harddisk0\DR0\Partition4
11:43:13.0369 3568  ============================================================
11:43:13.0369 3568  Initialize success
11:43:13.0369 3568  ============================================================
11:43:41.0090 2444  ============================================================
11:43:41.0090 2444  Scan started
11:43:41.0090 2444  Mode: Manual;
11:43:41.0090 2444  ============================================================
11:43:42.0933 2444  ================ Scan system memory ========================
11:43:42.0933 2444  System memory - ok
11:43:42.0949 2444  ================ Scan services =============================
11:43:43.0105 2444  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:43:43.0120 2444  1394ohci - ok
11:43:43.0136 2444  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:43:43.0152 2444  ACPI - ok
11:43:43.0167 2444  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:43:43.0167 2444  AcpiPmi - ok
11:43:43.0354 2444  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:43:43.0354 2444  AdobeFlashPlayerUpdateSvc - ok
11:43:43.0448 2444  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:43:43.0448 2444  adp94xx - ok
11:43:43.0495 2444  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:43:43.0495 2444  adpahci - ok
11:43:43.0526 2444  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:43:43.0542 2444  adpu320 - ok
11:43:43.0573 2444  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:43:43.0573 2444  AeLookupSvc - ok
11:43:43.0635 2444  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:43:43.0635 2444  AERTFilters - ok
11:43:43.0698 2444  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:43:43.0698 2444  AFD - ok
11:43:43.0822 2444  [ 23E7CB4641B93CE8591D1057670A4F04 ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
11:43:43.0822 2444  AffinegyService - ok
11:43:43.0854 2444  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:43:43.0854 2444  agp440 - ok
11:43:43.0916 2444  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:43:43.0916 2444  ALG - ok
11:43:43.0963 2444  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:43:43.0963 2444  aliide - ok
11:43:43.0994 2444  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:43:43.0994 2444  amdide - ok
11:43:44.0041 2444  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:43:44.0041 2444  AmdK8 - ok
11:43:44.0072 2444  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:43:44.0072 2444  AmdPPM - ok
11:43:44.0150 2444  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:43:44.0150 2444  amdsata - ok
11:43:44.0197 2444  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:43:44.0197 2444  amdsbs - ok
11:43:44.0228 2444  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:43:44.0228 2444  amdxata - ok
11:43:44.0275 2444  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:43:44.0275 2444  AppID - ok
11:43:44.0337 2444  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:43:44.0353 2444  AppIDSvc - ok
11:43:44.0384 2444  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
11:43:44.0384 2444  Appinfo - ok
11:43:44.0524 2444  [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:43:44.0524 2444  Apple Mobile Device - ok
11:43:44.0618 2444  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:43:44.0618 2444  arc - ok
11:43:44.0665 2444  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:43:44.0665 2444  arcsas - ok
11:43:44.0696 2444  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:43:44.0696 2444  AsyncMac - ok
11:43:44.0743 2444  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:43:44.0743 2444  atapi - ok
11:43:44.0790 2444  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:43:44.0805 2444  AudioEndpointBuilder - ok
11:43:44.0821 2444  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:43:44.0821 2444  AudioSrv - ok
11:43:44.0883 2444  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:43:44.0899 2444  AxInstSV - ok
11:43:44.0930 2444  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:43:44.0930 2444  b06bdrv - ok
11:43:44.0977 2444  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:43:44.0977 2444  b57nd60a - ok
11:43:45.0039 2444  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:43:45.0039 2444  BDESVC - ok
11:43:45.0086 2444  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:43:45.0086 2444  Beep - ok
11:43:45.0180 2444  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:43:45.0180 2444  BFE - ok
11:43:45.0367 2444  [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130620.001\BHDrvx64.sys
11:43:45.0367 2444  BHDrvx64 - ok
11:43:45.0445 2444  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:43:45.0445 2444  BITS - ok
11:43:45.0476 2444  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:43:45.0476 2444  blbdrive - ok
11:43:45.0538 2444  [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
11:43:45.0538 2444  Bonjour Service - ok
11:43:45.0570 2444  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:43:45.0570 2444  bowser - ok
11:43:45.0585 2444  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:43:45.0585 2444  BrFiltLo - ok
11:43:45.0616 2444  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:43:45.0616 2444  BrFiltUp - ok
11:43:45.0663 2444  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:43:45.0663 2444  Browser - ok
11:43:45.0694 2444  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:43:45.0710 2444  Brserid - ok
11:43:45.0726 2444  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:43:45.0726 2444  BrSerWdm - ok
11:43:45.0741 2444  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:43:45.0741 2444  BrUsbMdm - ok
11:43:45.0772 2444  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:43:45.0772 2444  BrUsbSer - ok
11:43:45.0804 2444  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:43:45.0804 2444  BTHMODEM - ok
11:43:45.0835 2444  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:43:45.0835 2444  bthserv - ok
11:43:45.0913 2444  [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
11:43:45.0913 2444  ccSet_NIS - ok
11:43:45.0944 2444  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:43:45.0944 2444  cdfs - ok
11:43:45.0991 2444  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
11:43:45.0991 2444  cdrom - ok
11:43:46.0053 2444  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:43:46.0053 2444  CertPropSvc - ok
11:43:46.0084 2444  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:43:46.0084 2444  circlass - ok
11:43:46.0116 2444  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:43:46.0131 2444  CLFS - ok
11:43:46.0178 2444  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:43:46.0178 2444  clr_optimization_v2.0.50727_32 - ok
11:43:46.0209 2444  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:43:46.0209 2444  clr_optimization_v2.0.50727_64 - ok
11:43:46.0240 2444  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:43:46.0240 2444  CmBatt - ok
11:43:46.0287 2444  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:43:46.0287 2444  cmdide - ok
11:43:46.0350 2444  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:43:46.0350 2444  CNG - ok
11:43:46.0381 2444  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:43:46.0381 2444  Compbatt - ok
11:43:46.0428 2444  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:43:46.0428 2444  CompositeBus - ok
11:43:46.0443 2444  COMSysApp - ok
11:43:46.0474 2444  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:43:46.0474 2444  crcdisk - ok
11:43:46.0521 2444  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:43:46.0521 2444  CryptSvc - ok
11:43:46.0568 2444  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:43:46.0568 2444  DcomLaunch - ok
11:43:46.0615 2444  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:43:46.0615 2444  defragsvc - ok
11:43:46.0662 2444  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:43:46.0662 2444  DfsC - ok
11:43:46.0677 2444  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:43:46.0693 2444  Dhcp - ok
11:43:46.0724 2444  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:43:46.0724 2444  discache - ok
11:43:46.0771 2444  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:43:46.0771 2444  Disk - ok
11:43:46.0818 2444  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:43:46.0818 2444  Dnscache - ok
11:43:46.0864 2444  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:43:46.0864 2444  dot3svc - ok
11:43:46.0896 2444  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:43:46.0896 2444  DPS - ok
11:43:46.0927 2444  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:43:46.0927 2444  drmkaud - ok
11:43:46.0974 2444  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:43:46.0974 2444  DXGKrnl - ok
11:43:47.0020 2444  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:43:47.0020 2444  EapHost - ok
11:43:47.0114 2444  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:43:47.0145 2444  ebdrv - ok
11:43:47.0192 2444  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:43:47.0192 2444  eeCtrl - ok
11:43:47.0223 2444  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:43:47.0223 2444  EFS - ok
11:43:47.0317 2444  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:43:47.0317 2444  ehRecvr - ok
11:43:47.0364 2444  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:43:47.0364 2444  ehSched - ok
11:43:47.0395 2444  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:43:47.0395 2444  elxstor - ok
11:43:47.0473 2444  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:43:47.0473 2444  EraserUtilRebootDrv - ok
11:43:47.0504 2444  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:43:47.0520 2444  ErrDev - ok
11:43:47.0566 2444  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:43:47.0566 2444  EventSystem - ok
11:43:47.0582 2444  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:43:47.0598 2444  exfat - ok
11:43:47.0629 2444  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:43:47.0629 2444  fastfat - ok
11:43:47.0676 2444  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:43:47.0691 2444  Fax - ok
11:43:47.0707 2444  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:43:47.0707 2444  fdc - ok
11:43:47.0722 2444  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:43:47.0738 2444  fdPHost - ok
11:43:47.0754 2444  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:43:47.0754 2444  FDResPub - ok
11:43:47.0769 2444  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:43:47.0769 2444  FileInfo - ok
11:43:47.0785 2444  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:43:47.0785 2444  Filetrace - ok
11:43:47.0800 2444  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:43:47.0800 2444  flpydisk - ok
11:43:47.0847 2444  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:43:47.0863 2444  FltMgr - ok
11:43:47.0925 2444  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:43:47.0941 2444  FontCache - ok
11:43:47.0988 2444  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:43:48.0003 2444  FontCache3.0.0.0 - ok
11:43:48.0034 2444  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:43:48.0034 2444  FsDepends - ok
11:43:48.0066 2444  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:43:48.0066 2444  Fs_Rec - ok
11:43:48.0112 2444  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:43:48.0112 2444  fvevol - ok
11:43:48.0128 2444  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:43:48.0144 2444  gagp30kx - ok
11:43:48.0190 2444  [ E53EE18A21C025DEABCFE0F72FC481BB ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:43:48.0190 2444  GameConsoleService - ok
11:43:48.0222 2444  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:43:48.0222 2444  GEARAspiWDM - ok
11:43:48.0268 2444  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:43:48.0284 2444  gpsvc - ok
11:43:48.0362 2444  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:43:48.0362 2444  gupdate - ok
11:43:48.0378 2444  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:43:48.0378 2444  gupdatem - ok
11:43:48.0409 2444  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:43:48.0409 2444  hcw85cir - ok
11:43:48.0456 2444  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:43:48.0471 2444  HdAudAddService - ok
11:43:48.0487 2444  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:43:48.0487 2444  HDAudBus - ok
11:43:48.0518 2444  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:43:48.0518 2444  HidBatt - ok
11:43:48.0534 2444  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:43:48.0534 2444  HidBth - ok
11:43:48.0565 2444  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:43:48.0565 2444  HidIr - ok
11:43:48.0596 2444  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
11:43:48.0596 2444  hidserv - ok
11:43:48.0627 2444  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:43:48.0643 2444  HidUsb - ok
11:43:48.0674 2444  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:43:48.0674 2444  hkmsvc - ok
11:43:48.0721 2444  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:43:48.0721 2444  HomeGroupListener - ok
11:43:48.0752 2444  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:43:48.0768 2444  HomeGroupProvider - ok
11:43:48.0830 2444  [ C84BCC03858DAEAC4DB1E95EFCCE1934 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
11:43:48.0830 2444  HP Health Check Service - ok
11:43:48.0892 2444  [ EF3EA06057132138B4E5895A61601DBE ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:43:48.0892 2444  hpqwmiex - ok
11:43:48.0939 2444  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:43:48.0939 2444  HpSAMD - ok
11:43:48.0986 2444  [ B6492D01712A22FF3FEA25A999DBD321 ] HPWMISVC        C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
11:43:48.0986 2444  HPWMISVC - ok
11:43:49.0033 2444  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:43:49.0033 2444  HTTP - ok
11:43:49.0080 2444  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:43:49.0080 2444  hwpolicy - ok
11:43:49.0111 2444  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:43:49.0111 2444  i8042prt - ok
11:43:49.0142 2444  [ BE7D72FCF442C26975942007E0831241 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
11:43:49.0142 2444  iaStor - ok
11:43:49.0173 2444  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:43:49.0189 2444  iaStorV - ok
11:43:49.0220 2444  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:43:49.0236 2444  idsvc - ok
11:43:49.0329 2444  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130626.001\IDSvia64.sys
11:43:49.0329 2444  IDSVia64 - ok
11:43:49.0516 2444  [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:43:49.0688 2444  igfx - ok
11:43:49.0719 2444  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:43:49.0719 2444  iirsp - ok
11:43:49.0766 2444  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:43:49.0782 2444  IKEEXT - ok
11:43:49.0844 2444  [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:43:49.0860 2444  IntcAzAudAddService - ok
11:43:49.0906 2444  [ CFC68CA36A63637E8CA69669EE3693DA ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
11:43:49.0906 2444  IntcHdmiAddService - ok
11:43:49.0922 2444  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:43:49.0922 2444  intelide - ok
11:43:49.0969 2444  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:43:49.0969 2444  intelppm - ok
11:43:49.0984 2444  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:43:49.0984 2444  IPBusEnum - ok
11:43:50.0031 2444  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:43:50.0031 2444  IpFilterDriver - ok
11:43:50.0078 2444  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:43:50.0094 2444  iphlpsvc - ok
11:43:50.0125 2444  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:43:50.0125 2444  IPMIDRV - ok
11:43:50.0156 2444  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:43:50.0156 2444  IPNAT - ok
11:43:50.0187 2444  [ F0EAC938ECC1B2764D04CE16F8627E56 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:43:50.0203 2444  iPod Service - ok
11:43:50.0234 2444  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:43:50.0234 2444  IRENUM - ok
11:43:50.0265 2444  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:43:50.0265 2444  isapnp - ok
11:43:50.0296 2444  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:43:50.0296 2444  iScsiPrt - ok
11:43:50.0343 2444  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:43:50.0343 2444  kbdclass - ok
11:43:50.0374 2444  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:43:50.0374 2444  kbdhid - ok
11:43:50.0390 2444  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:43:50.0390 2444  KeyIso - ok
11:43:50.0421 2444  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:43:50.0421 2444  KSecDD - ok
11:43:50.0452 2444  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:43:50.0468 2444  KSecPkg - ok
11:43:50.0468 2444  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:43:50.0484 2444  ksthunk - ok
11:43:50.0515 2444  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:43:50.0515 2444  KtmRm - ok
11:43:50.0562 2444  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:43:50.0562 2444  LanmanServer - ok
11:43:50.0608 2444  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:43:50.0608 2444  LanmanWorkstation - ok
11:43:50.0686 2444  [ 47269F0DE1E5089C6F23BC1EC48CFC31 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:43:50.0702 2444  LightScribeService - ok
11:43:50.0733 2444  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:43:50.0749 2444  lltdio - ok
11:43:50.0764 2444  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:43:50.0764 2444  lltdsvc - ok
11:43:50.0796 2444  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:43:50.0796 2444  lmhosts - ok
11:43:50.0827 2444  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:43:50.0827 2444  LSI_FC - ok
11:43:50.0842 2444  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:43:50.0858 2444  LSI_SAS - ok
11:43:50.0874 2444  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:43:50.0874 2444  LSI_SAS2 - ok
11:43:50.0920 2444  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:43:50.0920 2444  LSI_SCSI - ok
11:43:50.0936 2444  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:43:50.0936 2444  luafv - ok
11:43:50.0998 2444  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:43:50.0998 2444  MBAMProtector - ok
11:43:51.0045 2444  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:43:51.0045 2444  MBAMScheduler - ok
11:43:51.0076 2444  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:43:51.0076 2444  MBAMService - ok
11:43:51.0139 2444  [ 0F8FE97E6B8F4566518469A1A9738C6D ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
11:43:51.0139 2444  McAfee SiteAdvisor Service - ok
11:43:51.0186 2444  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:43:51.0186 2444  Mcx2Svc - ok
11:43:51.0217 2444  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:43:51.0217 2444  megasas - ok
11:43:51.0248 2444  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:43:51.0248 2444  MegaSR - ok
11:43:51.0279 2444  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:43:51.0279 2444  MMCSS - ok
11:43:51.0310 2444  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:43:51.0310 2444  Modem - ok
11:43:51.0342 2444  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:43:51.0342 2444  monitor - ok
11:43:51.0342 2444  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
11:43:51.0342 2444  mouclass - ok
11:43:51.0373 2444  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:43:51.0373 2444  mouhid - ok
11:43:51.0404 2444  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:43:51.0404 2444  mountmgr - ok
11:43:51.0435 2444  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:43:51.0435 2444  mpio - ok
11:43:51.0451 2444  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:43:51.0451 2444  mpsdrv - ok
11:43:51.0513 2444  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:43:51.0513 2444  MpsSvc - ok
11:43:51.0560 2444  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:43:51.0560 2444  MRxDAV - ok
11:43:51.0607 2444  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:43:51.0607 2444  mrxsmb - ok
11:43:51.0638 2444  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:43:51.0638 2444  mrxsmb10 - ok
11:43:51.0669 2444  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:43:51.0669 2444  mrxsmb20 - ok
11:43:51.0716 2444  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:43:51.0716 2444  msahci - ok
11:43:51.0747 2444  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:43:51.0747 2444  msdsm - ok
11:43:51.0778 2444  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:43:51.0778 2444  MSDTC - ok
11:43:51.0810 2444  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:43:51.0810 2444  Msfs - ok
11:43:51.0841 2444  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:43:51.0841 2444  mshidkmdf - ok
11:43:51.0856 2444  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:43:51.0856 2444  msisadrv - ok
11:43:51.0888 2444  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:43:51.0888 2444  MSiSCSI - ok
11:43:51.0903 2444  msiserver - ok
11:43:51.0934 2444  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:43:51.0934 2444  MSKSSRV - ok
11:43:51.0966 2444  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:43:51.0966 2444  MSPCLOCK - ok
11:43:51.0981 2444  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:43:51.0981 2444  MSPQM - ok
11:43:52.0028 2444  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:43:52.0028 2444  MsRPC - ok
11:43:52.0075 2444  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:43:52.0075 2444  mssmbios - ok
11:43:52.0090 2444  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:43:52.0090 2444  MSTEE - ok
11:43:52.0106 2444  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:43:52.0106 2444  MTConfig - ok
11:43:52.0122 2444  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:43:52.0137 2444  Mup - ok
11:43:52.0168 2444  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:43:52.0184 2444  napagent - ok
11:43:52.0215 2444  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:43:52.0215 2444  NativeWifiP - ok
11:43:52.0309 2444  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130626.022\ENG64.SYS
11:43:52.0309 2444  NAVENG - ok
11:43:52.0371 2444  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130626.022\EX64.SYS
11:43:52.0387 2444  NAVEX15 - ok
11:43:52.0449 2444  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:43:52.0465 2444  NDIS - ok
11:43:52.0512 2444  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:43:52.0512 2444  NdisCap - ok
11:43:52.0558 2444  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:43:52.0558 2444  NdisTapi - ok
11:43:52.0605 2444  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:43:52.0605 2444  Ndisuio - ok
11:43:52.0652 2444  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:43:52.0652 2444  NdisWan - ok
11:43:52.0699 2444  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:43:52.0699 2444  NDProxy - ok
11:43:52.0730 2444  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:43:52.0730 2444  NetBIOS - ok
11:43:52.0777 2444  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:43:52.0777 2444  NetBT - ok
11:43:52.0792 2444  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:43:52.0792 2444  Netlogon - ok
11:43:52.0824 2444  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:43:52.0839 2444  Netman - ok
11:43:52.0855 2444  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:43:52.0855 2444  netprofm - ok
11:43:52.0886 2444  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:43:52.0886 2444  NetTcpPortSharing - ok
11:43:53.0026 2444  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
11:43:53.0073 2444  netw5v64 - ok
11:43:53.0120 2444  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:43:53.0120 2444  nfrd960 - ok
11:43:53.0198 2444  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
11:43:53.0198 2444  NIS - ok
11:43:53.0245 2444  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:43:53.0245 2444  NlaSvc - ok
11:43:53.0276 2444  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:43:53.0276 2444  Npfs - ok
11:43:53.0307 2444  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:43:53.0307 2444  nsi - ok
11:43:53.0323 2444  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:43:53.0323 2444  nsiproxy - ok
11:43:53.0385 2444  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:43:53.0401 2444  Ntfs - ok
11:43:53.0432 2444  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:43:53.0432 2444  Null - ok
11:43:53.0463 2444  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:43:53.0463 2444  nvraid - ok
11:43:53.0494 2444  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:43:53.0494 2444  nvstor - ok
11:43:53.0541 2444  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:43:53.0541 2444  nv_agp - ok
11:43:53.0635 2444  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:43:53.0635 2444  odserv - ok
11:43:53.0666 2444  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:43:53.0666 2444  ohci1394 - ok
11:43:53.0682 2444  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:43:53.0682 2444  ose - ok
11:43:53.0728 2444  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:43:53.0744 2444  p2pimsvc - ok
11:43:53.0775 2444  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:43:53.0775 2444  p2psvc - ok
11:43:53.0806 2444  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:43:53.0806 2444  Parport - ok
11:43:53.0838 2444  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:43:53.0838 2444  partmgr - ok
11:43:53.0869 2444  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:43:53.0869 2444  PcaSvc - ok
11:43:53.0916 2444  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:43:53.0916 2444  pci - ok
11:43:53.0931 2444  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:43:53.0931 2444  pciide - ok
11:43:53.0962 2444  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:43:53.0962 2444  pcmcia - ok
11:43:53.0994 2444  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:43:53.0994 2444  pcw - ok
11:43:54.0025 2444  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:43:54.0025 2444  PEAUTH - ok
11:43:54.0087 2444  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:43:54.0103 2444  PerfHost - ok
11:43:54.0181 2444  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:43:54.0196 2444  pla - ok
11:43:54.0243 2444  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:43:54.0259 2444  PlugPlay - ok
11:43:54.0290 2444  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:43:54.0290 2444  PNRPAutoReg - ok
11:43:54.0321 2444  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:43:54.0321 2444  PNRPsvc - ok
11:43:54.0368 2444  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:43:54.0384 2444  PolicyAgent - ok
11:43:54.0415 2444  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:43:54.0415 2444  Power - ok
11:43:54.0477 2444  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:43:54.0477 2444  PptpMiniport - ok
11:43:54.0508 2444  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:43:54.0508 2444  Processor - ok
11:43:54.0571 2444  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
11:43:54.0571 2444  ProfSvc - ok
11:43:54.0586 2444  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:43:54.0586 2444  ProtectedStorage - ok
11:43:54.0633 2444  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:43:54.0633 2444  Psched - ok
11:43:54.0680 2444  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:43:54.0711 2444  ql2300 - ok
11:43:54.0742 2444  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:43:54.0742 2444  ql40xx - ok
11:43:54.0774 2444  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:43:54.0774 2444  QWAVE - ok
11:43:54.0789 2444  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:43:54.0789 2444  QWAVEdrv - ok
11:43:54.0820 2444  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:43:54.0820 2444  RasAcd - ok
11:43:54.0852 2444  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:43:54.0867 2444  RasAgileVpn - ok
11:43:54.0883 2444  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:43:54.0883 2444  RasAuto - ok
11:43:54.0930 2444  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:43:54.0930 2444  Rasl2tp - ok
11:43:54.0961 2444  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:43:54.0961 2444  RasMan - ok
11:43:54.0976 2444  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:43:54.0992 2444  RasPppoe - ok
11:43:55.0008 2444  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:43:55.0008 2444  RasSstp - ok
11:43:55.0054 2444  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:43:55.0054 2444  rdbss - ok
11:43:55.0070 2444  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:43:55.0070 2444  rdpbus - ok
11:43:55.0101 2444  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:43:55.0101 2444  RDPCDD - ok
11:43:55.0148 2444  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:43:55.0148 2444  RDPENCDD - ok
11:43:55.0148 2444  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:43:55.0148 2444  RDPREFMP - ok
11:43:55.0195 2444  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:43:55.0195 2444  RDPWD - ok
11:43:55.0242 2444  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:43:55.0242 2444  rdyboost - ok
11:43:55.0273 2444  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:43:55.0273 2444  RemoteAccess - ok
11:43:55.0335 2444  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:43:55.0335 2444  RemoteRegistry - ok
11:43:55.0413 2444  [ 498EB62A160674E793FA40FD65390625 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:43:55.0413 2444  RichVideo - ok
11:43:55.0444 2444  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:43:55.0444 2444  RpcEptMapper - ok
11:43:55.0460 2444  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:43:55.0460 2444  RpcLocator - ok
11:43:55.0507 2444  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:43:55.0522 2444  RpcSs - ok
11:43:55.0538 2444  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:43:55.0538 2444  rspndr - ok
11:43:55.0600 2444  [ 483DF0B58CA532E5240E59DC41F30AA2 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
11:43:55.0600 2444  RSUSBSTOR - ok
11:43:55.0632 2444  [ 777FC2C418465404E3D8A290DC247D24 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:43:55.0632 2444  RTL8167 - ok
11:43:55.0678 2444  [ 03E0627C26943916A7276AC5306206C7 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
11:43:55.0694 2444  rtl8192se - ok
11:43:55.0710 2444  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:43:55.0710 2444  SamSs - ok
11:43:55.0741 2444  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:43:55.0756 2444  sbp2port - ok
11:43:55.0788 2444  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:43:55.0803 2444  SCardSvr - ok
11:43:55.0834 2444  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:43:55.0834 2444  scfilter - ok
11:43:55.0881 2444  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:43:55.0897 2444  Schedule - ok
11:43:55.0944 2444  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:43:55.0944 2444  SCPolicySvc - ok
11:43:56.0006 2444  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
11:43:56.0006 2444  sdbus - ok
11:43:56.0022 2444  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:43:56.0022 2444  SDRSVC - ok
11:43:56.0068 2444  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:43:56.0068 2444  secdrv - ok
11:43:56.0084 2444  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:43:56.0084 2444  seclogon - ok
11:43:56.0115 2444  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
11:43:56.0115 2444  SENS - ok
11:43:56.0146 2444  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:43:56.0146 2444  SensrSvc - ok
11:43:56.0162 2444  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:43:56.0162 2444  Serenum - ok
11:43:56.0178 2444  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:43:56.0178 2444  Serial - ok
11:43:56.0193 2444  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:43:56.0193 2444  sermouse - ok
11:43:56.0256 2444  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:43:56.0256 2444  SessionEnv - ok
11:43:56.0302 2444  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:43:56.0302 2444  sffdisk - ok
11:43:56.0334 2444  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:43:56.0334 2444  sffp_mmc - ok
11:43:56.0349 2444  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:43:56.0349 2444  sffp_sd - ok
11:43:56.0380 2444  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:43:56.0380 2444  sfloppy - ok
11:43:56.0427 2444  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:43:56.0427 2444  SharedAccess - ok
11:43:56.0474 2444  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:43:56.0474 2444  ShellHWDetection - ok
11:43:56.0505 2444  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:43:56.0505 2444  SiSRaid2 - ok
11:43:56.0536 2444  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:43:56.0536 2444  SiSRaid4 - ok
11:43:56.0599 2444  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:43:56.0599 2444  SkypeUpdate - ok
11:43:56.0630 2444  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:43:56.0630 2444  Smb - ok
11:43:56.0677 2444  [ 70E5841B1C9F208FBF8FC3583C346E96 ] SMR322          C:\Windows\system32\drivers\SMR322.SYS
11:43:56.0677 2444  SMR322 - ok
11:43:56.0708 2444  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:43:56.0708 2444  SNMPTRAP - ok
11:43:56.0739 2444  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:43:56.0739 2444  spldr - ok
11:43:56.0786 2444  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
11:43:56.0802 2444  Spooler - ok
11:43:56.0895 2444  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:43:56.0926 2444  sppsvc - ok
11:43:56.0958 2444  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:43:56.0958 2444  sppuinotify - ok
11:43:57.0020 2444  [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
11:43:57.0036 2444  SRTSP - ok
11:43:57.0051 2444  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
11:43:57.0051 2444  SRTSPX - ok
11:43:57.0098 2444  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:43:57.0098 2444  srv - ok
11:43:57.0114 2444  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:43:57.0129 2444  srv2 - ok
11:43:57.0160 2444  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:43:57.0160 2444  SrvHsfHDA - ok
11:43:57.0207 2444  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:43:57.0223 2444  SrvHsfV92 - ok
11:43:57.0238 2444  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:43:57.0254 2444  SrvHsfWinac - ok
11:43:57.0301 2444  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:43:57.0301 2444  srvnet - ok
11:43:57.0332 2444  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:43:57.0348 2444  SSDPSRV - ok
11:43:57.0363 2444  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:43:57.0363 2444  SstpSvc - ok
11:43:57.0379 2444  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:43:57.0379 2444  stexstor - ok
11:43:57.0457 2444  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:43:57.0457 2444  stisvc - ok
11:43:57.0504 2444  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:43:57.0504 2444  swenum - ok
11:43:57.0519 2444  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:43:57.0535 2444  swprv - ok
11:43:57.0582 2444  [ 52DC0048D667757A8A2E4C87182890AC ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
11:43:57.0582 2444  SymDS - ok
11:43:57.0660 2444  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
11:43:57.0660 2444  SymEFA - ok
11:43:57.0706 2444  [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:43:57.0706 2444  SymEvent - ok
11:43:57.0738 2444  [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
11:43:57.0738 2444  SymIM - ok
11:43:57.0784 2444  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
11:43:57.0784 2444  SymIRON - ok
11:43:57.0831 2444  [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
11:43:57.0831 2444  SymNetS - ok
11:43:57.0878 2444  [ 91853F78B68F9F036670291F5EDD4EAE ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:43:57.0878 2444  SynTP - ok
11:43:57.0940 2444  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:43:57.0956 2444  SysMain - ok
11:43:58.0003 2444  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:43:58.0003 2444  TabletInputService - ok
11:43:58.0034 2444  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:43:58.0034 2444  TapiSrv - ok
11:43:58.0065 2444  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:43:58.0065 2444  TBS - ok
11:43:58.0128 2444  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:43:58.0159 2444  Tcpip - ok
11:43:58.0190 2444  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:43:58.0206 2444  TCPIP6 - ok
11:43:58.0252 2444  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:43:58.0252 2444  tcpipreg - ok
11:43:58.0284 2444  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:43:58.0284 2444  TDPIPE - ok
11:43:58.0330 2444  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:43:58.0330 2444  TDTCP - ok
11:43:58.0377 2444  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:43:58.0377 2444  tdx - ok
11:43:58.0424 2444  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:43:58.0424 2444  TermDD - ok
11:43:58.0455 2444  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:43:58.0471 2444  TermService - ok
11:43:58.0486 2444  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:43:58.0486 2444  Themes - ok
11:43:58.0518 2444  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:43:58.0518 2444  THREADORDER - ok
11:43:58.0533 2444  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:43:58.0533 2444  TrkWks - ok
11:43:58.0596 2444  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:43:58.0596 2444  TrustedInstaller - ok
11:43:58.0642 2444  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:43:58.0642 2444  tssecsrv - ok
11:43:58.0689 2444  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:43:58.0689 2444  TsUsbFlt - ok
11:43:58.0736 2444  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:43:58.0736 2444  tunnel - ok
11:43:58.0783 2444  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:43:58.0783 2444  uagp35 - ok
11:43:58.0830 2444  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:43:58.0830 2444  udfs - ok
11:43:58.0876 2444  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:43:58.0876 2444  UI0Detect - ok
11:43:58.0908 2444  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:43:58.0908 2444  uliagpkx - ok
11:43:58.0970 2444  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
11:43:58.0970 2444  umbus - ok
11:43:59.0001 2444  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:43:59.0001 2444  UmPass - ok
11:43:59.0032 2444  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:43:59.0032 2444  upnphost - ok
11:43:59.0048 2444  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
11:43:59.0048 2444  usbccgp - ok
11:43:59.0079 2444  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:43:59.0079 2444  usbcir - ok
11:43:59.0110 2444  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:43:59.0110 2444  usbehci - ok
11:43:59.0126 2444  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:43:59.0142 2444  usbhub - ok
11:43:59.0157 2444  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:43:59.0157 2444  usbohci - ok
11:43:59.0188 2444  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:43:59.0188 2444  usbprint - ok
11:43:59.0204 2444  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
11:43:59.0220 2444  USBSTOR - ok
11:43:59.0235 2444  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:43:59.0235 2444  usbuhci - ok
11:43:59.0266 2444  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:43:59.0266 2444  usbvideo - ok
11:43:59.0298 2444  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:43:59.0298 2444  UxSms - ok
11:43:59.0313 2444  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:43:59.0329 2444  VaultSvc - ok
11:43:59.0376 2444  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:43:59.0376 2444  vdrvroot - ok
11:43:59.0422 2444  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:43:59.0422 2444  vds - ok
11:43:59.0454 2444  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:43:59.0454 2444  vga - ok
11:43:59.0469 2444  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:43:59.0469 2444  VgaSave - ok
11:43:59.0500 2444  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:43:59.0500 2444  vhdmp - ok
11:43:59.0532 2444  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:43:59.0532 2444  viaide - ok
11:43:59.0547 2444  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:43:59.0547 2444  volmgr - ok
11:43:59.0594 2444  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:43:59.0610 2444  volmgrx - ok
11:43:59.0625 2444  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:43:59.0625 2444  volsnap - ok
11:43:59.0656 2444  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:43:59.0656 2444  vsmraid - ok
11:43:59.0719 2444  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:43:59.0734 2444  VSS - ok
11:43:59.0750 2444  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:43:59.0750 2444  vwifibus - ok
11:43:59.0797 2444  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:43:59.0797 2444  vwififlt - ok
11:43:59.0828 2444  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:43:59.0828 2444  vwifimp - ok
11:43:59.0859 2444  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:43:59.0859 2444  W32Time - ok
11:43:59.0906 2444  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:43:59.0906 2444  WacomPen - ok
11:43:59.0953 2444  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:43:59.0953 2444  WANARP - ok
11:43:59.0968 2444  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:43:59.0968 2444  Wanarpv6 - ok
11:44:00.0046 2444  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:44:00.0062 2444  WatAdminSvc - ok
11:44:00.0124 2444  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:44:00.0140 2444  wbengine - ok
11:44:00.0156 2444  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:44:00.0156 2444  WbioSrvc - ok
11:44:00.0218 2444  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:44:00.0218 2444  wcncsvc - ok
11:44:00.0234 2444  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:44:00.0234 2444  WcsPlugInService - ok
11:44:00.0265 2444  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:44:00.0265 2444  Wd - ok
11:44:00.0312 2444  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:44:00.0312 2444  Wdf01000 - ok
11:44:00.0327 2444  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:44:00.0327 2444  WdiServiceHost - ok
11:44:00.0343 2444  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:44:00.0343 2444  WdiSystemHost - ok
11:44:00.0374 2444  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:44:00.0390 2444  WebClient - ok
11:44:00.0421 2444  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:44:00.0421 2444  Wecsvc - ok
11:44:00.0452 2444  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:44:00.0452 2444  wercplsupport - ok
11:44:00.0483 2444  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:44:00.0483 2444  WerSvc - ok
11:44:00.0514 2444  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:44:00.0514 2444  WfpLwf - ok
11:44:00.0514 2444  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:44:00.0530 2444  WIMMount - ok
11:44:00.0546 2444  WinDefend - ok
11:44:00.0577 2444  WinHttpAutoProxySvc - ok
11:44:00.0624 2444  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:44:00.0624 2444  Winmgmt - ok
11:44:00.0702 2444  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:44:00.0733 2444  WinRM - ok
11:44:00.0780 2444  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:44:00.0780 2444  Wlansvc - ok
11:44:00.0826 2444  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:44:00.0826 2444  WmiAcpi - ok
11:44:00.0858 2444  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:44:00.0858 2444  wmiApSrv - ok
11:44:00.0904 2444  WMPNetworkSvc - ok
11:44:00.0920 2444  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:44:00.0920 2444  WPCSvc - ok
11:44:00.0967 2444  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:44:00.0967 2444  WPDBusEnum - ok
11:44:00.0998 2444  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:44:00.0998 2444  ws2ifsl - ok
11:44:01.0014 2444  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
11:44:01.0029 2444  wscsvc - ok
11:44:01.0029 2444  WSearch - ok
11:44:01.0107 2444  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:44:01.0123 2444  wuauserv - ok
11:44:01.0154 2444  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:44:01.0154 2444  WudfPf - ok
11:44:01.0185 2444  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:44:01.0185 2444  WUDFRd - ok
11:44:01.0216 2444  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:44:01.0216 2444  wudfsvc - ok
11:44:01.0263 2444  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:44:01.0263 2444  WwanSvc - ok
11:44:01.0310 2444  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
11:44:01.0310 2444  yukonw7 - ok
11:44:01.0341 2444  ================ Scan global ===============================
11:44:01.0372 2444  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:44:01.0404 2444  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:44:01.0419 2444  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:44:01.0435 2444  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:44:01.0466 2444  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:44:01.0466 2444  [Global] - ok
11:44:01.0466 2444  ================ Scan MBR ==================================
11:44:01.0482 2444  [ 790D362A4D78D926A387C9ECDDEA1152 ] \Device\Harddisk0\DR0
11:44:01.0482 2444  Suspicious mbr (Forged): \Device\Harddisk0\DR0
11:44:01.0528 2444  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
11:44:01.0528 2444  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
11:44:01.0528 2444  ================ Scan VBR ==================================
11:44:01.0528 2444  [ D12B604DE4CD804A332FEFE99D669DB4 ] \Device\Harddisk0\DR0\Partition1
11:44:01.0528 2444  \Device\Harddisk0\DR0\Partition1 - ok
11:44:01.0544 2444  [ 00CEEED39AC843F6091BC41A18874541 ] \Device\Harddisk0\DR0\Partition2
11:44:01.0544 2444  \Device\Harddisk0\DR0\Partition2 - ok
11:44:01.0575 2444  [ 4078187DFB6A01C533E8981C749AC89E ] \Device\Harddisk0\DR0\Partition3
11:44:01.0575 2444  \Device\Harddisk0\DR0\Partition3 - ok
11:44:01.0591 2444  [ 71568A0EA5ED4F30B1E21A45322979F1 ] \Device\Harddisk0\DR0\Partition4
11:44:01.0606 2444  \Device\Harddisk0\DR0\Partition4 - ok
11:44:01.0606 2444  ============================================================
11:44:01.0606 2444  Scan finished
11:44:01.0606 2444  ============================================================
11:44:01.0622 0824  Detected object count: 1
11:44:01.0622 0824  Actual detected object count: 1
11:44:35.0396 0824  \Device\Harddisk0\DR0\# - copied to quarantine
11:44:35.0412 0824  \Device\Harddisk0\DR0 - copied to quarantine
11:44:35.0474 0824  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
11:44:35.0474 0824  \Device\Harddisk0\DR0 - ok
11:44:35.0880 0824  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
11:44:46.0753 3576  Deinitialize success

 

 

Link to post
Share on other sites

Nothing found after cleaning and re-booting. Moving on....

 

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.06.27.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Pam :: PAM-PC [administrator]

6/27/2013 11:56:45 AM
mbar-log-2013-06-27 (11-56-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 250644
Time elapsed: 15 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
c:\Users\Pam\AppData\Local\Temp\81AB.tmp (Trojan.FakeMS) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16618

Java version: 1.6.0_32

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4193173504, free: 2471747584

Downloaded database version: v2013.06.27.07
Initializing...
------------ Kernel report ------------
     06/27/2013 11:56:40
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\70031964.sys
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
\SystemRoot\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\system32\drivers\NISx64\1404000.028\ccSetx64.sys
\SystemRoot\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
\SystemRoot\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
\SystemRoot\system32\drivers\NISx64\1404000.028\Ironx64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130626.022\EX64.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130626.022\ENG64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\SymIMv.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130626.001\IDSvia64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130620.001\BHDrvx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\rtl8192se.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\IntcHdmi.sys
\SystemRoot\system32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\ipnat.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\ole32.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\nsi.dll
\Windows\System32\imm32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\user32.dll
\Windows\System32\difxapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\kernel32.dll
\Windows\System32\lpk.dll
\Windows\System32\Wldap32.dll
\Windows\System32\gdi32.dll
\Windows\System32\advapi32.dll
\Windows\System32\psapi.dll
\Windows\System32\msctf.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\urlmon.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80057a3570
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80046f3050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80057a3570, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80057a4040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80057a3570, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80046f3050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 79120785

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 407552
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409600  Numsec = 595243008

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 595652608  Numsec = 29276160

    Partition 3 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 624928768  Numsec = 211632

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Infected: c:\Users\Pam\AppData\Local\Temp\81AB.tmp --> [Trojan.FakeMS]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================

Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_2048_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16618

Java version: 1.6.0_32

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4193173504, free: 2213601280

Downloaded database version: v2013.06.27.08
Initializing...
------------ Kernel report ------------
     06/27/2013 12:28:01
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
\SystemRoot\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\system32\drivers\NISx64\1404000.028\ccSetx64.sys
\SystemRoot\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
\SystemRoot\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
\SystemRoot\system32\drivers\NISx64\1404000.028\Ironx64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130626.022\EX64.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130626.022\ENG64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\SymIMv.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130626.001\IDSvia64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130620.001\BHDrvx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\rtl8192se.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\IntcHdmi.sys
\SystemRoot\system32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\ipnat.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\advapi32.dll
\Windows\System32\lpk.dll
\Windows\System32\wininet.dll
\Windows\System32\imagehlp.dll
\Windows\System32\shell32.dll
\Windows\System32\difxapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ole32.dll
\Windows\System32\sechost.dll
\Windows\System32\gdi32.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8004af4060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80046d5050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004af4060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004af4b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004af4060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80046d5050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 79120785

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 407552
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409600  Numsec = 595243008

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 595652608  Numsec = 29276160

    Partition 3 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 624928768  Numsec = 211632

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Scan finished

Link to post
Share on other sites

You may have been re-infected somehow. Are you sure you downloaded the right ComboFix.exe? (there are a number of fake versions of it floating around the internet that are actually malware)

Go ahead and run ComboFix in Safe Mode for now- let me know how it goes.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.