Inactive [A] Malwarebytes Anti-Malware found a trojan but I cannot remove it

Status
Not open for further replies.
Ran tdsskiller again. It found something else.

23:26:18.0617 5076 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
23:26:19.0006 5076 ============================================================
23:26:19.0006 5076 Current date / time: 2012/02/10 23:26:19.0006
23:26:19.0006 5076 SystemInfo:
23:26:19.0006 5076
23:26:19.0006 5076 OS Version: 6.1.7601 ServicePack: 1.0
23:26:19.0006 5076 Product type: Workstation
23:26:19.0007 5076 ComputerName: WILLIAM-HP
23:26:19.0007 5076 UserName: William
23:26:19.0007 5076 Windows directory: C:\Windows
23:26:19.0007 5076 System windows directory: C:\Windows
23:26:19.0007 5076 Running under WOW64
23:26:19.0007 5076 Processor architecture: Intel x64
23:26:19.0007 5076 Number of processors: 4
23:26:19.0007 5076 Page size: 0x1000
23:26:19.0007 5076 Boot type: Normal boot
23:26:19.0007 5076 ============================================================
23:26:19.0600 5076 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:26:19.0606 5076 \Device\Harddisk0\DR0:
23:26:19.0607 5076 MBR used
23:26:19.0607 5076 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:26:19.0607 5076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x47FD9000
23:26:19.0607 5076 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4803D000, BlocksNum 0x27E7000
23:26:19.0607 5076 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
23:26:19.0766 5076 Initialize success
23:26:19.0766 5076 ============================================================
23:26:23.0323 7208 ============================================================
23:26:23.0323 7208 Scan started
23:26:23.0323 7208 Mode: Manual;
23:26:23.0323 7208 ============================================================
23:26:24.0379 7208 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:26:24.0383 7208 1394ohci - ok
23:26:24.0474 7208 65877462 - ok
23:26:24.0537 7208 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
23:26:24.0538 7208 Accelerometer - ok
23:26:24.0633 7208 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:26:24.0643 7208 ACPI - ok
23:26:24.0718 7208 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:26:24.0720 7208 AcpiPmi - ok
23:26:24.0823 7208 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:26:24.0830 7208 adp94xx - ok
23:26:24.0923 7208 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:26:24.0928 7208 adpahci - ok
23:26:25.0029 7208 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:26:25.0034 7208 adpu320 - ok
23:26:25.0170 7208 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
23:26:25.0177 7208 AFD - ok
23:26:25.0274 7208 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:26:25.0277 7208 agp440 - ok
23:26:25.0399 7208 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:26:25.0402 7208 aliide - ok
23:26:25.0498 7208 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:26:25.0500 7208 amdide - ok
23:26:25.0600 7208 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:26:25.0602 7208 AmdK8 - ok
23:26:25.0786 7208 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:26:25.0788 7208 AmdPPM - ok
23:26:25.0889 7208 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:26:25.0892 7208 amdsata - ok
23:26:25.0998 7208 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:26:26.0002 7208 amdsbs - ok
23:26:26.0056 7208 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:26:26.0057 7208 amdxata - ok
23:26:26.0110 7208 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:26:26.0113 7208 AppID - ok
23:26:26.0208 7208 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:26:26.0210 7208 arc - ok
23:26:26.0251 7208 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:26:26.0254 7208 arcsas - ok
23:26:26.0316 7208 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:26:26.0318 7208 AsyncMac - ok
23:26:26.0428 7208 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:26:26.0428 7208 atapi - ok
23:26:26.0556 7208 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:26:26.0562 7208 b06bdrv - ok
23:26:26.0674 7208 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:26:26.0678 7208 b57nd60a - ok
23:26:26.0784 7208 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:26:26.0786 7208 Beep - ok
23:26:26.0985 7208 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120207.003\BHDrvx64.sys
23:26:26.0991 7208 BHDrvx64 - ok
23:26:27.0087 7208 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:26:27.0090 7208 blbdrive - ok
23:26:27.0137 7208 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:26:27.0139 7208 bowser - ok
23:26:27.0240 7208 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:26:27.0242 7208 BrFiltLo - ok
23:26:27.0270 7208 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:26:27.0271 7208 BrFiltUp - ok
23:26:27.0312 7208 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:26:27.0317 7208 Brserid - ok
23:26:27.0363 7208 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:26:27.0364 7208 BrSerWdm - ok
23:26:27.0403 7208 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:26:27.0403 7208 BrUsbMdm - ok
23:26:27.0423 7208 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:26:27.0424 7208 BrUsbSer - ok
23:26:27.0489 7208 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:26:27.0491 7208 BTHMODEM - ok
23:26:27.0629 7208 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:26:27.0631 7208 cdfs - ok
23:26:27.0740 7208 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:26:27.0743 7208 cdrom - ok
23:26:27.0872 7208 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:26:27.0874 7208 circlass - ok
23:26:27.0923 7208 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:26:27.0929 7208 CLFS - ok
23:26:28.0056 7208 clwvd (9573e8c7c3b3d1625fd941841fd0859c) C:\Windows\system32\DRIVERS\clwvd.sys
23:26:28.0057 7208 clwvd - ok
23:26:28.0148 7208 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:26:28.0150 7208 CmBatt - ok
23:26:28.0181 7208 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:26:28.0183 7208 cmdide - ok
23:26:28.0220 7208 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:26:28.0227 7208 CNG - ok
23:26:28.0301 7208 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:26:28.0302 7208 Compbatt - ok
23:26:28.0422 7208 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:26:28.0425 7208 CompositeBus - ok
23:26:28.0539 7208 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:26:28.0541 7208 crcdisk - ok
23:26:28.0696 7208 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:26:28.0699 7208 DfsC - ok
23:26:28.0793 7208 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:26:28.0794 7208 discache - ok
23:26:28.0897 7208 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:26:28.0899 7208 Disk - ok
23:26:29.0033 7208 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
23:26:29.0036 7208 Dot4 - ok
23:26:29.0144 7208 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:26:29.0146 7208 Dot4Print - ok
23:26:29.0239 7208 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
23:26:29.0240 7208 dot4usb - ok
23:26:29.0310 7208 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:26:29.0312 7208 drmkaud - ok
23:26:29.0421 7208 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:26:29.0425 7208 DXGKrnl - ok
23:26:29.0607 7208 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:26:29.0670 7208 ebdrv - ok
23:26:29.0747 7208 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:26:29.0750 7208 eeCtrl - ok
23:26:29.0875 7208 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:26:29.0882 7208 elxstor - ok
23:26:29.0946 7208 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:26:29.0947 7208 EraserUtilRebootDrv - ok
23:26:30.0044 7208 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:26:30.0045 7208 ErrDev - ok
23:26:30.0154 7208 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:26:30.0155 7208 exfat - ok
23:26:30.0190 7208 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:26:30.0194 7208 fastfat - ok
23:26:30.0293 7208 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:26:30.0295 7208 fdc - ok
23:26:30.0397 7208 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:26:30.0399 7208 FileInfo - ok
23:26:30.0435 7208 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:26:30.0437 7208 Filetrace - ok
23:26:30.0531 7208 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:26:30.0533 7208 flpydisk - ok
23:26:30.0648 7208 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:26:30.0653 7208 FltMgr - ok
23:26:30.0768 7208 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:26:30.0770 7208 FsDepends - ok
23:26:30.0825 7208 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:26:30.0825 7208 Fs_Rec - ok
23:26:30.0942 7208 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:26:30.0946 7208 fvevol - ok
23:26:31.0037 7208 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:26:31.0039 7208 gagp30kx - ok
23:26:31.0187 7208 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:26:31.0187 7208 GEARAspiWDM - ok
23:26:31.0290 7208 GIDv2 (9ba22aee7f531ef9ce085cc2e1112bc4) C:\Windows\system32\drivers\GIDv2.sys
23:26:31.0291 7208 GIDv2 - ok
23:26:31.0449 7208 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:26:31.0451 7208 hcw85cir - ok
23:26:31.0505 7208 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:26:31.0510 7208 HdAudAddService - ok
23:26:31.0621 7208 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:26:31.0623 7208 HDAudBus - ok
23:26:31.0690 7208 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
23:26:31.0691 7208 HECIx64 - ok
23:26:31.0738 7208 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:26:31.0739 7208 HidBatt - ok
23:26:31.0801 7208 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:26:31.0804 7208 HidBth - ok
23:26:31.0896 7208 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:26:31.0898 7208 HidIr - ok
23:26:32.0002 7208 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:26:32.0004 7208 HidUsb - ok
23:26:32.0141 7208 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
23:26:32.0141 7208 hpdskflt - ok
23:26:32.0305 7208 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:26:32.0307 7208 HpSAMD - ok
23:26:32.0439 7208 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:26:32.0448 7208 HTTP - ok
23:26:32.0548 7208 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:26:32.0548 7208 hwpolicy - ok
23:26:32.0653 7208 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:26:32.0656 7208 i8042prt - ok
23:26:32.0770 7208 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
23:26:32.0772 7208 iaStor - ok
23:26:32.0874 7208 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:26:32.0881 7208 iaStorV - ok
23:26:33.0051 7208 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120210.002\IDSvia64.sys
23:26:33.0053 7208 IDSVia64 - ok
23:26:33.0338 7208 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys
23:26:33.0516 7208 igfx - ok
23:26:33.0629 7208 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:26:33.0631 7208 iirsp - ok
23:26:33.0731 7208 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
23:26:33.0735 7208 Impcd - ok
23:26:33.0839 7208 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
23:26:33.0850 7208 IntcDAud - ok
23:26:33.0910 7208 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:26:33.0912 7208 intelide - ok
23:26:34.0021 7208 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:26:34.0022 7208 intelppm - ok
23:26:34.0116 7208 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:26:34.0119 7208 IpFilterDriver - ok
23:26:34.0234 7208 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:26:34.0237 7208 IPMIDRV - ok
23:26:34.0282 7208 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:26:34.0284 7208 IPNAT - ok
23:26:34.0346 7208 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:26:34.0349 7208 IRENUM - ok
23:26:34.0391 7208 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:26:34.0393 7208 isapnp - ok
23:26:34.0443 7208 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:26:34.0448 7208 iScsiPrt - ok
23:26:34.0567 7208 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
23:26:34.0567 7208 kbdclass - ok
23:26:34.0665 7208 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
23:26:34.0667 7208 kbdhid - ok
23:26:34.0715 7208 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:26:34.0717 7208 KSecDD - ok
23:26:34.0741 7208 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:26:34.0744 7208 KSecPkg - ok
23:26:34.0807 7208 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:26:34.0809 7208 ksthunk - ok
23:26:34.0932 7208 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:26:34.0934 7208 lltdio - ok
23:26:35.0063 7208 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:26:35.0066 7208 LSI_FC - ok
23:26:35.0116 7208 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:26:35.0119 7208 LSI_SAS - ok
23:26:35.0210 7208 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:26:35.0212 7208 LSI_SAS2 - ok
23:26:35.0315 7208 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:26:35.0318 7208 LSI_SCSI - ok
23:26:35.0416 7208 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:26:35.0419 7208 luafv - ok
23:26:35.0543 7208 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
23:26:35.0544 7208 MBAMProtector - ok
23:26:35.0648 7208 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:26:35.0650 7208 megasas - ok
23:26:35.0706 7208 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:26:35.0711 7208 MegaSR - ok
23:26:35.0839 7208 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:26:35.0842 7208 Modem - ok
23:26:35.0936 7208 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:26:35.0936 7208 monitor - ok
23:26:36.0058 7208 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:26:36.0059 7208 mouclass - ok
23:26:36.0221 7208 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:26:36.0223 7208 mouhid - ok
23:26:36.0283 7208 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:26:36.0285 7208 mountmgr - ok
23:26:36.0349 7208 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:26:36.0353 7208 mpio - ok
23:26:36.0393 7208 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:26:36.0396 7208 mpsdrv - ok
23:26:36.0431 7208 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:26:36.0435 7208 MRxDAV - ok
23:26:36.0472 7208 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:26:36.0476 7208 mrxsmb - ok
23:26:36.0517 7208 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:26:36.0522 7208 mrxsmb10 - ok
23:26:36.0550 7208 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:26:36.0553 7208 mrxsmb20 - ok
23:26:36.0579 7208 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:26:36.0580 7208 msahci - ok
23:26:36.0616 7208 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:26:36.0619 7208 msdsm - ok
23:26:36.0716 7208 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:26:36.0718 7208 Msfs - ok
23:26:36.0761 7208 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:26:36.0763 7208 mshidkmdf - ok
23:26:36.0900 7208 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:26:36.0901 7208 msisadrv - ok
23:26:37.0020 7208 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:26:37.0022 7208 MSKSSRV - ok
23:26:37.0062 7208 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:26:37.0063 7208 MSPCLOCK - ok
23:26:37.0094 7208 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:26:37.0095 7208 MSPQM - ok
23:26:37.0144 7208 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:26:37.0150 7208 MsRPC - ok
23:26:37.0181 7208 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:26:37.0181 7208 mssmbios - ok
23:26:37.0264 7208 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:26:37.0267 7208 MSTEE - ok
23:26:37.0297 7208 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:26:37.0299 7208 MTConfig - ok
23:26:37.0326 7208 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:26:37.0326 7208 Mup - ok
23:26:37.0489 7208 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:26:37.0495 7208 NativeWifiP - ok
23:26:37.0650 7208 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120210.003\ENG64.SYS
23:26:37.0651 7208 NAVENG - ok
23:26:37.0864 7208 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120210.003\EX64.SYS
23:26:37.0874 7208 NAVEX15 - ok
23:26:37.0990 7208 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:26:38.0010 7208 NDIS - ok
23:26:38.0109 7208 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:26:38.0111 7208 NdisCap - ok
23:26:38.0157 7208 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:26:38.0159 7208 NdisTapi - ok
23:26:38.0235 7208 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:26:38.0237 7208 Ndisuio - ok
23:26:38.0270 7208 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:26:38.0274 7208 NdisWan - ok
23:26:38.0309 7208 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:26:38.0311 7208 NDProxy - ok
23:26:38.0384 7208 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:26:38.0386 7208 NetBIOS - ok
23:26:38.0414 7208 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:26:38.0419 7208 NetBT - ok
23:26:38.0641 7208 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
23:26:38.0776 7208 NETw5s64 - ok
23:26:39.0020 7208 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
23:26:39.0124 7208 netw5v64 - ok
23:26:39.0346 7208 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
23:26:39.0513 7208 NETwNs64 - ok
23:26:39.0573 7208 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:26:39.0574 7208 nfrd960 - ok
23:26:39.0720 7208 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:26:39.0722 7208 Npfs - ok
23:26:39.0750 7208 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:26:39.0751 7208 nsiproxy - ok
23:26:39.0826 7208 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:26:39.0867 7208 Ntfs - ok
23:26:39.0962 7208 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:26:39.0964 7208 Null - ok
23:26:40.0013 7208 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:26:40.0016 7208 nvraid - ok
23:26:40.0040 7208 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:26:40.0043 7208 nvstor - ok
23:26:40.0083 7208 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:26:40.0085 7208 nv_agp - ok
23:26:40.0133 7208 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:26:40.0135 7208 ohci1394 - ok
23:26:40.0185 7208 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:26:40.0187 7208 Parport - ok
23:26:40.0220 7208 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:26:40.0222 7208 partmgr - ok
23:26:40.0270 7208 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:26:40.0273 7208 pci - ok
23:26:40.0329 7208 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:26:40.0331 7208 pciide - ok
23:26:40.0372 7208 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:26:40.0376 7208 pcmcia - ok
23:26:40.0395 7208 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:26:40.0396 7208 pcw - ok
23:26:40.0427 7208 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:26:40.0435 7208 PEAUTH - ok
23:26:40.0567 7208 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:26:40.0569 7208 PptpMiniport - ok
23:26:40.0611 7208 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:26:40.0613 7208 Processor - ok
23:26:40.0737 7208 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:26:40.0740 7208 Psched - ok
23:26:40.0804 7208 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:26:40.0835 7208 ql2300 - ok
23:26:40.0934 7208 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:26:40.0937 7208 ql40xx - ok
23:26:40.0974 7208 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:26:40.0977 7208 QWAVEdrv - ok
23:26:41.0079 7208 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:26:41.0081 7208 RasAcd - ok
23:26:41.0112 7208 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:26:41.0115 7208 RasAgileVpn - ok
23:26:41.0152 7208 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:26:41.0155 7208 Rasl2tp - ok
23:26:41.0219 7208 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:26:41.0221 7208 RasPppoe - ok
23:26:41.0259 7208 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:26:41.0261 7208 RasSstp - ok
23:26:41.0296 7208 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:26:41.0302 7208 rdbss - ok
23:26:41.0330 7208 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:26:41.0332 7208 rdpbus - ok
23:26:41.0362 7208 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:26:41.0363 7208 RDPCDD - ok
23:26:41.0454 7208 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:26:41.0455 7208 RDPENCDD - ok
23:26:41.0556 7208 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:26:41.0557 7208 RDPREFMP - ok
23:26:41.0609 7208 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
23:26:41.0611 7208 RDPWD - ok
23:26:41.0717 7208 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:26:41.0721 7208 rdyboost - ok
23:26:41.0839 7208 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
23:26:41.0842 7208 RimUsb - ok
23:26:41.0961 7208 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:26:41.0963 7208 rspndr - ok
23:26:42.0022 7208 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys
23:26:42.0027 7208 RSUSBSTOR - ok
23:26:42.0146 7208 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:26:42.0148 7208 RTL8167 - ok
23:26:42.0232 7208 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:26:42.0234 7208 sbp2port - ok
23:26:42.0304 7208 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:26:42.0306 7208 scfilter - ok
23:26:42.0406 7208 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
23:26:42.0409 7208 sdbus - ok
23:26:42.0519 7208 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:26:42.0521 7208 secdrv - ok
23:26:42.0625 7208 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:26:42.0626 7208 Serenum - ok
23:26:42.0668 7208 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:26:42.0670 7208 Serial - ok
23:26:42.0780 7208 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:26:42.0782 7208 sermouse - ok
23:26:42.0834 7208 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:26:42.0836 7208 sffdisk - ok
23:26:42.0901 7208 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:26:42.0903 7208 sffp_mmc - ok
23:26:42.0950 7208 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:26:42.0952 7208 sffp_sd - ok
23:26:43.0008 7208 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:26:43.0010 7208 sfloppy - ok
23:26:43.0090 7208 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
23:26:43.0093 7208 Sftfs - ok
23:26:43.0132 7208 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:26:43.0134 7208 Sftplay - ok
23:26:43.0223 7208 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:26:43.0223 7208 Sftredir - ok
23:26:43.0268 7208 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
23:26:43.0269 7208 Sftvol - ok
23:26:43.0369 7208 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:26:43.0371 7208 SiSRaid2 - ok
23:26:43.0403 7208 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:26:43.0405 7208 SiSRaid4 - ok
23:26:43.0477 7208 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:26:43.0479 7208 Smb - ok
23:26:43.0536 7208 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:26:43.0536 7208 spldr - ok
23:26:43.0683 7208 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
23:26:43.0687 7208 SRTSP - ok
23:26:43.0816 7208 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
23:26:43.0816 7208 SRTSPX - ok
23:26:43.0923 7208 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:26:43.0930 7208 srv - ok
23:26:43.0977 7208 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:26:43.0983 7208 srv2 - ok
23:26:44.0048 7208 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:26:44.0053 7208 SrvHsfHDA - ok
23:26:44.0112 7208 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:26:44.0144 7208 SrvHsfV92 - ok
23:26:44.0303 7208 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:26:44.0324 7208 SrvHsfWinac - ok
23:26:44.0417 7208 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:26:44.0420 7208 srvnet - ok
23:26:44.0536 7208 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:26:44.0538 7208 stexstor - ok
23:26:44.0658 7208 STHDA (4304b75094e106fb5423a290c95841e5) C:\Windows\system32\DRIVERS\stwrt64.sys
23:26:44.0666 7208 STHDA - ok
23:26:44.0710 7208 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
23:26:44.0713 7208 StillCam - ok
23:26:44.0820 7208 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:26:44.0820 7208 swenum - ok
23:26:44.0979 7208 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
23:26:44.0984 7208 SymDS - ok
23:26:45.0130 7208 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
23:26:45.0151 7208 SymEFA - ok
23:26:45.0279 7208 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:26:45.0281 7208 SymEvent - ok
23:26:45.0414 7208 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
23:26:45.0415 7208 SymIRON - ok
23:26:45.0550 7208 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS
23:26:45.0552 7208 SymNetS - ok
23:26:45.0682 7208 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
23:26:45.0689 7208 SynTP - ok
23:26:45.0836 7208 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
23:26:45.0878 7208 Tcpip - ok
23:26:45.0960 7208 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
23:26:45.0969 7208 TCPIP6 - ok
23:26:46.0032 7208 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:26:46.0034 7208 tcpipreg - ok
23:26:46.0091 7208 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:26:46.0093 7208 TDPIPE - ok
23:26:46.0114 7208 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:26:46.0115 7208 TDTCP - ok
23:26:46.0190 7208 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:26:46.0193 7208 tdx - ok
23:26:46.0231 7208 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:26:46.0231 7208 TermDD - ok
23:26:46.0350 7208 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:26:46.0352 7208 tssecsrv - ok
23:26:46.0479 7208 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:26:46.0481 7208 TsUsbFlt - ok
23:26:46.0591 7208 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:26:46.0594 7208 tunnel - ok
23:26:46.0634 7208 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:26:46.0636 7208 uagp35 - ok
23:26:46.0671 7208 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:26:46.0676 7208 udfs - ok
23:26:46.0709 7208 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:26:46.0712 7208 uliagpkx - ok
23:26:46.0749 7208 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:26:46.0751 7208 umbus - ok
23:26:46.0798 7208 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:26:46.0800 7208 UmPass - ok
23:26:46.0833 7208 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:26:46.0836 7208 usbccgp - ok
23:26:46.0919 7208 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:26:46.0921 7208 usbcir - ok
23:26:46.0996 7208 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
23:26:46.0998 7208 usbehci - ok
23:26:47.0030 7208 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:26:47.0035 7208 usbhub - ok
23:26:47.0079 7208 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:26:47.0081 7208 usbohci - ok
23:26:47.0121 7208 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:26:47.0124 7208 usbprint - ok
23:26:47.0154 7208 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:26:47.0157 7208 usbscan - ok
23:26:47.0197 7208 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:26:47.0201 7208 USBSTOR - ok
23:26:47.0234 7208 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:26:47.0236 7208 usbuhci - ok
23:26:47.0359 7208 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
23:26:47.0363 7208 usbvideo - ok
23:26:47.0375 7208 uxddrv - ok
23:26:47.0486 7208 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:26:47.0487 7208 vdrvroot - ok
23:26:47.0600 7208 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:26:47.0603 7208 vga - ok
23:26:47.0697 7208 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:26:47.0699 7208 VgaSave - ok
23:26:47.0750 7208 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:26:47.0755 7208 vhdmp - ok
23:26:47.0837 7208 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:26:47.0839 7208 viaide - ok
23:26:47.0878 7208 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:26:47.0880 7208 volmgr - ok
23:26:47.0929 7208 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:26:47.0935 7208 volmgrx - ok
23:26:48.0004 7208 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:26:48.0008 7208 volsnap - ok
23:26:48.0060 7208 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:26:48.0063 7208 vsmraid - ok
23:26:48.0103 7208 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:26:48.0105 7208 vwifibus - ok
23:26:48.0196 7208 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:26:48.0198 7208 vwififlt - ok
23:26:48.0310 7208 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
23:26:48.0312 7208 vwifimp - ok
23:26:48.0356 7208 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:26:48.0358 7208 WacomPen - ok
23:26:48.0437 7208 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:26:48.0439 7208 WANARP - ok
23:26:48.0443 7208 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:26:48.0444 7208 Wanarpv6 - ok
23:26:48.0571 7208 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:26:48.0572 7208 Wd - ok
23:26:48.0624 7208 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:26:48.0633 7208 Wdf01000 - ok
23:26:48.0734 7208 wdkmd (5b34e5938b9e76798977725e3f7847c4) C:\Windows\system32\DRIVERS\WDKMD.sys
23:26:48.0735 7208 wdkmd - ok
23:26:48.0839 7208 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:26:48.0842 7208 WfpLwf - ok
23:26:48.0892 7208 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:26:48.0894 7208 WIMMount - ok
23:26:49.0026 7208 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
23:26:49.0028 7208 WinUSB - ok
23:26:49.0131 7208 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:26:49.0132 7208 WmiAcpi - ok
23:26:49.0253 7208 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:26:49.0255 7208 ws2ifsl - ok
23:26:49.0300 7208 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:26:49.0302 7208 WudfPf - ok
23:26:49.0361 7208 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:26:49.0365 7208 WUDFRd - ok
23:26:49.0482 7208 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
23:26:49.0488 7208 yukonw7 - ok
23:26:49.0532 7208 MBR (0x1B8) (8d9714f79d07a66da1b8e7ba68c0419b) \Device\Harddisk0\DR0
23:26:49.0573 7208 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
23:26:49.0573 7208 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
23:26:49.0633 7208 Boot (0x1200) (d5bd1f9b61d334dcfed974a8d684a55e) \Device\Harddisk0\DR0\Partition0
23:26:49.0635 7208 \Device\Harddisk0\DR0\Partition0 - ok
23:26:49.0650 7208 Boot (0x1200) (3d648661ea04af18c4ee0059f7954b66) \Device\Harddisk0\DR0\Partition1
23:26:49.0652 7208 \Device\Harddisk0\DR0\Partition1 - ok
23:26:49.0685 7208 Boot (0x1200) (6c1de65d8909b3b2623cbe4c208aebe4) \Device\Harddisk0\DR0\Partition2
23:26:49.0692 7208 \Device\Harddisk0\DR0\Partition2 - ok
23:26:49.0770 7208 Boot (0x1200) (142cce31dbce07f39f3b6c70f153e043) \Device\Harddisk0\DR0\Partition3
23:26:49.0771 7208 \Device\Harddisk0\DR0\Partition3 - ok
23:26:49.0772 7208 ============================================================
23:26:49.0772 7208 Scan finished
23:26:49.0772 7208 ============================================================
23:26:49.0861 3524 Detected object count: 1
23:26:49.0861 3524 Actual detected object count: 1
23:26:58.0320 3524 \Device\Harddisk0\DR0\# - copied to quarantine
23:26:58.0320 3524 \Device\Harddisk0\DR0 - copied to quarantine
23:26:58.0393 3524 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
23:26:58.0395 3524 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
23:26:58.0398 3524 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
23:26:58.0401 3524 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
23:26:58.0405 3524 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
23:26:58.0440 3524 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
23:26:58.0462 3524 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
23:26:58.0490 3524 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
23:26:58.0494 3524 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
23:26:58.0496 3524 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
23:26:58.0537 3524 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
23:26:58.0541 3524 \Device\Harddisk0\DR0 - ok
23:26:59.0737 3524 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

And then Norton blocked tsk0005.dta
 
Download the FixTDSS.exe

Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
OK any security prompts.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.
 
Same thing again; blue screen, crash dump, etc. Are there any steps I can take to fix issue that do not require restarting/rebooting computer?
 
Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode (How to...)

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Status
Not open for further replies.
Back