Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Alureon.A.


  • Please log in to reply
31 replies to this topic

#1 MountainSky

MountainSky

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 18 February 2012 - 07:35 PM

Hello,

My computer using Windows 7 is infected with Trojan:DOS/Alureon.A. I use Norton 360, which did not detect the virus,even . I was having problems booting up and knew there was a problem. Microsoft Malicious Software Removal Tool identified the Alureon.A. It listed a partial removal.

I refered to Microsoft website and used Kaspersky TDSSKiller. It identified a threat on harddisk0\DRO and defaulted to cure, but I was afraid to delete the file because I read on the Internet it was a needed file. I tried to "copy to quarantine", but it sends a message that there are unprocessed malware objects and shows one file is not quarantied. When I turn back on Norton it shows "auto-protect blocked security risk forTrogan.gen, Trojan Horse, and Hacktool.rootkit."

I can post the logs from TDSSKiller if you would like. Please let me know if I am to post the whole log or portions. I am afraid to "cure" or delete the file and find out it is essential, would someone please help me?

Thank you!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 AM

Posted 18 February 2012 - 08:26 PM

Hello, post the tdss log and these please...
I moved this to Am I Infected for now.


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1 <<<== Use this one first.

Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware


>>>

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 MountainSky

MountainSky
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 18 February 2012 - 08:43 PM

Hello,

Thank you for your help.

Below is the log. I am going to follow the directions and will be back soon. Should I turn off Norton 360 before I follow the rest of your directions?

Thanks again!






16:37:30.0663 7176 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
16:37:31.0115 7176 ============================================================
16:37:31.0115 7176 Current date / time: 2012/02/18 16:37:31.0115
16:37:31.0115 7176 SystemInfo:
16:37:31.0115 7176
16:37:31.0115 7176 OS Version: 6.1.7600 ServicePack: 0.0
16:37:31.0115 7176 Product type: Workstation
16:37:31.0115 7176 ComputerName: F-VAIO
16:37:31.0115 7176 UserName: F
16:37:31.0115 7176 Windows directory: C:\Windows
16:37:31.0115 7176 System windows directory: C:\Windows
16:37:31.0115 7176 Running under WOW64
16:37:31.0115 7176 Processor architecture: Intel x64
16:37:31.0115 7176 Number of processors: 8
16:37:31.0115 7176 Page size: 0x1000
16:37:31.0115 7176 Boot type: Normal boot
16:37:31.0115 7176 ============================================================
16:37:32.0660 7176 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:37:32.0675 7176 \Device\Harddisk0\DR0:
16:37:32.0675 7176 MBR used
16:37:32.0675 7176 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x12DE000, BlocksNum 0x32000
16:37:32.0675 7176 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1310000, BlocksNum 0x39075830
16:37:32.0722 7176 Initialize success
16:37:32.0722 7176 ============================================================
16:37:42.0706 7828 ============================================================
16:37:42.0706 7828 Scan started
16:37:42.0706 7828 Mode: Manual;
16:37:42.0706 7828 ============================================================
16:37:45.0249 7828 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
16:37:45.0249 7828 1394ohci - ok
16:37:45.0343 7828 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
16:37:45.0358 7828 ACPI - ok
16:37:45.0389 7828 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
16:37:45.0389 7828 AcpiPmi - ok
16:37:45.0436 7828 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:37:45.0436 7828 adp94xx - ok
16:37:45.0514 7828 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:37:45.0514 7828 adpahci - ok
16:37:45.0655 7828 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:37:45.0655 7828 adpu320 - ok
16:37:45.0856 7828 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:37:45.0890 7828 AFD - ok
16:37:46.0073 7828 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:37:46.0174 7828 agp440 - ok
16:37:46.0210 7828 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:37:46.0211 7828 aliide - ok
16:37:46.0266 7828 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:37:46.0268 7828 amdide - ok
16:37:46.0308 7828 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:37:46.0310 7828 AmdK8 - ok
16:37:46.0346 7828 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:37:46.0349 7828 AmdPPM - ok
16:37:46.0393 7828 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:37:46.0395 7828 amdsata - ok
16:37:46.0426 7828 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:37:46.0430 7828 amdsbs - ok
16:37:46.0479 7828 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:37:46.0479 7828 amdxata - ok
16:37:46.0541 7828 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:37:46.0557 7828 ApfiltrService - ok
16:37:46.0588 7828 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:37:46.0603 7828 AppID - ok
16:37:46.0635 7828 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:37:46.0635 7828 arc - ok
16:37:46.0650 7828 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:37:46.0666 7828 arcsas - ok
16:37:46.0697 7828 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:37:46.0806 7828 ArcSoftKsUFilter - ok
16:37:46.0869 7828 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:37:46.0869 7828 AsyncMac - ok
16:37:46.0900 7828 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:37:46.0900 7828 atapi - ok
16:37:46.0993 7828 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
16:37:47.0025 7828 athr - ok
16:37:47.0149 7828 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:37:47.0165 7828 b06bdrv - ok
16:37:47.0243 7828 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:37:47.0243 7828 b57nd60a - ok
16:37:47.0274 7828 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:37:47.0274 7828 Beep - ok
16:37:47.0571 7828 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
16:37:47.0586 7828 BHDrvx64 - ok
16:37:47.0664 7828 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:37:47.0664 7828 blbdrive - ok
16:37:47.0742 7828 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:37:47.0742 7828 bowser - ok
16:37:47.0805 7828 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:37:47.0820 7828 BrFiltLo - ok
16:37:47.0851 7828 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:37:47.0851 7828 BrFiltUp - ok
16:37:47.0914 7828 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:37:47.0914 7828 Brserid - ok
16:37:47.0945 7828 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:37:47.0945 7828 BrSerWdm - ok
16:37:47.0992 7828 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:37:47.0992 7828 BrUsbMdm - ok
16:37:48.0023 7828 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:37:48.0023 7828 BrUsbSer - ok
16:37:48.0101 7828 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:37:48.0101 7828 BthEnum - ok
16:37:48.0148 7828 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:37:48.0163 7828 BTHMODEM - ok
16:37:48.0195 7828 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:37:48.0195 7828 BthPan - ok
16:37:48.0241 7828 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
16:37:48.0241 7828 BTHPORT - ok
16:37:48.0288 7828 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
16:37:48.0288 7828 BTHUSB - ok
16:37:48.0351 7828 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
16:37:48.0351 7828 btwampfl - ok
16:37:48.0382 7828 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
16:37:48.0382 7828 btwaudio - ok
16:37:48.0429 7828 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
16:37:48.0429 7828 btwavdt - ok
16:37:48.0444 7828 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:37:48.0444 7828 btwl2cap - ok
16:37:48.0507 7828 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
16:37:48.0507 7828 btwrchid - ok
16:37:48.0631 7828 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0600010.002\ccSetx64.sys
16:37:48.0631 7828 ccSet_N360 - ok
16:37:48.0678 7828 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:37:48.0694 7828 cdfs - ok
16:37:48.0772 7828 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:37:48.0772 7828 cdrom - ok
16:37:48.0803 7828 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:37:48.0803 7828 circlass - ok
16:37:48.0865 7828 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:37:48.0881 7828 CLFS - ok
16:37:48.0943 7828 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:37:48.0943 7828 CmBatt - ok
16:37:48.0959 7828 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:37:48.0959 7828 cmdide - ok
16:37:49.0022 7828 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:37:49.0022 7828 CNG - ok
16:37:49.0068 7828 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:37:49.0068 7828 Compbatt - ok
16:37:49.0100 7828 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
16:37:49.0115 7828 CompositeBus - ok
16:37:49.0146 7828 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:37:49.0146 7828 crcdisk - ok
16:37:49.0193 7828 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:37:49.0193 7828 DfsC - ok
16:37:49.0256 7828 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:37:49.0256 7828 discache - ok
16:37:49.0287 7828 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:37:49.0302 7828 Disk - ok
16:37:49.0380 7828 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:37:49.0380 7828 dot4 - ok
16:37:49.0412 7828 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:37:49.0412 7828 Dot4Print - ok
16:37:49.0427 7828 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
16:37:49.0443 7828 Dot4Scan - ok
16:37:49.0474 7828 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:37:49.0474 7828 dot4usb - ok
16:37:49.0505 7828 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:37:49.0505 7828 drmkaud - ok
16:37:49.0552 7828 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:37:49.0568 7828 DXGKrnl - ok
16:37:49.0677 7828 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:37:49.0739 7828 ebdrv - ok
16:37:49.0848 7828 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:37:49.0848 7828 eeCtrl - ok
16:37:49.0942 7828 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:37:49.0958 7828 elxstor - ok
16:37:49.0973 7828 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:37:49.0989 7828 EraserUtilRebootDrv - ok
16:37:50.0004 7828 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:37:50.0004 7828 ErrDev - ok
16:37:50.0051 7828 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:37:50.0051 7828 exfat - ok
16:37:50.0082 7828 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:37:50.0082 7828 fastfat - ok
16:37:50.0114 7828 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:37:50.0114 7828 fdc - ok
16:37:50.0145 7828 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:37:50.0145 7828 FileInfo - ok
16:37:50.0160 7828 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:37:50.0160 7828 Filetrace - ok
16:37:50.0192 7828 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:37:50.0192 7828 flpydisk - ok
16:37:50.0223 7828 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:37:50.0223 7828 FltMgr - ok
16:37:50.0301 7828 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:37:50.0301 7828 FsDepends - ok
16:37:50.0332 7828 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:37:50.0332 7828 Fs_Rec - ok
16:37:50.0363 7828 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:37:50.0379 7828 fvevol - ok
16:37:50.0394 7828 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:37:50.0394 7828 gagp30kx - ok
16:37:50.0457 7828 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:37:50.0457 7828 GEARAspiWDM - ok
16:37:50.0504 7828 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:37:50.0504 7828 hcw85cir - ok
16:37:50.0535 7828 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:37:50.0535 7828 HdAudAddService - ok
16:37:50.0550 7828 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
16:37:50.0550 7828 HDAudBus - ok
16:37:50.0582 7828 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:37:50.0582 7828 HidBatt - ok
16:37:50.0613 7828 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:37:50.0613 7828 HidBth - ok
16:37:50.0628 7828 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:37:50.0628 7828 HidIr - ok
16:37:50.0753 7828 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:37:50.0753 7828 HidUsb - ok
16:37:50.0800 7828 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
16:37:50.0800 7828 HpSAMD - ok
16:37:50.0831 7828 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:37:50.0847 7828 HTTP - ok
16:37:50.0862 7828 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:37:50.0862 7828 hwpolicy - ok
16:37:50.0894 7828 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:37:50.0894 7828 i8042prt - ok
16:37:50.0940 7828 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
16:37:50.0940 7828 iaStor - ok
16:37:51.0596 7828 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:37:51.0611 7828 iaStorV - ok
16:37:51.0752 7828 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
16:37:51.0752 7828 ICDUSB3 - ok
16:37:52.0064 7828 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120217.003\IDSvia64.sys
16:37:52.0064 7828 IDSVia64 - ok
16:37:52.0142 7828 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:37:52.0142 7828 iirsp - ok
16:37:52.0188 7828 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
16:37:52.0204 7828 Impcd - ok
16:37:52.0266 7828 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
16:37:52.0344 7828 IntcAzAudAddService - ok
16:37:52.0360 7828 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:37:52.0376 7828 intelide - ok
16:37:52.0391 7828 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:37:52.0391 7828 intelppm - ok
16:37:52.0407 7828 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:37:52.0422 7828 IpFilterDriver - ok
16:37:52.0485 7828 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
16:37:52.0485 7828 IPMIDRV - ok
16:37:52.0532 7828 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:37:52.0532 7828 IPNAT - ok
16:37:52.0563 7828 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:37:52.0563 7828 IRENUM - ok
16:37:52.0578 7828 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:37:52.0578 7828 isapnp - ok
16:37:52.0610 7828 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
16:37:52.0625 7828 iScsiPrt - ok
16:37:52.0641 7828 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:37:52.0641 7828 kbdclass - ok
16:37:52.0672 7828 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
16:37:52.0672 7828 kbdhid - ok
16:37:52.0750 7828 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:37:52.0750 7828 KSecDD - ok
16:37:52.0766 7828 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:37:52.0766 7828 KSecPkg - ok
16:37:52.0781 7828 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:37:52.0797 7828 ksthunk - ok
16:37:52.0828 7828 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:37:52.0844 7828 lltdio - ok
16:37:52.0922 7828 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:37:52.0922 7828 LSI_FC - ok
16:37:52.0968 7828 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:37:52.0984 7828 LSI_SAS - ok
16:37:53.0015 7828 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:37:53.0015 7828 LSI_SAS2 - ok
16:37:53.0046 7828 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:37:53.0046 7828 LSI_SCSI - ok
16:37:53.0093 7828 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:37:53.0093 7828 luafv - ok
16:37:53.0124 7828 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:37:53.0124 7828 megasas - ok
16:37:53.0156 7828 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:37:53.0156 7828 MegaSR - ok
16:37:53.0234 7828 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:37:53.0234 7828 Modem - ok
16:37:53.0249 7828 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:37:53.0249 7828 monitor - ok
16:37:53.0280 7828 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:37:53.0280 7828 mouclass - ok
16:37:53.0358 7828 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:37:53.0358 7828 mouhid - ok
16:37:53.0390 7828 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:37:53.0390 7828 mountmgr - ok
16:37:53.0421 7828 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
16:37:53.0421 7828 mpio - ok
16:37:53.0436 7828 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:37:53.0436 7828 mpsdrv - ok
16:37:53.0468 7828 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:37:53.0468 7828 MRxDAV - ok
16:37:53.0499 7828 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:37:53.0499 7828 mrxsmb - ok
16:37:53.0530 7828 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:37:53.0546 7828 mrxsmb10 - ok
16:37:53.0577 7828 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:37:53.0577 7828 mrxsmb20 - ok
16:37:53.0592 7828 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
16:37:53.0592 7828 msahci - ok
16:37:53.0624 7828 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
16:37:53.0624 7828 msdsm - ok
16:37:53.0702 7828 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:37:53.0702 7828 Msfs - ok
16:37:53.0748 7828 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:37:53.0748 7828 mshidkmdf - ok
16:37:53.0780 7828 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:37:53.0780 7828 msisadrv - ok
16:37:53.0811 7828 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:37:53.0811 7828 MSKSSRV - ok
16:37:53.0826 7828 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:37:53.0826 7828 MSPCLOCK - ok
16:37:53.0842 7828 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:37:53.0842 7828 MSPQM - ok
16:37:53.0873 7828 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:37:53.0873 7828 MsRPC - ok
16:37:53.0904 7828 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:37:53.0904 7828 mssmbios - ok
16:37:53.0951 7828 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:37:53.0951 7828 MSTEE - ok
16:37:53.0967 7828 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:37:53.0967 7828 MTConfig - ok
16:37:53.0998 7828 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:37:53.0998 7828 Mup - ok
16:37:54.0107 7828 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:37:54.0123 7828 NativeWifiP - ok
16:37:54.0310 7828 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\ENG64.SYS
16:37:54.0326 7828 NAVENG - ok
16:37:54.0404 7828 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\EX64.SYS
16:37:54.0419 7828 NAVEX15 - ok
16:37:54.0513 7828 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:37:54.0528 7828 NDIS - ok
16:37:54.0560 7828 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:37:54.0560 7828 NdisCap - ok
16:37:54.0575 7828 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:37:54.0575 7828 NdisTapi - ok
16:37:54.0606 7828 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:37:54.0606 7828 Ndisuio - ok
16:37:54.0622 7828 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:37:54.0638 7828 NdisWan - ok
16:37:54.0653 7828 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:37:54.0653 7828 NDProxy - ok
16:37:54.0669 7828 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:37:54.0669 7828 NetBIOS - ok
16:37:54.0700 7828 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:37:54.0716 7828 NetBT - ok
16:37:54.0731 7828 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:37:54.0731 7828 nfrd960 - ok
16:37:54.0747 7828 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:37:54.0747 7828 Npfs - ok
16:37:54.0778 7828 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:37:54.0778 7828 nsiproxy - ok
16:37:54.0856 7828 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:37:54.0872 7828 Ntfs - ok
16:37:54.0965 7828 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:37:54.0965 7828 Null - ok
16:37:55.0012 7828 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
16:37:55.0012 7828 NVHDA - ok
16:37:55.0308 7828 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:37:55.0464 7828 nvlddmkm - ok
16:37:55.0574 7828 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:37:55.0574 7828 nvraid - ok
16:37:55.0589 7828 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:37:55.0589 7828 nvstor - ok
16:37:55.0636 7828 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:37:55.0636 7828 nv_agp - ok
16:37:55.0683 7828 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:37:55.0683 7828 ohci1394 - ok
16:37:55.0761 7828 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:37:55.0761 7828 Parport - ok
16:37:55.0792 7828 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:37:55.0792 7828 partmgr - ok
16:37:55.0823 7828 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
16:37:55.0823 7828 pci - ok
16:37:55.0839 7828 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:37:55.0854 7828 pciide - ok
16:37:55.0870 7828 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:37:55.0870 7828 pcmcia - ok
16:37:55.0948 7828 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:37:55.0948 7828 pcw - ok
16:37:55.0979 7828 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:37:55.0995 7828 PEAUTH - ok
16:37:56.0042 7828 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:37:56.0057 7828 PptpMiniport - ok
16:37:56.0088 7828 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:37:56.0088 7828 Processor - ok
16:37:56.0120 7828 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:37:56.0120 7828 Psched - ok
16:37:56.0198 7828 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:37:56.0213 7828 PxHlpa64 - ok
16:37:56.0260 7828 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:37:56.0276 7828 ql2300 - ok
16:37:56.0369 7828 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:37:56.0369 7828 ql40xx - ok
16:37:56.0400 7828 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:37:56.0400 7828 QWAVEdrv - ok
16:37:56.0416 7828 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:37:56.0432 7828 RasAcd - ok
16:37:56.0463 7828 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:37:56.0463 7828 RasAgileVpn - ok
16:37:56.0478 7828 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:37:56.0478 7828 Rasl2tp - ok
16:37:56.0510 7828 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:37:56.0510 7828 RasPppoe - ok
16:37:56.0525 7828 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:37:56.0541 7828 RasSstp - ok
16:37:56.0556 7828 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:37:56.0556 7828 rdbss - ok
16:37:56.0588 7828 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:37:56.0588 7828 rdpbus - ok
16:37:56.0603 7828 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:37:56.0603 7828 RDPCDD - ok
16:37:56.0619 7828 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:37:56.0650 7828 RDPENCDD - ok
16:37:56.0666 7828 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:37:56.0666 7828 RDPREFMP - ok
16:37:56.0759 7828 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:37:56.0775 7828 RDPWD - ok
16:37:56.0822 7828 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:37:56.0822 7828 rdyboost - ok
16:37:56.0868 7828 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:37:56.0884 7828 RFCOMM - ok
16:37:56.0931 7828 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
16:37:56.0931 7828 rimspci - ok
16:37:56.0978 7828 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:37:56.0978 7828 RimUsb - ok
16:37:57.0024 7828 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:37:57.0040 7828 RimVSerPort - ok
16:37:57.0056 7828 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
16:37:57.0071 7828 risdsnpe - ok
16:37:57.0165 7828 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:37:57.0165 7828 ROOTMODEM - ok
16:37:57.0212 7828 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:37:57.0212 7828 rspndr - ok
16:37:57.0258 7828 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
16:37:57.0258 7828 sbp2port - ok
16:37:57.0305 7828 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:37:57.0305 7828 scfilter - ok
16:37:57.0336 7828 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
16:37:57.0336 7828 sdbus - ok
16:37:57.0352 7828 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:37:57.0368 7828 secdrv - ok
16:37:57.0399 7828 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:37:57.0399 7828 Serenum - ok
16:37:57.0414 7828 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:37:57.0414 7828 Serial - ok
16:37:57.0446 7828 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:37:57.0446 7828 sermouse - ok
16:37:57.0492 7828 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
16:37:57.0492 7828 SFEP - ok
16:37:57.0508 7828 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:37:57.0524 7828 sffdisk - ok
16:37:57.0539 7828 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:37:57.0539 7828 sffp_mmc - ok
16:37:57.0555 7828 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
16:37:57.0555 7828 sffp_sd - ok
16:37:57.0648 7828 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:37:57.0648 7828 sfloppy - ok
16:37:57.0695 7828 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:37:57.0695 7828 SiSRaid2 - ok
16:37:57.0742 7828 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:37:57.0742 7828 SiSRaid4 - ok
16:37:57.0773 7828 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:37:57.0773 7828 Smb - ok
16:37:57.0820 7828 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:37:57.0820 7828 spldr - ok
16:37:57.0976 7828 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSP64.SYS
16:37:57.0992 7828 SRTSP - ok
16:37:58.0116 7828 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSPX64.SYS
16:37:58.0116 7828 SRTSPX - ok
16:37:58.0163 7828 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:37:58.0163 7828 srv - ok
16:37:58.0179 7828 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:37:58.0194 7828 srv2 - ok
16:37:58.0226 7828 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:37:58.0226 7828 srvnet - ok
16:37:58.0272 7828 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:37:58.0272 7828 stexstor - ok
16:37:58.0304 7828 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:37:58.0304 7828 swenum - ok
16:37:58.0428 7828 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0600010.002\SYMDS64.SYS
16:37:58.0444 7828 SymDS - ok
16:37:58.0616 7828 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0600010.002\SYMEFA64.SYS
16:37:58.0616 7828 SymEFA - ok
16:37:58.0694 7828 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:37:58.0709 7828 SymEvent - ok
16:37:58.0834 7828 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0600010.002\Ironx64.SYS
16:37:58.0850 7828 SymIRON - ok
16:37:59.0021 7828 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\system32\drivers\N360x64\0600010.002\SYMNETS.SYS
16:37:59.0021 7828 SymNetS - ok
16:37:59.0099 7828 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:37:59.0130 7828 Tcpip - ok
16:37:59.0162 7828 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:37:59.0177 7828 TCPIP6 - ok
16:37:59.0224 7828 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:37:59.0224 7828 tcpipreg - ok
16:37:59.0240 7828 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:37:59.0255 7828 TDPIPE - ok
16:37:59.0286 7828 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:37:59.0286 7828 TDTCP - ok
16:37:59.0318 7828 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:37:59.0318 7828 tdx - ok
16:37:59.0333 7828 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
16:37:59.0333 7828 TermDD - ok
16:37:59.0364 7828 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:37:59.0364 7828 tssecsrv - ok
16:37:59.0458 7828 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:37:59.0458 7828 tunnel - ok
16:37:59.0474 7828 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:37:59.0505 7828 uagp35 - ok
16:37:59.0536 7828 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
16:37:59.0552 7828 udfs - ok
16:37:59.0567 7828 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:37:59.0567 7828 uliagpkx - ok
16:37:59.0598 7828 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:37:59.0598 7828 umbus - ok
16:37:59.0630 7828 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:37:59.0645 7828 UmPass - ok
16:37:59.0692 7828 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:37:59.0692 7828 usbaudio - ok
16:37:59.0770 7828 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:37:59.0770 7828 usbccgp - ok
16:37:59.0817 7828 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:37:59.0817 7828 usbcir - ok
16:37:59.0879 7828 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
16:37:59.0879 7828 usbehci - ok
16:37:59.0910 7828 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:37:59.0926 7828 usbhub - ok
16:37:59.0957 7828 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:37:59.0957 7828 usbohci - ok
16:37:59.0988 7828 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:38:00.0004 7828 usbprint - ok
16:38:00.0035 7828 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
16:38:00.0035 7828 USBSTOR - ok
16:38:00.0051 7828 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
16:38:00.0066 7828 usbuhci - ok
16:38:00.0098 7828 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
16:38:00.0113 7828 usbvideo - ok
16:38:00.0176 7828 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:38:00.0176 7828 vdrvroot - ok
16:38:00.0222 7828 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:38:00.0222 7828 vga - ok
16:38:00.0269 7828 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:38:00.0285 7828 VgaSave - ok
16:38:00.0300 7828 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
16:38:00.0300 7828 vhdmp - ok
16:38:00.0332 7828 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:38:00.0332 7828 viaide - ok
16:38:00.0347 7828 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
16:38:00.0363 7828 volmgr - ok
16:38:00.0394 7828 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:38:00.0410 7828 volmgrx - ok
16:38:00.0456 7828 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
16:38:00.0456 7828 volsnap - ok
16:38:00.0488 7828 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:38:00.0488 7828 vsmraid - ok
16:38:00.0519 7828 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:38:00.0534 7828 vwifibus - ok
16:38:00.0550 7828 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:38:00.0566 7828 vwififlt - ok
16:38:00.0659 7828 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:38:00.0659 7828 vwifimp - ok
16:38:00.0675 7828 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:38:00.0690 7828 WacomPen - ok
16:38:00.0706 7828 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:38:00.0706 7828 WANARP - ok
16:38:00.0722 7828 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:38:00.0722 7828 Wanarpv6 - ok
16:38:00.0784 7828 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:38:00.0784 7828 Wd - ok
16:38:00.0815 7828 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:38:00.0831 7828 Wdf01000 - ok
16:38:00.0862 7828 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:38:00.0862 7828 WfpLwf - ok
16:38:00.0878 7828 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:38:00.0878 7828 WIMMount - ok
16:38:00.0987 7828 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:38:01.0002 7828 WinUsb - ok
16:38:01.0080 7828 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:38:01.0080 7828 WmiAcpi - ok
16:38:01.0205 7828 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:38:01.0205 7828 ws2ifsl - ok
16:38:01.0236 7828 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:38:01.0236 7828 WudfPf - ok
16:38:01.0299 7828 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
16:38:01.0299 7828 xusb21 - ok
16:38:01.0330 7828 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
16:38:01.0330 7828 yukonw7 - ok
16:38:01.0361 7828 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
16:38:01.0408 7828 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
16:38:01.0408 7828 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
16:38:01.0424 7828 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
16:38:01.0424 7828 \Device\Harddisk0\DR0\Partition0 - ok
16:38:01.0439 7828 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
16:38:01.0439 7828 \Device\Harddisk0\DR0\Partition1 - ok
16:38:01.0439 7828 ============================================================
16:38:01.0439 7828 Scan finished
16:38:01.0439 7828 ============================================================
16:38:01.0455 6192 Detected object count: 1
16:38:01.0455 6192 Actual detected object count: 1
16:42:02.0696 6192 \Device\Harddisk0\DR0\# - copied to quarantine
16:42:02.0696 6192 \Device\Harddisk0\DR0 - copied to quarantine
16:42:02.0774 6192 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:42:02.0774 6192 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
16:42:02.0789 6192 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
16:42:02.0805 6192 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
16:42:02.0820 6192 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
16:42:02.0820 6192 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
16:42:02.0820 6192 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
16:42:02.0836 6192 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
16:42:02.0836 6192 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
16:42:02.0836 6192 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
16:42:02.0836 6192 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
16:42:02.0836 6192 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine
16:42:50.0405 7308 ============================================================
16:42:50.0405 7308 Scan started
16:42:50.0405 7308 Mode: Manual;
16:42:50.0405 7308 ============================================================
16:42:50.0670 7308 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
16:42:50.0670 7308 1394ohci - ok
16:42:50.0686 7308 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
16:42:50.0702 7308 ACPI - ok
16:42:50.0733 7308 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
16:42:50.0733 7308 AcpiPmi - ok
16:42:50.0764 7308 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:42:50.0764 7308 adp94xx - ok
16:42:50.0811 7308 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:42:50.0811 7308 adpahci - ok
16:42:50.0826 7308 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:42:50.0826 7308 adpu320 - ok
16:42:50.0904 7308 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:42:50.0904 7308 AFD - ok
16:42:51.0029 7308 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:42:51.0029 7308 agp440 - ok
16:42:51.0045 7308 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:42:51.0045 7308 aliide - ok
16:42:51.0076 7308 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:42:51.0076 7308 amdide - ok
16:42:51.0092 7308 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:42:51.0092 7308 AmdK8 - ok
16:42:51.0107 7308 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:42:51.0107 7308 AmdPPM - ok
16:42:51.0170 7308 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:42:51.0170 7308 amdsata - ok
16:42:51.0201 7308 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:42:51.0201 7308 amdsbs - ok
16:42:51.0232 7308 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:42:51.0232 7308 amdxata - ok
16:42:51.0279 7308 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:42:51.0279 7308 ApfiltrService - ok
16:42:51.0310 7308 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:42:51.0310 7308 AppID - ok
16:42:51.0419 7308 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:42:51.0419 7308 arc - ok
16:42:51.0513 7308 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:42:51.0513 7308 arcsas - ok
16:42:51.0560 7308 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:42:51.0560 7308 ArcSoftKsUFilter - ok
16:42:51.0591 7308 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:51.0606 7308 AsyncMac - ok
16:42:51.0638 7308 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:42:51.0638 7308 atapi - ok
16:42:51.0731 7308 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
16:42:51.0731 7308 athr - ok
16:42:51.0825 7308 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:42:51.0825 7308 b06bdrv - ok
16:42:51.0918 7308 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:42:51.0918 7308 b57nd60a - ok
16:42:51.0965 7308 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:42:51.0965 7308 Beep - ok
16:42:52.0152 7308 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
16:42:52.0152 7308 BHDrvx64 - ok
16:42:52.0184 7308 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:42:52.0184 7308 blbdrive - ok
16:42:52.0262 7308 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:42:52.0262 7308 bowser - ok
16:42:52.0293 7308 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:42:52.0293 7308 BrFiltLo - ok
16:42:52.0324 7308 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:42:52.0324 7308 BrFiltUp - ok
16:42:52.0355 7308 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:42:52.0355 7308 Brserid - ok
16:42:52.0386 7308 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:52.0386 7308 BrSerWdm - ok
16:42:52.0418 7308 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:52.0418 7308 BrUsbMdm - ok
16:42:52.0433 7308 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:52.0433 7308 BrUsbSer - ok
16:42:52.0496 7308 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:42:52.0496 7308 BthEnum - ok
16:42:52.0527 7308 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:42:52.0527 7308 BTHMODEM - ok
16:42:52.0558 7308 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:42:52.0558 7308 BthPan - ok
16:42:52.0667 7308 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
16:42:52.0667 7308 BTHPORT - ok
16:42:52.0714 7308 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
16:42:52.0714 7308 BTHUSB - ok
16:42:52.0745 7308 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
16:42:52.0761 7308 btwampfl - ok
16:42:52.0776 7308 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
16:42:52.0776 7308 btwaudio - ok
16:42:52.0792 7308 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
16:42:52.0792 7308 btwavdt - ok
16:42:52.0823 7308 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:42:52.0823 7308 btwl2cap - ok
16:42:52.0839 7308 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
16:42:52.0839 7308 btwrchid - ok
16:42:52.0932 7308 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0600010.002\ccSetx64.sys
16:42:52.0932 7308 ccSet_N360 - ok
16:42:52.0995 7308 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:42:52.0995 7308 cdfs - ok
16:42:53.0010 7308 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:42:53.0010 7308 cdrom - ok
16:42:53.0042 7308 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:42:53.0042 7308 circlass - ok
16:42:53.0073 7308 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:42:53.0073 7308 CLFS - ok
16:42:53.0104 7308 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:42:53.0104 7308 CmBatt - ok
16:42:53.0120 7308 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:42:53.0120 7308 cmdide - ok
16:42:53.0151 7308 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:42:53.0166 7308 CNG - ok
16:42:53.0198 7308 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:42:53.0198 7308 Compbatt - ok
16:42:53.0229 7308 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
16:42:53.0229 7308 CompositeBus - ok
16:42:53.0244 7308 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:42:53.0244 7308 crcdisk - ok
16:42:53.0307 7308 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:42:53.0307 7308 DfsC - ok
16:42:53.0385 7308 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:42:53.0385 7308 discache - ok
16:42:53.0432 7308 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:42:53.0432 7308 Disk - ok
16:42:53.0478 7308 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:42:53.0478 7308 dot4 - ok
16:42:53.0510 7308 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:42:53.0510 7308 Dot4Print - ok
16:42:53.0525 7308 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
16:42:53.0525 7308 Dot4Scan - ok
16:42:53.0572 7308 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:42:53.0572 7308 dot4usb - ok
16:42:53.0588 7308 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:42:53.0588 7308 drmkaud - ok
16:42:53.0744 7308 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:42:53.0759 7308 DXGKrnl - ok
16:42:53.0931 7308 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:42:53.0946 7308 ebdrv - ok
16:42:54.0040 7308 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:42:54.0056 7308 eeCtrl - ok
16:42:54.0180 7308 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:42:54.0180 7308 elxstor - ok
16:42:54.0212 7308 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:42:54.0212 7308 EraserUtilRebootDrv - ok
16:42:54.0227 7308 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:42:54.0227 7308 ErrDev - ok
16:42:54.0258 7308 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:42:54.0258 7308 exfat - ok
16:42:54.0290 7308 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:42:54.0290 7308 fastfat - ok
16:42:54.0321 7308 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:42:54.0321 7308 fdc - ok
16:42:54.0352 7308 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:42:54.0352 7308 FileInfo - ok
16:42:54.0383 7308 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:42:54.0383 7308 Filetrace - ok
16:42:54.0414 7308 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:42:54.0414 7308 flpydisk - ok
16:42:54.0430 7308 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:42:54.0446 7308 FltMgr - ok
16:42:54.0555 7308 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:42:54.0555 7308 FsDepends - ok
16:42:54.0586 7308 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:42:54.0586 7308 Fs_Rec - ok
16:42:54.0617 7308 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:42:54.0633 7308 fvevol - ok
16:42:54.0648 7308 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:42:54.0648 7308 gagp30kx - ok
16:42:54.0695 7308 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:42:54.0695 7308 GEARAspiWDM - ok
16:42:54.0726 7308 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:42:54.0726 7308 hcw85cir - ok
16:42:54.0773 7308 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:42:54.0773 7308 HdAudAddService - ok
16:42:54.0804 7308 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
16:42:54.0804 7308 HDAudBus - ok
16:42:54.0836 7308 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:42:54.0836 7308 HidBatt - ok
16:42:54.0851 7308 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:42:54.0851 7308 HidBth - ok
16:42:54.0945 7308 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:42:54.0945 7308 HidIr - ok
16:42:54.0960 7308 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:42:54.0960 7308 HidUsb - ok
16:42:54.0992 7308 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
16:42:54.0992 7308 HpSAMD - ok
16:42:55.0023 7308 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:42:55.0038 7308 HTTP - ok
16:42:55.0054 7308 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:42:55.0054 7308 hwpolicy - ok
16:42:55.0085 7308 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:42:55.0085 7308 i8042prt - ok
16:42:55.0116 7308 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
16:42:55.0116 7308 iaStor - ok
16:42:55.0163 7308 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:42:55.0163 7308 iaStorV - ok
16:42:55.0194 7308 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
16:42:55.0194 7308 ICDUSB3 - ok
16:42:55.0460 7308 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120217.003\IDSvia64.sys
16:42:55.0460 7308 IDSVia64 - ok
16:42:55.0538 7308 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:42:55.0538 7308 iirsp - ok
16:42:55.0584 7308 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
16:42:55.0584 7308 Impcd - ok
16:42:55.0694 7308 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
16:42:55.0709 7308 IntcAzAudAddService - ok
16:42:55.0725 7308 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:42:55.0725 7308 intelide - ok
16:42:55.0772 7308 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:42:55.0772 7308 intelppm - ok
16:42:55.0787 7308 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:55.0787 7308 IpFilterDriver - ok
16:42:55.0896 7308 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
16:42:55.0896 7308 IPMIDRV - ok
16:42:55.0943 7308 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:42:55.0943 7308 IPNAT - ok
16:42:55.0974 7308 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:42:55.0974 7308 IRENUM - ok
16:42:55.0990 7308 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:42:55.0990 7308 isapnp - ok
16:42:56.0006 7308 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
16:42:56.0021 7308 iScsiPrt - ok
16:42:56.0037 7308 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:42:56.0037 7308 kbdclass - ok
16:42:56.0068 7308 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
16:42:56.0068 7308 kbdhid - ok
16:42:56.0099 7308 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:42:56.0099 7308 KSecDD - ok
16:42:56.0130 7308 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:42:56.0130 7308 KSecPkg - ok
16:42:56.0146 7308 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:42:56.0146 7308 ksthunk - ok
16:42:56.0177 7308 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:42:56.0177 7308 lltdio - ok
16:42:56.0255 7308 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:42:56.0271 7308 LSI_FC - ok
16:42:56.0286 7308 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:42:56.0302 7308 LSI_SAS - ok
16:42:56.0333 7308 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:42:56.0333 7308 LSI_SAS2 - ok
16:42:56.0349 7308 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:42:56.0349 7308 LSI_SCSI - ok
16:42:56.0380 7308 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:42:56.0380 7308 luafv - ok
16:42:56.0411 7308 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:42:56.0411 7308 megasas - ok
16:42:56.0442 7308 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:42:56.0442 7308 MegaSR - ok
16:42:56.0474 7308 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:42:56.0474 7308 Modem - ok
16:42:56.0489 7308 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:42:56.0489 7308 monitor - ok
16:42:56.0520 7308 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:42:56.0520 7308 mouclass - ok
16:42:56.0536 7308 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:42:56.0536 7308 mouhid - ok
16:42:56.0567 7308 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:42:56.0567 7308 mountmgr - ok
16:42:56.0661 7308 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
16:42:56.0661 7308 mpio - ok
16:42:56.0692 7308 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:42:56.0692 7308 mpsdrv - ok
16:42:56.0723 7308 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:42:56.0723 7308 MRxDAV - ok
16:42:56.0754 7308 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:42:56.0754 7308 mrxsmb - ok
16:42:56.0801 7308 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:42:56.0801 7308 mrxsmb10 - ok
16:42:56.0832 7308 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:42:56.0832 7308 mrxsmb20 - ok
16:42:56.0864 7308 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
16:42:56.0864 7308 msahci - ok
16:42:56.0895 7308 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
16:42:56.0895 7308 msdsm - ok
16:42:56.0942 7308 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:42:56.0942 7308 Msfs - ok
16:42:57.0004 7308 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:42:57.0004 7308 mshidkmdf - ok
16:42:57.0051 7308 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:42:57.0051 7308 msisadrv - ok
16:42:57.0082 7308 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:42:57.0082 7308 MSKSSRV - ok
16:42:57.0113 7308 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:42:57.0113 7308 MSPCLOCK - ok
16:42:57.0129 7308 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:42:57.0129 7308 MSPQM - ok
16:42:57.0160 7308 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:42:57.0160 7308 MsRPC - ok
16:42:57.0191 7308 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:42:57.0191 7308 mssmbios - ok
16:42:57.0207 7308 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:42:57.0207 7308 MSTEE - ok
16:42:57.0238 7308 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:42:57.0238 7308 MTConfig - ok
16:42:57.0269 7308 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:42:57.0269 7308 Mup - ok
16:42:57.0300 7308 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:42:57.0300 7308 NativeWifiP - ok
16:42:57.0488 7308 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\ENG64.SYS
16:42:57.0488 7308 NAVENG - ok
16:42:57.0550 7308 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\EX64.SYS
16:42:57.0550 7308 NAVEX15 - ok
16:42:57.0644 7308 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:42:57.0644 7308 NDIS - ok
16:42:57.0675 7308 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:42:57.0675 7308 NdisCap - ok
16:42:57.0706 7308 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:42:57.0706 7308 NdisTapi - ok
16:42:57.0722 7308 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:42:57.0722 7308 Ndisuio - ok
16:42:57.0753 7308 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:42:57.0753 7308 NdisWan - ok
16:42:57.0784 7308 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:42:57.0800 7308 NDProxy - ok
16:42:57.0800 7308 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:42:57.0800 7308 NetBIOS - ok
16:42:57.0831 7308 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:42:57.0831 7308 NetBT - ok
16:42:57.0862 7308 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:42:57.0862 7308 nfrd960 - ok
16:42:57.0878 7308 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:42:57.0878 7308 Npfs - ok
16:42:57.0909 7308 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:42:57.0909 7308 nsiproxy - ok
16:42:58.0002 7308 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:42:58.0018 7308 Ntfs - ok
16:42:58.0096 7308 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:42:58.0096 7308 Null - ok
16:42:58.0127 7308 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
16:42:58.0127 7308 NVHDA - ok
16:42:58.0330 7308 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:42:58.0486 7308 nvlddmkm - ok
16:42:58.0580 7308 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:42:58.0580 7308 nvraid - ok
16:42:58.0611 7308 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:42:58.0611 7308 nvstor - ok
16:42:58.0642 7308 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:42:58.0642 7308 nv_agp - ok
16:42:58.0673 7308 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:42:58.0673 7308 ohci1394 - ok
16:42:58.0704 7308 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:42:58.0704 7308 Parport - ok
16:42:58.0736 7308 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:42:58.0736 7308 partmgr - ok
16:42:58.0767 7308 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
16:42:58.0767 7308 pci - ok
16:42:58.0782 7308 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:42:58.0782 7308 pciide - ok
16:42:58.0798 7308 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:42:58.0814 7308 pcmcia - ok
16:42:58.0829 7308 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:42:58.0829 7308 pcw - ok
16:42:58.0860 7308 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:42:58.0876 7308 PEAUTH - ok
16:42:59.0001 7308 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:42:59.0001 7308 PptpMiniport - ok
16:42:59.0048 7308 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:42:59.0048 7308 Processor - ok
16:42:59.0094 7308 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:42:59.0094 7308 Psched - ok
16:42:59.0141 7308 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:42:59.0141 7308 PxHlpa64 - ok
16:42:59.0172 7308 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:42:59.0204 7308 ql2300 - ok
16:42:59.0219 7308 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:42:59.0235 7308 ql40xx - ok
16:42:59.0250 7308 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:42:59.0250 7308 QWAVEdrv - ok
16:42:59.0282 7308 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:42:59.0282 7308 RasAcd - ok
16:42:59.0313 7308 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:42:59.0313 7308 RasAgileVpn - ok
16:42:59.0391 7308 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:42:59.0391 7308 Rasl2tp - ok
16:42:59.0422 7308 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:42:59.0438 7308 RasPppoe - ok
16:42:59.0453 7308 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:42:59.0453 7308 RasSstp - ok
16:42:59.0469 7308 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:42:59.0484 7308 rdbss - ok
16:42:59.0500 7308 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:42:59.0500 7308 rdpbus - ok
16:42:59.0516 7308 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:42:59.0516 7308 RDPCDD - ok
16:42:59.0547 7308 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:42:59.0547 7308 RDPENCDD - ok
16:42:59.0562 7308 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:42:59.0562 7308 RDPREFMP - ok
16:42:59.0594 7308 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:42:59.0594 7308 RDPWD - ok
16:42:59.0625 7308 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:42:59.0625 7308 rdyboost - ok
16:42:59.0656 7308 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:42:59.0656 7308 RFCOMM - ok
16:42:59.0687 7308 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
16:42:59.0687 7308 rimspci - ok
16:42:59.0796 7308 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:42:59.0796 7308 RimUsb - ok
16:42:59.0828 7308 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:42:59.0828 7308 RimVSerPort - ok
16:42:59.0843 7308 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
16:42:59.0843 7308 risdsnpe - ok
16:42:59.0874 7308 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:42:59.0874 7308 ROOTMODEM - ok
16:42:59.0906 7308 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:42:59.0906 7308 rspndr - ok
16:42:59.0937 7308 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
16:42:59.0937 7308 sbp2port - ok
16:42:59.0968 7308 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:43:00.0015 7308 scfilter - ok
16:43:00.0046 7308 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
16:43:00.0046 7308 sdbus - ok
16:43:00.0062 7308 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:43:00.0062 7308 secdrv - ok
16:43:00.0093 7308 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:43:00.0093 7308 Serenum - ok
16:43:00.0186 7308 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:43:00.0186 7308 Serial - ok
16:43:00.0218 7308 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:43:00.0218 7308 sermouse - ok
16:43:00.0264 7308 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
16:43:00.0264 7308 SFEP - ok
16:43:00.0280 7308 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:43:00.0280 7308 sffdisk - ok
16:43:00.0311 7308 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:43:00.0311 7308 sffp_mmc - ok
16:43:00.0342 7308 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
16:43:00.0342 7308 sffp_sd - ok
16:43:00.0358 7308 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:43:00.0358 7308 sfloppy - ok
16:43:00.0389 7308 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:43:00.0389 7308 SiSRaid2 - ok
16:43:00.0405 7308 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:43:00.0405 7308 SiSRaid4 - ok
16:43:00.0436 7308 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:43:00.0436 7308 Smb - ok
16:43:00.0467 7308 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:43:00.0483 7308 spldr - ok
16:43:00.0623 7308 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSP64.SYS
16:43:00.0623 7308 SRTSP - ok
16:43:00.0732 7308 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSPX64.SYS
16:43:00.0732 7308 SRTSPX - ok
16:43:00.0779 7308 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:43:00.0779 7308 srv - ok
16:43:00.0810 7308 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:43:00.0810 7308 srv2 - ok
16:43:00.0826 7308 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:43:00.0826 7308 srvnet - ok
16:43:00.0888 7308 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:43:00.0888 7308 stexstor - ok
16:43:00.0920 7308 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:43:00.0935 7308 swenum - ok
16:43:01.0091 7308 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0600010.002\SYMDS64.SYS
16:43:01.0091 7308 SymDS - ok
16:43:01.0263 7308 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0600010.002\SYMEFA64.SYS
16:43:01.0278 7308 SymEFA - ok
16:43:01.0325 7308 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:43:01.0325 7308 SymEvent - ok
16:43:01.0419 7308 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0600010.002\Ironx64.SYS
16:43:01.0419 7308 SymIRON - ok
16:43:01.0466 7308 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\system32\drivers\N360x64\0600010.002\SYMNETS.SYS
16:43:01.0466 7308 SymNetS - ok
16:43:01.0606 7308 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:43:01.0622 7308 Tcpip - ok
16:43:01.0653 7308 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:43:01.0668 7308 TCPIP6 - ok
16:43:01.0700 7308 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:43:01.0700 7308 tcpipreg - ok
16:43:01.0731 7308 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:43:01.0731 7308 TDPIPE - ok
16:43:01.0762 7308 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:43:01.0762 7308 TDTCP - ok
16:43:01.0778 7308 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:43:01.0793 7308 tdx - ok
16:43:01.0809 7308 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
16:43:01.0809 7308 TermDD - ok
16:43:01.0840 7308 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:43:01.0840 7308 tssecsrv - ok
16:43:01.0856 7308 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:43:01.0856 7308 tunnel - ok
16:43:01.0887 7308 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:43:01.0887 7308 uagp35 - ok
16:43:01.0918 7308 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
16:43:01.0918 7308 udfs - ok
16:43:02.0043 7308 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:43:02.0043 7308 uliagpkx - ok
16:43:02.0074 7308 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:43:02.0074 7308 umbus - ok
16:43:02.0105 7308 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:43:02.0105 7308 UmPass - ok
16:43:02.0136 7308 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:43:02.0136 7308 usbaudio - ok
16:43:02.0183 7308 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:43:02.0183 7308 usbccgp - ok
16:43:02.0230 7308 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:43:02.0230 7308 usbcir - ok
16:43:02.0246 7308 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
16:43:02.0246 7308 usbehci - ok
16:43:02.0277 7308 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:43:02.0292 7308 usbhub - ok
16:43:02.0339 7308 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:43:02.0339 7308 usbohci - ok
16:43:02.0370 7308 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:43:02.0370 7308 usbprint - ok
16:43:02.0417 7308 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
16:43:02.0417 7308 USBSTOR - ok
16:43:02.0448 7308 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
16:43:02.0448 7308 usbuhci - ok
16:43:02.0464 7308 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
16:43:02.0480 7308 usbvideo - ok
16:43:02.0511 7308 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:43:02.0511 7308 vdrvroot - ok
16:43:02.0542 7308 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:43:02.0542 7308 vga - ok
16:43:02.0573 7308 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:43:02.0573 7308 VgaSave - ok
16:43:02.0604 7308 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
16:43:02.0604 7308 vhdmp - ok
16:43:02.0636 7308 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:43:02.0636 7308 viaide - ok
16:43:02.0651 7308 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
16:43:02.0651 7308 volmgr - ok
16:43:02.0698 7308 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:43:02.0714 7308 volmgrx - ok
16:43:02.0792 7308 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
16:43:02.0792 7308 volsnap - ok
16:43:02.0823 7308 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:43:02.0823 7308 vsmraid - ok
16:43:02.0838 7308 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:43:02.0854 7308 vwifibus - ok
16:43:02.0916 7308 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:43:02.0916 7308 vwififlt - ok
16:43:02.0932 7308 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:43:02.0932 7308 vwifimp - ok
16:43:02.0963 7308 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:43:02.0963 7308 WacomPen - ok
16:43:03.0010 7308 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:43:03.0010 7308 WANARP - ok
16:43:03.0010 7308 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:43:03.0010 7308 Wanarpv6 - ok
16:43:03.0057 7308 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:43:03.0057 7308 Wd - ok
16:43:03.0088 7308 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:43:03.0104 7308 Wdf01000 - ok
16:43:03.0135 7308 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:43:03.0135 7308 WfpLwf - ok
16:43:03.0197 7308 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:43:03.0197 7308 WIMMount - ok
16:43:03.0260 7308 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:43:03.0260 7308 WinUsb - ok
16:43:03.0338 7308 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:43:03.0338 7308 WmiAcpi - ok
16:43:03.0369 7308 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:43:03.0369 7308 ws2ifsl - ok
16:43:03.0416 7308 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:43:03.0416 7308 WudfPf - ok
16:43:03.0462 7308 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
16:43:03.0462 7308 xusb21 - ok
16:43:03.0494 7308 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
16:43:03.0494 7308 yukonw7 - ok

post was too long for amount allowed so here is the remainder of log.

16:43:03.0509 7308 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
16:43:03.0540 7308 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
16:43:03.0540 7308 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
16:43:03.0572 7308 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
16:43:03.0572 7308 \Device\Harddisk0\DR0\Partition0 - ok
16:43:03.0587 7308 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
16:43:03.0587 7308 \Device\Harddisk0\DR0\Partition1 - ok
16:43:03.0587 7308 ============================================================
16:43:03.0587 7308 Scan finished
16:43:03.0587 7308 ============================================================
16:43:03.0587 7192 Detected object count: 1
16:43:03.0587 7192 Actual detected object count: 1
16:43:10.0592 7192 \Device\Harddisk0\DR0\# - copied to quarantine
16:43:10.0592 7192 \Device\Harddisk0\DR0 - copied to quarantine
16:43:10.0670 7192 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:43:10.0670 7192 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
16:43:10.0685 7192 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
16:43:10.0701 7192 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
16:43:10.0716 7192 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
16:43:10.0716 7192 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
16:43:10.0716 7192 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine
16:45:54.0886 4892 ============================================================
16:45:54.0886 4892 Scan started
16:45:54.0886 4892 Mode: Manual;
16:45:54.0886 4892 ============================================================
16:45:55.0120 4892 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
16:45:55.0120 4892 1394ohci - ok
16:45:55.0166 4892 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
16:45:55.0182 4892 ACPI - ok
16:45:55.0213 4892 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
16:45:55.0213 4892 AcpiPmi - ok
16:45:55.0276 4892 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:45:55.0276 4892 adp94xx - ok
16:45:55.0307 4892 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:45:55.0307 4892 adpahci - ok
16:45:55.0338 4892 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:45:55.0338 4892 adpu320 - ok
16:45:55.0510 4892 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:45:55.0510 4892 AFD - ok
16:45:55.0556 4892 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:45:55.0556 4892 agp440 - ok
16:45:55.0572 4892 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:45:55.0572 4892 aliide - ok
16:45:55.0603 4892 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:45:55.0603 4892 amdide - ok
16:45:55.0619 4892 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:45:55.0619 4892 AmdK8 - ok
16:45:55.0634 4892 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:45:55.0634 4892 AmdPPM - ok
16:45:55.0697 4892 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:45:55.0697 4892 amdsata - ok
16:45:55.0728 4892 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:45:55.0728 4892 amdsbs - ok
16:45:55.0775 4892 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:45:55.0775 4892 amdxata - ok
16:45:55.0822 4892 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:45:55.0822 4892 ApfiltrService - ok
16:45:55.0931 4892 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:45:55.0931 4892 AppID - ok
16:45:55.0978 4892 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:45:55.0978 4892 arc - ok
16:45:56.0009 4892 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:45:56.0009 4892 arcsas - ok
16:45:56.0056 4892 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:45:56.0056 4892 ArcSoftKsUFilter - ok
16:45:56.0087 4892 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:45:56.0087 4892 AsyncMac - ok
16:45:56.0118 4892 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:45:56.0134 4892 atapi - ok
16:45:56.0227 4892 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
16:45:56.0227 4892 athr - ok
16:45:56.0430 4892 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:45:56.0430 4892 b06bdrv - ok
16:45:56.0477 4892 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:45:56.0477 4892 b57nd60a - ok
16:45:56.0524 4892 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:45:56.0524 4892 Beep - ok
16:45:56.0773 4892 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
16:45:56.0773 4892 BHDrvx64 - ok
16:45:56.0898 4892 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:45:56.0898 4892 blbdrive - ok
16:45:56.0945 4892 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:45:56.0945 4892 bowser - ok
16:45:56.0976 4892 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:45:56.0976 4892 BrFiltLo - ok
16:45:56.0992 4892 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:45:56.0992 4892 BrFiltUp - ok
16:45:57.0023 4892 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:45:57.0023 4892 Brserid - ok
16:45:57.0054 4892 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:45:57.0054 4892 BrSerWdm - ok
16:45:57.0070 4892 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:45:57.0070 4892 BrUsbMdm - ok
16:45:57.0085 4892 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:45:57.0085 4892 BrUsbSer - ok
16:45:57.0132 4892 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:45:57.0132 4892 BthEnum - ok
16:45:57.0148 4892 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:45:57.0148 4892 BTHMODEM - ok
16:45:57.0179 4892 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:45:57.0179 4892 BthPan - ok
16:45:57.0257 4892 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
16:45:57.0257 4892 BTHPORT - ok
16:45:57.0288 4892 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
16:45:57.0288 4892 BTHUSB - ok
16:45:57.0335 4892 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
16:45:57.0335 4892 btwampfl - ok
16:45:57.0366 4892 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
16:45:57.0366 4892 btwaudio - ok
16:45:57.0413 4892 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
16:45:57.0413 4892 btwavdt - ok
16:45:57.0444 4892 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:45:57.0444 4892 btwl2cap - ok
16:45:57.0460 4892 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
16:45:57.0460 4892 btwrchid - ok
16:45:57.0569 4892 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0600010.002\ccSetx64.sys
16:45:57.0569 4892 ccSet_N360 - ok
16:45:57.0647 4892 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:45:57.0647 4892 cdfs - ok
16:45:57.0678 4892 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:45:57.0678 4892 cdrom - ok
16:45:57.0694 4892 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:45:57.0694 4892 circlass - ok
16:45:57.0725 4892 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:45:57.0725 4892 CLFS - ok
16:45:57.0772 4892 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:45:57.0772 4892 CmBatt - ok
16:45:57.0787 4892 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:45:57.0787 4892 cmdide - ok
16:45:57.0834 4892 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:45:57.0834 4892 CNG - ok
16:45:57.0865 4892 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:45:57.0865 4892 Compbatt - ok
16:45:57.0896 4892 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
16:45:57.0896 4892 CompositeBus - ok
16:45:57.0928 4892 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:45:57.0928 4892 crcdisk - ok
16:45:58.0021 4892 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:45:58.0021 4892 DfsC - ok
16:45:58.0068 4892 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:45:58.0068 4892 discache - ok
16:45:58.0115 4892 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:45:58.0115 4892 Disk - ok
16:45:58.0146 4892 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:45:58.0146 4892 dot4 - ok
16:45:58.0162 4892 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:45:58.0162 4892 Dot4Print - ok
16:45:58.0193 4892 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
16:45:58.0193 4892 Dot4Scan - ok
16:45:58.0208 4892 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:45:58.0208 4892 dot4usb - ok
16:45:58.0224 4892 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:45:58.0224 4892 drmkaud - ok
16:45:58.0302 4892 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:45:58.0318 4892 DXGKrnl - ok
16:45:58.0645 4892 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:45:58.0661 4892 ebdrv - ok
16:45:58.0739 4892 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:45:58.0754 4892 eeCtrl - ok
16:45:58.0848 4892 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:45:58.0864 4892 elxstor - ok
16:45:58.0879 4892 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:45:58.0879 4892 EraserUtilRebootDrv - ok
16:45:58.0926 4892 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:45:58.0926 4892 ErrDev - ok
16:45:58.0957 4892 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:45:58.0957 4892 exfat - ok
16:45:58.0988 4892 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:45:59.0004 4892 fastfat - ok
16:45:59.0020 4892 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:45:59.0035 4892 fdc - ok
16:45:59.0051 4892 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:45:59.0051 4892 FileInfo - ok
16:45:59.0082 4892 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:45:59.0082 4892 Filetrace - ok
16:45:59.0098 4892 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:45:59.0098 4892 flpydisk - ok
16:45:59.0129 4892 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:45:59.0144 4892 FltMgr - ok
16:45:59.0160 4892 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:45:59.0160 4892 FsDepends - ok
16:45:59.0176 4892 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:45:59.0176 4892 Fs_Rec - ok
16:45:59.0207 4892 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:45:59.0207 4892 fvevol - ok
16:45:59.0285 4892 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:45:59.0300 4892 gagp30kx - ok
16:45:59.0332 4892 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:45:59.0332 4892 GEARAspiWDM - ok
16:45:59.0363 4892 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:45:59.0363 4892 hcw85cir - ok
16:45:59.0394 4892 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:45:59.0394 4892 HdAudAddService - ok
16:45:59.0425 4892 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
16:45:59.0425 4892 HDAudBus - ok
16:45:59.0456 4892 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:45:59.0456 4892 HidBatt - ok
16:45:59.0488 4892 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:45:59.0488 4892 HidBth - ok
16:45:59.0519 4892 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:45:59.0519 4892 HidIr - ok
16:45:59.0534 4892 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:45:59.0534 4892 HidUsb - ok
16:45:59.0566 4892 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
16:45:59.0566 4892 HpSAMD - ok
16:45:59.0628 4892 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:45:59.0628 4892 HTTP - ok
16:45:59.0737 4892 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:45:59.0737 4892 hwpolicy - ok
16:45:59.0768 4892 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:45:59.0768 4892 i8042prt - ok
16:45:59.0815 4892 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
16:45:59.0831 4892 iaStor - ok
16:45:59.0878 4892 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:45:59.0878 4892 iaStorV - ok
16:45:59.0909 4892 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
16:45:59.0909 4892 ICDUSB3 - ok
16:46:00.0143 4892 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120217.003\IDSvia64.sys
16:46:00.0143 4892 IDSVia64 - ok
16:46:00.0236 4892 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:46:00.0236 4892 iirsp - ok
16:46:00.0268 4892 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
16:46:00.0268 4892 Impcd - ok
16:46:00.0346 4892 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
16:46:00.0361 4892 IntcAzAudAddService - ok
16:46:00.0377 4892 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:46:00.0377 4892 intelide - ok
16:46:00.0408 4892 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:46:00.0408 4892 intelppm - ok
16:46:00.0424 4892 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:46:00.0439 4892 IpFilterDriver - ok
16:46:00.0455 4892 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
16:46:00.0470 4892 IPMIDRV - ok
16:46:00.0580 4892 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:46:00.0580 4892 IPNAT - ok
16:46:00.0642 4892 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:46:00.0642 4892 IRENUM - ok
16:46:00.0673 4892 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:46:00.0673 4892 isapnp - ok
16:46:00.0704 4892 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
16:46:00.0704 4892 iScsiPrt - ok
16:46:00.0751 4892 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:46:00.0751 4892 kbdclass - ok
16:46:00.0782 4892 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
16:46:00.0782 4892 kbdhid - ok
16:46:00.0845 4892 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:46:00.0845 4892 KSecDD - ok
16:46:00.0876 4892 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:46:00.0876 4892 KSecPkg - ok
16:46:00.0907 4892 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:46:00.0907 4892 ksthunk - ok
16:46:00.0954 4892 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:46:00.0954 4892 lltdio - ok
16:46:00.0985 4892 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:46:00.0985 4892 LSI_FC - ok
16:46:01.0001 4892 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:46:01.0001 4892 LSI_SAS - ok
16:46:01.0079 4892 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:46:01.0079 4892 LSI_SAS2 - ok
16:46:01.0110 4892 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:46:01.0110 4892 LSI_SCSI - ok
16:46:01.0141 4892 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:46:01.0141 4892 luafv - ok
16:46:01.0172 4892 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:46:01.0172 4892 megasas - ok
16:46:01.0204 4892 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:46:01.0204 4892 MegaSR - ok
16:46:01.0235 4892 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:46:01.0235 4892 Modem - ok
16:46:01.0266 4892 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:46:01.0266 4892 monitor - ok
16:46:01.0282 4892 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:46:01.0282 4892 mouclass - ok
16:46:01.0313 4892 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:46:01.0313 4892 mouhid - ok
16:46:01.0328 4892 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:46:01.0328 4892 mountmgr - ok
16:46:01.0360 4892 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
16:46:01.0360 4892 mpio - ok
16:46:01.0375 4892 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:46:01.0391 4892 mpsdrv - ok
16:46:01.0406 4892 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:46:01.0406 4892 MRxDAV - ok
16:46:01.0500 4892 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:46:01.0500 4892 mrxsmb - ok
16:46:01.0547 4892 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:46:01.0547 4892 mrxsmb10 - ok
16:46:01.0594 4892 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:46:01.0594 4892 mrxsmb20 - ok
16:46:01.0625 4892 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
16:46:01.0625 4892 msahci - ok
16:46:01.0656 4892 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
16:46:01.0656 4892 msdsm - ok
16:46:01.0687 4892 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:46:01.0687 4892 Msfs - ok
16:46:01.0703 4892 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:46:01.0703 4892 mshidkmdf - ok
16:46:01.0718 4892 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:46:01.0734 4892 msisadrv - ok
16:46:01.0750 4892 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:46:01.0750 4892 MSKSSRV - ok
16:46:01.0781 4892 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:46:01.0781 4892 MSPCLOCK - ok
16:46:01.0890 4892 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:46:01.0890 4892 MSPQM - ok
16:46:01.0906 4892 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:46:01.0921 4892 MsRPC - ok
16:46:01.0952 4892 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:46:01.0952 4892 mssmbios - ok
16:46:01.0968 4892 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:46:01.0968 4892 MSTEE - ok
16:46:01.0999 4892 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:46:01.0999 4892 MTConfig - ok
16:46:02.0030 4892 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:46:02.0030 4892 Mup - ok
16:46:02.0062 4892 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:46:02.0062 4892 NativeWifiP - ok
16:46:02.0233 4892 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\ENG64.SYS
16:46:02.0233 4892 NAVENG - ok
16:46:02.0296 4892 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\EX64.SYS
16:46:02.0311 4892 NAVEX15 - ok
16:46:02.0405 4892 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:46:02.0420 4892 NDIS - ok
16:46:02.0452 4892 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:46:02.0452 4892 NdisCap - ok
16:46:02.0467 4892 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:46:02.0467 4892 NdisTapi - ok
16:46:02.0498 4892 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:46:02.0498 4892 Ndisuio - ok
16:46:02.0514 4892 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:46:02.0514 4892 NdisWan - ok
16:46:02.0545 4892 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:46:02.0545 4892 NDProxy - ok
16:46:02.0561 4892 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:46:02.0561 4892 NetBIOS - ok
16:46:02.0608 4892 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:46:02.0608 4892 NetBT - ok
16:46:02.0623 4892 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:46:02.0623 4892 nfrd960 - ok
16:46:02.0654 4892 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:46:02.0654 4892 Npfs - ok
16:46:02.0670 4892 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:46:02.0670 4892 nsiproxy - ok
16:46:02.0779 4892 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:46:02.0795 4892 Ntfs - ok
16:46:02.0888 4892 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:46:02.0888 4892 Null - ok
16:46:02.0966 4892 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
16:46:02.0966 4892 NVHDA - ok
16:46:03.0247 4892 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:46:03.0403 4892 nvlddmkm - ok
16:46:03.0528 4892 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:46:03.0528 4892 nvraid - ok
16:46:03.0559 4892 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:46:03.0559 4892 nvstor - ok
16:46:03.0590 4892 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:46:03.0606 4892 nv_agp - ok
16:46:03.0637 4892 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:46:03.0637 4892 ohci1394 - ok
16:46:03.0684 4892 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:46:03.0684 4892 Parport - ok
16:46:03.0715 4892 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:46:03.0715 4892 partmgr - ok
16:46:03.0731 4892 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
16:46:03.0746 4892 pci - ok
16:46:03.0762 4892 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:46:03.0762 4892 pciide - ok
16:46:03.0778 4892 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:46:03.0793 4892 pcmcia - ok
16:46:03.0809 4892 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:46:03.0809 4892 pcw - ok
16:46:03.0840 4892 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:46:03.0840 4892 PEAUTH - ok
16:46:04.0027 4892 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:46:04.0027 4892 PptpMiniport - ok
16:46:04.0058 4892 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:46:04.0058 4892 Processor - ok
16:46:04.0090 4892 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:46:04.0090 4892 Psched - ok
16:46:04.0136 4892 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:46:04.0136 4892 PxHlpa64 - ok
16:46:04.0168 4892 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:46:04.0183 4892 ql2300 - ok
16:46:04.0214 4892 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:46:04.0214 4892 ql40xx - ok
16:46:04.0230 4892 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:46:04.0246 4892 QWAVEdrv - ok
16:46:04.0261 4892 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:46:04.0261 4892 RasAcd - ok
16:46:04.0324 4892 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:04.0324 4892 RasAgileVpn - ok
16:46:04.0370 4892 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:04.0370 4892 Rasl2tp - ok
16:46:04.0402 4892 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:04.0402 4892 RasPppoe - ok
16:46:04.0417 4892 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:46:04.0417 4892 RasSstp - ok
16:46:04.0448 4892 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:46:04.0448 4892 rdbss - ok
16:46:04.0464 4892 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:46:04.0464 4892 rdpbus - ok
16:46:04.0495 4892 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:04.0495 4892 RDPCDD - ok
16:46:04.0511 4892 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:46:04.0511 4892 RDPENCDD - ok
16:46:04.0542 4892 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:46:04.0542 4892 RDPREFMP - ok
16:46:04.0558 4892 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:46:04.0558 4892 RDPWD - ok
16:46:04.0589 4892 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:46:04.0604 4892 rdyboost - ok
16:46:04.0636 4892 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:46:04.0636 4892 RFCOMM - ok
16:46:04.0714 4892 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
16:46:04.0729 4892 rimspci - ok
16:46:04.0760 4892 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:46:04.0776 4892 RimUsb - ok
16:46:04.0807 4892 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:46:04.0807 4892 RimVSerPort - ok
16:46:04.0854 4892 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
16:46:04.0854 4892 risdsnpe - ok
16:46:04.0901 4892 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:46:04.0901 4892 ROOTMODEM - ok
16:46:04.0948 4892 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:46:04.0963 4892 rspndr - ok
16:46:04.0994 4892 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
16:46:04.0994 4892 sbp2port - ok
16:46:05.0026 4892 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:46:05.0026 4892 scfilter - ok
16:46:05.0088 4892 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
16:46:05.0088 4892 sdbus - ok
16:46:05.0150 4892 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:46:05.0150 4892 secdrv - ok
16:46:05.0166 4892 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:46:05.0166 4892 Serenum - ok
16:46:05.0197 4892 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:46:05.0197 4892 Serial - ok
16:46:05.0213 4892 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:46:05.0213 4892 sermouse - ok
16:46:05.0260 4892 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
16:46:05.0260 4892 SFEP - ok
16:46:05.0291 4892 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:46:05.0291 4892 sffdisk - ok
16:46:05.0322 4892 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:46:05.0322 4892 sffp_mmc - ok
16:46:05.0338 4892 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
16:46:05.0338 4892 sffp_sd - ok
16:46:05.0369 4892 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:46:05.0369 4892 sfloppy - ok
16:46:05.0384 4892 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:46:05.0384 4892 SiSRaid2 - ok
16:46:05.0416 4892 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:46:05.0416 4892 SiSRaid4 - ok
16:46:05.0431 4892 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:46:05.0431 4892 Smb - ok
16:46:05.0478 4892 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:46:05.0478 4892 spldr - ok
16:46:05.0650 4892 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSP64.SYS
16:46:05.0650 4892 SRTSP - ok
16:46:05.0696 4892 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSPX64.SYS
16:46:05.0696 4892 SRTSPX - ok
16:46:05.0790 4892 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:46:05.0790 4892 srv - ok
16:46:05.0899 4892 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:46:05.0899 4892 srv2 - ok
16:46:06.0055 4892 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:46:06.0055 4892 srvnet - ok
16:46:06.0102 4892 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:46:06.0102 4892 stexstor - ok
16:46:06.0133 4892 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:46:06.0133 4892 swenum - ok
16:46:06.0242 4892 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0600010.002\SYMDS64.SYS
16:46:06.0242 4892 SymDS - ok
16:46:06.0445 4892 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0600010.002\SYMEFA64.SYS
16:46:06.0445 4892 SymEFA - ok
16:46:06.0523 4892 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:46:06.0523 4892 SymEvent - ok
16:46:06.0617 4892 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0600010.002\Ironx64.SYS
16:46:06.0617 4892 SymIRON - ok
16:46:06.0695 4892 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\system32\drivers\N360x64\0600010.002\SYMNETS.SYS
16:46:06.0695 4892 SymNetS - ok
16:46:06.0804 4892 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:46:06.0804 4892 Tcpip - ok
16:46:06.0882 4892 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:46:06.0898 4892 TCPIP6 - ok
16:46:06.0944 4892 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:46:06.0944 4892 tcpipreg - ok
16:46:06.0991 4892 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:46:06.0991 4892 TDPIPE - ok
16:46:07.0054 4892 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:46:07.0054 4892 TDTCP - ok
16:46:07.0100 4892 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:46:07.0100 4892 tdx - ok
16:46:07.0132 4892 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
16:46:07.0132 4892 TermDD - ok
16:46:07.0178 4892 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:07.0178 4892 tssecsrv - ok
16:46:07.0194 4892 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:46:07.0194 4892 tunnel - ok
16:46:07.0225 4892 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:46:07.0225 4892 uagp35 - ok
16:46:07.0256 4892 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
16:46:07.0256 4892 udfs - ok
16:46:07.0288 4892 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:46:07.0288 4892 uliagpkx - ok
16:46:07.0334 4892 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:46:07.0334 4892 umbus - ok
16:46:07.0350 4892 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:46:07.0350 4892 UmPass - ok
16:46:07.0381 4892 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:46:07.0381 4892 usbaudio - ok
16:46:07.0428 4892 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:46:07.0428 4892 usbccgp - ok
16:46:07.0490 4892 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:46:07.0490 4892 usbcir - ok
16:46:07.0522 4892 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
16:46:07.0522 4892 usbehci - ok
16:46:07.0553 4892 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:46:07.0553 4892 usbhub - ok
16:46:07.0568 4892 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:46:07.0568 4892 usbohci - ok
16:46:07.0600 4892 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:46:07.0600 4892 usbprint - ok
16:46:07.0615 4892 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
16:46:07.0615 4892 USBSTOR - ok
16:46:07.0646 4892 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
16:46:07.0646 4892 usbuhci - ok
16:46:07.0678 4892 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
16:46:07.0678 4892 usbvideo - ok
16:46:07.0756 4892 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:46:07.0756 4892 vdrvroot - ok
16:46:07.0787 4892 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:07.0787 4892 vga - ok
16:46:07.0818 4892 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:46:07.0818 4892 VgaSave - ok
16:46:07.0849 4892 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
16:46:07.0849 4892 vhdmp - ok
16:46:07.0927 4892 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:46:07.0927 4892 viaide - ok
16:46:07.0974 4892 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
16:46:07.0974 4892 volmgr - ok
16:46:08.0005 4892 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:46:08.0005 4892 volmgrx - ok
16:46:08.0068 4892 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
16:46:08.0068 4892 volsnap - ok
16:46:08.0114 4892 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:46:08.0114 4892 vsmraid - ok
16:46:08.0146 4892 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:46:08.0146 4892 vwifibus - ok
16:46:08.0177 4892 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:46:08.0177 4892 vwififlt - ok
16:46:08.0192 4892 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:46:08.0192 4892 vwifimp - ok
16:46:08.0208 4892 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:46:08.0208 4892 WacomPen - ok
16:46:08.0255 4892 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:46:08.0255 4892 WANARP - ok
16:46:08.0270 4892 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:46:08.0270 4892 Wanarpv6 - ok
16:46:08.0302 4892 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:46:08.0302 4892 Wd - ok
16:46:08.0317 4892 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:46:08.0333 4892 Wdf01000 - ok
16:46:08.0348 4892 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:08.0348 4892 WfpLwf - ok
16:46:08.0364 4892 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:46:08.0364 4892 WIMMount - ok
16:46:08.0411 4892 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:46:08.0411 4892 WinUsb - ok
16:46:08.0442 4892 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:46:08.0442 4892 WmiAcpi - ok
16:46:08.0473 4892 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:46:08.0473 4892 ws2ifsl - ok
16:46:08.0504 4892 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:46:08.0504 4892 WudfPf - ok
16:46:08.0582 4892 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
16:46:08.0582 4892 xusb21 - ok
16:46:08.0629 4892 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
16:46:08.0629 4892 yukonw7 - ok
16:46:08.0645 4892 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
16:46:08.0676 4892 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
16:46:08.0676 4892 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
16:46:08.0707 4892 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
16:46:08.0707 4892 \Device\Harddisk0\DR0\Partition0 - ok
16:46:08.0723 4892 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
16:46:08.0723 4892 \Device\Harddisk0\DR0\Partition1 - ok
16:46:08.0723 4892 ============================================================
16:46:08.0723 4892 Scan finished
16:46:08.0723 4892 ============================================================
16:46:08.0738 7376 Detected object count: 1
16:46:08.0738 7376 Actual detected object count: 1
17:08:30.0545 7376 \Device\Harddisk0\DR0\# - copied to quarantine
17:08:30.0545 7376 \Device\Harddisk0\DR0 - copied to quarantine
17:08:30.0639 7376 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
17:08:30.0639 7376 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
17:08:30.0654 7376 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
17:08:30.0670 7376 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
17:08:30.0686 7376 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
17:08:30.0686 7376 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine
18:07:20.0178 9008 ============================================================
18:07:20.0178 9008 Scan started
18:07:20.0178 9008 Mode: Manual;
18:07:20.0178 9008 ============================================================
18:07:20.0802 9008 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
18:07:20.0817 9008 1394ohci - ok
18:07:20.0864 9008 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
18:07:20.0864 9008 ACPI - ok
18:07:20.0895 9008 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
18:07:20.0895 9008 AcpiPmi - ok
18:07:20.0926 9008 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:07:20.0942 9008 adp94xx - ok
18:07:20.0958 9008 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:07:20.0973 9008 adpahci - ok
18:07:20.0989 9008 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:07:21.0004 9008 adpu320 - ok
18:07:21.0082 9008 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
18:07:21.0098 9008 AFD - ok
18:07:21.0129 9008 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:07:21.0129 9008 agp440 - ok
18:07:21.0207 9008 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:07:21.0207 9008 aliide - ok
18:07:21.0238 9008 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:07:21.0238 9008 amdide - ok
18:07:21.0254 9008 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:07:21.0254 9008 AmdK8 - ok
18:07:21.0270 9008 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:07:21.0270 9008 AmdPPM - ok
18:07:21.0316 9008 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
18:07:21.0316 9008 amdsata - ok
18:07:21.0348 9008 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:07:21.0348 9008 amdsbs - ok
18:07:21.0363 9008 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
18:07:21.0363 9008 amdxata - ok
18:07:21.0410 9008 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:07:21.0410 9008 ApfiltrService - ok
18:07:21.0441 9008 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
18:07:21.0441 9008 AppID - ok
18:07:21.0472 9008 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:07:21.0472 9008 arc - ok
18:07:21.0504 9008 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:07:21.0504 9008 arcsas - ok
18:07:21.0550 9008 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:07:21.0550 9008 ArcSoftKsUFilter - ok
18:07:21.0628 9008 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:07:21.0628 9008 AsyncMac - ok
18:07:21.0675 9008 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:07:21.0675 9008 atapi - ok
18:07:21.0738 9008 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
18:07:21.0769 9008 athr - ok
18:07:21.0800 9008 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:07:21.0816 9008 b06bdrv - ok
18:07:21.0847 9008 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:07:21.0847 9008 b57nd60a - ok
18:07:21.0878 9008 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:07:21.0878 9008 Beep - ok
18:07:22.0096 9008 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
18:07:22.0112 9008 BHDrvx64 - ok
18:07:22.0190 9008 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
18:07:22.0190 9008 blbdrive - ok
18:07:22.0237 9008 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
18:07:22.0237 9008 bowser - ok
18:07:22.0268 9008 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:07:22.0268 9008 BrFiltLo - ok
18:07:22.0284 9008 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:07:22.0284 9008 BrFiltUp - ok
18:07:22.0330 9008 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:07:22.0346 9008 Brserid - ok
18:07:22.0362 9008 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:07:22.0362 9008 BrSerWdm - ok
18:07:22.0393 9008 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:07:22.0393 9008 BrUsbMdm - ok
18:07:22.0408 9008 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:07:22.0408 9008 BrUsbSer - ok
18:07:22.0455 9008 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:07:22.0455 9008 BthEnum - ok
18:07:22.0549 9008 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:07:22.0549 9008 BTHMODEM - ok
18:07:22.0564 9008 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:07:22.0564 9008 BthPan - ok
18:07:22.0627 9008 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
18:07:22.0642 9008 BTHPORT - ok
18:07:22.0674 9008 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
18:07:22.0674 9008 BTHUSB - ok
18:07:22.0736 9008 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
18:07:22.0736 9008 btwampfl - ok
18:07:22.0752 9008 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
18:07:22.0752 9008 btwaudio - ok
18:07:22.0798 9008 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
18:07:22.0798 9008 btwavdt - ok
18:07:22.0814 9008 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:07:22.0814 9008 btwl2cap - ok
18:07:22.0923 9008 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
18:07:22.0923 9008 btwrchid - ok
18:07:23.0064 9008 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0600010.002\ccSetx64.sys
18:07:23.0064 9008 ccSet_N360 - ok
18:07:23.0095 9008 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:07:23.0095 9008 cdfs - ok
18:07:23.0126 9008 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
18:07:23.0126 9008 cdrom - ok
18:07:23.0142 9008 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:07:23.0142 9008 circlass - ok
18:07:23.0173 9008 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:07:23.0188 9008 CLFS - ok
18:07:23.0282 9008 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:07:23.0282 9008 CmBatt - ok
18:07:23.0298 9008 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:07:23.0298 9008 cmdide - ok
18:07:23.0344 9008 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
18:07:23.0344 9008 CNG - ok
18:07:23.0376 9008 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:07:23.0376 9008 Compbatt - ok
18:07:23.0407 9008 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
18:07:23.0407 9008 CompositeBus - ok
18:07:23.0438 9008 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:07:23.0438 9008 crcdisk - ok
18:07:23.0485 9008 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
18:07:23.0485 9008 DfsC - ok
18:07:23.0516 9008 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:07:23.0516 9008 discache - ok
18:07:23.0578 9008 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:07:23.0578 9008 Disk - ok
18:07:23.0703 9008 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
18:07:23.0703 9008 dot4 - ok
18:07:23.0750 9008 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:07:23.0750 9008 Dot4Print - ok
18:07:23.0766 9008 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
18:07:23.0766 9008 Dot4Scan - ok
18:07:23.0797 9008 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
18:07:23.0797 9008 dot4usb - ok
18:07:23.0812 9008 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:07:23.0812 9008 drmkaud - ok
18:07:23.0859 9008 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
18:07:23.0875 9008 DXGKrnl - ok
18:07:23.0984 9008 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:07:24.0031 9008 ebdrv - ok
18:07:24.0124 9008 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:07:24.0124 9008 eeCtrl - ok
18:07:24.0234 9008 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:07:24.0234 9008 elxstor - ok
18:07:24.0265 9008 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:07:24.0265 9008 EraserUtilRebootDrv - ok
18:07:24.0280 9008 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:07:24.0280 9008 ErrDev - ok
18:07:24.0312 9008 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:07:24.0327 9008 exfat - ok
18:07:24.0343 9008 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:07:24.0343 9008 fastfat - ok
18:07:24.0374 9008 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:07:24.0374 9008 fdc - ok
18:07:24.0405 9008 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:07:24.0405 9008 FileInfo - ok
18:07:24.0421 9008 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:07:24.0436 9008 Filetrace - ok
18:07:24.0452 9008 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:07:24.0452 9008 flpydisk - ok
18:07:24.0483 9008 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
18:07:24.0483 9008 FltMgr - ok
18:07:24.0499 9008 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:07:24.0499 9008 FsDepends - ok
18:07:24.0530 9008 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:07:24.0530 9008 Fs_Rec - ok
18:07:24.0639 9008 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:07:24.0639 9008 fvevol - ok
18:07:24.0670 9008 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:07:24.0670 9008 gagp30kx - ok
18:07:24.0733 9008 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:07:24.0733 9008 GEARAspiWDM - ok
18:07:24.0780 9008 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:07:24.0780 9008 hcw85cir - ok
18:07:24.0811 9008 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
18:07:24.0811 9008 HdAudAddService - ok
18:07:24.0842 9008 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
18:07:24.0842 9008 HDAudBus - ok
18:07:24.0873 9008 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:07:24.0873 9008 HidBatt - ok
18:07:24.0904 9008 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:07:24.0904 9008 HidBth - ok
18:07:24.0967 9008 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:07:24.0967 9008 HidIr - ok
18:07:25.0014 9008 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
18:07:25.0014 9008 HidUsb - ok
18:07:25.0029 9008 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
18:07:25.0029 9008 HpSAMD - ok
18:07:25.0076 9008 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
18:07:25.0092 9008 HTTP - ok
18:07:25.0107 9008 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
18:07:25.0107 9008 hwpolicy - ok
18:07:25.0154 9008 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:07:25.0154 9008 i8042prt - ok
18:07:25.0185 9008 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
18:07:25.0185 9008 iaStor - ok
18:07:25.0248 9008 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
18:07:25.0263 9008 iaStorV - ok
18:07:25.0372 9008 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
18:07:25.0388 9008 ICDUSB3 - ok
18:07:25.0669 9008 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120217.003\IDSvia64.sys
18:07:25.0684 9008 IDSVia64 - ok
18:07:25.0747 9008 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:07:25.0747 9008 iirsp - ok
18:07:25.0794 9008 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
18:07:25.0794 9008 Impcd - ok
18:07:25.0856 9008 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
18:07:25.0887 9008 IntcAzAudAddService - ok
18:07:25.0918 9008 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:07:25.0918 9008 intelide - ok
18:07:25.0950 9008 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:07:25.0950 9008 intelppm - ok
18:07:25.0965 9008 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:07:25.0965 9008 IpFilterDriver - ok
18:07:25.0996 9008 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
18:07:25.0996 9008 IPMIDRV - ok
18:07:26.0012 9008 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:07:26.0028 9008 IPNAT - ok
18:07:26.0090 9008 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:07:26.0090 9008 IRENUM - ok
18:07:26.0121 9008 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:07:26.0121 9008 isapnp - ok
18:07:26.0152 9008 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
18:07:26.0152 9008 iScsiPrt - ok
18:07:26.0184 9008 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:07:26.0184 9008 kbdclass - ok
18:07:26.0199 9008 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
18:07:26.0199 9008 kbdhid - ok
18:07:26.0246 9008 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
18:07:26.0246 9008 KSecDD - ok
18:07:26.0277 9008 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
18:07:26.0277 9008 KSecPkg - ok
18:07:26.0293 9008 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:07:26.0293 9008 ksthunk - ok
18:07:26.0324 9008 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:07:26.0324 9008 lltdio - ok
18:07:26.0355 9008 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:07:26.0355 9008 LSI_FC - ok
18:07:26.0371 9008 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:07:26.0371 9008 LSI_SAS - ok
18:07:26.0402 9008 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:07:26.0402 9008 LSI_SAS2 - ok
18:07:26.0480 9008 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:07:26.0480 9008 LSI_SCSI - ok
18:07:26.0511 9008 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:07:26.0527 9008 luafv - ok
18:07:26.0542 9008 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:07:26.0542 9008 megasas - ok
18:07:26.0574 9008 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:07:26.0574 9008 MegaSR - ok
18:07:26.0652 9008 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:07:26.0652 9008 Modem - ok
18:07:26.0667 9008 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:07:26.0667 9008 monitor - ok
18:07:26.0698 9008 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:07:26.0698 9008 mouclass - ok
18:07:26.0714 9008 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
18:07:26.0714 9008 mouhid - ok
18:07:26.0745 9008 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
18:07:26.0745 9008 mountmgr - ok
18:07:26.0823 9008 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
18:07:26.0823 9008 mpio - ok
18:07:26.0854 9008 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:07:26.0854 9008 mpsdrv - ok
18:07:26.0870 9008 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
18:07:26.0886 9008 MRxDAV - ok
18:07:26.0917 9008 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:07:26.0932 9008 mrxsmb - ok
18:07:26.0979 9008 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:07:26.0979 9008 mrxsmb10 - ok
18:07:27.0010 9008 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:07:27.0010 9008 mrxsmb20 - ok
18:07:27.0042 9008 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
18:07:27.0042 9008 msahci - ok
18:07:27.0073 9008 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
18:07:27.0073 9008 msdsm - ok
18:07:27.0088 9008 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:07:27.0088 9008 Msfs - ok
18:07:27.0104 9008 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:07:27.0104 9008 mshidkmdf - ok
18:07:27.0135 9008 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:07:27.0135 9008 msisadrv - ok
18:07:27.0213 9008 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:07:27.0213 9008 MSKSSRV - ok
18:07:27.0244 9008 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:07:27.0244 9008 MSPCLOCK - ok
18:07:27.0260 9008 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:07:27.0260 9008 MSPQM - ok
18:07:27.0291 9008 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
18:07:27.0291 9008 MsRPC - ok
18:07:27.0307 9008 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:07:27.0322 9008 mssmbios - ok
18:07:27.0338 9008 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:07:27.0338 9008 MSTEE - ok
18:07:27.0369 9008 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:07:27.0369 9008 MTConfig - ok
18:07:27.0385 9008 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:07:27.0385 9008 Mup - ok
18:07:27.0447 9008 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:07:27.0447 9008 NativeWifiP - ok
18:07:27.0650 9008 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\ENG64.SYS
18:07:27.0666 9008 NAVENG - ok
18:07:27.0728 9008 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\EX64.SYS
18:07:27.0744 9008 NAVEX15 - ok
18:07:27.0837 9008 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
18:07:27.0837 9008 NDIS - ok
18:07:27.0868 9008 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:07:27.0868 9008 NdisCap - ok
18:07:27.0900 9008 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:07:27.0900 9008 NdisTapi - ok
18:07:27.0931 9008 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
18:07:27.0931 9008 Ndisuio - ok
18:07:27.0946 9008 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:07:27.0962 9008 NdisWan - ok
18:07:27.0978 9008 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
18:07:27.0978 9008 NDProxy - ok
18:07:27.0993 9008 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:07:27.0993 9008 NetBIOS - ok
18:07:28.0024 9008 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
18:07:28.0024 9008 NetBT - ok
18:07:28.0040 9008 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:07:28.0040 9008 nfrd960 - ok
18:07:28.0056 9008 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:07:28.0056 9008 Npfs - ok
18:07:28.0071 9008 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:07:28.0071 9008 nsiproxy - ok
18:07:28.0149 9008 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
18:07:28.0165 9008 Ntfs - ok
18:07:28.0243 9008 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:07:28.0243 9008 Null - ok
18:07:28.0274 9008 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
18:07:28.0274 9008 NVHDA - ok
18:07:28.0461 9008 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:07:28.0633 9008 nvlddmkm - ok
18:07:28.0742 9008 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
18:07:28.0742 9008 nvraid - ok
18:07:28.0773 9008 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
18:07:28.0773 9008 nvstor - ok
18:07:28.0820 9008 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:07:28.0820 9008 nv_agp - ok
18:07:28.0851 9008 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:07:28.0851 9008 ohci1394 - ok
18:07:28.0914 9008 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
18:07:28.0929 9008 Parport - ok
18:07:28.0945 9008 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
18:07:28.0960 9008 partmgr - ok
18:07:28.0976 9008 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
18:07:28.0976 9008 pci - ok
18:07:29.0007 9008 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:07:29.0007 9008 pciide - ok
18:07:29.0085 9008 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:07:29.0085 9008 pcmcia - ok
18:07:29.0116 9008 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:07:29.0116 9008 pcw - ok
18:07:29.0148 9008 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:07:29.0148 9008 PEAUTH - ok
18:07:29.0194 9008 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
18:07:29.0210 9008 PptpMiniport - ok
18:07:29.0226 9008 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:07:29.0226 9008 Processor - ok
18:07:29.0257 9008 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
18:07:29.0257 9008 Psched - ok
18:07:29.0350 9008 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:07:29.0350 9008 PxHlpa64 - ok
18:07:29.0397 9008 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:07:29.0413 9008 ql2300 - ok
18:07:29.0522 9008 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:07:29.0538 9008 ql40xx - ok
18:07:29.0553 9008 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:07:29.0553 9008 QWAVEdrv - ok
18:07:29.0584 9008 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:07:29.0584 9008 RasAcd - ok
18:07:29.0616 9008 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:07:29.0616 9008 RasAgileVpn - ok
18:07:29.0647 9008 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:07:29.0647 9008 Rasl2tp - ok
18:07:29.0678 9008 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:07:29.0678 9008 RasPppoe - ok
18:07:29.0694 9008 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:07:29.0694 9008 RasSstp - ok
18:07:29.0725 9008 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
18:07:29.0740 9008 rdbss - ok
18:07:29.0756 9008 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
18:07:29.0756 9008 rdpbus - ok
18:07:29.0772 9008 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:07:29.0772 9008 RDPCDD - ok
18:07:29.0803 9008 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:07:29.0803 9008 RDPENCDD - ok
18:07:29.0881 9008 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:07:29.0881 9008 RDPREFMP - ok
18:07:29.0912 9008 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
18:07:29.0912 9008 RDPWD - ok
18:07:29.0974 9008 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
18:07:29.0974 9008 rdyboost - ok
18:07:30.0084 9008 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:07:30.0084 9008 RFCOMM - ok
18:07:30.0115 9008 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
18:07:30.0130 9008 rimspci - ok
18:07:30.0396 9008 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:07:30.0396 9008 RimUsb - ok
18:07:30.0442 9008 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
18:07:30.0442 9008 RimVSerPort - ok
18:07:30.0458 9008 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
18:07:30.0458 9008 risdsnpe - ok
18:07:30.0489 9008 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
18:07:30.0489 9008 ROOTMODEM - ok
18:07:30.0536 9008 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:07:30.0536 9008 rspndr - ok
18:07:30.0552 9008 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
18:07:30.0567 9008 sbp2port - ok
18:07:30.0583 9008 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
18:07:30.0583 9008 scfilter - ok
18:07:30.0614 9008 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
18:07:30.0614 9008 sdbus - ok
18:07:30.0645 9008 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:07:30.0645 9008 secdrv - ok
18:07:30.0676 9008 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
18:07:30.0676 9008 Serenum - ok
18:07:30.0739 9008 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
18:07:30.0739 9008 Serial - ok
18:07:30.0770 9008 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:07:30.0770 9008 sermouse - ok
18:07:30.0817 9008 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
18:07:30.0817 9008 SFEP - ok
18:07:30.0832 9008 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:07:30.0832 9008 sffdisk - ok
18:07:30.0848 9008 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:07:30.0848 9008 sffp_mmc - ok
18:07:30.0895 9008 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
18:07:30.0895 9008 sffp_sd - ok
18:07:30.0926 9008 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:07:30.0926 9008 sfloppy - ok
18:07:30.0957 9008 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:07:30.0957 9008 SiSRaid2 - ok
18:07:30.0973 9008 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:07:30.0973 9008 SiSRaid4 - ok
18:07:31.0004 9008 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:07:31.0004 9008 Smb - ok
18:07:31.0051 9008 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:07:31.0051 9008 spldr - ok
18:07:31.0254 9008 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSP64.SYS
18:07:31.0269 9008 SRTSP - ok
18:07:31.0363 9008 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSPX64.SYS
18:07:31.0363 9008 SRTSPX - ok
18:07:31.0410 9008 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
18:07:31.0410 9008 srv - ok
18:07:31.0503 9008 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
18:07:31.0503 9008 srv2 - ok
18:07:31.0534 9008 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
18:07:31.0534 9008 srvnet - ok
18:07:31.0581 9008 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:07:31.0581 9008 stexstor - ok
18:07:31.0612 9008 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:07:31.0612 9008 swenum - ok
18:07:31.0737 9008 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0600010.002\SYMDS64.SYS
18:07:31.0737 9008 SymDS - ok
18:07:31.0909 9008 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0600010.002\SYMEFA64.SYS
18:07:31.0924 9008 SymEFA - ok
18:07:32.0018 9008 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:07:32.0018 9008 SymEvent - ok
18:07:32.0143 9008 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0600010.002\Ironx64.SYS
18:07:32.0143 9008 SymIRON - ok
18:07:32.0299 9008 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\system32\drivers\N360x64\0600010.002\SYMNETS.SYS
18:07:32.0299 9008 SymNetS - ok
18:07:32.0361 9008 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
18:07:32.0392 9008 Tcpip - ok
18:07:32.0424 9008 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
18:07:32.0439 9008 TCPIP6 - ok
18:07:32.0486 9008 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
18:07:32.0486 9008 tcpipreg - ok
18:07:32.0517 9008 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:07:32.0517 9008 TDPIPE - ok
18:07:32.0533 9008 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:07:32.0533 9008 TDTCP - ok
18:07:32.0564 9008 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
18:07:32.0564 9008 tdx - ok
18:07:32.0580 9008 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
18:07:32.0580 9008 TermDD - ok
18:07:32.0611 9008 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:07:32.0611 9008 tssecsrv - ok
18:07:32.0689 9008 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
18:07:32.0689 9008 tunnel - ok
18:07:32.0720 9008 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:07:32.0720 9008 uagp35 - ok
18:07:32.0751 9008 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
18:07:32.0751 9008 udfs - ok
18:07:32.0782 9008 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:07:32.0782 9008 uliagpkx - ok
18:07:32.0814 9008 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
18:07:32.0814 9008 umbus - ok
18:07:32.0829 9008 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:07:32.0829 9008 UmPass - ok
18:07:32.0892 9008 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
18:07:32.0892 9008 usbaudio - ok
18:07:32.0923 9008 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
18:07:32.0923 9008 usbccgp - ok
18:07:32.0970 9008 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:07:32.0970 9008 usbcir - ok
18:07:33.0001 9008 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
18:07:33.0001 9008 usbehci - ok
18:07:33.0094 9008 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
18:07:33.0094 9008 usbhub - ok
18:07:33.0126 9008 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
18:07:33.0126 9008 usbohci - ok
18:07:33.0141 9008 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
18:07:33.0141 9008 usbprint - ok
18:07:33.0172 9008 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
18:07:33.0172 9008 USBSTOR - ok
18:07:33.0204 9008 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
18:07:33.0204 9008 usbuhci - ok
18:07:33.0219 9008 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
18:07:33.0219 9008 usbvideo - ok
18:07:33.0282 9008 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:07:33.0282 9008 vdrvroot - ok
18:07:33.0297 9008 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:07:33.0297 9008 vga - ok
18:07:33.0328 9008 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:07:33.0328 9008 VgaSave - ok
18:07:33.0360 9008 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
18:07:33.0360 9008 vhdmp - ok
18:07:33.0406 9008 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:07:33.0406 9008 viaide - ok
18:07:33.0422 9008 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
18:07:33.0422 9008 volmgr - ok
18:07:33.0500 9008 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
18:07:33.0516 9008 volmgrx - ok
18:07:33.0562 9008 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
18:07:33.0562 9008 volsnap - ok
18:07:33.0578 9008 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:07:33.0578 9008 vsmraid - ok
18:07:33.0640 9008 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:07:33.0640 9008 vwifibus - ok
18:07:33.0656 9008 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:07:33.0656 9008 vwififlt - ok
18:07:33.0703 9008 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:07:33.0703 9008 vwifimp - ok
18:07:33.0718 9008 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:07:33.0718 9008 WacomPen - ok
18:07:33.0765 9008 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:07:33.0765 9008 WANARP - ok
18:07:33.0765 9008 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:07:33.0765 9008 Wanarpv6 - ok
18:07:33.0859 9008 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:07:33.0859 9008 Wd - ok
18:07:33.0874 9008 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:07:33.0890 9008 Wdf01000 - ok
18:07:33.0937 9008 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:07:33.0937 9008 WfpLwf - ok
18:07:33.0937 9008 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:07:33.0952 9008 WIMMount - ok
18:07:34.0015 9008 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
18:07:34.0015 9008 WinUsb - ok
18:07:34.0046 9008 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:07:34.0046 9008 WmiAcpi - ok
18:07:34.0093 9008 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:07:34.0093 9008 ws2ifsl - ok
18:07:34.0124 9008 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
18:07:34.0124 9008 WudfPf - ok
18:07:34.0186 9008 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
18:07:34.0186 9008 xusb21 - ok
18:07:34.0280 9008 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
18:07:34.0280 9008 yukonw7 - ok
18:07:34.0311 9008 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
18:07:34.0342 9008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
18:07:34.0342 9008 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
18:07:34.0374 9008 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
18:07:34.0374 9008 \Device\Harddisk0\DR0\Partition0 - ok
18:07:34.0389 9008 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
18:07:34.0389 9008 \Device\Harddisk0\DR0\Partition1 - ok
18:07:34.0389 9008 ============================================================
18:07:34.0389 9008 Scan finished
18:07:34.0389 9008 ============================================================
18:07:34.0389 8628 Detected object count: 1
18:07:34.0389 8628 Actual detected object count: 1
18:09:07.0303 8628 \Device\Harddisk0\DR0\# - copied to quarantine
18:09:07.0303 8628 \Device\Harddisk0\DR0 - copied to quarantine
18:09:07.0381 8628 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
18:09:07.0381 8628 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
18:09:07.0397 8628 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
18:09:07.0412 8628 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
18:09:07.0428 8628 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
18:09:07.0428 8628 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine
19:26:29.0901 8820 ============================================================
19:26:29.0901 8820 Scan started
19:26:29.0901 8820 Mode: Manual;
19:26:29.0901 8820 ============================================================
19:26:30.0119 8820 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
19:26:30.0119 8820 1394ohci - ok
19:26:30.0166 8820 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
19:26:30.0166 8820 ACPI - ok
19:26:30.0182 8820 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
19:26:30.0182 8820 AcpiPmi - ok
19:26:30.0213 8820 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:26:30.0213 8820 adp94xx - ok
19:26:30.0244 8820 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:26:30.0244 8820 adpahci - ok
19:26:30.0260 8820 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:26:30.0260 8820 adpu320 - ok
19:26:30.0291 8820 AFD - ok
19:26:30.0307 8820 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:26:30.0322 8820 agp440 - ok
19:26:30.0338 8820 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:26:30.0338 8820 aliide - ok
19:26:30.0353 8820 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:26:30.0353 8820 amdide - ok
19:26:30.0369 8820 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:26:30.0369 8820 AmdK8 - ok
19:26:30.0385 8820 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:26:30.0385 8820 AmdPPM - ok
19:26:30.0447 8820 amdsata - ok
19:26:30.0525 8820 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:26:30.0525 8820 amdsbs - ok
19:26:30.0525 8820 amdxata - ok
19:26:30.0572 8820 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
19:26:30.0572 8820 ApfiltrService - ok
19:26:30.0587 8820 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
19:26:30.0603 8820 AppID - ok
19:26:30.0619 8820 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:26:30.0619 8820 arc - ok
19:26:30.0634 8820 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:26:30.0634 8820 arcsas - ok
19:26:30.0681 8820 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:26:30.0681 8820 ArcSoftKsUFilter - ok
19:26:30.0697 8820 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:26:30.0697 8820 AsyncMac - ok
19:26:30.0728 8820 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:26:30.0728 8820 atapi - ok
19:26:30.0790 8820 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
19:26:30.0790 8820 athr - ok
19:26:30.0884 8820 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:26:30.0899 8820 b06bdrv - ok
19:26:30.0931 8820 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:26:30.0931 8820 b57nd60a - ok
19:26:30.0962 8820 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:26:30.0962 8820 Beep - ok
19:26:31.0009 8820 BHDrvx64 - ok
19:26:31.0040 8820 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:26:31.0040 8820 blbdrive - ok
19:26:31.0071 8820 bowser - ok
19:26:31.0102 8820 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:26:31.0102 8820 BrFiltLo - ok
19:26:31.0118 8820 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:26:31.0118 8820 BrFiltUp - ok
19:26:31.0149 8820 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:26:31.0149 8820 Brserid - ok
19:26:31.0180 8820 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:26:31.0180 8820 BrSerWdm - ok
19:26:31.0243 8820 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:26:31.0243 8820 BrUsbMdm - ok
19:26:31.0274 8820 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:26:31.0274 8820 BrUsbSer - ok
19:26:31.0305 8820 BthEnum - ok
19:26:31.0336 8820 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:26:31.0336 8820 BTHMODEM - ok
19:26:31.0352 8820 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:26:31.0352 8820 BthPan - ok
19:26:31.0367 8820 BTHPORT - ok
19:26:31.0383 8820 BTHUSB - ok
19:26:31.0430 8820 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
19:26:31.0430 8820 btwampfl - ok
19:26:31.0445 8820 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
19:26:31.0445 8820 btwaudio - ok
19:26:31.0477 8820 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
19:26:31.0477 8820 btwavdt - ok
19:26:31.0492 8820 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
19:26:31.0492 8820 btwl2cap - ok
19:26:31.0508 8820 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
19:26:31.0508 8820 btwrchid - ok
19:26:31.0539 8820 ccSet_N360 - ok
19:26:31.0617 8820 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:26:31.0617 8820 cdfs - ok
19:26:31.0664 8820 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
19:26:31.0664 8820 cdrom - ok
19:26:31.0679 8820 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:26:31.0679 8820 circlass - ok
19:26:31.0711 8820 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:26:31.0711 8820 CLFS - ok
19:26:31.0757 8820 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:26:31.0757 8820 CmBatt - ok
19:26:31.0773 8820 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:26:31.0773 8820 cmdide - ok
19:26:31.0789 8820 CNG - ok
19:26:31.0820 8820 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:26:31.0820 8820 Compbatt - ok
19:26:31.0835 8820 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
19:26:31.0835 8820 CompositeBus - ok
19:26:31.0867 8820 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:26:31.0867 8820 crcdisk - ok
19:26:31.0898 8820 DfsC - ok
19:26:31.0929 8820 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:26:31.0929 8820 discache - ok
19:26:31.0991 8820 Disk - ok
19:26:32.0023 8820 dot4 - ok
19:26:32.0023 8820 Dot4Print - ok
19:26:32.0038 8820 Dot4Scan - ok
19:26:32.0054 8820 dot4usb - ok
19:26:32.0085 8820 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:26:32.0085 8820 drmkaud - ok
19:26:32.0116 8820 DXGKrnl - ok
19:26:32.0194 8820 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:26:32.0210 8820 ebdrv - ok
19:26:32.0257 8820 eeCtrl - ok
19:26:32.0319 8820 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:26:32.0319 8820 elxstor - ok
19:26:32.0319 8820 EraserUtilRebootDrv - ok
19:26:32.0381 8820 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:26:32.0381 8820 ErrDev - ok
19:26:32.0413 8820 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:26:32.0413 8820 exfat - ok
19:26:32.0444 8820 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:26:32.0444 8820 fastfat - ok
19:26:32.0475 8820 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:26:32.0475 8820 fdc - ok
19:26:32.0491 8820 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:26:32.0491 8820 FileInfo - ok
19:26:32.0522 8820 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:26:32.0522 8820 Filetrace - ok
19:26:32.0537 8820 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:26:32.0537 8820 flpydisk - ok
19:26:32.0569 8820 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
19:26:32.0569 8820 FltMgr - ok
19:26:32.0600 8820 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:26:32.0600 8820 FsDepends - ok
19:26:32.0615 8820 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:26:32.0615 8820 Fs_Rec - ok
19:26:32.0647 8820 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:26:32.0647 8820 fvevol - ok
19:26:32.0693 8820 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:26:32.0693 8820 gagp30kx - ok
19:26:32.0756 8820 GEARAspiWDM - ok
19:26:32.0787 8820 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:26:32.0787 8820 hcw85cir - ok
19:26:32.0818 8820 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
19:26:32.0818 8820 HdAudAddService - ok
19:26:32.0849 8820 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
19:26:32.0849 8820 HDAudBus - ok
19:26:32.0865 8820 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:26:32.0865 8820 HidBatt - ok
19:26:32.0896 8820 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:26:32.0896 8820 HidBth - ok
19:26:32.0912 8820 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:26:32.0912 8820 HidIr - ok
19:26:32.0927 8820 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
19:26:32.0927 8820 HidUsb - ok
19:26:32.0959 8820 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
19:26:32.0959 8820 HpSAMD - ok
19:26:32.0990 8820 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
19:26:32.0990 8820 HTTP - ok
19:26:33.0005 8820 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
19:26:33.0005 8820 hwpolicy - ok
19:26:33.0052 8820 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:26:33.0052 8820 i8042prt - ok
19:26:33.0115 8820 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
19:26:33.0130 8820 iaStor - ok
19:26:33.0146 8820 iaStorV - ok
19:26:33.0177 8820 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
19:26:33.0177 8820 ICDUSB3 - ok
19:26:33.0239 8820 IDSVia64 - ok
19:26:33.0271 8820 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:26:33.0271 8820 iirsp - ok
19:26:33.0317 8820 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
19:26:33.0317 8820 Impcd - ok
19:26:33.0364 8820 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
19:26:33.0380 8820 IntcAzAudAddService - ok
19:26:33.0458 8820 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:26:33.0458 8820 intelide - ok
19:26:33.0473 8820 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:26:33.0489 8820 intelppm - ok
19:26:33.0505 8820 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:26:33.0505 8820 IpFilterDriver - ok
19:26:33.0536 8820 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
19:26:33.0536 8820 IPMIDRV - ok
19:26:33.0567 8820 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:26:33.0567 8820 IPNAT - ok
19:26:33.0583 8820 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:26:33.0614 8820 IRENUM - ok
19:26:33.0629 8820 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:26:33.0629 8820 isapnp - ok
19:26:33.0661 8820 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
19:26:33.0676 8820 iScsiPrt - ok
19:26:33.0707 8820 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:26:33.0707 8820 kbdclass - ok
19:26:33.0739 8820 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
19:26:33.0739 8820 kbdhid - ok
19:26:33.0754 8820 KSecDD - ok
19:26:33.0832 8820 KSecPkg - ok
19:26:33.0848 8820 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:26:33.0863 8820 ksthunk - ok
19:26:33.0910 8820 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:26:33.0926 8820 lltdio - ok
19:26:33.0957 8820 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:26:33.0957 8820 LSI_FC - ok
19:26:33.0988 8820 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:26:33.0988 8820 LSI_SAS - ok
19:26:34.0019 8820 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:26:34.0019 8820 LSI_SAS2 - ok
19:26:34.0035 8820 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:26:34.0051 8820 LSI_SCSI - ok
19:26:34.0066 8820 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:26:34.0066 8820 luafv - ok
19:26:34.0097 8820 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:26:34.0097 8820 megasas - ok
19:26:34.0129 8820 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:26:34.0129 8820 MegaSR - ok
19:26:34.0160 8820 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:26:34.0175 8820 Modem - ok
19:26:34.0238 8820 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:26:34.0238 8820 monitor - ok
19:26:34.0253 8820 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:26:34.0253 8820 mouclass - ok
19:26:34.0300 8820 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:26:34.0300 8820 mouhid - ok
19:26:34.0331 8820 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
19:26:34.0331 8820 mountmgr - ok
19:26:34.0363 8820 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
19:26:34.0363 8820 mpio - ok
19:26:34.0378 8820 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:26:34.0394 8820 mpsdrv - ok
19:26:34.0409 8820 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
19:26:34.0409 8820 MRxDAV - ok
19:26:34.0441 8820 mrxsmb - ok
19:26:34.0441 8820 mrxsmb10 - ok
19:26:34.0456 8820 mrxsmb20 - ok
19:26:34.0487 8820 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
19:26:34.0487 8820 msahci - ok
19:26:34.0519 8820 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
19:26:34.0519 8820 msdsm - ok
19:26:34.0550 8820 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:26:34.0550 8820 Msfs - ok
19:26:34.0565 8820 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:26:34.0565 8820 mshidkmdf - ok
19:26:34.0643 8820 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:26:34.0643 8820 msisadrv - ok
19:26:34.0659 8820 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:26:34.0659 8820 MSKSSRV - ok
19:26:34.0690 8820 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:34.0690 8820 MSPCLOCK - ok
19:26:34.0706 8820 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:26:34.0721 8820 MSPQM - ok
19:26:34.0768 8820 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
19:26:34.0768 8820 MsRPC - ok
19:26:34.0784 8820 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:26:34.0799 8820 mssmbios - ok
19:26:34.0815 8820 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:26:34.0815 8820 MSTEE - ok
19:26:34.0846 8820 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:26:34.0846 8820 MTConfig - ok
19:26:34.0877 8820 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:26:34.0877 8820 Mup - ok
19:26:34.0893 8820 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:26:34.0909 8820 NativeWifiP - ok
19:26:34.0987 8820 NAVENG - ok
19:26:34.0987 8820 NAVEX15 - ok
19:26:35.0065 8820 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
19:26:35.0080 8820 NDIS - ok
19:26:35.0111 8820 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:35.0111 8820 NdisCap - ok
19:26:35.0143 8820 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:35.0143 8820 NdisTapi - ok
19:26:35.0158 8820 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:35.0158 8820 Ndisuio - ok
19:26:35.0189 8820 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:35.0189 8820 NdisWan - ok
19:26:35.0205 8820 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
19:26:35.0221 8820 NDProxy - ok
19:26:35.0221 8820 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:26:35.0236 8820 NetBIOS - ok
19:26:35.0252 8820 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
19:26:35.0252 8820 NetBT - ok
19:26:35.0283 8820 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:26:35.0283 8820 nfrd960 - ok
19:26:35.0299 8820 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:26:35.0299 8820 Npfs - ok
19:26:35.0330 8820 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:26:35.0330 8820 nsiproxy - ok
19:26:35.0361 8820 Ntfs - ok
19:26:35.0408 8820 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:26:35.0408 8820 Null - ok
19:26:35.0486 8820 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
19:26:35.0486 8820 NVHDA - ok
19:26:35.0689 8820 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:26:35.0860 8820 nvlddmkm - ok
19:26:35.0938 8820 nvraid - ok
19:26:35.0954 8820 nvstor - ok
19:26:35.0985 8820 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:26:35.0985 8820 nv_agp - ok
19:26:36.0001 8820 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:26:36.0016 8820 ohci1394 - ok
19:26:36.0032 8820 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:26:36.0047 8820 Parport - ok
19:26:36.0063 8820 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
19:26:36.0063 8820 partmgr - ok
19:26:36.0094 8820 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
19:26:36.0094 8820 pci - ok
19:26:36.0125 8820 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:26:36.0125 8820 pciide - ok
19:26:36.0141 8820 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:26:36.0141 8820 pcmcia - ok
19:26:36.0172 8820 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:26:36.0172 8820 pcw - ok
19:26:36.0203 8820 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:26:36.0203 8820 PEAUTH - ok
19:26:36.0250 8820 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
19:26:36.0250 8820 PptpMiniport - ok
19:26:36.0359 8820 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:26:36.0359 8820 Processor - ok
19:26:36.0391 8820 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
19:26:36.0406 8820 Psched - ok
19:26:36.0437 8820 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:26:36.0437 8820 PxHlpa64 - ok
19:26:36.0484 8820 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:26:36.0500 8820 ql2300 - ok
19:26:36.0531 8820 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:26:36.0531 8820 ql40xx - ok
19:26:36.0562 8820 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:26:36.0562 8820 QWAVEdrv - ok
19:26:36.0578 8820 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:26:36.0578 8820 RasAcd - ok
19:26:36.0609 8820 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:26:36.0609 8820 RasAgileVpn - ok
19:26:36.0640 8820 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:26:36.0640 8820 Rasl2tp - ok
19:26:36.0718 8820 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:26:36.0734 8820 RasPppoe - ok
19:26:36.0749 8820 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:26:36.0749 8820 RasSstp - ok
19:26:36.0781 8820 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
19:26:36.0781 8820 rdbss - ok
19:26:36.0812 8820 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:26:36.0812 8820 rdpbus - ok
19:26:36.0827 8820 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:26:36.0827 8820 RDPCDD - ok
19:26:36.0843 8820 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:26:36.0843 8820 RDPENCDD - ok
19:26:36.0890 8820 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:26:36.0890 8820 RDPREFMP - ok
19:26:36.0921 8820 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
19:26:36.0921 8820 RDPWD - ok
19:26:36.0952 8820 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
19:26:36.0952 8820 rdyboost - ok
19:26:36.0983 8820 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:26:36.0983 8820 RFCOMM - ok
19:26:37.0030 8820 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
19:26:37.0046 8820 rimspci - ok
19:26:37.0139 8820 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:26:37.0139 8820 RimUsb - ok
19:26:37.0171 8820 RimVSerPort - ok
19:26:37.0202 8820 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
19:26:37.0217 8820 risdsnpe - ok
19:26:37.0264 8820 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
19:26:37.0264 8820 ROOTMODEM - ok
19:26:37.0280 8820 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:26:37.0280 8820 rspndr - ok
19:26:37.0311 8820 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
19:26:37.0311 8820 sbp2port - ok
19:26:37.0342 8820 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
19:26:37.0342 8820 scfilter - ok
19:26:37.0373 8820 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
19:26:37.0373 8820 sdbus - ok
19:26:37.0405 8820 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:26:37.0405 8820 secdrv - ok
19:26:37.0436 8820 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:26:37.0451 8820 Serenum - ok
19:26:37.0529 8820 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:26:37.0545 8820 Serial - ok
19:26:37.0561 8820 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:26:37.0561 8820 sermouse - ok
19:26:37.0607 8820 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
19:26:37.0607 8820 SFEP - ok
19:26:37.0623 8820 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:26:37.0639 8820 sffdisk - ok
19:26:37.0670 8820 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:26:37.0670 8820 sffp_mmc - ok
19:26:37.0685 8820 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
19:26:37.0685 8820 sffp_sd - ok
19:26:37.0701 8820 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:26:37.0701 8820 sfloppy - ok
19:26:37.0732 8820 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:26:37.0732 8820 SiSRaid2 - ok
19:26:37.0748 8820 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:26:37.0763 8820 SiSRaid4 - ok
19:26:37.0779 8820 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:26:37.0795 8820 Smb - ok
19:26:37.0841 8820 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:26:37.0841 8820 spldr - ok
19:26:37.0888 8820 SRTSP - ok
19:26:37.0966 8820 SRTSPX - ok
19:26:37.0997 8820 srv - ok
19:26:38.0013 8820 srv2 - ok
19:26:38.0044 8820 srvnet - ok
19:26:38.0075 8820 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:26:38.0075 8820 stexstor - ok
19:26:38.0091 8820 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:26:38.0107 8820 swenum - ok
19:26:38.0107 8820 SymDS - ok
19:26:38.0122 8820 SymEFA - ok
19:26:38.0169 8820 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:26:38.0169 8820 SymEvent - ok
19:26:38.0185 8820 SymIRON - ok
19:26:38.0200 8820 SymNetS - ok
19:26:38.0216 8820 Tcpip - ok
19:26:38.0231 8820 TCPIP6 - ok
19:26:38.0263 8820 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
19:26:38.0263 8820 tcpipreg - ok
19:26:38.0278 8820 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:26:38.0294 8820 TDPIPE - ok
19:26:38.0294 8820 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:26:38.0309 8820 TDTCP - ok
19:26:38.0325 8820 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
19:26:38.0341 8820 tdx - ok
19:26:38.0356 8820 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
19:26:38.0356 8820 TermDD - ok
19:26:38.0387 8820 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:26:38.0387 8820 tssecsrv - ok
19:26:38.0419 8820 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
19:26:38.0419 8820 tunnel - ok
19:26:38.0434 8820 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:26:38.0434 8820 uagp35 - ok
19:26:38.0528 8820 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
19:26:38.0528 8820 udfs - ok
19:26:38.0559 8820 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:26:38.0559 8820 uliagpkx - ok
19:26:38.0575 8820 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
19:26:38.0575 8820 umbus - ok
19:26:38.0606 8820 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:26:38.0606 8820 UmPass - ok
19:26:38.0637 8820 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
19:26:38.0637 8820 usbaudio - ok
19:26:38.0653 8820 usbccgp - ok
19:26:38.0699 8820 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:26:38.0699 8820 usbcir - ok
19:26:38.0715 8820 usbehci - ok
19:26:38.0731 8820 usbhub - ok
19:26:38.0746 8820 usbohci - ok
19:26:38.0762 8820 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:26:38.0762 8820 usbprint - ok
19:26:38.0777 8820 USBSTOR - ok
19:26:38.0793 8820 usbuhci - ok
19:26:38.0824 8820 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
19:26:38.0824 8820 usbvideo - ok
19:26:38.0855 8820 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:26:38.0855 8820 vdrvroot - ok
19:26:38.0887 8820 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:26:38.0902 8820 vga - ok
19:26:38.0980 8820 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:26:38.0980 8820 VgaSave - ok
19:26:38.0996 8820 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
19:26:39.0011 8820 vhdmp - ok
19:26:39.0027 8820 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:26:39.0027 8820 viaide - ok
19:26:39.0043 8820 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
19:26:39.0058 8820 volmgr - ok
19:26:39.0074 8820 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
19:26:39.0074 8820 volmgrx - ok
19:26:39.0105 8820 volsnap - ok
19:26:39.0136 8820 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:26:39.0136 8820 vsmraid - ok
19:26:39.0183 8820 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:26:39.0183 8820 vwifibus - ok
19:26:39.0199 8820 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:26:39.0199 8820 vwififlt - ok
19:26:39.0230 8820 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:26:39.0230 8820 vwifimp - ok
19:26:39.0245 8820 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:26:39.0245 8820 WacomPen - ok
19:26:39.0261 8820 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:39.0261 8820 WANARP - ok
19:26:39.0261 8820 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:39.0277 8820 Wanarpv6 - ok
19:26:39.0292 8820 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:26:39.0292 8820 Wd - ok
19:26:39.0323 8820 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:26:39.0339 8820 Wdf01000 - ok
19:26:39.0433 8820 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:26:39.0433 8820 WfpLwf - ok
19:26:39.0448 8820 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:26:39.0448 8820 WIMMount - ok
19:26:39.0479 8820 WinUsb - ok
19:26:39.0526 8820 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:26:39.0526 8820 WmiAcpi - ok
19:26:39.0542 8820 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:26:39.0557 8820 ws2ifsl - ok
19:26:39.0573 8820 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
19:26:39.0589 8820 WudfPf - ok
19:26:39.0620 8820 xusb21 - ok
19:26:39.0651 8820 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
19:26:39.0651 8820 yukonw7 - ok
19:26:39.0667 8820 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
19:26:39.0698 8820 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
19:26:39.0698 8820 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
19:26:39.0713 8820 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
19:26:39.0729 8820 \Device\Harddisk0\DR0\Partition0 - ok
19:26:39.0729 8820 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
19:26:39.0729 8820 \Device\Harddisk0\DR0\Partition1 - ok
19:26:39.0729 8820 ============================================================
19:26:39.0729 8820 Scan finished
19:26:39.0729 8820 ============================================================
19:26:39.0745 9084 Detected object count: 1
19:26:39.0745 9084 Actual detected object count: 1
19:26:49.0916 9084 \Device\Harddisk0\DR0\# - copied to quarantine
19:26:49.0916 9084 \Device\Harddisk0\DR0 - copied to quarantine
19:26:50.0009 9084 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:26:50.0009 9084 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
19:26:50.0025 9084 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
19:26:50.0041 9084 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
19:26:50.0056 9084 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
19:26:50.0056 9084 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
19:26:50.0056 9084 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
19:26:50.0056 9084 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
19:26:50.0072 9084 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
19:26:50.0072 9084 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
19:26:50.0072 9084 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
19:26:50.0072 9084 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine

16:43:03.0509 7308 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
16:43:03.0540 7308 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
16:43:03.0540 7308 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
16:43:03.0572 7308 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
16:43:03.0572 7308 \Device\Harddisk0\DR0\Partition0 - ok
16:43:03.0587 7308 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
16:43:03.0587 7308 \Device\Harddisk0\DR0\Partition1 - ok
16:43:03.0587 7308 ============================================================
16:43:03.0587 7308 Scan finished
16:43:03.0587 7308 ============================================================
16:43:03.0587 7192 Detected object count: 1
16:43:03.0587 7192 Actual detected object count: 1
16:43:10.0592 7192 \Device\Harddisk0\DR0\# - copied to quarantine
16:43:10.0592 7192 \Device\Harddisk0\DR0 - copied to quarantine
16:43:10.0670 7192 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:43:10.0670 7192 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
16:43:10.0685 7192 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
16:43:10.0701 7192 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
16:43:10.0716 7192 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
16:43:10.0716 7192 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
16:43:10.0716 7192 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
16:43:10.0732 7192 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine
16:45:54.0886 4892 ============================================================
16:45:54.0886 4892 Scan started
16:45:54.0886 4892 Mode: Manual;
16:45:54.0886 4892 ============================================================
16:45:55.0120 4892 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
16:45:55.0120 4892 1394ohci - ok
16:45:55.0166 4892 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
16:45:55.0182 4892 ACPI - ok
16:45:55.0213 4892 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
16:45:55.0213 4892 AcpiPmi - ok
16:45:55.0276 4892 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:45:55.0276 4892 adp94xx - ok
16:45:55.0307 4892 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:45:55.0307 4892 adpahci - ok
16:45:55.0338 4892 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:45:55.0338 4892 adpu320 - ok
16:45:55.0510 4892 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:45:55.0510 4892 AFD - ok
16:45:55.0556 4892 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:45:55.0556 4892 agp440 - ok
16:45:55.0572 4892 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:45:55.0572 4892 aliide - ok
16:45:55.0603 4892 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:45:55.0603 4892 amdide - ok
16:45:55.0619 4892 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:45:55.0619 4892 AmdK8 - ok
16:45:55.0634 4892 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:45:55.0634 4892 AmdPPM - ok
16:45:55.0697 4892 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:45:55.0697 4892 amdsata - ok
16:45:55.0728 4892 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:45:55.0728 4892 amdsbs - ok
16:45:55.0775 4892 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:45:55.0775 4892 amdxata - ok
16:45:55.0822 4892 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:45:55.0822 4892 ApfiltrService - ok
16:45:55.0931 4892 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:45:55.0931 4892 AppID - ok
16:45:55.0978 4892 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:45:55.0978 4892 arc - ok
16:45:56.0009 4892 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:45:56.0009 4892 arcsas - ok
16:45:56.0056 4892 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:45:56.0056 4892 ArcSoftKsUFilter - ok
16:45:56.0087 4892 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:45:56.0087 4892 AsyncMac - ok
16:45:56.0118 4892 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:45:56.0134 4892 atapi - ok
16:45:56.0227 4892 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
16:45:56.0227 4892 athr - ok
16:45:56.0430 4892 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:45:56.0430 4892 b06bdrv - ok
16:45:56.0477 4892 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:45:56.0477 4892 b57nd60a - ok
16:45:56.0524 4892 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:45:56.0524 4892 Beep - ok
16:45:56.0773 4892 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
16:45:56.0773 4892 BHDrvx64 - ok
16:45:56.0898 4892 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:45:56.0898 4892 blbdrive - ok
16:45:56.0945 4892 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:45:56.0945 4892 bowser - ok
16:45:56.0976 4892 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:45:56.0976 4892 BrFiltLo - ok
16:45:56.0992 4892 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:45:56.0992 4892 BrFiltUp - ok
16:45:57.0023 4892 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:45:57.0023 4892 Brserid - ok
16:45:57.0054 4892 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:45:57.0054 4892 BrSerWdm - ok
16:45:57.0070 4892 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:45:57.0070 4892 BrUsbMdm - ok
16:45:57.0085 4892 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:45:57.0085 4892 BrUsbSer - ok
16:45:57.0132 4892 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:45:57.0132 4892 BthEnum - ok
16:45:57.0148 4892 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:45:57.0148 4892 BTHMODEM - ok
16:45:57.0179 4892 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:45:57.0179 4892 BthPan - ok
16:45:57.0257 4892 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
16:45:57.0257 4892 BTHPORT - ok
16:45:57.0288 4892 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
16:45:57.0288 4892 BTHUSB - ok
16:45:57.0335 4892 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
16:45:57.0335 4892 btwampfl - ok
16:45:57.0366 4892 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
16:45:57.0366 4892 btwaudio - ok
16:45:57.0413 4892 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
16:45:57.0413 4892 btwavdt - ok
16:45:57.0444 4892 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:45:57.0444 4892 btwl2cap - ok
16:45:57.0460 4892 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
16:45:57.0460 4892 btwrchid - ok
16:45:57.0569 4892 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0600010.002\ccSetx64.sys
16:45:57.0569 4892 ccSet_N360 - ok
16:45:57.0647 4892 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:45:57.0647 4892 cdfs - ok
16:45:57.0678 4892 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:45:57.0678 4892 cdrom - ok
16:45:57.0694 4892 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:45:57.0694 4892 circlass - ok
16:45:57.0725 4892 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:45:57.0725 4892 CLFS - ok
16:45:57.0772 4892 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:45:57.0772 4892 CmBatt - ok
16:45:57.0787 4892 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:45:57.0787 4892 cmdide - ok
16:45:57.0834 4892 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:45:57.0834 4892 CNG - ok
16:45:57.0865 4892 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:45:57.0865 4892 Compbatt - ok
16:45:57.0896 4892 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
16:45:57.0896 4892 CompositeBus - ok
16:45:57.0928 4892 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:45:57.0928 4892 crcdisk - ok
16:45:58.0021 4892 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:45:58.0021 4892 DfsC - ok
16:45:58.0068 4892 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:45:58.0068 4892 discache - ok
16:45:58.0115 4892 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:45:58.0115 4892 Disk - ok
16:45:58.0146 4892 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:45:58.0146 4892 dot4 - ok
16:45:58.0162 4892 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:45:58.0162 4892 Dot4Print - ok
16:45:58.0193 4892 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
16:45:58.0193 4892 Dot4Scan - ok
16:45:58.0208 4892 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:45:58.0208 4892 dot4usb - ok
16:45:58.0224 4892 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:45:58.0224 4892 drmkaud - ok
16:45:58.0302 4892 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:45:58.0318 4892 DXGKrnl - ok
16:45:58.0645 4892 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:45:58.0661 4892 ebdrv - ok
16:45:58.0739 4892 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:45:58.0754 4892 eeCtrl - ok
16:45:58.0848 4892 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:45:58.0864 4892 elxstor - ok
16:45:58.0879 4892 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:45:58.0879 4892 EraserUtilRebootDrv - ok
16:45:58.0926 4892 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:45:58.0926 4892 ErrDev - ok
16:45:58.0957 4892 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:45:58.0957 4892 exfat - ok
16:45:58.0988 4892 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:45:59.0004 4892 fastfat - ok
16:45:59.0020 4892 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:45:59.0035 4892 fdc - ok
16:45:59.0051 4892 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:45:59.0051 4892 FileInfo - ok
16:45:59.0082 4892 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:45:59.0082 4892 Filetrace - ok
16:45:59.0098 4892 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:45:59.0098 4892 flpydisk - ok
16:45:59.0129 4892 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:45:59.0144 4892 FltMgr - ok
16:45:59.0160 4892 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:45:59.0160 4892 FsDepends - ok
16:45:59.0176 4892 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:45:59.0176 4892 Fs_Rec - ok
16:45:59.0207 4892 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:45:59.0207 4892 fvevol - ok
16:45:59.0285 4892 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:45:59.0300 4892 gagp30kx - ok
16:45:59.0332 4892 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:45:59.0332 4892 GEARAspiWDM - ok
16:45:59.0363 4892 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:45:59.0363 4892 hcw85cir - ok
16:45:59.0394 4892 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:45:59.0394 4892 HdAudAddService - ok
16:45:59.0425 4892 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
16:45:59.0425 4892 HDAudBus - ok
16:45:59.0456 4892 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:45:59.0456 4892 HidBatt - ok
16:45:59.0488 4892 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:45:59.0488 4892 HidBth - ok
16:45:59.0519 4892 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:45:59.0519 4892 HidIr - ok
16:45:59.0534 4892 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:45:59.0534 4892 HidUsb - ok
16:45:59.0566 4892 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
16:45:59.0566 4892 HpSAMD - ok
16:45:59.0628 4892 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:45:59.0628 4892 HTTP - ok
16:45:59.0737 4892 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:45:59.0737 4892 hwpolicy - ok
16:45:59.0768 4892 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:45:59.0768 4892 i8042prt - ok
16:45:59.0815 4892 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
16:45:59.0831 4892 iaStor - ok
16:45:59.0878 4892 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:45:59.0878 4892 iaStorV - ok
16:45:59.0909 4892 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
16:45:59.0909 4892 ICDUSB3 - ok
16:46:00.0143 4892 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120217.003\IDSvia64.sys
16:46:00.0143 4892 IDSVia64 - ok
16:46:00.0236 4892 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:46:00.0236 4892 iirsp - ok
16:46:00.0268 4892 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
16:46:00.0268 4892 Impcd - ok
16:46:00.0346 4892 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
16:46:00.0361 4892 IntcAzAudAddService - ok
16:46:00.0377 4892 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:46:00.0377 4892 intelide - ok
16:46:00.0408 4892 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:46:00.0408 4892 intelppm - ok
16:46:00.0424 4892 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:46:00.0439 4892 IpFilterDriver - ok
16:46:00.0455 4892 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
16:46:00.0470 4892 IPMIDRV - ok
16:46:00.0580 4892 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:46:00.0580 4892 IPNAT - ok
16:46:00.0642 4892 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:46:00.0642 4892 IRENUM - ok
16:46:00.0673 4892 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:46:00.0673 4892 isapnp - ok
16:46:00.0704 4892 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
16:46:00.0704 4892 iScsiPrt - ok
16:46:00.0751 4892 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:46:00.0751 4892 kbdclass - ok
16:46:00.0782 4892 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
16:46:00.0782 4892 kbdhid - ok
16:46:00.0845 4892 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:46:00.0845 4892 KSecDD - ok
16:46:00.0876 4892 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:46:00.0876 4892 KSecPkg - ok
16:46:00.0907 4892 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:46:00.0907 4892 ksthunk - ok
16:46:00.0954 4892 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:46:00.0954 4892 lltdio - ok
16:46:00.0985 4892 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:46:00.0985 4892 LSI_FC - ok
16:46:01.0001 4892 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:46:01.0001 4892 LSI_SAS - ok
16:46:01.0079 4892 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:46:01.0079 4892 LSI_SAS2 - ok
16:46:01.0110 4892 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:46:01.0110 4892 LSI_SCSI - ok
16:46:01.0141 4892 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:46:01.0141 4892 luafv - ok
16:46:01.0172 4892 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:46:01.0172 4892 megasas - ok
16:46:01.0204 4892 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:46:01.0204 4892 MegaSR - ok
16:46:01.0235 4892 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:46:01.0235 4892 Modem - ok
16:46:01.0266 4892 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:46:01.0266 4892 monitor - ok
16:46:01.0282 4892 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:46:01.0282 4892 mouclass - ok
16:46:01.0313 4892 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:46:01.0313 4892 mouhid - ok
16:46:01.0328 4892 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:46:01.0328 4892 mountmgr - ok
16:46:01.0360 4892 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
16:46:01.0360 4892 mpio - ok
16:46:01.0375 4892 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:46:01.0391 4892 mpsdrv - ok
16:46:01.0406 4892 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:46:01.0406 4892 MRxDAV - ok
16:46:01.0500 4892 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:46:01.0500 4892 mrxsmb - ok
16:46:01.0547 4892 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:46:01.0547 4892 mrxsmb10 - ok
16:46:01.0594 4892 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:46:01.0594 4892 mrxsmb20 - ok
16:46:01.0625 4892 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
16:46:01.0625 4892 msahci - ok
16:46:01.0656 4892 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
16:46:01.0656 4892 msdsm - ok
16:46:01.0687 4892 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:46:01.0687 4892 Msfs - ok
16:46:01.0703 4892 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:46:01.0703 4892 mshidkmdf - ok
16:46:01.0718 4892 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:46:01.0734 4892 msisadrv - ok
16:46:01.0750 4892 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:46:01.0750 4892 MSKSSRV - ok
16:46:01.0781 4892 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:46:01.0781 4892 MSPCLOCK - ok
16:46:01.0890 4892 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:46:01.0890 4892 MSPQM - ok
16:46:01.0906 4892 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:46:01.0921 4892 MsRPC - ok
16:46:01.0952 4892 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:46:01.0952 4892 mssmbios - ok
16:46:01.0968 4892 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:46:01.0968 4892 MSTEE - ok
16:46:01.0999 4892 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:46:01.0999 4892 MTConfig - ok
16:46:02.0030 4892 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:46:02.0030 4892 Mup - ok
16:46:02.0062 4892 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:46:02.0062 4892 NativeWifiP - ok
16:46:02.0233 4892 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\ENG64.SYS
16:46:02.0233 4892 NAVENG - ok
16:46:02.0296 4892 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\EX64.SYS
16:46:02.0311 4892 NAVEX15 - ok
16:46:02.0405 4892 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:46:02.0420 4892 NDIS - ok
16:46:02.0452 4892 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:46:02.0452 4892 NdisCap - ok
16:46:02.0467 4892 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:46:02.0467 4892 NdisTapi - ok
16:46:02.0498 4892 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:46:02.0498 4892 Ndisuio - ok
16:46:02.0514 4892 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:46:02.0514 4892 NdisWan - ok
16:46:02.0545 4892 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:46:02.0545 4892 NDProxy - ok
16:46:02.0561 4892 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:46:02.0561 4892 NetBIOS - ok
16:46:02.0608 4892 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:46:02.0608 4892 NetBT - ok
16:46:02.0623 4892 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:46:02.0623 4892 nfrd960 - ok
16:46:02.0654 4892 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:46:02.0654 4892 Npfs - ok
16:46:02.0670 4892 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:46:02.0670 4892 nsiproxy - ok
16:46:02.0779 4892 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:46:02.0795 4892 Ntfs - ok
16:46:02.0888 4892 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:46:02.0888 4892 Null - ok
16:46:02.0966 4892 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
16:46:02.0966 4892 NVHDA - ok
16:46:03.0247 4892 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:46:03.0403 4892 nvlddmkm - ok
16:46:03.0528 4892 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:46:03.0528 4892 nvraid - ok
16:46:03.0559 4892 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:46:03.0559 4892 nvstor - ok
16:46:03.0590 4892 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:46:03.0606 4892 nv_agp - ok
16:46:03.0637 4892 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:46:03.0637 4892 ohci1394 - ok
16:46:03.0684 4892 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:46:03.0684 4892 Parport - ok
16:46:03.0715 4892 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:46:03.0715 4892 partmgr - ok
16:46:03.0731 4892 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
16:46:03.0746 4892 pci - ok
16:46:03.0762 4892 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:46:03.0762 4892 pciide - ok
16:46:03.0778 4892 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:46:03.0793 4892 pcmcia - ok
16:46:03.0809 4892 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:46:03.0809 4892 pcw - ok
16:46:03.0840 4892 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:46:03.0840 4892 PEAUTH - ok
16:46:04.0027 4892 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:46:04.0027 4892 PptpMiniport - ok
16:46:04.0058 4892 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:46:04.0058 4892 Processor - ok
16:46:04.0090 4892 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:46:04.0090 4892 Psched - ok
16:46:04.0136 4892 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:46:04.0136 4892 PxHlpa64 - ok
16:46:04.0168 4892 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:46:04.0183 4892 ql2300 - ok
16:46:04.0214 4892 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:46:04.0214 4892 ql40xx - ok
16:46:04.0230 4892 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:46:04.0246 4892 QWAVEdrv - ok
16:46:04.0261 4892 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:46:04.0261 4892 RasAcd - ok
16:46:04.0324 4892 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:04.0324 4892 RasAgileVpn - ok
16:46:04.0370 4892 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:04.0370 4892 Rasl2tp - ok
16:46:04.0402 4892 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:04.0402 4892 RasPppoe - ok
16:46:04.0417 4892 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:46:04.0417 4892 RasSstp - ok
16:46:04.0448 4892 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:46:04.0448 4892 rdbss - ok
16:46:04.0464 4892 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:46:04.0464 4892 rdpbus - ok
16:46:04.0495 4892 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:04.0495 4892 RDPCDD - ok
16:46:04.0511 4892 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:46:04.0511 4892 RDPENCDD - ok
16:46:04.0542 4892 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:46:04.0542 4892 RDPREFMP - ok
16:46:04.0558 4892 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:46:04.0558 4892 RDPWD - ok
16:46:04.0589 4892 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:46:04.0604 4892 rdyboost - ok
16:46:04.0636 4892 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:46:04.0636 4892 RFCOMM - ok
16:46:04.0714 4892 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
16:46:04.0729 4892 rimspci - ok
16:46:04.0760 4892 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:46:04.0776 4892 RimUsb - ok
16:46:04.0807 4892 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:46:04.0807 4892 RimVSerPort - ok
16:46:04.0854 4892 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
16:46:04.0854 4892 risdsnpe - ok
16:46:04.0901 4892 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:46:04.0901 4892 ROOTMODEM - ok
16:46:04.0948 4892 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:46:04.0963 4892 rspndr - ok
16:46:04.0994 4892 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
16:46:04.0994 4892 sbp2port - ok
16:46:05.0026 4892 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:46:05.0026 4892 scfilter - ok
16:46:05.0088 4892 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
16:46:05.0088 4892 sdbus - ok
16:46:05.0150 4892 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:46:05.0150 4892 secdrv - ok
16:46:05.0166 4892 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:46:05.0166 4892 Serenum - ok
16:46:05.0197 4892 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:46:05.0197 4892 Serial - ok
16:46:05.0213 4892 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:46:05.0213 4892 sermouse - ok
16:46:05.0260 4892 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
16:46:05.0260 4892 SFEP - ok
16:46:05.0291 4892 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:46:05.0291 4892 sffdisk - ok
16:46:05.0322 4892 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:46:05.0322 4892 sffp_mmc - ok
16:46:05.0338 4892 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
16:46:05.0338 4892 sffp_sd - ok
16:46:05.0369 4892 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:46:05.0369 4892 sfloppy - ok
16:46:05.0384 4892 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:46:05.0384 4892 SiSRaid2 - ok
16:46:05.0416 4892 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:46:05.0416 4892 SiSRaid4 - ok
16:46:05.0431 4892 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:46:05.0431 4892 Smb - ok
16:46:05.0478 4892 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:46:05.0478 4892 spldr - ok
16:46:05.0650 4892 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSP64.SYS
16:46:05.0650 4892 SRTSP - ok
16:46:05.0696 4892 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSPX64.SYS
16:46:05.0696 4892 SRTSPX - ok
16:46:05.0790 4892 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:46:05.0790 4892 srv - ok
16:46:05.0899 4892 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:46:05.0899 4892 srv2 - ok
16:46:06.0055 4892 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:46:06.0055 4892 srvnet - ok
16:46:06.0102 4892 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:46:06.0102 4892 stexstor - ok
16:46:06.0133 4892 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:46:06.0133 4892 swenum - ok
16:46:06.0242 4892 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0600010.002\SYMDS64.SYS
16:46:06.0242 4892 SymDS - ok
16:46:06.0445 4892 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0600010.002\SYMEFA64.SYS
16:46:06.0445 4892 SymEFA - ok
16:46:06.0523 4892 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:46:06.0523 4892 SymEvent - ok
16:46:06.0617 4892 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0600010.002\Ironx64.SYS
16:46:06.0617 4892 SymIRON - ok
16:46:06.0695 4892 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\system32\drivers\N360x64\0600010.002\SYMNETS.SYS
16:46:06.0695 4892 SymNetS - ok
16:46:06.0804 4892 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:46:06.0804 4892 Tcpip - ok
16:46:06.0882 4892 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:46:06.0898 4892 TCPIP6 - ok
16:46:06.0944 4892 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:46:06.0944 4892 tcpipreg - ok
16:46:06.0991 4892 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:46:06.0991 4892 TDPIPE - ok
16:46:07.0054 4892 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:46:07.0054 4892 TDTCP - ok
16:46:07.0100 4892 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:46:07.0100 4892 tdx - ok
16:46:07.0132 4892 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
16:46:07.0132 4892 TermDD - ok
16:46:07.0178 4892 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:07.0178 4892 tssecsrv - ok
16:46:07.0194 4892 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:46:07.0194 4892 tunnel - ok
16:46:07.0225 4892 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:46:07.0225 4892 uagp35 - ok
16:46:07.0256 4892 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
16:46:07.0256 4892 udfs - ok
16:46:07.0288 4892 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:46:07.0288 4892 uliagpkx - ok
16:46:07.0334 4892 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:46:07.0334 4892 umbus - ok
16:46:07.0350 4892 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:46:07.0350 4892 UmPass - ok
16:46:07.0381 4892 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:46:07.0381 4892 usbaudio - ok
16:46:07.0428 4892 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:46:07.0428 4892 usbccgp - ok
16:46:07.0490 4892 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:46:07.0490 4892 usbcir - ok
16:46:07.0522 4892 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
16:46:07.0522 4892 usbehci - ok
16:46:07.0553 4892 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:46:07.0553 4892 usbhub - ok
16:46:07.0568 4892 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:46:07.0568 4892 usbohci - ok
16:46:07.0600 4892 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:46:07.0600 4892 usbprint - ok
16:46:07.0615 4892 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
16:46:07.0615 4892 USBSTOR - ok
16:46:07.0646 4892 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
16:46:07.0646 4892 usbuhci - ok
16:46:07.0678 4892 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
16:46:07.0678 4892 usbvideo - ok
16:46:07.0756 4892 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:46:07.0756 4892 vdrvroot - ok
16:46:07.0787 4892 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:07.0787 4892 vga - ok
16:46:07.0818 4892 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:46:07.0818 4892 VgaSave - ok
16:46:07.0849 4892 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
16:46:07.0849 4892 vhdmp - ok
16:46:07.0927 4892 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:46:07.0927 4892 viaide - ok
16:46:07.0974 4892 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
16:46:07.0974 4892 volmgr - ok
16:46:08.0005 4892 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:46:08.0005 4892 volmgrx - ok
16:46:08.0068 4892 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
16:46:08.0068 4892 volsnap - ok
16:46:08.0114 4892 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:46:08.0114 4892 vsmraid - ok
16:46:08.0146 4892 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:46:08.0146 4892 vwifibus - ok
16:46:08.0177 4892 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:46:08.0177 4892 vwififlt - ok
16:46:08.0192 4892 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:46:08.0192 4892 vwifimp - ok
16:46:08.0208 4892 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:46:08.0208 4892 WacomPen - ok
16:46:08.0255 4892 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:46:08.0255 4892 WANARP - ok
16:46:08.0270 4892 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:46:08.0270 4892 Wanarpv6 - ok
16:46:08.0302 4892 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:46:08.0302 4892 Wd - ok
16:46:08.0317 4892 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:46:08.0333 4892 Wdf01000 - ok
16:46:08.0348 4892 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:08.0348 4892 WfpLwf - ok
16:46:08.0364 4892 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:46:08.0364 4892 WIMMount - ok
16:46:08.0411 4892 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:46:08.0411 4892 WinUsb - ok
16:46:08.0442 4892 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:46:08.0442 4892 WmiAcpi - ok
16:46:08.0473 4892 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:46:08.0473 4892 ws2ifsl - ok
16:46:08.0504 4892 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:46:08.0504 4892 WudfPf - ok
16:46:08.0582 4892 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
16:46:08.0582 4892 xusb21 - ok
16:46:08.0629 4892 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
16:46:08.0629 4892 yukonw7 - ok
16:46:08.0645 4892 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
16:46:08.0676 4892 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
16:46:08.0676 4892 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
16:46:08.0707 4892 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
16:46:08.0707 4892 \Device\Harddisk0\DR0\Partition0 - ok
16:46:08.0723 4892 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
16:46:08.0723 4892 \Device\Harddisk0\DR0\Partition1 - ok
16:46:08.0723 4892 ============================================================
16:46:08.0723 4892 Scan finished
16:46:08.0723 4892 ============================================================
16:46:08.0738 7376 Detected object count: 1
16:46:08.0738 7376 Actual detected object count: 1
17:08:30.0545 7376 \Device\Harddisk0\DR0\# - copied to quarantine
17:08:30.0545 7376 \Device\Harddisk0\DR0 - copied to quarantine
17:08:30.0639 7376 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
17:08:30.0639 7376 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
17:08:30.0654 7376 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
17:08:30.0670 7376 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
17:08:30.0686 7376 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
17:08:30.0686 7376 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
17:08:30.0701 7376 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine
18:07:20.0178 9008 ============================================================
18:07:20.0178 9008 Scan started
18:07:20.0178 9008 Mode: Manual;
18:07:20.0178 9008 ============================================================
18:07:20.0802 9008 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
18:07:20.0817 9008 1394ohci - ok
18:07:20.0864 9008 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
18:07:20.0864 9008 ACPI - ok
18:07:20.0895 9008 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
18:07:20.0895 9008 AcpiPmi - ok
18:07:20.0926 9008 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:07:20.0942 9008 adp94xx - ok
18:07:20.0958 9008 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:07:20.0973 9008 adpahci - ok
18:07:20.0989 9008 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:07:21.0004 9008 adpu320 - ok
18:07:21.0082 9008 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
18:07:21.0098 9008 AFD - ok
18:07:21.0129 9008 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:07:21.0129 9008 agp440 - ok
18:07:21.0207 9008 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:07:21.0207 9008 aliide - ok
18:07:21.0238 9008 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:07:21.0238 9008 amdide - ok
18:07:21.0254 9008 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:07:21.0254 9008 AmdK8 - ok
18:07:21.0270 9008 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:07:21.0270 9008 AmdPPM - ok
18:07:21.0316 9008 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
18:07:21.0316 9008 amdsata - ok
18:07:21.0348 9008 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:07:21.0348 9008 amdsbs - ok
18:07:21.0363 9008 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
18:07:21.0363 9008 amdxata - ok
18:07:21.0410 9008 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:07:21.0410 9008 ApfiltrService - ok
18:07:21.0441 9008 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
18:07:21.0441 9008 AppID - ok
18:07:21.0472 9008 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:07:21.0472 9008 arc - ok
18:07:21.0504 9008 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:07:21.0504 9008 arcsas - ok
18:07:21.0550 9008 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:07:21.0550 9008 ArcSoftKsUFilter - ok
18:07:21.0628 9008 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:07:21.0628 9008 AsyncMac - ok
18:07:21.0675 9008 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:07:21.0675 9008 atapi - ok
18:07:21.0738 9008 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
18:07:21.0769 9008 athr - ok
18:07:21.0800 9008 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:07:21.0816 9008 b06bdrv - ok
18:07:21.0847 9008 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:07:21.0847 9008 b57nd60a - ok
18:07:21.0878 9008 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:07:21.0878 9008 Beep - ok
18:07:22.0096 9008 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
18:07:22.0112 9008 BHDrvx64 - ok
18:07:22.0190 9008 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
18:07:22.0190 9008 blbdrive - ok
18:07:22.0237 9008 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
18:07:22.0237 9008 bowser - ok
18:07:22.0268 9008 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:07:22.0268 9008 BrFiltLo - ok
18:07:22.0284 9008 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:07:22.0284 9008 BrFiltUp - ok
18:07:22.0330 9008 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:07:22.0346 9008 Brserid - ok
18:07:22.0362 9008 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:07:22.0362 9008 BrSerWdm - ok
18:07:22.0393 9008 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:07:22.0393 9008 BrUsbMdm - ok
18:07:22.0408 9008 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:07:22.0408 9008 BrUsbSer - ok
18:07:22.0455 9008 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:07:22.0455 9008 BthEnum - ok
18:07:22.0549 9008 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:07:22.0549 9008 BTHMODEM - ok
18:07:22.0564 9008 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:07:22.0564 9008 BthPan - ok
18:07:22.0627 9008 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
18:07:22.0642 9008 BTHPORT - ok
18:07:22.0674 9008 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
18:07:22.0674 9008 BTHUSB - ok
18:07:22.0736 9008 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
18:07:22.0736 9008 btwampfl - ok
18:07:22.0752 9008 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
18:07:22.0752 9008 btwaudio - ok
18:07:22.0798 9008 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
18:07:22.0798 9008 btwavdt - ok
18:07:22.0814 9008 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:07:22.0814 9008 btwl2cap - ok
18:07:22.0923 9008 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
18:07:22.0923 9008 btwrchid - ok
18:07:23.0064 9008 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0600010.002\ccSetx64.sys
18:07:23.0064 9008 ccSet_N360 - ok
18:07:23.0095 9008 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:07:23.0095 9008 cdfs - ok
18:07:23.0126 9008 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
18:07:23.0126 9008 cdrom - ok
18:07:23.0142 9008 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:07:23.0142 9008 circlass - ok
18:07:23.0173 9008 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:07:23.0188 9008 CLFS - ok
18:07:23.0282 9008 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:07:23.0282 9008 CmBatt - ok
18:07:23.0298 9008 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:07:23.0298 9008 cmdide - ok
18:07:23.0344 9008 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
18:07:23.0344 9008 CNG - ok
18:07:23.0376 9008 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:07:23.0376 9008 Compbatt - ok
18:07:23.0407 9008 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
18:07:23.0407 9008 CompositeBus - ok
18:07:23.0438 9008 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:07:23.0438 9008 crcdisk - ok
18:07:23.0485 9008 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
18:07:23.0485 9008 DfsC - ok
18:07:23.0516 9008 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:07:23.0516 9008 discache - ok
18:07:23.0578 9008 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:07:23.0578 9008 Disk - ok
18:07:23.0703 9008 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
18:07:23.0703 9008 dot4 - ok
18:07:23.0750 9008 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:07:23.0750 9008 Dot4Print - ok
18:07:23.0766 9008 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
18:07:23.0766 9008 Dot4Scan - ok
18:07:23.0797 9008 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
18:07:23.0797 9008 dot4usb - ok
18:07:23.0812 9008 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:07:23.0812 9008 drmkaud - ok
18:07:23.0859 9008 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
18:07:23.0875 9008 DXGKrnl - ok
18:07:23.0984 9008 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:07:24.0031 9008 ebdrv - ok
18:07:24.0124 9008 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:07:24.0124 9008 eeCtrl - ok
18:07:24.0234 9008 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:07:24.0234 9008 elxstor - ok
18:07:24.0265 9008 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:07:24.0265 9008 EraserUtilRebootDrv - ok
18:07:24.0280 9008 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:07:24.0280 9008 ErrDev - ok
18:07:24.0312 9008 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:07:24.0327 9008 exfat - ok
18:07:24.0343 9008 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:07:24.0343 9008 fastfat - ok
18:07:24.0374 9008 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:07:24.0374 9008 fdc - ok
18:07:24.0405 9008 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:07:24.0405 9008 FileInfo - ok
18:07:24.0421 9008 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:07:24.0436 9008 Filetrace - ok
18:07:24.0452 9008 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:07:24.0452 9008 flpydisk - ok
18:07:24.0483 9008 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
18:07:24.0483 9008 FltMgr - ok
18:07:24.0499 9008 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:07:24.0499 9008 FsDepends - ok
18:07:24.0530 9008 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:07:24.0530 9008 Fs_Rec - ok
18:07:24.0639 9008 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:07:24.0639 9008 fvevol - ok
18:07:24.0670 9008 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:07:24.0670 9008 gagp30kx - ok
18:07:24.0733 9008 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:07:24.0733 9008 GEARAspiWDM - ok
18:07:24.0780 9008 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:07:24.0780 9008 hcw85cir - ok
18:07:24.0811 9008 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
18:07:24.0811 9008 HdAudAddService - ok
18:07:24.0842 9008 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
18:07:24.0842 9008 HDAudBus - ok
18:07:24.0873 9008 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:07:24.0873 9008 HidBatt - ok
18:07:24.0904 9008 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:07:24.0904 9008 HidBth - ok
18:07:24.0967 9008 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:07:24.0967 9008 HidIr - ok
18:07:25.0014 9008 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
18:07:25.0014 9008 HidUsb - ok
18:07:25.0029 9008 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
18:07:25.0029 9008 HpSAMD - ok
18:07:25.0076 9008 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
18:07:25.0092 9008 HTTP - ok
18:07:25.0107 9008 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
18:07:25.0107 9008 hwpolicy - ok
18:07:25.0154 9008 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:07:25.0154 9008 i8042prt - ok
18:07:25.0185 9008 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
18:07:25.0185 9008 iaStor - ok
18:07:25.0248 9008 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
18:07:25.0263 9008 iaStorV - ok
18:07:25.0372 9008 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
18:07:25.0388 9008 ICDUSB3 - ok
18:07:25.0669 9008 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120217.003\IDSvia64.sys
18:07:25.0684 9008 IDSVia64 - ok
18:07:25.0747 9008 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:07:25.0747 9008 iirsp - ok
18:07:25.0794 9008 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
18:07:25.0794 9008 Impcd - ok
18:07:25.0856 9008 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
18:07:25.0887 9008 IntcAzAudAddService - ok
18:07:25.0918 9008 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:07:25.0918 9008 intelide - ok
18:07:25.0950 9008 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:07:25.0950 9008 intelppm - ok
18:07:25.0965 9008 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:07:25.0965 9008 IpFilterDriver - ok
18:07:25.0996 9008 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
18:07:25.0996 9008 IPMIDRV - ok
18:07:26.0012 9008 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:07:26.0028 9008 IPNAT - ok
18:07:26.0090 9008 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:07:26.0090 9008 IRENUM - ok
18:07:26.0121 9008 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:07:26.0121 9008 isapnp - ok
18:07:26.0152 9008 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
18:07:26.0152 9008 iScsiPrt - ok
18:07:26.0184 9008 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:07:26.0184 9008 kbdclass - ok
18:07:26.0199 9008 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
18:07:26.0199 9008 kbdhid - ok
18:07:26.0246 9008 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
18:07:26.0246 9008 KSecDD - ok
18:07:26.0277 9008 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
18:07:26.0277 9008 KSecPkg - ok
18:07:26.0293 9008 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:07:26.0293 9008 ksthunk - ok
18:07:26.0324 9008 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:07:26.0324 9008 lltdio - ok
18:07:26.0355 9008 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:07:26.0355 9008 LSI_FC - ok
18:07:26.0371 9008 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:07:26.0371 9008 LSI_SAS - ok
18:07:26.0402 9008 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:07:26.0402 9008 LSI_SAS2 - ok
18:07:26.0480 9008 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:07:26.0480 9008 LSI_SCSI - ok
18:07:26.0511 9008 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:07:26.0527 9008 luafv - ok
18:07:26.0542 9008 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:07:26.0542 9008 megasas - ok
18:07:26.0574 9008 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:07:26.0574 9008 MegaSR - ok
18:07:26.0652 9008 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:07:26.0652 9008 Modem - ok
18:07:26.0667 9008 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:07:26.0667 9008 monitor - ok
18:07:26.0698 9008 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:07:26.0698 9008 mouclass - ok
18:07:26.0714 9008 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
18:07:26.0714 9008 mouhid - ok
18:07:26.0745 9008 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
18:07:26.0745 9008 mountmgr - ok
18:07:26.0823 9008 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
18:07:26.0823 9008 mpio - ok
18:07:26.0854 9008 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:07:26.0854 9008 mpsdrv - ok
18:07:26.0870 9008 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
18:07:26.0886 9008 MRxDAV - ok
18:07:26.0917 9008 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:07:26.0932 9008 mrxsmb - ok
18:07:26.0979 9008 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:07:26.0979 9008 mrxsmb10 - ok
18:07:27.0010 9008 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:07:27.0010 9008 mrxsmb20 - ok
18:07:27.0042 9008 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
18:07:27.0042 9008 msahci - ok
18:07:27.0073 9008 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
18:07:27.0073 9008 msdsm - ok
18:07:27.0088 9008 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:07:27.0088 9008 Msfs - ok
18:07:27.0104 9008 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:07:27.0104 9008 mshidkmdf - ok
18:07:27.0135 9008 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:07:27.0135 9008 msisadrv - ok
18:07:27.0213 9008 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:07:27.0213 9008 MSKSSRV - ok
18:07:27.0244 9008 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:07:27.0244 9008 MSPCLOCK - ok
18:07:27.0260 9008 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:07:27.0260 9008 MSPQM - ok
18:07:27.0291 9008 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
18:07:27.0291 9008 MsRPC - ok
18:07:27.0307 9008 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:07:27.0322 9008 mssmbios - ok
18:07:27.0338 9008 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:07:27.0338 9008 MSTEE - ok
18:07:27.0369 9008 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:07:27.0369 9008 MTConfig - ok
18:07:27.0385 9008 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:07:27.0385 9008 Mup - ok
18:07:27.0447 9008 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:07:27.0447 9008 NativeWifiP - ok
18:07:27.0650 9008 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\ENG64.SYS
18:07:27.0666 9008 NAVENG - ok
18:07:27.0728 9008 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\EX64.SYS
18:07:27.0744 9008 NAVEX15 - ok
18:07:27.0837 9008 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
18:07:27.0837 9008 NDIS - ok
18:07:27.0868 9008 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:07:27.0868 9008 NdisCap - ok
18:07:27.0900 9008 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:07:27.0900 9008 NdisTapi - ok
18:07:27.0931 9008 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
18:07:27.0931 9008 Ndisuio - ok
18:07:27.0946 9008 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:07:27.0962 9008 NdisWan - ok
18:07:27.0978 9008 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
18:07:27.0978 9008 NDProxy - ok
18:07:27.0993 9008 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:07:27.0993 9008 NetBIOS - ok
18:07:28.0024 9008 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
18:07:28.0024 9008 NetBT - ok
18:07:28.0040 9008 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:07:28.0040 9008 nfrd960 - ok
18:07:28.0056 9008 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:07:28.0056 9008 Npfs - ok
18:07:28.0071 9008 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:07:28.0071 9008 nsiproxy - ok
18:07:28.0149 9008 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
18:07:28.0165 9008 Ntfs - ok
18:07:28.0243 9008 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:07:28.0243 9008 Null - ok
18:07:28.0274 9008 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
18:07:28.0274 9008 NVHDA - ok
18:07:28.0461 9008 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:07:28.0633 9008 nvlddmkm - ok
18:07:28.0742 9008 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
18:07:28.0742 9008 nvraid - ok
18:07:28.0773 9008 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
18:07:28.0773 9008 nvstor - ok
18:07:28.0820 9008 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:07:28.0820 9008 nv_agp - ok
18:07:28.0851 9008 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:07:28.0851 9008 ohci1394 - ok
18:07:28.0914 9008 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
18:07:28.0929 9008 Parport - ok
18:07:28.0945 9008 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
18:07:28.0960 9008 partmgr - ok
18:07:28.0976 9008 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
18:07:28.0976 9008 pci - ok
18:07:29.0007 9008 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:07:29.0007 9008 pciide - ok
18:07:29.0085 9008 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:07:29.0085 9008 pcmcia - ok
18:07:29.0116 9008 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:07:29.0116 9008 pcw - ok
18:07:29.0148 9008 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:07:29.0148 9008 PEAUTH - ok
18:07:29.0194 9008 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
18:07:29.0210 9008 PptpMiniport - ok
18:07:29.0226 9008 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:07:29.0226 9008 Processor - ok
18:07:29.0257 9008 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
18:07:29.0257 9008 Psched - ok
18:07:29.0350 9008 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:07:29.0350 9008 PxHlpa64 - ok
18:07:29.0397 9008 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:07:29.0413 9008 ql2300 - ok
18:07:29.0522 9008 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:07:29.0538 9008 ql40xx - ok
18:07:29.0553 9008 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:07:29.0553 9008 QWAVEdrv - ok
18:07:29.0584 9008 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:07:29.0584 9008 RasAcd - ok
18:07:29.0616 9008 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:07:29.0616 9008 RasAgileVpn - ok
18:07:29.0647 9008 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:07:29.0647 9008 Rasl2tp - ok
18:07:29.0678 9008 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:07:29.0678 9008 RasPppoe - ok
18:07:29.0694 9008 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:07:29.0694 9008 RasSstp - ok
18:07:29.0725 9008 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
18:07:29.0740 9008 rdbss - ok
18:07:29.0756 9008 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
18:07:29.0756 9008 rdpbus - ok
18:07:29.0772 9008 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:07:29.0772 9008 RDPCDD - ok
18:07:29.0803 9008 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:07:29.0803 9008 RDPENCDD - ok
18:07:29.0881 9008 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:07:29.0881 9008 RDPREFMP - ok
18:07:29.0912 9008 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
18:07:29.0912 9008 RDPWD - ok
18:07:29.0974 9008 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
18:07:29.0974 9008 rdyboost - ok
18:07:30.0084 9008 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:07:30.0084 9008 RFCOMM - ok
18:07:30.0115 9008 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
18:07:30.0130 9008 rimspci - ok
18:07:30.0396 9008 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:07:30.0396 9008 RimUsb - ok
18:07:30.0442 9008 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
18:07:30.0442 9008 RimVSerPort - ok
18:07:30.0458 9008 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
18:07:30.0458 9008 risdsnpe - ok
18:07:30.0489 9008 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
18:07:30.0489 9008 ROOTMODEM - ok
18:07:30.0536 9008 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:07:30.0536 9008 rspndr - ok
18:07:30.0552 9008 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
18:07:30.0567 9008 sbp2port - ok
18:07:30.0583 9008 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
18:07:30.0583 9008 scfilter - ok
18:07:30.0614 9008 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
18:07:30.0614 9008 sdbus - ok
18:07:30.0645 9008 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:07:30.0645 9008 secdrv - ok
18:07:30.0676 9008 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
18:07:30.0676 9008 Serenum - ok
18:07:30.0739 9008 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
18:07:30.0739 9008 Serial - ok
18:07:30.0770 9008 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:07:30.0770 9008 sermouse - ok
18:07:30.0817 9008 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
18:07:30.0817 9008 SFEP - ok
18:07:30.0832 9008 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:07:30.0832 9008 sffdisk - ok
18:07:30.0848 9008 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:07:30.0848 9008 sffp_mmc - ok
18:07:30.0895 9008 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
18:07:30.0895 9008 sffp_sd - ok
18:07:30.0926 9008 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:07:30.0926 9008 sfloppy - ok
18:07:30.0957 9008 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:07:30.0957 9008 SiSRaid2 - ok
18:07:30.0973 9008 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:07:30.0973 9008 SiSRaid4 - ok
18:07:31.0004 9008 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:07:31.0004 9008 Smb - ok
18:07:31.0051 9008 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:07:31.0051 9008 spldr - ok
18:07:31.0254 9008 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSP64.SYS
18:07:31.0269 9008 SRTSP - ok
18:07:31.0363 9008 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSPX64.SYS
18:07:31.0363 9008 SRTSPX - ok
18:07:31.0410 9008 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
18:07:31.0410 9008 srv - ok
18:07:31.0503 9008 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
18:07:31.0503 9008 srv2 - ok
18:07:31.0534 9008 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
18:07:31.0534 9008 srvnet - ok
18:07:31.0581 9008 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:07:31.0581 9008 stexstor - ok
18:07:31.0612 9008 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:07:31.0612 9008 swenum - ok
18:07:31.0737 9008 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0600010.002\SYMDS64.SYS
18:07:31.0737 9008 SymDS - ok
18:07:31.0909 9008 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0600010.002\SYMEFA64.SYS
18:07:31.0924 9008 SymEFA - ok
18:07:32.0018 9008 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:07:32.0018 9008 SymEvent - ok
18:07:32.0143 9008 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0600010.002\Ironx64.SYS
18:07:32.0143 9008 SymIRON - ok
18:07:32.0299 9008 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\system32\drivers\N360x64\0600010.002\SYMNETS.SYS
18:07:32.0299 9008 SymNetS - ok
18:07:32.0361 9008 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
18:07:32.0392 9008 Tcpip - ok
18:07:32.0424 9008 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
18:07:32.0439 9008 TCPIP6 - ok
18:07:32.0486 9008 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
18:07:32.0486 9008 tcpipreg - ok
18:07:32.0517 9008 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:07:32.0517 9008 TDPIPE - ok
18:07:32.0533 9008 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:07:32.0533 9008 TDTCP - ok
18:07:32.0564 9008 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
18:07:32.0564 9008 tdx - ok
18:07:32.0580 9008 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
18:07:32.0580 9008 TermDD - ok
18:07:32.0611 9008 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:07:32.0611 9008 tssecsrv - ok
18:07:32.0689 9008 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
18:07:32.0689 9008 tunnel - ok
18:07:32.0720 9008 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:07:32.0720 9008 uagp35 - ok
18:07:32.0751 9008 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
18:07:32.0751 9008 udfs - ok
18:07:32.0782 9008 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:07:32.0782 9008 uliagpkx - ok
18:07:32.0814 9008 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
18:07:32.0814 9008 umbus - ok
18:07:32.0829 9008 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:07:32.0829 9008 UmPass - ok
18:07:32.0892 9008 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
18:07:32.0892 9008 usbaudio - ok
18:07:32.0923 9008 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
18:07:32.0923 9008 usbccgp - ok
18:07:32.0970 9008 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:07:32.0970 9008 usbcir - ok
18:07:33.0001 9008 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
18:07:33.0001 9008 usbehci - ok
18:07:33.0094 9008 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
18:07:33.0094 9008 usbhub - ok
18:07:33.0126 9008 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
18:07:33.0126 9008 usbohci - ok
18:07:33.0141 9008 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
18:07:33.0141 9008 usbprint - ok
18:07:33.0172 9008 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
18:07:33.0172 9008 USBSTOR - ok
18:07:33.0204 9008 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
18:07:33.0204 9008 usbuhci - ok
18:07:33.0219 9008 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
18:07:33.0219 9008 usbvideo - ok
18:07:33.0282 9008 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:07:33.0282 9008 vdrvroot - ok
18:07:33.0297 9008 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:07:33.0297 9008 vga - ok
18:07:33.0328 9008 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:07:33.0328 9008 VgaSave - ok
18:07:33.0360 9008 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
18:07:33.0360 9008 vhdmp - ok
18:07:33.0406 9008 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:07:33.0406 9008 viaide - ok
18:07:33.0422 9008 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
18:07:33.0422 9008 volmgr - ok
18:07:33.0500 9008 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
18:07:33.0516 9008 volmgrx - ok
18:07:33.0562 9008 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
18:07:33.0562 9008 volsnap - ok
18:07:33.0578 9008 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:07:33.0578 9008 vsmraid - ok
18:07:33.0640 9008 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:07:33.0640 9008 vwifibus - ok
18:07:33.0656 9008 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:07:33.0656 9008 vwififlt - ok
18:07:33.0703 9008 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:07:33.0703 9008 vwifimp - ok
18:07:33.0718 9008 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:07:33.0718 9008 WacomPen - ok
18:07:33.0765 9008 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:07:33.0765 9008 WANARP - ok
18:07:33.0765 9008 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:07:33.0765 9008 Wanarpv6 - ok
18:07:33.0859 9008 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:07:33.0859 9008 Wd - ok
18:07:33.0874 9008 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:07:33.0890 9008 Wdf01000 - ok
18:07:33.0937 9008 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:07:33.0937 9008 WfpLwf - ok
18:07:33.0937 9008 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:07:33.0952 9008 WIMMount - ok
18:07:34.0015 9008 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
18:07:34.0015 9008 WinUsb - ok
18:07:34.0046 9008 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:07:34.0046 9008 WmiAcpi - ok
18:07:34.0093 9008 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:07:34.0093 9008 ws2ifsl - ok
18:07:34.0124 9008 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
18:07:34.0124 9008 WudfPf - ok
18:07:34.0186 9008 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
18:07:34.0186 9008 xusb21 - ok
18:07:34.0280 9008 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
18:07:34.0280 9008 yukonw7 - ok
18:07:34.0311 9008 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
18:07:34.0342 9008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
18:07:34.0342 9008 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
18:07:34.0374 9008 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
18:07:34.0374 9008 \Device\Harddisk0\DR0\Partition0 - ok
18:07:34.0389 9008 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
18:07:34.0389 9008 \Device\Harddisk0\DR0\Partition1 - ok
18:07:34.0389 9008 ============================================================
18:07:34.0389 9008 Scan finished
18:07:34.0389 9008 ============================================================
18:07:34.0389 8628 Detected object count: 1
18:07:34.0389 8628 Actual detected object count: 1
18:09:07.0303 8628 \Device\Harddisk0\DR0\# - copied to quarantine
18:09:07.0303 8628 \Device\Harddisk0\DR0 - copied to quarantine
18:09:07.0381 8628 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
18:09:07.0381 8628 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
18:09:07.0397 8628 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
18:09:07.0412 8628 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
18:09:07.0428 8628 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
18:09:07.0428 8628 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
18:09:07.0443 8628 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine
19:26:29.0901 8820 ============================================================
19:26:29.0901 8820 Scan started
19:26:29.0901 8820 Mode: Manual;
19:26:29.0901 8820 ============================================================
19:26:30.0119 8820 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
19:26:30.0119 8820 1394ohci - ok
19:26:30.0166 8820 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
19:26:30.0166 8820 ACPI - ok
19:26:30.0182 8820 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
19:26:30.0182 8820 AcpiPmi - ok
19:26:30.0213 8820 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:26:30.0213 8820 adp94xx - ok
19:26:30.0244 8820 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:26:30.0244 8820 adpahci - ok
19:26:30.0260 8820 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:26:30.0260 8820 adpu320 - ok
19:26:30.0291 8820 AFD - ok
19:26:30.0307 8820 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:26:30.0322 8820 agp440 - ok
19:26:30.0338 8820 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:26:30.0338 8820 aliide - ok
19:26:30.0353 8820 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:26:30.0353 8820 amdide - ok
19:26:30.0369 8820 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:26:30.0369 8820 AmdK8 - ok
19:26:30.0385 8820 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:26:30.0385 8820 AmdPPM - ok
19:26:30.0447 8820 amdsata - ok
19:26:30.0525 8820 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:26:30.0525 8820 amdsbs - ok
19:26:30.0525 8820 amdxata - ok
19:26:30.0572 8820 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
19:26:30.0572 8820 ApfiltrService - ok
19:26:30.0587 8820 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
19:26:30.0603 8820 AppID - ok
19:26:30.0619 8820 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:26:30.0619 8820 arc - ok
19:26:30.0634 8820 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:26:30.0634 8820 arcsas - ok
19:26:30.0681 8820 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:26:30.0681 8820 ArcSoftKsUFilter - ok
19:26:30.0697 8820 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:26:30.0697 8820 AsyncMac - ok
19:26:30.0728 8820 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:26:30.0728 8820 atapi - ok
19:26:30.0790 8820 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
19:26:30.0790 8820 athr - ok
19:26:30.0884 8820 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:26:30.0899 8820 b06bdrv - ok
19:26:30.0931 8820 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:26:30.0931 8820 b57nd60a - ok
19:26:30.0962 8820 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:26:30.0962 8820 Beep - ok
19:26:31.0009 8820 BHDrvx64 - ok
19:26:31.0040 8820 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:26:31.0040 8820 blbdrive - ok
19:26:31.0071 8820 bowser - ok
19:26:31.0102 8820 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:26:31.0102 8820 BrFiltLo - ok
19:26:31.0118 8820 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:26:31.0118 8820 BrFiltUp - ok
19:26:31.0149 8820 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:26:31.0149 8820 Brserid - ok
19:26:31.0180 8820 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:26:31.0180 8820 BrSerWdm - ok
19:26:31.0243 8820 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:26:31.0243 8820 BrUsbMdm - ok
19:26:31.0274 8820 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:26:31.0274 8820 BrUsbSer - ok
19:26:31.0305 8820 BthEnum - ok
19:26:31.0336 8820 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:26:31.0336 8820 BTHMODEM - ok
19:26:31.0352 8820 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:26:31.0352 8820 BthPan - ok
19:26:31.0367 8820 BTHPORT - ok
19:26:31.0383 8820 BTHUSB - ok
19:26:31.0430 8820 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
19:26:31.0430 8820 btwampfl - ok
19:26:31.0445 8820 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
19:26:31.0445 8820 btwaudio - ok
19:26:31.0477 8820 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
19:26:31.0477 8820 btwavdt - ok
19:26:31.0492 8820 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
19:26:31.0492 8820 btwl2cap - ok
19:26:31.0508 8820 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
19:26:31.0508 8820 btwrchid - ok
19:26:31.0539 8820 ccSet_N360 - ok
19:26:31.0617 8820 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:26:31.0617 8820 cdfs - ok
19:26:31.0664 8820 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
19:26:31.0664 8820 cdrom - ok
19:26:31.0679 8820 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:26:31.0679 8820 circlass - ok
19:26:31.0711 8820 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:26:31.0711 8820 CLFS - ok
19:26:31.0757 8820 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:26:31.0757 8820 CmBatt - ok
19:26:31.0773 8820 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:26:31.0773 8820 cmdide - ok
19:26:31.0789 8820 CNG - ok
19:26:31.0820 8820 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:26:31.0820 8820 Compbatt - ok
19:26:31.0835 8820 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
19:26:31.0835 8820 CompositeBus - ok
19:26:31.0867 8820 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:26:31.0867 8820 crcdisk - ok
19:26:31.0898 8820 DfsC - ok
19:26:31.0929 8820 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:26:31.0929 8820 discache - ok
19:26:31.0991 8820 Disk - ok
19:26:32.0023 8820 dot4 - ok
19:26:32.0023 8820 Dot4Print - ok
19:26:32.0038 8820 Dot4Scan - ok
19:26:32.0054 8820 dot4usb - ok
19:26:32.0085 8820 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:26:32.0085 8820 drmkaud - ok
19:26:32.0116 8820 DXGKrnl - ok
19:26:32.0194 8820 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:26:32.0210 8820 ebdrv - ok
19:26:32.0257 8820 eeCtrl - ok
19:26:32.0319 8820 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:26:32.0319 8820 elxstor - ok
19:26:32.0319 8820 EraserUtilRebootDrv - ok
19:26:32.0381 8820 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:26:32.0381 8820 ErrDev - ok
19:26:32.0413 8820 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:26:32.0413 8820 exfat - ok
19:26:32.0444 8820 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:26:32.0444 8820 fastfat - ok
19:26:32.0475 8820 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:26:32.0475 8820 fdc - ok
19:26:32.0491 8820 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:26:32.0491 8820 FileInfo - ok
19:26:32.0522 8820 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:26:32.0522 8820 Filetrace - ok
19:26:32.0537 8820 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:26:32.0537 8820 flpydisk - ok
19:26:32.0569 8820 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
19:26:32.0569 8820 FltMgr - ok
19:26:32.0600 8820 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:26:32.0600 8820 FsDepends - ok
19:26:32.0615 8820 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:26:32.0615 8820 Fs_Rec - ok
19:26:32.0647 8820 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:26:32.0647 8820 fvevol - ok
19:26:32.0693 8820 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:26:32.0693 8820 gagp30kx - ok
19:26:32.0756 8820 GEARAspiWDM - ok
19:26:32.0787 8820 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:26:32.0787 8820 hcw85cir - ok
19:26:32.0818 8820 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
19:26:32.0818 8820 HdAudAddService - ok
19:26:32.0849 8820 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
19:26:32.0849 8820 HDAudBus - ok
19:26:32.0865 8820 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:26:32.0865 8820 HidBatt - ok
19:26:32.0896 8820 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:26:32.0896 8820 HidBth - ok
19:26:32.0912 8820 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:26:32.0912 8820 HidIr - ok
19:26:32.0927 8820 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
19:26:32.0927 8820 HidUsb - ok
19:26:32.0959 8820 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
19:26:32.0959 8820 HpSAMD - ok
19:26:32.0990 8820 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
19:26:32.0990 8820 HTTP - ok
19:26:33.0005 8820 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
19:26:33.0005 8820 hwpolicy - ok
19:26:33.0052 8820 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:26:33.0052 8820 i8042prt - ok
19:26:33.0115 8820 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
19:26:33.0130 8820 iaStor - ok
19:26:33.0146 8820 iaStorV - ok
19:26:33.0177 8820 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
19:26:33.0177 8820 ICDUSB3 - ok
19:26:33.0239 8820 IDSVia64 - ok
19:26:33.0271 8820 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:26:33.0271 8820 iirsp - ok
19:26:33.0317 8820 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
19:26:33.0317 8820 Impcd - ok
19:26:33.0364 8820 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
19:26:33.0380 8820 IntcAzAudAddService - ok
19:26:33.0458 8820 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:26:33.0458 8820 intelide - ok
19:26:33.0473 8820 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:26:33.0489 8820 intelppm - ok
19:26:33.0505 8820 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:26:33.0505 8820 IpFilterDriver - ok
19:26:33.0536 8820 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
19:26:33.0536 8820 IPMIDRV - ok
19:26:33.0567 8820 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:26:33.0567 8820 IPNAT - ok
19:26:33.0583 8820 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:26:33.0614 8820 IRENUM - ok
19:26:33.0629 8820 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:26:33.0629 8820 isapnp - ok
19:26:33.0661 8820 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
19:26:33.0676 8820 iScsiPrt - ok
19:26:33.0707 8820 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:26:33.0707 8820 kbdclass - ok
19:26:33.0739 8820 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
19:26:33.0739 8820 kbdhid - ok
19:26:33.0754 8820 KSecDD - ok
19:26:33.0832 8820 KSecPkg - ok
19:26:33.0848 8820 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:26:33.0863 8820 ksthunk - ok
19:26:33.0910 8820 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:26:33.0926 8820 lltdio - ok
19:26:33.0957 8820 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:26:33.0957 8820 LSI_FC - ok
19:26:33.0988 8820 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:26:33.0988 8820 LSI_SAS - ok
19:26:34.0019 8820 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:26:34.0019 8820 LSI_SAS2 - ok
19:26:34.0035 8820 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:26:34.0051 8820 LSI_SCSI - ok
19:26:34.0066 8820 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:26:34.0066 8820 luafv - ok
19:26:34.0097 8820 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:26:34.0097 8820 megasas - ok
19:26:34.0129 8820 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:26:34.0129 8820 MegaSR - ok
19:26:34.0160 8820 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:26:34.0175 8820 Modem - ok
19:26:34.0238 8820 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:26:34.0238 8820 monitor - ok
19:26:34.0253 8820 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:26:34.0253 8820 mouclass - ok
19:26:34.0300 8820 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:26:34.0300 8820 mouhid - ok
19:26:34.0331 8820 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
19:26:34.0331 8820 mountmgr - ok
19:26:34.0363 8820 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
19:26:34.0363 8820 mpio - ok
19:26:34.0378 8820 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:26:34.0394 8820 mpsdrv - ok
19:26:34.0409 8820 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
19:26:34.0409 8820 MRxDAV - ok
19:26:34.0441 8820 mrxsmb - ok
19:26:34.0441 8820 mrxsmb10 - ok
19:26:34.0456 8820 mrxsmb20 - ok
19:26:34.0487 8820 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
19:26:34.0487 8820 msahci - ok
19:26:34.0519 8820 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
19:26:34.0519 8820 msdsm - ok
19:26:34.0550 8820 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:26:34.0550 8820 Msfs - ok
19:26:34.0565 8820 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:26:34.0565 8820 mshidkmdf - ok
19:26:34.0643 8820 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:26:34.0643 8820 msisadrv - ok
19:26:34.0659 8820 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:26:34.0659 8820 MSKSSRV - ok
19:26:34.0690 8820 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:34.0690 8820 MSPCLOCK - ok
19:26:34.0706 8820 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:26:34.0721 8820 MSPQM - ok
19:26:34.0768 8820 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
19:26:34.0768 8820 MsRPC - ok
19:26:34.0784 8820 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:26:34.0799 8820 mssmbios - ok
19:26:34.0815 8820 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:26:34.0815 8820 MSTEE - ok
19:26:34.0846 8820 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:26:34.0846 8820 MTConfig - ok
19:26:34.0877 8820 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:26:34.0877 8820 Mup - ok
19:26:34.0893 8820 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:26:34.0909 8820 NativeWifiP - ok
19:26:34.0987 8820 NAVENG - ok
19:26:34.0987 8820 NAVEX15 - ok
19:26:35.0065 8820 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
19:26:35.0080 8820 NDIS - ok
19:26:35.0111 8820 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:35.0111 8820 NdisCap - ok
19:26:35.0143 8820 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:35.0143 8820 NdisTapi - ok
19:26:35.0158 8820 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:35.0158 8820 Ndisuio - ok
19:26:35.0189 8820 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:35.0189 8820 NdisWan - ok
19:26:35.0205 8820 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
19:26:35.0221 8820 NDProxy - ok
19:26:35.0221 8820 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:26:35.0236 8820 NetBIOS - ok
19:26:35.0252 8820 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
19:26:35.0252 8820 NetBT - ok
19:26:35.0283 8820 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:26:35.0283 8820 nfrd960 - ok
19:26:35.0299 8820 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:26:35.0299 8820 Npfs - ok
19:26:35.0330 8820 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:26:35.0330 8820 nsiproxy - ok
19:26:35.0361 8820 Ntfs - ok
19:26:35.0408 8820 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:26:35.0408 8820 Null - ok
19:26:35.0486 8820 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
19:26:35.0486 8820 NVHDA - ok
19:26:35.0689 8820 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:26:35.0860 8820 nvlddmkm - ok
19:26:35.0938 8820 nvraid - ok
19:26:35.0954 8820 nvstor - ok
19:26:35.0985 8820 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:26:35.0985 8820 nv_agp - ok
19:26:36.0001 8820 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:26:36.0016 8820 ohci1394 - ok
19:26:36.0032 8820 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:26:36.0047 8820 Parport - ok
19:26:36.0063 8820 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
19:26:36.0063 8820 partmgr - ok
19:26:36.0094 8820 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
19:26:36.0094 8820 pci - ok
19:26:36.0125 8820 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:26:36.0125 8820 pciide - ok
19:26:36.0141 8820 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:26:36.0141 8820 pcmcia - ok
19:26:36.0172 8820 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:26:36.0172 8820 pcw - ok
19:26:36.0203 8820 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:26:36.0203 8820 PEAUTH - ok
19:26:36.0250 8820 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
19:26:36.0250 8820 PptpMiniport - ok
19:26:36.0359 8820 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:26:36.0359 8820 Processor - ok
19:26:36.0391 8820 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
19:26:36.0406 8820 Psched - ok
19:26:36.0437 8820 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:26:36.0437 8820 PxHlpa64 - ok
19:26:36.0484 8820 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:26:36.0500 8820 ql2300 - ok
19:26:36.0531 8820 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:26:36.0531 8820 ql40xx - ok
19:26:36.0562 8820 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:26:36.0562 8820 QWAVEdrv - ok
19:26:36.0578 8820 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:26:36.0578 8820 RasAcd - ok
19:26:36.0609 8820 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:26:36.0609 8820 RasAgileVpn - ok
19:26:36.0640 8820 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:26:36.0640 8820 Rasl2tp - ok
19:26:36.0718 8820 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:26:36.0734 8820 RasPppoe - ok
19:26:36.0749 8820 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:26:36.0749 8820 RasSstp - ok
19:26:36.0781 8820 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
19:26:36.0781 8820 rdbss - ok
19:26:36.0812 8820 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:26:36.0812 8820 rdpbus - ok
19:26:36.0827 8820 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:26:36.0827 8820 RDPCDD - ok
19:26:36.0843 8820 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:26:36.0843 8820 RDPENCDD - ok
19:26:36.0890 8820 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:26:36.0890 8820 RDPREFMP - ok
19:26:36.0921 8820 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
19:26:36.0921 8820 RDPWD - ok
19:26:36.0952 8820 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
19:26:36.0952 8820 rdyboost - ok
19:26:36.0983 8820 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:26:36.0983 8820 RFCOMM - ok
19:26:37.0030 8820 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
19:26:37.0046 8820 rimspci - ok
19:26:37.0139 8820 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:26:37.0139 8820 RimUsb - ok
19:26:37.0171 8820 RimVSerPort - ok
19:26:37.0202 8820 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
19:26:37.0217 8820 risdsnpe - ok
19:26:37.0264 8820 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
19:26:37.0264 8820 ROOTMODEM - ok
19:26:37.0280 8820 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:26:37.0280 8820 rspndr - ok
19:26:37.0311 8820 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
19:26:37.0311 8820 sbp2port - ok
19:26:37.0342 8820 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
19:26:37.0342 8820 scfilter - ok
19:26:37.0373 8820 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
19:26:37.0373 8820 sdbus - ok
19:26:37.0405 8820 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:26:37.0405 8820 secdrv - ok
19:26:37.0436 8820 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:26:37.0451 8820 Serenum - ok
19:26:37.0529 8820 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:26:37.0545 8820 Serial - ok
19:26:37.0561 8820 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:26:37.0561 8820 sermouse - ok
19:26:37.0607 8820 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
19:26:37.0607 8820 SFEP - ok
19:26:37.0623 8820 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:26:37.0639 8820 sffdisk - ok
19:26:37.0670 8820 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:26:37.0670 8820 sffp_mmc - ok
19:26:37.0685 8820 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
19:26:37.0685 8820 sffp_sd - ok
19:26:37.0701 8820 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:26:37.0701 8820 sfloppy - ok
19:26:37.0732 8820 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:26:37.0732 8820 SiSRaid2 - ok
19:26:37.0748 8820 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:26:37.0763 8820 SiSRaid4 - ok
19:26:37.0779 8820 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:26:37.0795 8820 Smb - ok
19:26:37.0841 8820 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:26:37.0841 8820 spldr - ok
19:26:37.0888 8820 SRTSP - ok
19:26:37.0966 8820 SRTSPX - ok
19:26:37.0997 8820 srv - ok
19:26:38.0013 8820 srv2 - ok
19:26:38.0044 8820 srvnet - ok
19:26:38.0075 8820 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:26:38.0075 8820 stexstor - ok
19:26:38.0091 8820 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:26:38.0107 8820 swenum - ok
19:26:38.0107 8820 SymDS - ok
19:26:38.0122 8820 SymEFA - ok
19:26:38.0169 8820 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:26:38.0169 8820 SymEvent - ok
19:26:38.0185 8820 SymIRON - ok
19:26:38.0200 8820 SymNetS - ok
19:26:38.0216 8820 Tcpip - ok
19:26:38.0231 8820 TCPIP6 - ok
19:26:38.0263 8820 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
19:26:38.0263 8820 tcpipreg - ok
19:26:38.0278 8820 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:26:38.0294 8820 TDPIPE - ok
19:26:38.0294 8820 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:26:38.0309 8820 TDTCP - ok
19:26:38.0325 8820 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
19:26:38.0341 8820 tdx - ok
19:26:38.0356 8820 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
19:26:38.0356 8820 TermDD - ok
19:26:38.0387 8820 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:26:38.0387 8820 tssecsrv - ok
19:26:38.0419 8820 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
19:26:38.0419 8820 tunnel - ok
19:26:38.0434 8820 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:26:38.0434 8820 uagp35 - ok
19:26:38.0528 8820 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
19:26:38.0528 8820 udfs - ok
19:26:38.0559 8820 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:26:38.0559 8820 uliagpkx - ok
19:26:38.0575 8820 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
19:26:38.0575 8820 umbus - ok
19:26:38.0606 8820 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:26:38.0606 8820 UmPass - ok
19:26:38.0637 8820 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
19:26:38.0637 8820 usbaudio - ok
19:26:38.0653 8820 usbccgp - ok
19:26:38.0699 8820 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:26:38.0699 8820 usbcir - ok
19:26:38.0715 8820 usbehci - ok
19:26:38.0731 8820 usbhub - ok
19:26:38.0746 8820 usbohci - ok
19:26:38.0762 8820 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:26:38.0762 8820 usbprint - ok
19:26:38.0777 8820 USBSTOR - ok
19:26:38.0793 8820 usbuhci - ok
19:26:38.0824 8820 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
19:26:38.0824 8820 usbvideo - ok
19:26:38.0855 8820 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:26:38.0855 8820 vdrvroot - ok
19:26:38.0887 8820 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:26:38.0902 8820 vga - ok
19:26:38.0980 8820 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:26:38.0980 8820 VgaSave - ok
19:26:38.0996 8820 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
19:26:39.0011 8820 vhdmp - ok
19:26:39.0027 8820 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:26:39.0027 8820 viaide - ok
19:26:39.0043 8820 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
19:26:39.0058 8820 volmgr - ok
19:26:39.0074 8820 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
19:26:39.0074 8820 volmgrx - ok
19:26:39.0105 8820 volsnap - ok
19:26:39.0136 8820 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:26:39.0136 8820 vsmraid - ok
19:26:39.0183 8820 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:26:39.0183 8820 vwifibus - ok
19:26:39.0199 8820 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:26:39.0199 8820 vwififlt - ok
19:26:39.0230 8820 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:26:39.0230 8820 vwifimp - ok
19:26:39.0245 8820 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:26:39.0245 8820 WacomPen - ok
19:26:39.0261 8820 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:39.0261 8820 WANARP - ok
19:26:39.0261 8820 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:39.0277 8820 Wanarpv6 - ok
19:26:39.0292 8820 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:26:39.0292 8820 Wd - ok
19:26:39.0323 8820 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:26:39.0339 8820 Wdf01000 - ok
19:26:39.0433 8820 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:26:39.0433 8820 WfpLwf - ok
19:26:39.0448 8820 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:26:39.0448 8820 WIMMount - ok
19:26:39.0479 8820 WinUsb - ok
19:26:39.0526 8820 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:26:39.0526 8820 WmiAcpi - ok
19:26:39.0542 8820 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:26:39.0557 8820 ws2ifsl - ok
19:26:39.0573 8820 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
19:26:39.0589 8820 WudfPf - ok
19:26:39.0620 8820 xusb21 - ok
19:26:39.0651 8820 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
19:26:39.0651 8820 yukonw7 - ok
19:26:39.0667 8820 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
19:26:39.0698 8820 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
19:26:39.0698 8820 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
19:26:39.0713 8820 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
19:26:39.0729 8820 \Device\Harddisk0\DR0\Partition0 - ok
19:26:39.0729 8820 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
19:26:39.0729 8820 \Device\Harddisk0\DR0\Partition1 - ok
19:26:39.0729 8820 ============================================================
19:26:39.0729 8820 Scan finished
19:26:39.0729 8820 ============================================================
19:26:39.0745 9084 Detected object count: 1
19:26:39.0745 9084 Actual detected object count: 1
19:26:49.0916 9084 \Device\Harddisk0\DR0\# - copied to quarantine
19:26:49.0916 9084 \Device\Harddisk0\DR0 - copied to quarantine
19:26:50.0009 9084 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:26:50.0009 9084 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
19:26:50.0025 9084 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
19:26:50.0041 9084 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
19:26:50.0056 9084 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
19:26:50.0056 9084 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
19:26:50.0056 9084 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
19:26:50.0056 9084 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
19:26:50.0072 9084 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
19:26:50.0072 9084 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
19:26:50.0072 9084 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
19:26:50.0072 9084 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 AM

Posted 18 February 2012 - 08:52 PM

It appeared to run OK with Norton on.. did you run it several times?

Looks like it did quarantine the problem. You should reboot the machine and do the rest.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 MountainSky

MountainSky
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 18 February 2012 - 08:55 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by F (administrator) on 18-02-2012 at 19:51:03
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:63030

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9287 Wireless Network Adapter = Wireless Network Connection (Connected)
Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : F-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 62-DD-08-DD-D6-D5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9287 Wireless Network Adapter
Physical Address. . . . . . . . . : 78-DD-08-DD-D6-D5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5cc4:8ea6:a934:c643%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, February 18, 2012 3:37:37 PM
Lease Expires . . . . . . . . . . : Sunday, February 19, 2012 7:31:12 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 352331358
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-BD-46-3A-54-42-49-56-B0-1D
DNS Servers . . . . . . . . . . . : 208.180.42.100
208.180.42.68
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 54-42-49-56-B0-1D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{23F7D581-A7AC-4EFB-BC0D-86B3DC2C1A25}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D726B9D6-BF17-49F0-A998-6B63D7E304A5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3097:27ed:b53d:d287(Preferred)
Link-local IPv6 Address . . . . . : fe80::3097:27ed:b53d:d287%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{BB9F53EC-CA10-40D8-B7C0-543D3FA66BF5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: rdns02.suddenlink.net
Address: 208.180.42.100

Name: google.com
Addresses: 74.125.227.129
74.125.227.130
74.125.227.131
74.125.227.132
74.125.227.133
74.125.227.134
74.125.227.135
74.125.227.136
74.125.227.137
74.125.227.138
74.125.227.139
74.125.227.140
74.125.227.141
74.125.227.142
74.125.227.143
74.125.227.128


Pinging google.com [74.125.227.135] with 32 bytes of data:
Reply from 74.125.227.135: bytes=32 time=55ms TTL=54
Reply from 74.125.227.135: bytes=32 time=63ms TTL=54

Ping statistics for 74.125.227.135:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 55ms, Maximum = 63ms, Average = 59ms
Server: rdns02.suddenlink.net
Address: 208.180.42.100

Name: yahoo.com
Addresses: 209.191.122.70
98.139.127.62
98.139.183.24


Pinging yahoo.com [98.139.127.62] with 32 bytes of data:
Reply from 98.139.127.62: bytes=32 time=105ms TTL=50
Reply from 98.139.127.62: bytes=32 time=98ms TTL=50

Ping statistics for 98.139.127.62:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 98ms, Maximum = 105ms, Average = 101ms
Server: rdns02.suddenlink.net
Address: 208.180.42.100

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...62 dd 08 dd d6 d5 ......Microsoft Virtual WiFi Miniport Adapter
12...78 dd 08 dd d6 d5 ......Atheros AR9287 Wireless Network Adapter
11...54 42 49 56 b0 1d ......Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.104 281
192.168.1.104 255.255.255.255 On-link 192.168.1.104 281
192.168.1.255 255.255.255.255 On-link 192.168.1.104 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.104 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.104 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:3097:27ed:b53d:d287/128
On-link
12 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::3097:27ed:b53d:d287/128
On-link
12 281 fe80::5cc4:8ea6:a934:c643/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/18/2012 06:56:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/18/2012 06:56:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (02/18/2012 02:15:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: jvm.dll, version: 16.0.0.13, time stamp: 0x4b2ad748
Exception code: 0xc0000005
Fault offset: 0x00002760
Faulting process id: 0xddc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/18/2012 01:08:55 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/18/2012 01:08:55 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/18/2012 00:42:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: SymNRT.exe, version: 2012.0.0.19, time stamp: 0x4ddf8f09
Faulting module name: SymNRT.exe, version: 2012.0.0.19, time stamp: 0x4ddf8f09
Exception code: 0x40000015
Fault offset: 0x0004d42a
Faulting process id: 0x186c
Faulting application start time: 0xSymNRT.exe0
Faulting application path: SymNRT.exe1
Faulting module path: SymNRT.exe2
Report Id: SymNRT.exe3

Error: (02/13/2012 00:31:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/13/2012 00:30:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (02/11/2012 00:31:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2012 00:31:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (02/18/2012 03:37:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: SYSTEM)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (02/18/2012 02:05:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: SYSTEM)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (02/18/2012 01:54:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows 7 Service Pack 1 for x64-based Systems (KB976932).

Error: (02/18/2012 00:50:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: SYSTEM)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (02/18/2012 00:47:29 PM) (Source: Service Control Manager) (User: )
Description: The Norton 360 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/18/2012 00:00:51 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16405

Error: (02/18/2012 00:00:16 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64

Error: (02/18/2012 11:59:55 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: SYSTEM)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (02/18/2012 11:27:40 AM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (02/18/2012 11:17:25 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.


Microsoft Office Sessions:
=========================
Error: (10/25/2010 06:35:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 95392 seconds with 15540 seconds of active time. This session ended with a crash.

Error: (10/17/2010 08:41:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 118 seconds with 60 seconds of active time. This session ended with a crash.

Error: (10/17/2010 08:38:47 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 216 seconds with 180 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

ABBYY PDF Transformer 3.0 (Version: 3.00.162.6808)
AccuWeather.com Cirrus (Version: 0.1.6)
Adobe Acrobat X Pro (Version: 10.1.2)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Reader 9.2 (Version: 9.2.0)
Alps Pointing-device for VAIO
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.85)
ArcSoft WebCam Companion 3 (Version: 3.0.21.278)
BlackBerry Desktop Software 6.0.2 (Version: 6.0.2.44)
BlackBerry Device Software v5.0.0 for the BlackBerry 9630 smartphone (Version: 5.0.0.1030 (Platform 4.2.0.451))
Click to Disc MergeModules x64 (Version: 1.0.14230)
Corel KPT Collection (Version: 1.00.0000)
Corel KPT Collection for PSPX4
Corel PaintShop Pro X4 (Version: 14.0.0.332)
Digital Voice Editor 3 (Version: 3.3.01.11240)
Evernote (Version: 3.5.2.1525)
ICA (Version: 14.0.0.332)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Rapid Storage Technology (Version: 9.5.4.1001)
Intel® Turbo Boost Technology Driver (Version: 01.01.01.1007)
IPM_PSP_COM (Version: 14.0.0.332)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 18 (64-bit) (Version: 6.0.180)
Java™ 6 Update 18 (Version: 6.0.180)
Junk Mail filter update (Version: 14.0.8089.726)
Media Gallery (Version: 1.2.0.15040)
Media Gallery MergeModules x64 (Version: 1.0.14250)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft LifeChat (Version: 1.40.224.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Ultimate 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.0.60129.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
MSI_SPF_x64 (Version: 1.0.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton 360 (Version: 6.0.1.2)
NVIDIA Drivers (Version: 1.10.57.35)
Oasis2Service (Version: 1.0.1)
OOBE (Version: 3.00.0215)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PMB (Version: 5.1.02.03310)
PMB VAIO Edition Guide (Version: 1.1.00.14080)
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.1.00.15080)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (Version: 1.1.00.15040)
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.1.00.15080)
PSPPContent (Version: 14.0.0.332)
PSPPHelp (Version: 14.0.0.332)
PSPPro64 (Version: 14.0.0.332)
PVSonyDll (Version: 1.00.0001)
Realtek High Definition Audio Driver (Version: 6.0.1.6045)
Service Pack 1 for SQL Server 2008 (KB968369) (Version: 10.1.2531.0)
Setting Utility Series (Version: 5.2.0.14250)
Setup (Version: 14.0.0.332)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.1 (Version: 5.1.112)
SmartWi Connection Utility (Version: 4.10.4.20100121.2442)
Sony Home Network Library (Version: 2.1.0.14240)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
VAIO Care (Version: 6.0.0.15080)
VAIO Content Monitoring Settings (Version: 2.5.0.13220)
VAIO Control Center (Version: 4.2.0.15020)
VAIO Data Restore Tool (Version: 1.3.0.13150)
VAIO DVD Menu Data (Version: 2.1.00.13210)
VAIO Entertainment Platform (Version: 3.7.0.16080)
VAIO Event Service (Version: 5.2.0.15020)
VAIO Gate (Version: 2.0.0.14050)
VAIO Gate Default (Version: 2.0.0.04160)
VAIO Hardware Diagnostics (Version: 3.9.1)
VAIO Help and Support (Version: 11.00.0225)
VAIO Media plus (Version: 2.1.0.15040)
VAIO Media plus Opening Movie (Version: 2.1.0.14080)
VAIO Movie Story MergeModules x64 (Version: 1.0.14240)
VAIO Movie Story Template Data (Version: 2.1.00.14040)
VAIO Original Function Settings (Version: 2.1.0.13120)
VAIO Power Management (Version: 5.1.0.13200)
VAIO Sample Contents (Version: 1.2.0.16080)
VAIO Survey (Version: 6.00.1028)
VAIO Transfer Support (Version: 1.1.1.13070)
VAIO Update (Version: 5.1.1.06090)
VAIO Wallpaper Contents (Version: 2.1.0.14090)
VAIO Window Organizer (Version: 2.1.0.13200)
VMp MergeModule x64 (Version: 1.0.0)
WIDCOMM Bluetooth Software (Version: 6.3.0.3950)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)

========================= Memory info: ===================================

Percentage of memory in use: 77%
Total physical RAM: 4078.06 MB
Available physical RAM: 907.35 MB
Total Pagefile: 8154.26 MB
Available Pagefile: 4175.14 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.87 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:456.23 GB) (Free:340.7 GB) NTFS

========================= Users: ========================================

User accounts for \\F-VAIO

Administrator F Guest


**** End of log ****

#6 MountainSky

MountainSky
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 18 February 2012 - 09:01 PM

boopme,

Yes, I ran it a couple of times because the Norton 360 is now alerting to the Trojan. After running all scans, it still says \device\harddisk\DR0(Rootkit.Boot.Pihar.B) is Infected and notes that it copied to quaranite the rest of the infected files.

So appreciate your help.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 AM

Posted 18 February 2012 - 09:10 PM

Lets try one more thing.

OPen TDSS again.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

Edited by boopme, 18 February 2012 - 09:11 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 MountainSky

MountainSky
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 18 February 2012 - 09:16 PM

May I ask if I cure or delete the file \device\harddisk\DR0(Rootkit.Boot.Pihar.b if it is a file that is needed for the computer to operate? Sorry,I am not questioning your call, I am just scared.

Do you still want me to run those other items you listed above or run the TDSS again first?

Edited by MountainSky, 18 February 2012 - 09:18 PM.


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 AM

Posted 18 February 2012 - 09:49 PM

Thats oK, good to be safe..

Do the Backup.then post 9,MBAM ans aswMBR, the other tools look for other things.

The Tool will determine if it is cureable or it will delete it. It will first find the clean replacement.
Not to say it is fool proff ,no malware removal is.
Do this first

Backing Up Your Registry
  • Go Here and download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.
Registry Modifications

For more information about modifying the registry, see this Microsoft article: http://support.microsoft.com/default.aspx/kb/256986

Edited by boopme, 18 February 2012 - 09:51 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 MountainSky

MountainSky
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 18 February 2012 - 10:09 PM

I completed the ERUPT backup and ran the TDSS again. It did need to reboot.

Here is the latest log.

Thanks.


21:02:09.0452 6668 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
21:02:09.0920 6668 ============================================================
21:02:09.0920 6668 Current date / time: 2012/02/18 21:02:09.0920
21:02:09.0920 6668 SystemInfo:
21:02:09.0920 6668
21:02:09.0920 6668 OS Version: 6.1.7600 ServicePack: 0.0
21:02:09.0920 6668 Product type: Workstation
21:02:09.0920 6668 ComputerName: F-VAIO
21:02:09.0920 6668 UserName: F
21:02:09.0920 6668 Windows directory: C:\Windows
21:02:09.0920 6668 System windows directory: C:\Windows
21:02:09.0920 6668 Running under WOW64
21:02:09.0920 6668 Processor architecture: Intel x64
21:02:09.0920 6668 Number of processors: 8
21:02:09.0920 6668 Page size: 0x1000
21:02:09.0920 6668 Boot type: Normal boot
21:02:09.0920 6668 ============================================================
21:02:10.0123 6668 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:02:10.0123 6668 \Device\Harddisk0\DR0:
21:02:10.0123 6668 MBR used
21:02:10.0123 6668 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x12DE000, BlocksNum 0x32000
21:02:10.0123 6668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1310000, BlocksNum 0x39075830
21:02:10.0154 6668 Initialize success
21:02:10.0154 6668 ============================================================
21:02:26.0020 4240 ============================================================
21:02:26.0020 4240 Scan started
21:02:26.0020 4240 Mode: Manual; TDLFS;
21:02:26.0020 4240 ============================================================
21:02:26.0597 4240 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
21:02:26.0597 4240 1394ohci - ok
21:02:26.0659 4240 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
21:02:26.0659 4240 ACPI - ok
21:02:26.0690 4240 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
21:02:26.0690 4240 AcpiPmi - ok
21:02:26.0753 4240 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:02:26.0753 4240 adp94xx - ok
21:02:26.0784 4240 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:02:26.0784 4240 adpahci - ok
21:02:26.0815 4240 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:02:26.0815 4240 adpu320 - ok
21:02:26.0893 4240 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
21:02:26.0893 4240 AFD - ok
21:02:26.0924 4240 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:02:26.0924 4240 agp440 - ok
21:02:27.0049 4240 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:02:27.0049 4240 aliide - ok
21:02:27.0080 4240 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:02:27.0096 4240 amdide - ok
21:02:27.0127 4240 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:02:27.0127 4240 AmdK8 - ok
21:02:27.0143 4240 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:02:27.0143 4240 AmdPPM - ok
21:02:27.0174 4240 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
21:02:27.0205 4240 amdsata - ok
21:02:27.0236 4240 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:02:27.0236 4240 amdsbs - ok
21:02:27.0268 4240 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
21:02:27.0268 4240 amdxata - ok
21:02:27.0314 4240 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
21:02:27.0314 4240 ApfiltrService - ok
21:02:27.0346 4240 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
21:02:27.0346 4240 AppID - ok
21:02:27.0377 4240 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:02:27.0377 4240 arc - ok
21:02:27.0517 4240 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:02:27.0517 4240 arcsas - ok
21:02:27.0548 4240 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
21:02:27.0548 4240 ArcSoftKsUFilter - ok
21:02:27.0580 4240 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:02:27.0580 4240 AsyncMac - ok
21:02:27.0611 4240 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:02:27.0611 4240 atapi - ok
21:02:27.0673 4240 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
21:02:27.0689 4240 athr - ok
21:02:27.0736 4240 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:02:27.0751 4240 b06bdrv - ok
21:02:27.0845 4240 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:02:27.0845 4240 b57nd60a - ok
21:02:27.0876 4240 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:02:27.0876 4240 Beep - ok
21:02:28.0126 4240 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
21:02:28.0126 4240 BHDrvx64 - ok
21:02:28.0204 4240 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
21:02:28.0204 4240 blbdrive - ok
21:02:28.0250 4240 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
21:02:28.0266 4240 bowser - ok
21:02:28.0297 4240 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:02:28.0297 4240 BrFiltLo - ok
21:02:28.0313 4240 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:02:28.0328 4240 BrFiltUp - ok
21:02:28.0375 4240 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:02:28.0375 4240 Brserid - ok
21:02:28.0391 4240 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:02:28.0391 4240 BrSerWdm - ok
21:02:28.0422 4240 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:02:28.0422 4240 BrUsbMdm - ok
21:02:28.0484 4240 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:02:28.0484 4240 BrUsbSer - ok
21:02:28.0547 4240 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
21:02:28.0547 4240 BthEnum - ok
21:02:28.0609 4240 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:02:28.0625 4240 BTHMODEM - ok
21:02:28.0640 4240 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:02:28.0640 4240 BthPan - ok
21:02:28.0703 4240 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
21:02:28.0703 4240 BTHPORT - ok
21:02:28.0750 4240 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
21:02:28.0750 4240 BTHUSB - ok
21:02:28.0828 4240 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
21:02:28.0828 4240 btwampfl - ok
21:02:28.0874 4240 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
21:02:28.0874 4240 btwaudio - ok
21:02:28.0906 4240 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
21:02:28.0906 4240 btwavdt - ok
21:02:28.0921 4240 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
21:02:28.0921 4240 btwl2cap - ok
21:02:28.0937 4240 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
21:02:28.0937 4240 btwrchid - ok
21:02:29.0093 4240 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0600010.002\ccSetx64.sys
21:02:29.0093 4240 ccSet_N360 - ok
21:02:29.0124 4240 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:02:29.0124 4240 cdfs - ok
21:02:29.0186 4240 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
21:02:29.0186 4240 cdrom - ok
21:02:29.0202 4240 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:02:29.0202 4240 circlass - ok
21:02:29.0233 4240 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:02:29.0233 4240 CLFS - ok
21:02:29.0296 4240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:02:29.0296 4240 CmBatt - ok
21:02:29.0311 4240 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:02:29.0327 4240 cmdide - ok
21:02:29.0405 4240 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
21:02:29.0405 4240 CNG - ok
21:02:29.0467 4240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:02:29.0467 4240 Compbatt - ok
21:02:29.0483 4240 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
21:02:29.0498 4240 CompositeBus - ok
21:02:29.0530 4240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:02:29.0530 4240 crcdisk - ok
21:02:29.0576 4240 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
21:02:29.0576 4240 DfsC - ok
21:02:29.0608 4240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:02:29.0608 4240 discache - ok
21:02:29.0654 4240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:02:29.0654 4240 Disk - ok
21:02:29.0779 4240 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
21:02:29.0779 4240 dot4 - ok
21:02:29.0795 4240 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:02:29.0795 4240 Dot4Print - ok
21:02:29.0826 4240 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
21:02:29.0826 4240 Dot4Scan - ok
21:02:29.0857 4240 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
21:02:29.0873 4240 dot4usb - ok
21:02:29.0904 4240 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:02:29.0920 4240 drmkaud - ok
21:02:29.0982 4240 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
21:02:29.0982 4240 DXGKrnl - ok
21:02:30.0154 4240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:02:30.0169 4240 ebdrv - ok
21:02:30.0263 4240 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:02:30.0263 4240 eeCtrl - ok
21:02:30.0372 4240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:02:30.0372 4240 elxstor - ok
21:02:30.0403 4240 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:02:30.0403 4240 EraserUtilRebootDrv - ok
21:02:30.0419 4240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:02:30.0419 4240 ErrDev - ok
21:02:30.0466 4240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:02:30.0466 4240 exfat - ok
21:02:30.0497 4240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:02:30.0497 4240 fastfat - ok
21:02:30.0512 4240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:02:30.0512 4240 fdc - ok
21:02:30.0544 4240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:02:30.0559 4240 FileInfo - ok
21:02:30.0590 4240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:02:30.0590 4240 Filetrace - ok
21:02:30.0606 4240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:02:30.0606 4240 flpydisk - ok
21:02:30.0637 4240 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
21:02:30.0637 4240 FltMgr - ok
21:02:30.0715 4240 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:02:30.0715 4240 FsDepends - ok
21:02:30.0746 4240 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:02:30.0746 4240 Fs_Rec - ok
21:02:30.0778 4240 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:02:30.0793 4240 fvevol - ok
21:02:30.0809 4240 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:02:30.0809 4240 gagp30kx - ok
21:02:30.0871 4240 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:02:30.0871 4240 GEARAspiWDM - ok
21:02:30.0902 4240 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:02:30.0902 4240 hcw85cir - ok
21:02:30.0965 4240 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
21:02:30.0965 4240 HdAudAddService - ok
21:02:31.0043 4240 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
21:02:31.0043 4240 HDAudBus - ok
21:02:31.0058 4240 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:02:31.0074 4240 HidBatt - ok
21:02:31.0090 4240 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:02:31.0090 4240 HidBth - ok
21:02:31.0121 4240 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:02:31.0136 4240 HidIr - ok
21:02:31.0168 4240 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
21:02:31.0168 4240 HidUsb - ok
21:02:31.0183 4240 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
21:02:31.0183 4240 HpSAMD - ok
21:02:31.0214 4240 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
21:02:31.0230 4240 HTTP - ok
21:02:31.0246 4240 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
21:02:31.0246 4240 hwpolicy - ok
21:02:31.0277 4240 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:02:31.0277 4240 i8042prt - ok
21:02:31.0308 4240 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
21:02:31.0308 4240 iaStor - ok
21:02:31.0433 4240 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
21:02:31.0433 4240 iaStorV - ok
21:02:31.0480 4240 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
21:02:31.0480 4240 ICDUSB3 - ok
21:02:31.0776 4240 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120217.003\IDSvia64.sys
21:02:31.0776 4240 IDSVia64 - ok
21:02:31.0870 4240 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:02:31.0870 4240 iirsp - ok
21:02:31.0932 4240 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
21:02:31.0948 4240 Impcd - ok
21:02:32.0026 4240 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
21:02:32.0057 4240 IntcAzAudAddService - ok
21:02:32.0088 4240 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:02:32.0088 4240 intelide - ok
21:02:32.0119 4240 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:02:32.0119 4240 intelppm - ok
21:02:32.0150 4240 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:02:32.0150 4240 IpFilterDriver - ok
21:02:32.0166 4240 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
21:02:32.0166 4240 IPMIDRV - ok
21:02:32.0197 4240 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:02:32.0197 4240 IPNAT - ok
21:02:32.0275 4240 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:02:32.0291 4240 IRENUM - ok
21:02:32.0322 4240 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:02:32.0322 4240 isapnp - ok
21:02:32.0353 4240 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
21:02:32.0369 4240 iScsiPrt - ok
21:02:32.0384 4240 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:02:32.0384 4240 kbdclass - ok
21:02:32.0416 4240 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
21:02:32.0416 4240 kbdhid - ok
21:02:32.0478 4240 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
21:02:32.0478 4240 KSecDD - ok
21:02:32.0509 4240 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
21:02:32.0509 4240 KSecPkg - ok
21:02:32.0540 4240 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:02:32.0556 4240 ksthunk - ok
21:02:32.0587 4240 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:02:32.0587 4240 lltdio - ok
21:02:32.0603 4240 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:02:32.0603 4240 LSI_FC - ok
21:02:32.0634 4240 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:02:32.0634 4240 LSI_SAS - ok
21:02:32.0712 4240 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:02:32.0712 4240 LSI_SAS2 - ok
21:02:32.0743 4240 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:02:32.0743 4240 LSI_SCSI - ok
21:02:32.0759 4240 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:02:32.0759 4240 luafv - ok
21:02:32.0790 4240 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:02:32.0790 4240 megasas - ok
21:02:32.0821 4240 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:02:32.0821 4240 MegaSR - ok
21:02:32.0899 4240 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:02:32.0899 4240 Modem - ok
21:02:32.0915 4240 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:02:32.0915 4240 monitor - ok
21:02:32.0946 4240 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:02:32.0946 4240 mouclass - ok
21:02:32.0962 4240 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
21:02:32.0962 4240 mouhid - ok
21:02:32.0993 4240 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
21:02:32.0993 4240 mountmgr - ok
21:02:33.0071 4240 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
21:02:33.0071 4240 mpio - ok
21:02:33.0102 4240 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:02:33.0102 4240 mpsdrv - ok
21:02:33.0133 4240 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
21:02:33.0133 4240 MRxDAV - ok
21:02:33.0180 4240 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:02:33.0196 4240 mrxsmb - ok
21:02:33.0227 4240 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:02:33.0227 4240 mrxsmb10 - ok
21:02:33.0258 4240 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:02:33.0258 4240 mrxsmb20 - ok
21:02:33.0289 4240 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
21:02:33.0289 4240 msahci - ok
21:02:33.0305 4240 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
21:02:33.0305 4240 msdsm - ok
21:02:33.0336 4240 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:02:33.0336 4240 Msfs - ok
21:02:33.0352 4240 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:02:33.0352 4240 mshidkmdf - ok
21:02:33.0383 4240 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:02:33.0398 4240 msisadrv - ok
21:02:33.0461 4240 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:02:33.0461 4240 MSKSSRV - ok
21:02:33.0492 4240 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:02:33.0492 4240 MSPCLOCK - ok
21:02:33.0508 4240 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:02:33.0508 4240 MSPQM - ok
21:02:33.0539 4240 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
21:02:33.0539 4240 MsRPC - ok
21:02:33.0554 4240 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:02:33.0554 4240 mssmbios - ok
21:02:33.0601 4240 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:02:33.0601 4240 MSTEE - ok
21:02:33.0632 4240 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:02:33.0632 4240 MTConfig - ok
21:02:33.0648 4240 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:02:33.0648 4240 Mup - ok
21:02:33.0710 4240 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:02:33.0710 4240 NativeWifiP - ok
21:02:33.0929 4240 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\ENG64.SYS
21:02:33.0929 4240 NAVENG - ok
21:02:34.0038 4240 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.036\EX64.SYS
21:02:34.0038 4240 NAVEX15 - ok
21:02:34.0132 4240 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
21:02:34.0132 4240 NDIS - ok
21:02:34.0163 4240 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:02:34.0163 4240 NdisCap - ok
21:02:34.0194 4240 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:02:34.0194 4240 NdisTapi - ok
21:02:34.0210 4240 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
21:02:34.0210 4240 Ndisuio - ok
21:02:34.0241 4240 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:02:34.0256 4240 NdisWan - ok
21:02:34.0288 4240 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
21:02:34.0288 4240 NDProxy - ok
21:02:34.0303 4240 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:02:34.0303 4240 NetBIOS - ok
21:02:34.0319 4240 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
21:02:34.0319 4240 NetBT - ok
21:02:34.0334 4240 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:02:34.0334 4240 nfrd960 - ok
21:02:34.0350 4240 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:02:34.0350 4240 Npfs - ok
21:02:34.0381 4240 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:02:34.0381 4240 nsiproxy - ok
21:02:34.0428 4240 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
21:02:34.0459 4240 Ntfs - ok
21:02:34.0537 4240 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:02:34.0537 4240 Null - ok
21:02:34.0568 4240 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
21:02:34.0568 4240 NVHDA - ok
21:02:34.0771 4240 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:02:34.0818 4240 nvlddmkm - ok
21:02:34.0927 4240 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
21:02:34.0927 4240 nvraid - ok
21:02:34.0943 4240 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
21:02:34.0943 4240 nvstor - ok
21:02:34.0990 4240 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:02:34.0990 4240 nv_agp - ok
21:02:35.0036 4240 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:02:35.0036 4240 ohci1394 - ok
21:02:35.0099 4240 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:02:35.0099 4240 Parport - ok
21:02:35.0130 4240 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
21:02:35.0130 4240 partmgr - ok
21:02:35.0161 4240 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
21:02:35.0161 4240 pci - ok
21:02:35.0177 4240 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:02:35.0177 4240 pciide - ok
21:02:35.0208 4240 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:02:35.0208 4240 pcmcia - ok
21:02:35.0286 4240 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:02:35.0286 4240 pcw - ok
21:02:35.0317 4240 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:02:35.0317 4240 PEAUTH - ok
21:02:35.0364 4240 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
21:02:35.0364 4240 PptpMiniport - ok
21:02:35.0395 4240 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:02:35.0411 4240 Processor - ok
21:02:35.0442 4240 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
21:02:35.0442 4240 Psched - ok
21:02:35.0520 4240 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:02:35.0536 4240 PxHlpa64 - ok
21:02:35.0582 4240 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:02:35.0582 4240 ql2300 - ok
21:02:35.0676 4240 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:02:35.0676 4240 ql40xx - ok
21:02:35.0707 4240 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:02:35.0707 4240 QWAVEdrv - ok
21:02:35.0723 4240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:02:35.0723 4240 RasAcd - ok
21:02:35.0754 4240 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:02:35.0754 4240 RasAgileVpn - ok
21:02:35.0785 4240 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:02:35.0785 4240 Rasl2tp - ok
21:02:35.0801 4240 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:02:35.0801 4240 RasPppoe - ok
21:02:35.0832 4240 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:02:35.0848 4240 RasSstp - ok
21:02:35.0879 4240 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
21:02:35.0879 4240 rdbss - ok
21:02:35.0894 4240 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:02:35.0910 4240 rdpbus - ok
21:02:35.0941 4240 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:02:35.0941 4240 RDPCDD - ok
21:02:35.0957 4240 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:02:35.0957 4240 RDPENCDD - ok
21:02:35.0988 4240 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:02:35.0988 4240 RDPREFMP - ok
21:02:36.0066 4240 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
21:02:36.0066 4240 RDPWD - ok
21:02:36.0097 4240 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
21:02:36.0113 4240 rdyboost - ok
21:02:36.0160 4240 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:02:36.0160 4240 RFCOMM - ok
21:02:36.0191 4240 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
21:02:36.0191 4240 rimspci - ok
21:02:36.0238 4240 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
21:02:36.0238 4240 RimUsb - ok
21:02:36.0300 4240 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
21:02:36.0300 4240 RimVSerPort - ok
21:02:36.0331 4240 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
21:02:36.0362 4240 risdsnpe - ok
21:02:36.0425 4240 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
21:02:36.0425 4240 ROOTMODEM - ok
21:02:36.0440 4240 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:02:36.0440 4240 rspndr - ok
21:02:36.0472 4240 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
21:02:36.0472 4240 sbp2port - ok
21:02:36.0503 4240 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
21:02:36.0503 4240 scfilter - ok
21:02:36.0518 4240 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
21:02:36.0518 4240 sdbus - ok
21:02:36.0534 4240 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:02:36.0534 4240 secdrv - ok
21:02:36.0565 4240 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:02:36.0612 4240 Serenum - ok
21:02:36.0643 4240 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:02:36.0643 4240 Serial - ok
21:02:36.0659 4240 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:02:36.0659 4240 sermouse - ok
21:02:36.0706 4240 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
21:02:36.0706 4240 SFEP - ok
21:02:36.0737 4240 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:02:36.0737 4240 sffdisk - ok
21:02:36.0784 4240 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:02:36.0784 4240 sffp_mmc - ok
21:02:36.0799 4240 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
21:02:36.0799 4240 sffp_sd - ok
21:02:36.0815 4240 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:02:36.0815 4240 sfloppy - ok
21:02:36.0908 4240 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:02:36.0908 4240 SiSRaid2 - ok
21:02:36.0940 4240 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:02:36.0940 4240 SiSRaid4 - ok
21:02:36.0971 4240 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:02:36.0986 4240 Smb - ok
21:02:37.0033 4240 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:02:37.0033 4240 spldr - ok
21:02:37.0314 4240 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSP64.SYS
21:02:37.0314 4240 SRTSP - ok
21:02:37.0439 4240 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\N360x64\0600010.002\SRTSPX64.SYS
21:02:37.0439 4240 SRTSPX - ok
21:02:37.0517 4240 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
21:02:37.0532 4240 srv - ok
21:02:37.0564 4240 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
21:02:37.0564 4240 srv2 - ok
21:02:37.0595 4240 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
21:02:37.0595 4240 srvnet - ok
21:02:37.0626 4240 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:02:37.0642 4240 stexstor - ok
21:02:37.0657 4240 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:02:37.0657 4240 swenum - ok
21:02:37.0782 4240 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0600010.002\SYMDS64.SYS
21:02:37.0782 4240 SymDS - ok
21:02:37.0969 4240 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0600010.002\SYMEFA64.SYS
21:02:37.0969 4240 SymEFA - ok
21:02:38.0047 4240 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:02:38.0047 4240 SymEvent - ok
21:02:38.0172 4240 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0600010.002\Ironx64.SYS
21:02:38.0172 4240 SymIRON - ok
21:02:38.0328 4240 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\system32\drivers\N360x64\0600010.002\SYMNETS.SYS
21:02:38.0328 4240 SymNetS - ok
21:02:38.0406 4240 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
21:02:38.0422 4240 Tcpip - ok
21:02:38.0453 4240 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
21:02:38.0468 4240 TCPIP6 - ok
21:02:38.0500 4240 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
21:02:38.0500 4240 tcpipreg - ok
21:02:38.0531 4240 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:02:38.0546 4240 TDPIPE - ok
21:02:38.0578 4240 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:02:38.0578 4240 TDTCP - ok
21:02:38.0609 4240 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
21:02:38.0609 4240 tdx - ok
21:02:38.0624 4240 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
21:02:38.0624 4240 TermDD - ok
21:02:38.0702 4240 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:02:38.0702 4240 tssecsrv - ok
21:02:38.0734 4240 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
21:02:38.0734 4240 tunnel - ok
21:02:38.0765 4240 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:02:38.0765 4240 uagp35 - ok
21:02:38.0780 4240 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
21:02:38.0796 4240 udfs - ok
21:02:38.0812 4240 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:02:38.0812 4240 uliagpkx - ok
21:02:38.0843 4240 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
21:02:38.0843 4240 umbus - ok
21:02:38.0858 4240 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:02:38.0858 4240 UmPass - ok
21:02:38.0921 4240 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
21:02:38.0921 4240 usbaudio - ok
21:02:38.0968 4240 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
21:02:38.0983 4240 usbccgp - ok
21:02:39.0030 4240 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:02:39.0030 4240 usbcir - ok
21:02:39.0124 4240 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
21:02:39.0124 4240 usbehci - ok
21:02:39.0170 4240 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
21:02:39.0202 4240 usbhub - ok
21:02:39.0217 4240 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
21:02:39.0233 4240 usbohci - ok
21:02:39.0248 4240 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:02:39.0248 4240 usbprint - ok
21:02:39.0280 4240 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
21:02:39.0280 4240 USBSTOR - ok
21:02:39.0295 4240 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
21:02:39.0311 4240 usbuhci - ok
21:02:39.0326 4240 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
21:02:39.0358 4240 usbvideo - ok
21:02:39.0389 4240 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:02:39.0404 4240 vdrvroot - ok
21:02:39.0451 4240 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:02:39.0451 4240 vga - ok
21:02:39.0576 4240 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:02:39.0576 4240 VgaSave - ok
21:02:39.0607 4240 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
21:02:39.0607 4240 vhdmp - ok
21:02:39.0638 4240 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:02:39.0638 4240 viaide - ok
21:02:39.0654 4240 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
21:02:39.0654 4240 volmgr - ok
21:02:39.0685 4240 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
21:02:39.0685 4240 volmgrx - ok
21:02:39.0716 4240 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
21:02:39.0716 4240 volsnap - ok
21:02:39.0748 4240 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:02:39.0763 4240 vsmraid - ok
21:02:39.0794 4240 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:02:39.0794 4240 vwifibus - ok
21:02:39.0826 4240 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:02:39.0826 4240 vwififlt - ok
21:02:39.0872 4240 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:02:39.0872 4240 vwifimp - ok
21:02:39.0966 4240 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:02:39.0966 4240 WacomPen - ok
21:02:39.0997 4240 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:02:39.0997 4240 WANARP - ok
21:02:40.0013 4240 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:02:40.0013 4240 Wanarpv6 - ok
21:02:40.0044 4240 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:02:40.0044 4240 Wd - ok
21:02:40.0091 4240 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:02:40.0091 4240 Wdf01000 - ok
21:02:40.0122 4240 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:02:40.0122 4240 WfpLwf - ok
21:02:40.0138 4240 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:02:40.0138 4240 WIMMount - ok
21:02:40.0200 4240 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
21:02:40.0216 4240 WinUsb - ok
21:02:40.0247 4240 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:02:40.0247 4240 WmiAcpi - ok
21:02:40.0309 4240 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:02:40.0309 4240 ws2ifsl - ok
21:02:40.0387 4240 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
21:02:40.0387 4240 WudfPf - ok
21:02:40.0450 4240 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
21:02:40.0450 4240 xusb21 - ok
21:02:40.0481 4240 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
21:02:40.0481 4240 yukonw7 - ok
21:02:40.0496 4240 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
21:02:40.0528 4240 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
21:02:40.0528 4240 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
21:02:41.0105 4240 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:02:41.0105 4240 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:02:41.0136 4240 Boot (0x1200) (67aa8e9185003a546908d65049248a0a) \Device\Harddisk0\DR0\Partition0
21:02:41.0136 4240 \Device\Harddisk0\DR0\Partition0 - ok
21:02:41.0152 4240 Boot (0x1200) (90e6214292b863908ed41d6146121dde) \Device\Harddisk0\DR0\Partition1
21:02:41.0152 4240 \Device\Harddisk0\DR0\Partition1 - ok
21:02:41.0152 4240 ============================================================
21:02:41.0152 4240 Scan finished
21:02:41.0152 4240 ============================================================
21:02:41.0152 6284 Detected object count: 2
21:02:41.0152 6284 Actual detected object count: 2
21:03:16.0688 6284 \Device\Harddisk0\DR0\# - copied to quarantine
21:03:16.0688 6284 \Device\Harddisk0\DR0 - copied to quarantine
21:03:16.0766 6284 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
21:03:16.0766 6284 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
21:03:16.0766 6284 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
21:03:16.0782 6284 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
21:03:16.0798 6284 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
21:03:16.0813 6284 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
21:03:16.0813 6284 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
21:03:16.0813 6284 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
21:03:16.0813 6284 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
21:03:16.0813 6284 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
21:03:16.0813 6284 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
21:03:16.0844 6284 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
21:03:16.0876 6284 \Device\Harddisk0\DR0 - ok
21:03:16.0985 6284 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
21:03:16.0985 6284 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:03:16.0985 6284 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
21:03:22.0221 6856 Deinitialize success

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 AM

Posted 18 February 2012 - 10:20 PM

Lets doo the others and see how it is.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 MountainSky

MountainSky
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 18 February 2012 - 10:21 PM

Ok, going to complete now. Thanks

#13 MountainSky

MountainSky
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 18 February 2012 - 10:47 PM

Next log:



Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.19.01

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
F :: F-VAIO [administrator]

Protection: Enabled

2/18/2012 9:36:55 PM
mbam-log-2012-02-18 (21-36-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 185211
Time elapsed: 3 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

#14 MountainSky

MountainSky
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 18 February 2012 - 10:53 PM

aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-18 21:51:46
-----------------------------
21:51:46.860 OS Version: Windows x64 6.1.7600
21:51:46.860 Number of processors: 8 586 0x1E05
21:51:46.860 ComputerName: F-VAIO UserName: F
21:51:48.998 Initialize success
21:51:55.713 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:51:55.713 Disk 0 Vendor: TOSHIBA_ LH50 Size: 476940MB BusType: 3
21:51:55.728 Disk 0 MBR read successfully
21:51:55.728 Disk 0 MBR scan
21:51:55.728 Disk 0 Windows 7 default MBR code
21:51:55.775 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 9659 MB offset 2048
21:51:55.791 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 19783680
21:51:55.806 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 467179 MB offset 19988480
21:51:55.806 Service scanning
21:52:15.630 Modules scanning
21:52:15.630 Disk 0 trace - called modules:
21:52:15.676 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
21:52:15.692 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b20060]
21:52:15.692 3 CLASSPNP.SYS[fffff88000c1b43f] -> nt!IofCallDriver -> [0xfffffa8004495a40]
21:52:15.692 5 ACPI.sys[fffff88000f9e781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004498050]
21:52:15.708 Scan finished successfully
21:52:39.217 Disk 0 MBR has been saved successfully to "C:\Users\F\Desktop\MBR.dat"
21:52:39.217 The log file has been saved successfully to "C:\Users\F\Desktop\aswMBR.txt"

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 AM

Posted 18 February 2012 - 10:54 PM

Looking good.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users