Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan.sirefef.fy, Sirefef.Fd Trojan, rootkit.0Access problem


  • This topic is locked This topic is locked
8 replies to this topic

#1 trhelp

trhelp

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 23 July 2012 - 10:28 PM

Hello! Please Help!

My antivirus started to warn me about blocking stuff a few days ago. I was using Bitdefender Total Security 2012. At first it found the threats and removed them but since this morning it started acting more weird. It wasn't able to remove them. I think it showed among others a trojan.sirefef.fy. I've changed my antivirus with Norton 360 but it didn't solve anything. I've installed Malwarebytes Anti-Malware which found another 2 trojans and rootkit.0Access. A second scan showed nothing. Norton 360 showed 2 threats and removed them. At last I ran Eset Online Scanner which now shows 7 threats. I'm really worried that my pc is compromised. I'm using Windows 7 with Firefox. Windows Update seems to be deactivated too.

Edited by trhelp, 23 July 2012 - 10:43 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:14 AM

Posted 24 July 2012 - 01:10 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 trhelp

trhelp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 24 July 2012 - 08:07 AM

TDSSKiller


08:00:07.0513 0724 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
08:00:08.0917 0724 ============================================================
08:00:08.0917 0724 Current date / time: 2012/07/24 08:00:08.0917
08:00:08.0917 0724 SystemInfo:
08:00:08.0917 0724
08:00:08.0917 0724 OS Version: 6.1.7601 ServicePack: 1.0
08:00:08.0917 0724 Product type: Workstation
08:00:08.0917 0724 ComputerName: user-PC
08:00:08.0917 0724 UserName: user
08:00:08.0917 0724 Windows directory: C:\Windows
08:00:08.0917 0724 System windows directory: C:\Windows
08:00:08.0917 0724 Running under WOW64
08:00:08.0917 0724 Processor architecture: Intel x64
08:00:08.0917 0724 Number of processors: 4
08:00:08.0917 0724 Page size: 0x1000
08:00:08.0917 0724 Boot type: Normal boot
08:00:08.0917 0724 ============================================================
08:00:10.0196 0724 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:00:10.0227 0724 ============================================================
08:00:10.0227 0724 \Device\Harddisk0\DR0:
08:00:10.0227 0724 MBR partitions:
08:00:10.0227 0724 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x32000
08:00:10.0227 0724 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2032800, BlocksNum 0x726D3DB0
08:00:10.0227 0724 ============================================================
08:00:10.0274 0724 C: <-> \Device\Harddisk0\DR0\Partition1
08:00:10.0274 0724 ============================================================
08:00:10.0274 0724 Initialize success
08:00:10.0274 0724 ============================================================
08:00:56.0854 2468 ============================================================
08:00:56.0854 2468 Scan started
08:00:56.0854 2468 Mode: Manual; TDLFS;
08:00:56.0854 2468 ============================================================
08:00:58.0008 2468 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:00:58.0008 2468 1394ohci - ok
08:00:58.0070 2468 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:00:58.0070 2468 ACPI - ok
08:00:58.0102 2468 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:00:58.0133 2468 AcpiPmi - ok
08:00:58.0304 2468 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:00:58.0304 2468 AdobeARMservice - ok
08:00:58.0476 2468 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:00:58.0492 2468 AdobeFlashPlayerUpdateSvc - ok
08:00:58.0570 2468 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
08:00:58.0601 2468 adp94xx - ok
08:00:58.0663 2468 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
08:00:58.0663 2468 adpahci - ok
08:00:58.0679 2468 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
08:00:58.0679 2468 adpu320 - ok
08:00:58.0726 2468 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:00:58.0726 2468 AeLookupSvc - ok
08:00:58.0804 2468 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
08:00:58.0835 2468 AFD - ok
08:00:58.0866 2468 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:00:58.0897 2468 agp440 - ok
08:00:58.0913 2468 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:00:58.0913 2468 ALG - ok
08:00:58.0928 2468 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:00:58.0928 2468 aliide - ok
08:00:58.0928 2468 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:00:58.0944 2468 amdide - ok
08:00:58.0944 2468 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
08:00:58.0944 2468 AmdK8 - ok
08:00:58.0960 2468 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
08:00:58.0960 2468 AmdPPM - ok
08:00:58.0991 2468 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:00:59.0006 2468 amdsata - ok
08:00:59.0022 2468 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
08:00:59.0022 2468 amdsbs - ok
08:00:59.0053 2468 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:00:59.0053 2468 amdxata - ok
08:00:59.0069 2468 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:00:59.0084 2468 AppID - ok
08:00:59.0100 2468 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:00:59.0100 2468 AppIDSvc - ok
08:00:59.0147 2468 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:00:59.0162 2468 Appinfo - ok
08:00:59.0209 2468 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
08:00:59.0209 2468 arc - ok
08:00:59.0240 2468 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
08:00:59.0256 2468 arcsas - ok
08:00:59.0474 2468 aspnet_state (fa558b04f900ef9801534d20f24ff2bf) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:00:59.0506 2468 aspnet_state - ok
08:00:59.0521 2468 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:00:59.0521 2468 AsyncMac - ok
08:00:59.0552 2468 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:00:59.0552 2468 atapi - ok
08:00:59.0599 2468 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:00:59.0599 2468 AudioEndpointBuilder - ok
08:00:59.0615 2468 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:00:59.0615 2468 AudioSrv - ok
08:00:59.0646 2468 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:00:59.0646 2468 AxInstSV - ok
08:00:59.0708 2468 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
08:00:59.0740 2468 b06bdrv - ok
08:00:59.0771 2468 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:00:59.0786 2468 b57nd60a - ok
08:00:59.0833 2468 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:00:59.0849 2468 BDESVC - ok
08:00:59.0880 2468 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:00:59.0896 2468 Beep - ok
08:00:59.0958 2468 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
08:00:59.0974 2468 BFE - ok
08:01:00.0488 2468 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
08:01:00.0504 2468 BHDrvx64 - ok
08:01:00.0738 2468 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
08:01:00.0769 2468 BingDesktopUpdate - ok
08:01:00.0925 2468 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
08:01:00.0925 2468 blbdrive - ok
08:01:00.0956 2468 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:01:00.0956 2468 bowser - ok
08:01:00.0988 2468 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
08:01:01.0003 2468 BrFiltLo - ok
08:01:01.0003 2468 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
08:01:01.0003 2468 BrFiltUp - ok
08:01:01.0019 2468 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
08:01:01.0019 2468 BridgeMP - ok
08:01:01.0066 2468 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:01:01.0066 2468 Browser - ok
08:01:01.0081 2468 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:01:01.0097 2468 Brserid - ok
08:01:01.0097 2468 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:01:01.0097 2468 BrSerWdm - ok
08:01:01.0097 2468 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:01:01.0112 2468 BrUsbMdm - ok
08:01:01.0112 2468 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:01:01.0112 2468 BrUsbSer - ok
08:01:01.0190 2468 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files (x86)\Browny02\BrYNSvc.exe
08:01:01.0190 2468 BrYNSvc - ok
08:01:01.0206 2468 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
08:01:01.0206 2468 BTHMODEM - ok
08:01:01.0237 2468 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:01:01.0237 2468 bthserv - ok
08:01:01.0268 2468 catchme - ok
08:01:01.0518 2468 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
08:01:01.0518 2468 ccSet_N360 - ok
08:01:01.0549 2468 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:01:01.0549 2468 cdfs - ok
08:01:01.0596 2468 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
08:01:01.0612 2468 cdrom - ok
08:01:01.0643 2468 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:01:01.0658 2468 CertPropSvc - ok
08:01:01.0674 2468 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
08:01:01.0674 2468 circlass - ok
08:01:01.0705 2468 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:01:01.0721 2468 CLFS - ok
08:01:01.0814 2468 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:01:01.0814 2468 clr_optimization_v2.0.50727_32 - ok
08:01:01.0861 2468 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:01:01.0877 2468 clr_optimization_v2.0.50727_64 - ok
08:01:02.0002 2468 clr_optimization_v4.0.30319_32 (f53e15a89675b7489fabe74f2091568e) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:01:02.0251 2468 clr_optimization_v4.0.30319_32 - ok
08:01:02.0298 2468 clr_optimization_v4.0.30319_64 (101d397632b9007df13e9a957ea68e04) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:01:02.0329 2468 clr_optimization_v4.0.30319_64 - ok
08:01:02.0360 2468 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
08:01:02.0360 2468 CmBatt - ok
08:01:02.0360 2468 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:01:02.0360 2468 cmdide - ok
08:01:02.0438 2468 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
08:01:02.0438 2468 CNG - ok
08:01:02.0454 2468 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
08:01:02.0454 2468 Compbatt - ok
08:01:02.0501 2468 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:01:02.0501 2468 CompositeBus - ok
08:01:02.0516 2468 COMSysApp - ok
08:01:02.0641 2468 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
08:01:02.0657 2468 cphs - ok
08:01:02.0688 2468 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
08:01:02.0704 2468 crcdisk - ok
08:01:02.0750 2468 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
08:01:02.0750 2468 CryptSvc - ok
08:01:02.0797 2468 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:01:02.0813 2468 DcomLaunch - ok
08:01:02.0875 2468 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:01:02.0875 2468 defragsvc - ok
08:01:02.0906 2468 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:01:02.0906 2468 DfsC - ok
08:01:02.0953 2468 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:01:02.0953 2468 Dhcp - ok
08:01:02.0984 2468 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:01:02.0984 2468 discache - ok
08:01:03.0016 2468 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
08:01:03.0031 2468 Disk - ok
08:01:03.0062 2468 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:01:03.0062 2468 Dnscache - ok
08:01:03.0109 2468 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:01:03.0125 2468 dot3svc - ok
08:01:03.0125 2468 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:01:03.0125 2468 DPS - ok
08:01:03.0156 2468 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:01:03.0156 2468 drmkaud - ok
08:01:03.0218 2468 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:01:03.0234 2468 DXGKrnl - ok
08:01:03.0265 2468 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:01:03.0265 2468 EapHost - ok
08:01:03.0515 2468 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
08:01:03.0593 2468 ebdrv - ok
08:01:03.0718 2468 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:01:03.0718 2468 eeCtrl - ok
08:01:03.0874 2468 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
08:01:03.0874 2468 EFS - ok
08:01:04.0186 2468 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:01:04.0217 2468 ehRecvr - ok
08:01:04.0232 2468 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:01:04.0248 2468 ehSched - ok
08:01:04.0295 2468 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
08:01:04.0404 2468 elxstor - ok
08:01:04.0513 2468 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:01:04.0529 2468 EraserUtilRebootDrv - ok
08:01:04.0529 2468 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:01:04.0529 2468 ErrDev - ok
08:01:04.0654 2468 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:01:04.0669 2468 EventSystem - ok
08:01:04.0716 2468 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:01:04.0716 2468 exfat - ok
08:01:04.0747 2468 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:01:04.0763 2468 fastfat - ok
08:01:04.0825 2468 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:01:04.0841 2468 Fax - ok
08:01:04.0903 2468 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
08:01:04.0903 2468 fdc - ok
08:01:04.0919 2468 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:01:04.0919 2468 fdPHost - ok
08:01:04.0934 2468 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:01:04.0934 2468 FDResPub - ok
08:01:04.0950 2468 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:01:04.0981 2468 FileInfo - ok
08:01:04.0997 2468 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:01:04.0997 2468 Filetrace - ok
08:01:05.0012 2468 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
08:01:05.0012 2468 flpydisk - ok
08:01:05.0044 2468 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:01:05.0059 2468 FltMgr - ok
08:01:05.0137 2468 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:01:05.0137 2468 FontCache - ok
08:01:05.0278 2468 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:01:05.0293 2468 FontCache3.0.0.0 - ok
08:01:05.0356 2468 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:01:05.0356 2468 FsDepends - ok
08:01:05.0387 2468 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
08:01:05.0387 2468 Fs_Rec - ok
08:01:05.0418 2468 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:01:05.0449 2468 fvevol - ok
08:01:05.0480 2468 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
08:01:05.0496 2468 gagp30kx - ok
08:01:05.0543 2468 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:01:05.0574 2468 GamesAppService - ok
08:01:05.0636 2468 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:01:05.0652 2468 gpsvc - ok
08:01:05.0699 2468 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
08:01:05.0699 2468 GREGService - ok
08:01:05.0792 2468 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:01:05.0792 2468 gupdate - ok
08:01:05.0792 2468 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:01:05.0792 2468 gupdatem - ok
08:01:05.0824 2468 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:01:05.0824 2468 hcw85cir - ok
08:01:05.0855 2468 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:01:05.0886 2468 HdAudAddService - ok
08:01:05.0917 2468 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
08:01:05.0917 2468 HDAudBus - ok
08:01:05.0917 2468 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
08:01:05.0917 2468 HidBatt - ok
08:01:05.0933 2468 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
08:01:05.0948 2468 HidBth - ok
08:01:05.0964 2468 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
08:01:05.0964 2468 HidIr - ok
08:01:05.0980 2468 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
08:01:05.0980 2468 hidserv - ok
08:01:06.0011 2468 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:01:06.0011 2468 HidUsb - ok
08:01:06.0026 2468 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:01:06.0026 2468 hkmsvc - ok
08:01:06.0058 2468 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:01:06.0058 2468 HomeGroupListener - ok
08:01:06.0104 2468 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:01:06.0104 2468 HomeGroupProvider - ok
08:01:06.0120 2468 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:01:06.0136 2468 HpSAMD - ok
08:01:06.0182 2468 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:01:06.0198 2468 HTTP - ok
08:01:06.0214 2468 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:01:06.0214 2468 hwpolicy - ok
08:01:06.0229 2468 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:01:06.0245 2468 i8042prt - ok
08:01:06.0276 2468 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
08:01:06.0276 2468 iaStor - ok
08:01:06.0354 2468 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
08:01:06.0354 2468 IAStorDataMgrSvc - ok
08:01:06.0526 2468 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:01:06.0572 2468 iaStorV - ok
08:01:06.0697 2468 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:01:06.0713 2468 IDriverT - ok
08:01:06.0884 2468 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:01:06.0931 2468 idsvc - ok
08:01:07.0836 2468 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120722.001\IDSvia64.sys
08:01:07.0852 2468 IDSVia64 - ok
08:01:08.0788 2468 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
08:01:09.0084 2468 igfx - ok
08:01:09.0240 2468 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
08:01:09.0256 2468 iirsp - ok
08:01:09.0318 2468 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:01:09.0349 2468 IKEEXT - ok
08:01:09.0755 2468 IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys
08:01:09.0770 2468 IntcAzAudAddService - ok
08:01:09.0942 2468 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
08:01:09.0989 2468 IntcDAud - ok
08:01:10.0004 2468 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:01:10.0004 2468 intelide - ok
08:01:10.0020 2468 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:01:10.0020 2468 intelppm - ok
08:01:10.0036 2468 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:01:10.0051 2468 IPBusEnum - ok
08:01:10.0067 2468 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:01:10.0067 2468 IpFilterDriver - ok
08:01:10.0082 2468 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:01:10.0082 2468 IPMIDRV - ok
08:01:10.0082 2468 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:01:10.0082 2468 IPNAT - ok
08:01:10.0098 2468 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:01:10.0098 2468 IRENUM - ok
08:01:10.0114 2468 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:01:10.0114 2468 isapnp - ok
08:01:10.0145 2468 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:01:10.0145 2468 iScsiPrt - ok
08:01:10.0176 2468 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
08:01:10.0192 2468 kbdclass - ok
08:01:10.0207 2468 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
08:01:10.0207 2468 kbdhid - ok
08:01:10.0223 2468 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:01:10.0223 2468 KeyIso - ok
08:01:10.0254 2468 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
08:01:10.0254 2468 KSecDD - ok
08:01:10.0285 2468 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
08:01:10.0348 2468 KSecPkg - ok
08:01:10.0363 2468 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:01:10.0363 2468 ksthunk - ok
08:01:10.0410 2468 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:01:10.0426 2468 KtmRm - ok
08:01:10.0457 2468 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
08:01:10.0457 2468 LanmanServer - ok
08:01:10.0488 2468 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:01:10.0488 2468 LanmanWorkstation - ok
08:01:10.0613 2468 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
08:01:10.0628 2468 Live Updater Service - ok
08:01:10.0675 2468 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:01:10.0675 2468 lltdio - ok
08:01:10.0706 2468 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:01:10.0706 2468 lltdsvc - ok
08:01:10.0738 2468 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:01:10.0738 2468 lmhosts - ok
08:01:10.0816 2468 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:01:10.0816 2468 LMS - ok
08:01:10.0862 2468 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
08:01:10.0878 2468 LSI_FC - ok
08:01:10.0894 2468 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
08:01:10.0894 2468 LSI_SAS - ok
08:01:10.0894 2468 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
08:01:10.0894 2468 LSI_SAS2 - ok
08:01:10.0909 2468 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
08:01:10.0925 2468 LSI_SCSI - ok
08:01:10.0956 2468 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:01:10.0956 2468 luafv - ok
08:01:11.0018 2468 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
08:01:11.0018 2468 MBAMProtector - ok
08:01:11.0081 2468 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:01:11.0096 2468 MBAMService - ok
08:01:11.0190 2468 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
08:01:11.0268 2468 McciCMService - ok
08:01:11.0330 2468 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe
08:01:11.0346 2468 McciCMService64 - ok
08:01:11.0471 2468 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:01:11.0502 2468 Mcx2Svc - ok
08:01:11.0549 2468 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
08:01:11.0549 2468 megasas - ok
08:01:11.0580 2468 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
08:01:11.0611 2468 MegaSR - ok
08:01:11.0658 2468 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
08:01:11.0658 2468 MEIx64 - ok
08:01:11.0689 2468 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:01:11.0689 2468 MMCSS - ok
08:01:11.0689 2468 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:01:11.0705 2468 Modem - ok
08:01:11.0720 2468 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:01:11.0720 2468 monitor - ok
08:01:11.0752 2468 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
08:01:11.0752 2468 mouclass - ok
08:01:11.0752 2468 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:01:11.0752 2468 mouhid - ok
08:01:11.0783 2468 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:01:11.0783 2468 mountmgr - ok
08:01:11.0876 2468 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:01:11.0876 2468 MozillaMaintenance - ok
08:01:11.0892 2468 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:01:11.0908 2468 mpio - ok
08:01:11.0939 2468 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:01:11.0939 2468 mpsdrv - ok
08:01:12.0064 2468 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
08:01:12.0064 2468 MpsSvc - ok
08:01:12.0142 2468 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
08:01:12.0157 2468 MREMP50 - ok
08:01:12.0173 2468 MREMP50a64 - ok
08:01:12.0188 2468 MREMPR5 - ok
08:01:12.0188 2468 MRENDIS5 - ok
08:01:12.0204 2468 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
08:01:12.0204 2468 MRESP50 - ok
08:01:12.0204 2468 MRESP50a64 - ok
08:01:12.0220 2468 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:01:12.0220 2468 MRxDAV - ok
08:01:12.0251 2468 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:01:12.0266 2468 mrxsmb - ok
08:01:12.0298 2468 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:01:12.0298 2468 mrxsmb10 - ok
08:01:12.0485 2468 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:01:12.0485 2468 mrxsmb20 - ok
08:01:12.0500 2468 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:01:12.0516 2468 msahci - ok
08:01:12.0516 2468 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:01:12.0516 2468 msdsm - ok
08:01:12.0828 2468 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:01:12.0906 2468 MSDTC - ok
08:01:12.0922 2468 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:01:12.0922 2468 Msfs - ok
08:01:12.0937 2468 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:01:12.0937 2468 mshidkmdf - ok
08:01:12.0953 2468 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:01:12.0953 2468 msisadrv - ok
08:01:12.0984 2468 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:01:13.0000 2468 MSiSCSI - ok
08:01:13.0000 2468 msiserver - ok
08:01:13.0015 2468 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:01:13.0015 2468 MSKSSRV - ok
08:01:13.0015 2468 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:01:13.0031 2468 MSPCLOCK - ok
08:01:13.0031 2468 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:01:13.0031 2468 MSPQM - ok
08:01:13.0062 2468 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:01:13.0078 2468 MsRPC - ok
08:01:13.0093 2468 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:01:13.0093 2468 mssmbios - ok
08:01:13.0124 2468 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:01:13.0124 2468 MSTEE - ok
08:01:13.0124 2468 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
08:01:13.0124 2468 MTConfig - ok
08:01:13.0140 2468 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:01:13.0140 2468 Mup - ok
08:01:13.0920 2468 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
08:01:13.0936 2468 N360 - ok
08:01:13.0998 2468 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:01:14.0014 2468 napagent - ok
08:01:14.0076 2468 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:01:14.0107 2468 NativeWifiP - ok
08:01:14.0185 2468 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
08:01:14.0185 2468 NAUpdate - ok
08:01:14.0981 2468 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120723.018\ENG64.SYS
08:01:14.0996 2468 NAVENG - ok
08:01:15.0391 2468 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120723.018\EX64.SYS
08:01:15.0407 2468 NAVEX15 - ok
08:01:15.0653 2468 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:01:15.0662 2468 NDIS - ok
08:01:15.0687 2468 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:01:15.0689 2468 NdisCap - ok
08:01:15.0716 2468 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:01:15.0717 2468 NdisTapi - ok
08:01:15.0745 2468 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:01:15.0747 2468 Ndisuio - ok
08:01:15.0757 2468 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:01:15.0760 2468 NdisWan - ok
08:01:15.0788 2468 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:01:15.0790 2468 NDProxy - ok
08:01:15.0797 2468 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:01:15.0799 2468 NetBIOS - ok
08:01:15.0825 2468 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:01:15.0829 2468 NetBT - ok
08:01:15.0869 2468 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:01:15.0870 2468 Netlogon - ok
08:01:15.0927 2468 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:01:15.0931 2468 Netman - ok
08:01:16.0268 2468 NetMsmqActivator (7e9228c814c0d0b551af9a114b7e0b16) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:01:16.0296 2468 NetMsmqActivator - ok
08:01:16.0307 2468 NetPipeActivator (7e9228c814c0d0b551af9a114b7e0b16) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:01:16.0309 2468 NetPipeActivator - ok
08:01:16.0389 2468 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:01:16.0395 2468 netprofm - ok
08:01:16.0473 2468 netr28x (af5f224a600f50b7d2b77f4ae59c1abe) C:\Windows\system32\DRIVERS\netr28x.sys
08:01:16.0504 2468 netr28x - ok
08:01:16.0528 2468 NetTcpActivator (7e9228c814c0d0b551af9a114b7e0b16) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:01:16.0530 2468 NetTcpActivator - ok
08:01:16.0533 2468 NetTcpPortSharing (7e9228c814c0d0b551af9a114b7e0b16) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:01:16.0535 2468 NetTcpPortSharing - ok
08:01:16.0618 2468 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
08:01:16.0666 2468 nfrd960 - ok
08:01:16.0710 2468 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:01:16.0714 2468 NlaSvc - ok
08:01:16.0729 2468 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:01:16.0741 2468 Npfs - ok
08:01:16.0762 2468 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:01:16.0764 2468 nsi - ok
08:01:16.0774 2468 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:01:16.0776 2468 nsiproxy - ok
08:01:16.0879 2468 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:01:16.0910 2468 Ntfs - ok
08:01:17.0071 2468 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:01:17.0073 2468 Null - ok
08:01:17.0121 2468 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:01:17.0136 2468 nvraid - ok
08:01:17.0174 2468 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:01:17.0176 2468 nvstor - ok
08:01:17.0206 2468 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:01:17.0208 2468 nv_agp - ok
08:01:17.0216 2468 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:01:17.0218 2468 ohci1394 - ok
08:01:17.0293 2468 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:01:17.0307 2468 ose - ok
08:01:17.0611 2468 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:01:17.0727 2468 osppsvc - ok
08:01:17.0997 2468 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:01:18.0020 2468 p2pimsvc - ok
08:01:18.0065 2468 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:01:18.0088 2468 p2psvc - ok
08:01:18.0170 2468 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
08:01:18.0187 2468 Parport - ok
08:01:18.0216 2468 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
08:01:18.0218 2468 partmgr - ok
08:01:18.0241 2468 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:01:18.0243 2468 PcaSvc - ok
08:01:18.0262 2468 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:01:18.0282 2468 pci - ok
08:01:18.0296 2468 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:01:18.0298 2468 pciide - ok
08:01:18.0311 2468 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
08:01:18.0314 2468 pcmcia - ok
08:01:18.0325 2468 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:01:18.0327 2468 pcw - ok
08:01:18.0357 2468 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:01:18.0364 2468 PEAUTH - ok
08:01:18.0467 2468 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:01:18.0472 2468 PerfHost - ok
08:01:18.0560 2468 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:01:18.0580 2468 pla - ok
08:01:18.0775 2468 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:01:18.0846 2468 PlugPlay - ok
08:01:18.0864 2468 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:01:18.0866 2468 PNRPAutoReg - ok
08:01:18.0919 2468 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:01:18.0923 2468 PNRPsvc - ok
08:01:18.0970 2468 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:01:18.0975 2468 PolicyAgent - ok
08:01:19.0027 2468 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:01:19.0029 2468 Power - ok
08:01:19.0120 2468 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:01:19.0141 2468 PptpMiniport - ok
08:01:19.0167 2468 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
08:01:19.0168 2468 Processor - ok
08:01:19.0213 2468 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
08:01:19.0215 2468 ProfSvc - ok
08:01:19.0247 2468 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:01:19.0249 2468 ProtectedStorage - ok
08:01:19.0280 2468 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:01:19.0282 2468 Psched - ok
08:01:19.0367 2468 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
08:01:19.0390 2468 ql2300 - ok
08:01:19.0601 2468 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
08:01:19.0609 2468 ql40xx - ok
08:01:19.0646 2468 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:01:19.0689 2468 QWAVE - ok
08:01:19.0701 2468 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:01:19.0703 2468 QWAVEdrv - ok
08:01:19.0707 2468 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:01:19.0708 2468 RasAcd - ok
08:01:19.0736 2468 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:01:19.0737 2468 RasAgileVpn - ok
08:01:19.0751 2468 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:01:19.0767 2468 RasAuto - ok
08:01:19.0800 2468 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:01:19.0803 2468 Rasl2tp - ok
08:01:19.0838 2468 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:01:19.0871 2468 RasMan - ok
08:01:19.0895 2468 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:01:19.0897 2468 RasPppoe - ok
08:01:19.0918 2468 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:01:19.0920 2468 RasSstp - ok
08:01:19.0947 2468 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:01:19.0951 2468 rdbss - ok
08:01:19.0966 2468 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
08:01:19.0974 2468 rdpbus - ok
08:01:19.0998 2468 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:01:19.0999 2468 RDPCDD - ok
08:01:20.0011 2468 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:01:20.0013 2468 RDPENCDD - ok
08:01:20.0030 2468 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:01:20.0051 2468 RDPREFMP - ok
08:01:20.0130 2468 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
08:01:20.0142 2468 RDPWD - ok
08:01:20.0155 2468 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:01:20.0157 2468 rdyboost - ok
08:01:20.0173 2468 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:01:20.0196 2468 RemoteAccess - ok
08:01:20.0208 2468 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:01:20.0224 2468 RemoteRegistry - ok
08:01:20.0232 2468 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:01:20.0234 2468 RpcEptMapper - ok
08:01:20.0251 2468 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:01:20.0265 2468 RpcLocator - ok
08:01:20.0306 2468 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:01:20.0311 2468 RpcSs - ok
08:01:20.0340 2468 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:01:20.0341 2468 rspndr - ok
08:01:20.0433 2468 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
08:01:20.0484 2468 RTL8167 - ok
08:01:20.0514 2468 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:01:20.0516 2468 SamSs - ok
08:01:20.0547 2468 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:01:20.0593 2468 sbp2port - ok
08:01:20.0635 2468 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:01:20.0638 2468 SCardSvr - ok
08:01:20.0648 2468 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:01:20.0649 2468 scfilter - ok
08:01:20.0713 2468 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:01:20.0725 2468 Schedule - ok
08:01:20.0762 2468 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:01:20.0763 2468 SCPolicySvc - ok
08:01:20.0782 2468 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:01:20.0786 2468 SDRSVC - ok
08:01:20.0814 2468 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:01:20.0815 2468 secdrv - ok
08:01:20.0827 2468 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:01:20.0829 2468 seclogon - ok
08:01:20.0850 2468 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
08:01:20.0852 2468 SENS - ok
08:01:20.0863 2468 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:01:20.0865 2468 SensrSvc - ok
08:01:20.0874 2468 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
08:01:20.0875 2468 Serenum - ok
08:01:20.0896 2468 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
08:01:20.0915 2468 Serial - ok
08:01:20.0923 2468 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
08:01:20.0944 2468 sermouse - ok
08:01:20.0973 2468 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:01:20.0976 2468 SessionEnv - ok
08:01:20.0980 2468 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:01:20.0982 2468 sffdisk - ok
08:01:20.0985 2468 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:01:20.0986 2468 sffp_mmc - ok
08:01:20.0989 2468 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:01:20.0991 2468 sffp_sd - ok
08:01:20.0995 2468 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
08:01:20.0996 2468 sfloppy - ok
08:01:21.0035 2468 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:01:21.0039 2468 ShellHWDetection - ok
08:01:21.0052 2468 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
08:01:21.0066 2468 SiSRaid2 - ok
08:01:21.0073 2468 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
08:01:21.0075 2468 SiSRaid4 - ok
08:01:21.0309 2468 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
08:01:21.0349 2468 Skype C2C Service - ok
08:01:21.0462 2468 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe
08:01:21.0464 2468 SkypeUpdate - ok
08:01:21.0646 2468 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:01:21.0664 2468 Smb - ok
08:01:21.0696 2468 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:01:21.0698 2468 SNMPTRAP - ok
08:01:21.0705 2468 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:01:21.0706 2468 spldr - ok
08:01:21.0750 2468 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:01:21.0771 2468 Spooler - ok
08:01:22.0047 2468 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:01:22.0128 2468 sppsvc - ok
08:01:22.0173 2468 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:01:22.0176 2468 sppuinotify - ok
08:01:22.0330 2468 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\N360x64\0602010.005\SRTSP64.SYS
08:01:22.0346 2468 SRTSP - ok
08:01:22.0372 2468 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
08:01:22.0391 2468 SRTSPX - ok
08:01:22.0448 2468 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:01:22.0462 2468 srv - ok
08:01:22.0492 2468 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:01:22.0509 2468 srv2 - ok
08:01:22.0531 2468 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:01:22.0534 2468 srvnet - ok
08:01:22.0573 2468 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:01:22.0576 2468 SSDPSRV - ok
08:01:22.0584 2468 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:01:22.0587 2468 SstpSvc - ok
08:01:22.0656 2468 Steam Client Service - ok
08:01:22.0707 2468 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
08:01:22.0750 2468 stexstor - ok
08:01:22.0802 2468 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:01:22.0809 2468 stisvc - ok
08:01:22.0820 2468 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:01:22.0821 2468 swenum - ok
08:01:22.0859 2468 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:01:22.0881 2468 swprv - ok
08:01:23.0156 2468 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
08:01:23.0194 2468 SymDS - ok
08:01:23.0242 2468 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
08:01:23.0260 2468 SymEFA - ok
08:01:23.0346 2468 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
08:01:23.0348 2468 SymEvent - ok
08:01:23.0468 2468 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
08:01:23.0470 2468 SymIRON - ok
08:01:23.0491 2468 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS
08:01:23.0494 2468 SymNetS - ok
08:01:23.0735 2468 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:01:23.0790 2468 SysMain - ok
08:01:23.0977 2468 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:01:23.0985 2468 TabletInputService - ok
08:01:24.0020 2468 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:01:24.0038 2468 TapiSrv - ok
08:01:24.0050 2468 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:01:24.0053 2468 TBS - ok
08:01:24.0222 2468 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
08:01:24.0260 2468 Tcpip - ok
08:01:24.0498 2468 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
08:01:24.0512 2468 TCPIP6 - ok
08:01:24.0662 2468 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:01:24.0663 2468 tcpipreg - ok
08:01:24.0680 2468 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:01:24.0691 2468 TDPIPE - ok
08:01:24.0726 2468 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
08:01:24.0765 2468 TDTCP - ok
08:01:24.0784 2468 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:01:24.0788 2468 tdx - ok
08:01:24.0810 2468 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:01:24.0819 2468 TermDD - ok
08:01:24.0875 2468 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:01:24.0884 2468 TermService - ok
08:01:24.0901 2468 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:01:24.0903 2468 Themes - ok
08:01:24.0942 2468 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:01:24.0944 2468 THREADORDER - ok
08:01:25.0091 2468 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:01:25.0093 2468 TrkWks - ok
08:01:25.0192 2468 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:01:25.0195 2468 TrustedInstaller - ok
08:01:25.0215 2468 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:01:25.0217 2468 tssecsrv - ok
08:01:25.0244 2468 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:01:25.0246 2468 TsUsbFlt - ok
08:01:25.0251 2468 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
08:01:25.0252 2468 TsUsbGD - ok
08:01:25.0276 2468 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:01:25.0278 2468 tunnel - ok
08:01:25.0285 2468 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
08:01:25.0286 2468 uagp35 - ok
08:01:25.0316 2468 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:01:25.0321 2468 udfs - ok
08:01:25.0350 2468 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:01:25.0352 2468 UI0Detect - ok
08:01:25.0367 2468 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:01:25.0369 2468 uliagpkx - ok
08:01:25.0388 2468 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
08:01:25.0397 2468 umbus - ok
08:01:25.0417 2468 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
08:01:25.0418 2468 UmPass - ok
08:01:25.0674 2468 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:01:25.0730 2468 UNS - ok
08:01:26.0011 2468 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:01:26.0043 2468 upnphost - ok
08:01:26.0080 2468 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:01:26.0090 2468 usbccgp - ok
08:01:26.0130 2468 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:01:26.0132 2468 usbcir - ok
08:01:26.0167 2468 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
08:01:26.0184 2468 usbehci - ok
08:01:26.0224 2468 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:01:26.0228 2468 usbhub - ok
08:01:26.0260 2468 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
08:01:26.0262 2468 usbohci - ok
08:01:26.0291 2468 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:01:26.0293 2468 usbprint - ok
08:01:26.0322 2468 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:01:26.0324 2468 USBSTOR - ok
08:01:26.0338 2468 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
08:01:26.0352 2468 usbuhci - ok
08:01:26.0369 2468 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:01:26.0371 2468 UxSms - ok
08:01:26.0402 2468 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:01:26.0404 2468 VaultSvc - ok
08:01:26.0425 2468 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:01:26.0426 2468 vdrvroot - ok
08:01:26.0462 2468 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:01:26.0484 2468 vds - ok
08:01:26.0504 2468 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:01:26.0524 2468 vga - ok
08:01:26.0543 2468 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:01:26.0545 2468 VgaSave - ok
08:01:26.0565 2468 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:01:26.0640 2468 vhdmp - ok
08:01:26.0645 2468 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:01:26.0648 2468 viaide - ok
08:01:26.0680 2468 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:01:26.0682 2468 volmgr - ok
08:01:26.0707 2468 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:01:26.0712 2468 volmgrx - ok
08:01:26.0729 2468 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:01:26.0739 2468 volsnap - ok
08:01:26.0757 2468 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
08:01:26.0760 2468 vsmraid - ok
08:01:26.0857 2468 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:01:26.0905 2468 VSS - ok
08:01:27.0102 2468 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
08:01:27.0124 2468 vwifibus - ok
08:01:27.0185 2468 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:01:27.0186 2468 vwififlt - ok
08:01:27.0242 2468 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:01:27.0281 2468 W32Time - ok
08:01:27.0317 2468 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
08:01:27.0318 2468 WacomPen - ok
08:01:27.0341 2468 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:01:27.0343 2468 WANARP - ok
08:01:27.0346 2468 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:01:27.0347 2468 Wanarpv6 - ok
08:01:27.0463 2468 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:01:27.0493 2468 WatAdminSvc - ok
08:01:27.0747 2468 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:01:27.0786 2468 wbengine - ok
08:01:27.0932 2468 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:01:27.0947 2468 WbioSrvc - ok
08:01:27.0976 2468 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:01:27.0982 2468 wcncsvc - ok
08:01:28.0000 2468 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:01:28.0011 2468 WcsPlugInService - ok
08:01:28.0074 2468 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
08:01:28.0107 2468 Wd - ok
08:01:28.0149 2468 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:01:28.0169 2468 Wdf01000 - ok
08:01:28.0187 2468 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:01:28.0189 2468 WdiServiceHost - ok
08:01:28.0192 2468 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:01:28.0195 2468 WdiSystemHost - ok
08:01:28.0247 2468 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:01:28.0252 2468 WebClient - ok
08:01:28.0281 2468 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:01:28.0299 2468 Wecsvc - ok
08:01:28.0324 2468 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:01:28.0345 2468 wercplsupport - ok
08:01:28.0374 2468 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:01:28.0376 2468 WerSvc - ok
08:01:28.0426 2468 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:01:28.0438 2468 WfpLwf - ok
08:01:28.0449 2468 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:01:28.0450 2468 WIMMount - ok
08:01:28.0456 2468 WinHttpAutoProxySvc - ok
08:01:28.0587 2468 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:01:28.0589 2468 Winmgmt - ok
08:01:28.0733 2468 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:01:28.0763 2468 WinRM - ok
08:01:28.0891 2468 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:01:28.0898 2468 Wlansvc - ok
08:01:28.0978 2468 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:01:28.0997 2468 wlcrasvc - ok
08:01:29.0160 2468 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:01:29.0204 2468 wlidsvc - ok
08:01:29.0293 2468 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:01:29.0294 2468 WmiAcpi - ok
08:01:29.0417 2468 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:01:29.0453 2468 wmiApSrv - ok
08:01:29.0469 2468 WMPNetworkSvc - ok
08:01:29.0502 2468 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:01:29.0505 2468 WPCSvc - ok
08:01:29.0520 2468 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:01:29.0522 2468 WPDBusEnum - ok
08:01:29.0534 2468 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:01:29.0548 2468 ws2ifsl - ok
08:01:29.0566 2468 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
08:01:29.0569 2468 wscsvc - ok
08:01:29.0572 2468 WSearch - ok
08:01:29.0594 2468 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:01:29.0596 2468 WudfPf - ok
08:01:29.0626 2468 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:01:29.0628 2468 WUDFRd - ok
08:01:29.0645 2468 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:01:29.0648 2468 wudfsvc - ok
08:01:29.0677 2468 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:01:29.0719 2468 WwanSvc - ok
08:01:29.0920 2468 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:01:29.0927 2468 YahooAUService - ok
08:01:29.0959 2468 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:01:31.0832 2468 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:01:31.0833 2468 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:01:31.0848 2468 Boot (0x1200) (5016db220c335a4bec6af07193c24d8d) \Device\Harddisk0\DR0\Partition0
08:01:31.0850 2468 \Device\Harddisk0\DR0\Partition0 - ok
08:01:31.0866 2468 Boot (0x1200) (f9e8ee54cc9c48dbb870a660d22a0b5c) \Device\Harddisk0\DR0\Partition1
08:01:31.0868 2468 \Device\Harddisk0\DR0\Partition1 - ok
08:01:31.0869 2468 ============================================================
08:01:31.0869 2468 Scan finished
08:01:31.0869 2468 ============================================================
08:01:31.0877 3932 Detected object count: 1
08:01:31.0878 3932 Actual detected object count: 1
08:02:08.0141 3932 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:02:08.0141 3932 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
08:02:44.0066 5052 ============================================================
08:02:44.0066 5052 Scan started
08:02:44.0067 5052 Mode: Manual; TDLFS;
08:02:44.0067 5052 ============================================================
08:02:44.0358 5052 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:02:44.0359 5052 1394ohci - ok
08:02:44.0390 5052 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:02:44.0393 5052 ACPI - ok
08:02:44.0396 5052 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:02:44.0397 5052 AcpiPmi - ok
08:02:44.0458 5052 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:02:44.0459 5052 AdobeARMservice - ok
08:02:44.0576 5052 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:02:44.0578 5052 AdobeFlashPlayerUpdateSvc - ok
08:02:44.0624 5052 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
08:02:44.0629 5052 adp94xx - ok
08:02:44.0658 5052 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
08:02:44.0661 5052 adpahci - ok
08:02:44.0674 5052 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
08:02:44.0676 5052 adpu320 - ok
08:02:44.0768 5052 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:02:44.0769 5052 AeLookupSvc - ok
08:02:44.0880 5052 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
08:02:44.0885 5052 AFD - ok
08:02:45.0131 5052 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:02:45.0132 5052 agp440 - ok
08:02:45.0189 5052 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:02:45.0189 5052 ALG - ok
08:02:45.0208 5052 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:02:45.0208 5052 aliide - ok
08:02:45.0211 5052 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:02:45.0211 5052 amdide - ok
08:02:45.0216 5052 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
08:02:45.0217 5052 AmdK8 - ok
08:02:45.0221 5052 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
08:02:45.0221 5052 AmdPPM - ok
08:02:45.0244 5052 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:02:45.0245 5052 amdsata - ok
08:02:45.0254 5052 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
08:02:45.0255 5052 amdsbs - ok
08:02:45.0266 5052 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:02:45.0267 5052 amdxata - ok
08:02:45.0271 5052 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:02:45.0272 5052 AppID - ok
08:02:45.0358 5052 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:02:45.0359 5052 AppIDSvc - ok
08:02:45.0381 5052 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:02:45.0382 5052 Appinfo - ok
08:02:45.0414 5052 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
08:02:45.0415 5052 arc - ok
08:02:45.0424 5052 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
08:02:45.0425 5052 arcsas - ok
08:02:45.0511 5052 aspnet_state (fa558b04f900ef9801534d20f24ff2bf) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:02:45.0512 5052 aspnet_state - ok
08:02:45.0531 5052 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:02:45.0532 5052 AsyncMac - ok
08:02:45.0577 5052 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:02:45.0577 5052 atapi - ok
08:02:45.0656 5052 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:02:45.0662 5052 AudioEndpointBuilder - ok
08:02:45.0669 5052 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:02:45.0675 5052 AudioSrv - ok
08:02:45.0697 5052 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:02:45.0697 5052 AxInstSV - ok
08:02:45.0738 5052 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
08:02:45.0741 5052 b06bdrv - ok
08:02:45.0775 5052 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:02:45.0777 5052 b57nd60a - ok
08:02:45.0813 5052 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:02:45.0814 5052 BDESVC - ok
08:02:45.0822 5052 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:02:45.0822 5052 Beep - ok
08:02:45.0877 5052 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
08:02:45.0882 5052 BFE - ok
08:02:46.0203 5052 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
08:02:46.0210 5052 BHDrvx64 - ok
08:02:46.0287 5052 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
08:02:46.0287 5052 BingDesktopUpdate - ok
08:02:46.0515 5052 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
08:02:46.0516 5052 blbdrive - ok
08:02:46.0555 5052 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:02:46.0555 5052 bowser - ok
08:02:46.0569 5052 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
08:02:46.0569 5052 BrFiltLo - ok
08:02:46.0571 5052 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
08:02:46.0571 5052 BrFiltUp - ok
08:02:46.0578 5052 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
08:02:46.0579 5052 BridgeMP - ok
08:02:46.0611 5052 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:02:46.0612 5052 Browser - ok
08:02:46.0628 5052 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:02:46.0630 5052 Brserid - ok
08:02:46.0636 5052 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:02:46.0637 5052 BrSerWdm - ok
08:02:46.0640 5052 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:02:46.0640 5052 BrUsbMdm - ok
08:02:46.0644 5052 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:02:46.0644 5052 BrUsbSer - ok
08:02:46.0693 5052 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files (x86)\Browny02\BrYNSvc.exe
08:02:46.0695 5052 BrYNSvc - ok
08:02:46.0702 5052 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
08:02:46.0703 5052 BTHMODEM - ok
08:02:46.0718 5052 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:02:46.0719 5052 bthserv - ok
08:02:46.0721 5052 catchme - ok
08:02:46.0912 5052 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
08:02:46.0913 5052 ccSet_N360 - ok
08:02:46.0929 5052 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:02:46.0930 5052 cdfs - ok
08:02:46.0953 5052 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
08:02:46.0955 5052 cdrom - ok
08:02:47.0022 5052 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:02:47.0023 5052 CertPropSvc - ok
08:02:47.0051 5052 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
08:02:47.0052 5052 circlass - ok
08:02:47.0201 5052 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:02:47.0204 5052 CLFS - ok
08:02:47.0471 5052 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:02:47.0473 5052 clr_optimization_v2.0.50727_32 - ok
08:02:47.0507 5052 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:02:47.0509 5052 clr_optimization_v2.0.50727_64 - ok
08:02:47.0716 5052 clr_optimization_v4.0.30319_32 (f53e15a89675b7489fabe74f2091568e) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:02:47.0717 5052 clr_optimization_v4.0.30319_32 - ok
08:02:47.0748 5052 clr_optimization_v4.0.30319_64 (101d397632b9007df13e9a957ea68e04) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:02:47.0749 5052 clr_optimization_v4.0.30319_64 - ok
08:02:47.0763 5052 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
08:02:47.0764 5052 CmBatt - ok
08:02:47.0766 5052 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:02:47.0766 5052 cmdide - ok
08:02:47.0886 5052 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
08:02:47.0891 5052 CNG - ok
08:02:47.0906 5052 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
08:02:47.0906 5052 Compbatt - ok
08:02:48.0098 5052 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:02:48.0098 5052 CompositeBus - ok
08:02:48.0101 5052 COMSysApp - ok
08:02:48.0257 5052 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
08:02:48.0259 5052 cphs - ok
08:02:48.0341 5052 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
08:02:48.0342 5052 crcdisk - ok
08:02:48.0397 5052 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
08:02:48.0399 5052 CryptSvc - ok
08:02:48.0470 5052 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:02:48.0474 5052 DcomLaunch - ok
08:02:48.0517 5052 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:02:48.0520 5052 defragsvc - ok
08:02:48.0710 5052 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:02:48.0711 5052 DfsC - ok
08:02:48.0848 5052 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:02:48.0851 5052 Dhcp - ok
08:02:48.0867 5052 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:02:48.0868 5052 discache - ok
08:02:48.0933 5052 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
08:02:48.0934 5052 Disk - ok
08:02:49.0105 5052 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:02:49.0107 5052 Dnscache - ok
08:02:49.0127 5052 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:02:49.0129 5052 dot3svc - ok
08:02:49.0138 5052 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:02:49.0139 5052 DPS - ok
08:02:49.0180 5052 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:02:49.0181 5052 drmkaud - ok
08:02:49.0400 5052 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:02:49.0408 5052 DXGKrnl - ok
08:02:49.0437 5052 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:02:49.0438 5052 EapHost - ok
08:02:49.0752 5052 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
08:02:49.0771 5052 ebdrv - ok
08:02:49.0997 5052 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:02:50.0002 5052 eeCtrl - ok
08:02:50.0191 5052 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
08:02:50.0192 5052 EFS - ok
08:02:50.0356 5052 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:02:50.0361 5052 ehRecvr - ok
08:02:50.0380 5052 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:02:50.0381 5052 ehSched - ok
08:02:50.0556 5052 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
08:02:50.0561 5052 elxstor - ok
08:02:50.0628 5052 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:02:50.0630 5052 EraserUtilRebootDrv - ok
08:02:50.0633 5052 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:02:50.0634 5052 ErrDev - ok
08:02:50.0762 5052 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:02:50.0765 5052 EventSystem - ok
08:02:50.0790 5052 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:02:50.0791 5052 exfat - ok
08:02:50.0896 5052 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:02:50.0898 5052 fastfat - ok
08:02:51.0048 5052 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:02:51.0054 5052 Fax - ok
08:02:51.0059 5052 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
08:02:51.0059 5052 fdc - ok
08:02:51.0121 5052 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:02:51.0122 5052 fdPHost - ok
08:02:51.0147 5052 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:02:51.0148 5052 FDResPub - ok
08:02:51.0162 5052 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:02:51.0162 5052 FileInfo - ok
08:02:51.0181 5052 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:02:51.0182 5052 Filetrace - ok
08:02:51.0185 5052 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
08:02:51.0186 5052 flpydisk - ok
08:02:51.0353 5052 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:02:51.0356 5052 FltMgr - ok
08:02:51.0551 5052 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:02:51.0558 5052 FontCache - ok
08:02:51.0719 5052 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:02:51.0719 5052 FontCache3.0.0.0 - ok
08:02:51.0934 5052 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:02:51.0935 5052 FsDepends - ok
08:02:51.0988 5052 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
08:02:51.0989 5052 Fs_Rec - ok
08:02:52.0127 5052 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:02:52.0129 5052 fvevol - ok
08:02:52.0162 5052 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
08:02:52.0163 5052 gagp30kx - ok
08:02:52.0361 5052 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:02:52.0363 5052 GamesAppService - ok
08:02:52.0439 5052 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:02:52.0447 5052 gpsvc - ok
08:02:52.0606 5052 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
08:02:52.0607 5052 GREGService - ok
08:02:52.0879 5052 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:02:52.0881 5052 gupdate - ok
08:02:52.0885 5052 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:02:52.0887 5052 gupdatem - ok
08:02:53.0001 5052 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:02:53.0002 5052 hcw85cir - ok
08:02:53.0023 5052 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:02:53.0024 5052 HdAudAddService - ok
08:02:53.0042 5052 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
08:02:53.0043 5052 HDAudBus - ok
08:02:53.0046 5052 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
08:02:53.0046 5052 HidBatt - ok
08:02:53.0052 5052 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
08:02:53.0053 5052 HidBth - ok
08:02:53.0056 5052 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
08:02:53.0056 5052 HidIr - ok
08:02:53.0101 5052 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
08:02:53.0102 5052 hidserv - ok
08:02:53.0124 5052 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:02:53.0125 5052 HidUsb - ok
08:02:53.0248 5052 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:02:53.0250 5052 hkmsvc - ok
08:02:53.0446 5052 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:02:53.0449 5052 HomeGroupListener - ok
08:02:53.0546 5052 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:02:53.0548 5052 HomeGroupProvider - ok
08:02:53.0575 5052 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:02:53.0576 5052 HpSAMD - ok
08:02:53.0628 5052 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:02:53.0636 5052 HTTP - ok
08:02:53.0643 5052 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:02:53.0643 5052 hwpolicy - ok
08:02:53.0651 5052 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:02:53.0652 5052 i8042prt - ok
08:02:53.0675 5052 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
08:02:53.0677 5052 iaStor - ok
08:02:53.0812 5052 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
08:02:53.0813 5052 IAStorDataMgrSvc - ok
08:02:53.0925 5052 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:02:53.0929 5052 iaStorV - ok
08:02:54.0260 5052 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:02:54.0261 5052 IDriverT - ok
08:02:54.0558 5052 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:02:54.0566 5052 idsvc - ok
08:02:55.0294 5052 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120722.001\IDSvia64.sys
08:02:55.0299 5052 IDSVia64 - ok
08:02:56.0539 5052 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
08:02:56.0618 5052 igfx - ok
08:02:56.0733 5052 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
08:02:56.0734 5052 iirsp - ok
08:02:56.0799 5052 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:02:56.0807 5052 IKEEXT - ok
08:02:57.0037 5052 IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys
08:02:57.0056 5052 IntcAzAudAddService - ok
08:02:57.0238 5052 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
08:02:57.0242 5052 IntcDAud - ok
08:02:57.0266 5052 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:02:57.0266 5052 intelide - ok
08:02:57.0281 5052 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:02:57.0282 5052 intelppm - ok
08:02:57.0305 5052 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:02:57.0306 5052 IPBusEnum - ok
08:02:57.0327 5052 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:02:57.0328 5052 IpFilterDriver - ok
08:02:57.0396 5052 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:02:57.0397 5052 IPMIDRV - ok
08:02:57.0432 5052 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:02:57.0433 5052 IPNAT - ok
08:02:57.0453 5052 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:02:57.0454 5052 IRENUM - ok
08:02:57.0461 5052 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:02:57.0461 5052 isapnp - ok
08:02:57.0496 5052 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:02:57.0499 5052 iScsiPrt - ok
08:02:57.0550 5052 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
08:02:57.0551 5052 kbdclass - ok
08:02:57.0596 5052 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
08:02:57.0597 5052 kbdhid - ok
08:02:57.0669 5052 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:02:57.0670 5052 KeyIso - ok
08:02:57.0875 5052 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
08:02:57.0876 5052 KSecDD - ok
08:02:57.0949 5052 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
08:02:57.0950 5052 KSecPkg - ok
08:02:57.0964 5052 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:02:57.0965 5052 ksthunk - ok
08:02:58.0007 5052 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:02:58.0010 5052 KtmRm - ok
08:02:58.0035 5052 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
08:02:58.0037 5052 LanmanServer - ok
08:02:58.0300 5052 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:02:58.0302 5052 LanmanWorkstation - ok
08:02:58.0412 5052 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
08:02:58.0414 5052 Live Updater Service - ok
08:02:58.0429 5052 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:02:58.0429 5052 lltdio - ok
08:02:58.0509 5052 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:02:58.0512 5052 lltdsvc - ok
08:02:58.0548 5052 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:02:58.0549 5052 lmhosts - ok
08:02:58.0640 5052 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:02:58.0643 5052 LMS - ok
08:02:58.0690 5052 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
08:02:58.0692 5052 LSI_FC - ok
08:02:58.0700 5052 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
08:02:58.0701 5052 LSI_SAS - ok
08:02:58.0722 5052 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
08:02:58.0723 5052 LSI_SAS2 - ok
08:02:58.0732 5052 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
08:02:58.0733 5052 LSI_SCSI - ok
08:02:58.0745 5052 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:02:58.0746 5052 luafv - ok
08:02:58.0858 5052 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
08:02:58.0859 5052 MBAMProtector - ok
08:02:59.0031 5052 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:02:59.0035 5052 MBAMService - ok
08:02:59.0154 5052 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
08:02:59.0156 5052 McciCMService - ok
08:02:59.0318 5052 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe
08:02:59.0322 5052 McciCMService64 - ok
08:02:59.0781 5052 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:02:59.0783 5052 Mcx2Svc - ok
08:02:59.0938 5052 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
08:02:59.0938 5052 megasas - ok
08:02:59.0955 5052 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
08:02:59.0957 5052 MegaSR - ok
08:02:59.0991 5052 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
08:02:59.0992 5052 MEIx64 - ok
08:03:00.0019 5052 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:03:00.0020 5052 MMCSS - ok
08:03:00.0025 5052 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:03:00.0026 5052 Modem - ok
08:03:00.0128 5052 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:03:00.0129 5052 monitor - ok
08:03:00.0235 5052 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
08:03:00.0236 5052 mouclass - ok
08:03:00.0240 5052 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:03:00.0241 5052 mouhid - ok
08:03:00.0343 5052 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:03:00.0344 5052 mountmgr - ok
08:03:00.0511 5052 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:03:00.0512 5052 MozillaMaintenance - ok
08:03:00.0556 5052 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:03:00.0557 5052 mpio - ok
08:03:00.0584 5052 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:03:00.0584 5052 mpsdrv - ok
08:03:00.0643 5052 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
08:03:00.0651 5052 MpsSvc - ok
08:03:00.0724 5052 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
08:03:00.0724 5052 MREMP50 - ok
08:03:00.0841 5052 MREMP50a64 - ok
08:03:00.0845 5052 MREMPR5 - ok
08:03:00.0848 5052 MRENDIS5 - ok
08:03:00.0853 5052 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
08:03:00.0854 5052 MRESP50 - ok
08:03:00.0856 5052 MRESP50a64 - ok
08:03:00.0867 5052 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:03:00.0868 5052 MRxDAV - ok
08:03:00.0904 5052 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:03:00.0905 5052 mrxsmb - ok
08:03:00.0955 5052 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:03:00.0957 5052 mrxsmb10 - ok
08:03:01.0010 5052 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:03:01.0012 5052 mrxsmb20 - ok
08:03:01.0028 5052 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:03:01.0029 5052 msahci - ok
08:03:01.0039 5052 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:03:01.0040 5052 msdsm - ok
08:03:01.0162 5052 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:03:01.0164 5052 MSDTC - ok
08:03:01.0189 5052 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:03:01.0189 5052 Msfs - ok
08:03:01.0205 5052 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:03:01.0206 5052 mshidkmdf - ok
08:03:01.0221 5052 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:03:01.0221 5052 msisadrv - ok
08:03:01.0392 5052 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:03:01.0393 5052 MSiSCSI - ok
08:03:01.0395 5052 msiserver - ok
08:03:01.0469 5052 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:03:01.0470 5052 MSKSSRV - ok
08:03:01.0474 5052 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:03:01.0474 5052 MSPCLOCK - ok
08:03:01.0478 5052 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:03:01.0479 5052 MSPQM - ok
08:03:01.0512 5052 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:03:01.0514 5052 MsRPC - ok
08:03:01.0525 5052 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:03:01.0525 5052 mssmbios - ok
08:03:01.0528 5052 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:03:01.0528 5052 MSTEE - ok
08:03:01.0531 5052 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
08:03:01.0531 5052 MTConfig - ok
08:03:01.0659 5052 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:03:01.0660 5052 Mup - ok
08:03:02.0260 5052 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
08:03:02.0262 5052 N360 - ok
08:03:02.0365 5052 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:03:02.0368 5052 napagent - ok
08:03:02.0401 5052 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:03:02.0403 5052 NativeWifiP - ok
08:03:02.0482 5052 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
08:03:02.0484 5052 NAUpdate - ok
08:03:02.0718 5052 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120723.018\ENG64.SYS
08:03:02.0719 5052 NAVENG - ok
08:03:02.0881 5052 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120723.018\EX64.SYS
08:03:02.0895 5052 NAVEX15 - ok
08:03:03.0335 5052 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:03:03.0343 5052 NDIS - ok
08:03:03.0378 5052 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:03:03.0378 5052 NdisCap - ok
08:03:03.0394 5052 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:03:03.0395 5052 NdisTapi - ok
08:03:03.0424 5052 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:03:03.0425 5052 Ndisuio - ok
08:03:03.0437 5052 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:03:03.0438 5052 NdisWan - ok
08:03:03.0498 5052 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:03:03.0499 5052 NDProxy - ok
08:03:03.0678 5052 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:03:03.0679 5052 NetBIOS - ok
08:03:03.0702 5052 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:03:03.0705 5052 NetBT - ok
08:03:03.0736 5052 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:03:03.0737 5052 Netlogon - ok
08:03:03.0772 5052 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:03:03.0776 5052 Netman - ok
08:03:03.0967 5052 NetMsmqActivator (7e9228c814c0d0b551af9a114b7e0b16) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:03:03.0969 5052 NetMsmqActivator - ok
08:03:03.0971 5052 NetPipeActivator (7e9228c814c0d0b551af9a114b7e0b16) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:03:03.0972 5052 NetPipeActivator - ok
08:03:04.0024 5052 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:03:04.0029 5052 netprofm - ok
08:03:04.0155 5052 netr28x (af5f224a600f50b7d2b77f4ae59c1abe) C:\Windows\system32\DRIVERS\netr28x.sys
08:03:04.0163 5052 netr28x - ok
08:03:04.0360 5052 NetTcpActivator (7e9228c814c0d0b551af9a114b7e0b16) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:03:04.0362 5052 NetTcpActivator - ok
08:03:04.0365 5052 NetTcpPortSharing (7e9228c814c0d0b551af9a114b7e0b16) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:03:04.0367 5052 NetTcpPortSharing - ok
08:03:04.0440 5052 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
08:03:04.0441 5052 nfrd960 - ok
08:03:04.0488 5052 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:03:04.0491 5052 NlaSvc - ok
08:03:04.0595 5052 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:03:04.0596 5052 Npfs - ok
08:03:04.0674 5052 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:03:04.0675 5052 nsi - ok
08:03:04.0698 5052 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:03:04.0698 5052 nsiproxy - ok
08:03:04.0873 5052 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:03:04.0883 5052 Ntfs - ok
08:03:05.0605 5052 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:03:05.0606 5052 Null - ok
08:03:05.0713 5052 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:03:05.0715 5052 nvraid - ok
08:03:05.0795 5052 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:03:05.0797 5052 nvstor - ok
08:03:06.0967 5052 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:03:06.0968 5052 nv_agp - ok
08:03:07.0208 5052 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:03:07.0209 5052 ohci1394 - ok
08:03:07.0500 5052 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:03:07.0501 5052 ose - ok
08:03:08.0566 5052 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:03:08.0590 5052 osppsvc - ok
08:03:08.0900 5052 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:03:08.0902 5052 p2pimsvc - ok
08:03:08.0947 5052 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:03:08.0950 5052 p2psvc - ok
08:03:09.0092 5052 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
08:03:09.0093 5052 Parport - ok
08:03:09.0161 5052 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
08:03:09.0162 5052 partmgr - ok
08:03:09.0217 5052 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:03:09.0219 5052 PcaSvc - ok
08:03:09.0283 5052 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:03:09.0284 5052 pci - ok
08:03:09.0370 5052 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:03:09.0370 5052 pciide - ok
08:03:09.0382 5052 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
08:03:09.0383 5052 pcmcia - ok
08:03:09.0402 5052 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:03:09.0403 5052 pcw - ok
08:03:09.0506 5052 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:03:09.0512 5052 PEAUTH - ok
08:03:09.0766 5052 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:03:09.0767 5052 PerfHost - ok
08:03:10.0012 5052 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:03:10.0019 5052 pla - ok
08:03:10.0104 5052 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:03:10.0109 5052 PlugPlay - ok
08:03:10.0164 5052 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:03:10.0165 5052 PNRPAutoReg - ok
08:03:10.0199 5052 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:03:10.0203 5052 PNRPsvc - ok
08:03:10.0275 5052 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:03:10.0280 5052 PolicyAgent - ok
08:03:10.0368 5052 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:03:10.0371 5052 Power - ok
08:03:10.0498 5052 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:03:10.0499 5052 PptpMiniport - ok
08:03:10.0511 5052 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
08:03:10.0512 5052 Processor - ok
08:03:10.0558 5052 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
08:03:10.0561 5052 ProfSvc - ok
08:03:10.0592 5052 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:03:10.0593 5052 ProtectedStorage - ok
08:03:10.0613 5052 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:03:10.0615 5052 Psched - ok
08:03:10.0713 5052 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
08:03:10.0726 5052 ql2300 - ok
08:03:10.0875 5052 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
08:03:10.0876 5052 ql40xx - ok
08:03:11.0034 5052 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:03:11.0037 5052 QWAVE - ok
08:03:11.0079 5052 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:03:11.0079 5052 QWAVEdrv - ok
08:03:11.0097 5052 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:03:11.0097 5052 RasAcd - ok
08:03:11.0124 5052 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:03:11.0125 5052 RasAgileVpn - ok
08:03:11.0150 5052 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:03:11.0151 5052 RasAuto - ok
08:03:11.0253 5052 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:03:11.0254 5052 Rasl2tp - ok
08:03:11.0281 5052 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:03:11.0284 5052 RasMan - ok
08:03:11.0307 5052 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:03:11.0308 5052 RasPppoe - ok
08:03:11.0350 5052 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:03:11.0351 5052 RasSstp - ok
08:03:11.0453 5052 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:03:11.0456 5052 rdbss - ok
08:03:11.0575 5052 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
08:03:11.0576 5052 rdpbus - ok
08:03:11.0609 5052 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:03:11.0609 5052 RDPCDD - ok
08:03:11.0633 5052 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:03:11.0634 5052 RDPENCDD - ok
08:03:11.0663 5052 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:03:11.0663 5052 RDPREFMP - ok
08:03:11.0772 5052 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
08:03:11.0774 5052 RDPWD - ok
08:03:11.0816 5052 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:03:11.0818 5052 rdyboost - ok
08:03:11.0874 5052 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:03:11.0876 5052 RemoteAccess - ok
08:03:11.0920 5052 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:03:11.0923 5052 RemoteRegistry - ok
08:03:12.0045 5052 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:03:12.0047 5052 RpcEptMapper - ok
08:03:12.0073 5052 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:03:12.0074 5052 RpcLocator - ok
08:03:12.0110 5052 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:03:12.0114 5052 RpcSs - ok
08:03:12.0250 5052 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:03:12.0250 5052 rspndr - ok
08:03:12.0968 5052 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
08:03:12.0972 5052 RTL8167 - ok
08:03:13.0125 5052 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:03:13.0126 5052 SamSs - ok
08:03:13.0145 5052 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:03:13.0146 5052 sbp2port - ok
08:03:13.0201 5052 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:03:13.0204 5052 SCardSvr - ok
08:03:13.0224 5052 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:03:13.0225 5052 scfilter - ok
08:03:13.0316 5052 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:03:13.0328 5052 Schedule - ok
08:03:13.0420 5052 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:03:13.0421 5052 SCPolicySvc - ok
08:03:13.0457 5052 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:03:13.0459 5052 SDRSVC - ok
08:03:13.0580 5052 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:03:13.0580 5052 secdrv - ok
08:03:13.0759 5052 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:03:13.0760 5052 seclogon - ok
08:03:13.0905 5052 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
08:03:13.0906 5052 SENS - ok
08:03:13.0972 5052 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:03:13.0973 5052 SensrSvc - ok
08:03:13.0991 5052 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
08:03:13.0992 5052 Serenum - ok
08:03:14.0009 5052 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
08:03:14.0011 5052 Serial - ok
08:03:14.0015 5052 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
08:03:14.0016 5052 sermouse - ok
08:03:14.0094 5052 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:03:14.0096 5052 SessionEnv - ok
08:03:14.0101 5052 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:03:14.0101 5052 sffdisk - ok
08:03:14.0106 5052 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:03:14.0106 5052 sffp_mmc - ok
08:03:14.0113 5052 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:03:14.0114 5052 sffp_sd - ok
08:03:14.0118 5052 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
08:03:14.0119 5052 sfloppy - ok
08:03:14.0207 5052 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:03:14.0210 5052 ShellHWDetection - ok
08:03:14.0215 5052 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
08:03:14.0215 5052 SiSRaid2 - ok
08:03:14.0221 5052 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
08:03:14.0222 5052 SiSRaid4 - ok
08:03:14.0560 5052 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
08:03:14.0576 5052 Skype C2C Service - ok
08:03:14.0804 5052 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe
08:03:14.0805 5052 SkypeUpdate - ok
08:03:15.0278 5052 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:03:15.0279 5052 Smb - ok
08:03:15.0318 5052 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:03:15.0319 5052 SNMPTRAP - ok
08:03:15.0361 5052 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:03:15.0361 5052 spldr - ok
08:03:15.0437 5052 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:03:15.0443 5052 Spooler - ok
08:03:16.0242 5052 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:03:16.0259 5052 sppsvc - ok
08:03:16.0370 5052 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:03:16.0372 5052 sppuinotify - ok
08:03:16.0501 5052 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\N360x64\0602010.005\SRTSP64.SYS
08:03:16.0505 5052 SRTSP - ok
08:03:16.0538 5052 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
08:03:16.0538 5052 SRTSPX - ok
08:03:16.0611 5052 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:03:16.0614 5052 srv - ok
08:03:16.0651 5052 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:03:16.0654 5052 srv2 - ok
08:03:16.0698 5052 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:03:16.0699 5052 srvnet - ok
08:03:16.0729 5052 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:03:16.0731 5052 SSDPSRV - ok
08:03:16.0739 5052 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:03:16.0740 5052 SstpSvc - ok
08:03:16.0778 5052 Steam Client Service - ok
08:03:16.0806 5052 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
08:03:16.0806 5052 stexstor - ok
08:03:16.0847 5052 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:03:16.0851 5052 stisvc - ok
08:03:16.0864 5052 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:03:16.0865 5052 swenum - ok
08:03:16.0901 5052 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:03:16.0904 5052 swprv - ok
08:03:16.0993 5052 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
08:03:16.0996 5052 SymDS - ok
08:03:17.0065 5052 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
08:03:17.0073 5052 SymEFA - ok
08:03:17.0105 5052 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
08:03:17.0106 5052 SymEvent - ok
08:03:17.0144 5052 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
08:03:17.0146 5052 SymIRON - ok
08:03:17.0165 5052 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS
08:03:17.0167 5052 SymNetS - ok
08:03:17.0364 5052 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:03:17.0373 5052 SysMain - ok
08:03:17.0488 5052 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:03:17.0489 5052 TabletInputService - ok
08:03:17.0537 5052 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:03:17.0539 5052 TapiSrv - ok
08:03:17.0626 5052 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:03:17.0629 5052 TBS - ok
08:03:17.0806 5052 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
08:03:17.0817 5052 Tcpip - ok
08:03:18.0228 5052 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
08:03:18.0241 5052 TCPIP6 - ok
08:03:18.0328 5052 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:03:18.0328 5052 tcpipreg - ok
08:03:18.0336 5052 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:03:18.0336 5052 TDPIPE - ok
08:03:18.0370 5052 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
08:03:18.0371 5052 TDTCP - ok
08:03:18.0408 5052 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:03:18.0409 5052 tdx - ok
08:03:18.0421 5052 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:03:18.0422 5052 TermDD - ok
08:03:18.0507 5052 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:03:18.0514 5052 TermService - ok
08:03:18.0556 5052 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:03:18.0558 5052 Themes - ok
08:03:18.0663 5052 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:03:18.0665 5052 THREADORDER - ok
08:03:18.0705 5052 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:03:18.0707 5052 TrkWks - ok
08:03:18.0773 5052 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:03:18.0775 5052 TrustedInstaller - ok
08:03:18.0802 5052 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:03:18.0803 5052 tssecsrv - ok
08:03:18.0822 5052 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:03:18.0822 5052 TsUsbFlt - ok
08:03:18.0826 5052 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
08:03:18.0827 5052 TsUsbGD - ok
08:03:18.0842 5052 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:03:18.0843 5052 tunnel - ok
08:03:18.0848 5052 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
08:03:18.0849 5052 uagp35 - ok
08:03:18.0884 5052 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:03:18.0886 5052 udfs - ok
08:03:18.0904 5052 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:03:18.0905 5052 UI0Detect - ok
08:03:18.0932 5052 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:03:18.0933 5052 uliagpkx - ok
08:03:18.0943 5052 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
08:03:18.0944 5052 umbus - ok
08:03:18.0946 5052 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
08:03:18.0946 5052 UmPass - ok
08:03:19.0412 5052 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:03:19.0433 5052 UNS - ok
08:03:19.0813 5052 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:03:19.0817 5052 upnphost - ok
08:03:19.0868 5052 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:03:19.0869 5052 usbccgp - ok
08:03:19.0895 5052 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:03:19.0896 5052 usbcir - ok
08:03:20.0010 5052 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
08:03:20.0011 5052 usbehci - ok
08:03:20.0146 5052 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:03:20.0149 5052 usbhub - ok
08:03:20.0226 5052 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
08:03:20.0227 5052 usbohci - ok
08:03:20.0247 5052 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:03:20.0248 5052 usbprint - ok
08:03:20.0288 5052 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:03:20.0289 5052 USBSTOR - ok
08:03:20.0383 5052 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
08:03:20.0383 5052 usbuhci - ok
08:03:20.0425 5052 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:03:20.0427 5052 UxSms - ok
08:03:20.0480 5052 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:03:20.0482 5052 VaultSvc - ok
08:03:20.0525 5052 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:03:20.0526 5052 vdrvroot - ok
08:03:20.0594 5052 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:03:20.0600 5052 vds - ok
08:03:20.0616 5052 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:03:20.0616 5052 vga - ok
08:03:20.0633 5052 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:03:20.0633 5052 VgaSave - ok
08:03:20.0658 5052 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:03:20.0660 5052 vhdmp - ok
08:03:20.0664 5052 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:03:20.0664 5052 viaide - ok
08:03:20.0757 5052 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:03:20.0758 5052 volmgr - ok
08:03:20.0787 5052 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:03:20.0790 5052 volmgrx - ok
08:03:20.0808 5052 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:03:20.0810 5052 volsnap - ok
08:03:20.0832 5052 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
08:03:20.0833 5052 vsmraid - ok
08:03:20.0924 5052 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:03:20.0937 5052 VSS - ok
08:03:21.0035 5052 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
08:03:21.0035 5052 vwifibus - ok
08:03:21.0050 5052 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:03:21.0051 5052 vwififlt - ok
08:03:21.0085 5052 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:03:21.0087 5052 W32Time - ok
08:03:21.0106 5052 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
08:03:21.0106 5052 WacomPen - ok
08:03:21.0140 5052 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:03:21.0141 5052 WANARP - ok
08:03:21.0143 5052 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:03:21.0144 5052 Wanarpv6 - ok
08:03:21.0271 5052 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:03:21.0283 5052 WatAdminSvc - ok
08:03:21.0395 5052 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:03:21.0403 5052 wbengine - ok
08:03:21.0599 5052 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:03:21.0602 5052 WbioSrvc - ok
08:03:21.0635 5052 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:03:21.0639 5052 wcncsvc - ok
08:03:21.0678 5052 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:03:21.0680 5052 WcsPlugInService - ok
08:03:21.0719 5052 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
08:03:21.0720 5052 Wd - ok
08:03:21.0763 5052 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:03:21.0769 5052 Wdf01000 - ok
08:03:21.0786 5052 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:03:21.0788 5052 WdiServiceHost - ok
08:03:21.0792 5052 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:03:21.0794 5052 WdiSystemHost - ok
08:03:21.0825 5052 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:03:21.0827 5052 WebClient - ok
08:03:21.0956 5052 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:03:21.0958 5052 Wecsvc - ok
08:03:21.0979 5052 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:03:21.0981 5052 wercplsupport - ok
08:03:22.0007 5052 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:03:22.0008 5052 WerSvc - ok
08:03:22.0060 5052 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:03:22.0060 5052 WfpLwf - ok
08:03:22.0071 5052 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:03:22.0072 5052 WIMMount - ok
08:03:22.0080 5052 WinHttpAutoProxySvc - ok
08:03:22.0173 5052 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:03:22.0175 5052 Winmgmt - ok
08:03:22.0408 5052 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:03:22.0428 5052 WinRM - ok
08:03:22.0764 5052 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:03:22.0769 5052 Wlansvc - ok
08:03:22.0911 5052 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:03:22.0912 5052 wlcrasvc - ok
08:03:23.0112 5052 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:03:23.0124 5052 wlidsvc - ok
08:03:23.0360 5052 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:03:23.0361 5052 WmiAcpi - ok
08:03:23.0530 5052 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:03:23.0532 5052 wmiApSrv - ok
08:03:23.0662 5052 WMPNetworkSvc - ok
08:03:23.0680 5052 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:03:23.0682 5052 WPCSvc - ok
08:03:23.0697 5052 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:03:23.0700 5052 WPDBusEnum - ok
08:03:23.0712 5052 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:03:23.0713 5052 ws2ifsl - ok
08:03:23.0733 5052 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
08:03:23.0734 5052 wscsvc - ok
08:03:23.0736 5052 WSearch - ok
08:03:23.0810 5052 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:03:23.0811 5052 WudfPf - ok
08:03:23.0924 5052 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:03:23.0926 5052 WUDFRd - ok
08:03:24.0033 5052 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:03:24.0035 5052 wudfsvc - ok
08:03:24.0130 5052 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:03:24.0134 5052 WwanSvc - ok
08:03:24.0285 5052 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:03:24.0290 5052 YahooAUService - ok
08:03:24.0304 5052 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:03:26.0746 5052 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:03:26.0746 5052 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:03:26.0804 5052 Boot (0x1200) (5016db220c335a4bec6af07193c24d8d) \Device\Harddisk0\DR0\Partition0
08:03:26.0806 5052 \Device\Harddisk0\DR0\Partition0 - ok
08:03:26.0822 5052 Boot (0x1200) (f9e8ee54cc9c48dbb870a660d22a0b5c) \Device\Harddisk0\DR0\Partition1
08:03:26.0824 5052 \Device\Harddisk0\DR0\Partition1 - ok
08:03:26.0824 5052 ============================================================
08:03:26.0824 5052 Scan finished
08:03:26.0824 5052 ============================================================
08:03:26.0838 5064 Detected object count: 1
08:03:26.0838 5064 Actual detected object count: 1
08:08:42.0985 5064 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:08:42.0985 5064 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
08:08:44.0414 3128 Deinitialize success

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-24 08:10:21
-----------------------------
08:10:21.852 OS Version: Windows x64 6.1.7601 Service Pack 1
08:10:21.852 Number of processors: 4 586 0x2A07
08:10:21.853 ComputerName: user-PC UserName: user
08:10:23.300 Initialize success
08:21:08.193 AVAST engine defs: 12072400
08:21:33.326 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:21:33.328 Disk 0 Vendor: WDC_WD10 77.0 Size: 953869MB BusType: 3
08:21:33.338 Disk 0 MBR read successfully
08:21:33.341 Disk 0 MBR scan
08:21:33.347 Disk 0 Windows 7 default MBR code
08:21:33.350 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16384 MB offset 2048
08:21:33.371 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 33556480
08:21:33.389 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 937383 MB offset 33761280
08:21:33.404 Disk 0 scanning C:\Windows\system32\drivers
08:21:38.608 Service scanning
08:21:53.303 Modules scanning
08:21:53.312 Disk 0 trace - called modules:
08:21:53.326 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
08:21:53.658 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e34060]
08:21:53.663 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80062fe050]
08:21:55.422 AVAST engine scan C:\Windows
08:21:57.567 AVAST engine scan C:\Windows\system32
08:24:21.079 AVAST engine scan C:\Windows\system32\drivers
08:24:34.922 AVAST engine scan C:\Users\user
08:25:04.393 File: C:\Users\user\AppData\Local\{4e89a7bb-7cab-9f44-50e7-06b618f6e080}\U\80000064.@ **INFECTED** Win32:Malware-gen
08:26:33.334 AVAST engine scan C:\ProgramData
08:27:24.678 Scan finished successfully
08:28:13.862 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
08:28:13.866 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"

Eset Online Scanner


No threats found

Last night it looked like this:

"C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\DnsBHO.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\user\AppData\Local\{4e89a7bb-7cab-9f44-50e7-06b618f6e080}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Users\user\Downloads\cnet2_devcpp-4_9_9_2_setup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined"

Edited by trhelp, 24 July 2012 - 09:55 AM.


#4 trhelp

trhelp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 24 July 2012 - 06:12 PM

Would formatting and installing Windows get rid of it? I remembered that i ran Combofix once and uninstalled it as soon as I found out that it was not for the use of inexperienced users. I'm thinking about Restoring the operating system to the factory defaults but I'm not sure if that will work. Any suggestions on what would be better to do to be completely cleaned of this?

#5 Brian C.

Brian C.

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:02:14 AM

Posted 24 July 2012 - 07:08 PM

I too am having the same problem as stated in the first box above. I am running Windows Vista with Microsoft Security Essentials when i first encountered the problem. The virus shutdown MSE and the Microsoft update center, my fiewall, etc. I downloaded MBAM, ran the scan, and it caught some files. Disinfected them, rebooted, rescanned, and files appeared again. (while running in safe mode with networking from the point after being infected). I followed the instructions here: http://www.bleepingcomputer.com/virus-removal/remove-security-shield first because this is where I beleieve all the problems began (that is after my wife clicking on an embedded link within FB). Upon completeing the entire process, I noticed I still had the sirefef trojan, sirefef virus, and rootkit 0 access as I was running MSE and MBAM right before getting the "windows (Vista) encountered a critical error and will restart" loop. I have already downloaded frst.exe and ran it thru the usb drive connected to the infected cpu.

I do not know what to do from this point on to get my cpu back to "healthy" and virus free status again ??????

Please help :)

Edited by Brian C., 24 July 2012 - 07:09 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:14 AM

Posted 24 July 2012 - 08:33 PM

Would formatting and installing Windows get rid of it? I remembered that i ran Combofix once and uninstalled it as soon as I found out that it was not for the use of inexperienced users. I'm thinking about Restoring the operating system to the factory defaults but I'm not sure if that will work. Any suggestions on what would be better to do to be completely cleaned of this?


A complete restore would get rid of it.

good luck

Brian C.

Please create a new topic

Thanks

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:14 AM

Posted 24 July 2012 - 08:53 PM

Brian...
Please start a new topic in Virus, Trojan, Spyware, and Malware Removal Logs

Post your FRST log there.

Thank you.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Brian C.

Brian C.

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:02:14 AM

Posted 24 July 2012 - 09:40 PM

Will do..thanks!

#9 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,854 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:14 AM

Posted 24 July 2012 - 10:26 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic462342.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users