Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with possible boot.pihar and Auleron rootkits


  • This topic is locked This topic is locked
61 replies to this topic

#1 cloud3213

cloud3213

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Albany NY
  • Local time:12:31 AM

Posted 20 May 2013 - 06:15 AM

Hello,
 
I have been trying to get rid of these rootkits since March, and obviously I need professional assistance because I have tried EVERYTHING!! This infection has spread onto my 2 laptops, desktop and my parents laptop. I ran DDS and have attatched the two logs. I appreciate the time and effort put into helping me.
 
 
Jared :grinner:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16384
Run by Jared at 7:07:47 on 2013-05-20
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.6047.4559 [GMT -7:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
TCP: Interfaces\{76BB4015-9DB4-4347-83B9-9F3C5F97EE8F} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248]
.
=============== Created Last 30 ================
.
2013-05-20 12:54:53 -------- d-----w- C:\Users\Jared\AppData\Roaming\Comodo
2013-05-20 12:31:35 -------- d--h--w- C:\VTRoot
2013-05-20 12:16:30 -------- d---a-w- C:\Program Files\COMODO
2013-05-20 12:16:12 -------- d-----w- C:\ProgramData\COMODO
2013-05-20 12:15:50 -------- d-----w- C:\Users\Jared\AppData\Local\Comodo
2013-05-20 12:15:32 -------- d-----w- C:\Program Files (x86)\Comodo
2013-05-20 12:15:27 -------- d-----w- C:\ProgramData\Comodo Downloader
2013-05-20 11:55:10 -------- d-----w- C:\Program Files\HitmanPro
2013-05-20 11:54:26 -------- d-----w- C:\ProgramData\HitmanPro
2013-05-20 11:39:46 -------- d-sh--w- C:\Recovery
2013-05-20 11:39:39 -------- d-----w- C:\Windows.old
2013-05-20 11:37:05 -------- d-----w- C:\Virtual
2013-05-20 11:25:18 -------- d-----w- C:\Windows\Panther
2013-05-20 11:24:36 -------- d--h--w- C:\$SysReset
2013-05-20 11:12:57 -------- d-----w- C:\Users\Jared\AppData\Local\Spoon
2013-05-20 11:12:56 -------- d-----w- C:\Users\Jared\AppData\Local\Xenocode
2013-05-20 11:11:31 -------- d-----w- C:\ProgramData\BufferZone
2013-05-20 11:11:04 -------- d-----w- C:\Program Files (x86)\BufferZone
2013-05-20 11:10:12 -------- d-----w- C:\Users\Jared\D00EEFBEAE1B4E65818F3775DDF1FF86.TMP
2013-05-20 11:09:36 193712 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10203.bin
2013-05-20 10:57:21 -------- d-----w- C:\Program Files\Synaptics
2013-05-20 10:51:56 -------- d-----r- C:\Users\Jared\Searches
2013-05-20 10:50:04 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-05-20 10:49:41 -------- d-----w- C:\Users\Jared\AppData\Local\VirtualStore
2013-05-20 10:49:19 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-05-20 10:48:46 -------- d-----w- C:\ProgramData\PRICache
2013-05-20 08:46:54 -------- d-----r- C:\Users\Jared\Contacts
2013-05-20 08:46:03 -------- d-----w- C:\Users\Jared\AppData\Local\Packages
2013-05-20 08:45:41 -------- d-----r- C:\Users\Jared\Videos
2013-05-20 08:45:41 -------- d-----r- C:\Users\Jared\Saved Games
2013-05-20 08:45:41 -------- d-----r- C:\Users\Jared\Pictures
2013-05-20 08:45:41 -------- d-----r- C:\Users\Jared\Music
2013-05-20 08:45:41 -------- d-----r- C:\Users\Jared\Links
2013-05-20 08:45:41 -------- d-----r- C:\Users\Jared\Downloads
2013-05-20 08:45:41 -------- d-----r- C:\Users\Jared\Documents
.
==================== Find3M ====================
.
.
============= FINISH: 7:08:19.38 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 5/20/2013 3:48:04 AM
System Uptime: 5/20/2013 6:27:38 AM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 3662
Processor: Genuine Intel® CPU U7300 @ 1.30GHz | CPU | 1300/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 111 GiB total, 84.732 GiB free.
D: is Removable
E: is CDROM (UDF)
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: USB\VID_138A&PID_0005\0510CBBC2D00
Manufacturer:
Name:
PNP Device ID: USB\VID_138A&PID_0005\0510CBBC2D00
Service:
.
Class GUID:
Description:
Device ID: ACPI\HPQ0004\3&33FD14CA&0
Manufacturer:
Name:
PNP Device ID: ACPI\HPQ0004\3&33FD14CA&0
Service:
.
==== System Restore Points ===================
.
RP1: 5/20/2013 4:10:29 AM - Installed BufferZone
.
==== Installed Programs ======================
.
Synaptics Pointing Device Driver
.
==== Event Viewer Messages From Past Week ========
.
5/20/2013 5:57:00 AM, Error: Service Control Manager [7034] - The COMODO Virtual Service Manager service terminated unexpectedly. It has done this 1 time(s).
5/20/2013 5:56:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "230" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server: {3C6859CE-230B-48A4-BE6C-932C0C202048}
5/20/2013 5:36:57 AM, Error: Schannel [36887] - A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 10.
5/20/2013 5:34:25 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0035d1893, 0x0000000000000000, 0xfffff801e7657fe3, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 052013-39702-01.
5/20/2013 4:51:09 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0018975f8, 0x0000000000000000, 0xfffff801aa2a8fe3, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 052013-46519-01.
5/20/2013 4:38:52 AM, Error: Service Control Manager [7034] - The BufferZone Service service terminated unexpectedly. It has done this 3 time(s).
5/20/2013 4:38:41 AM, Error: Service Control Manager [7034] - The BufferZone Service service terminated unexpectedly. It has done this 2 time(s).
5/20/2013 4:37:05 AM, Error: Service Control Manager [7034] - The BufferZone Service service terminated unexpectedly. It has done this 1 time(s).
5/20/2013 4:11:03 AM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.
5/20/2013 3:42:56 AM, Error: Service Control Manager [7023] - The Network List Service service terminated with the following error: The device is not ready.
5/20/2013 3:42:53 AM, Error: Service Control Manager [7023] - The IP Helper service terminated with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.
==== End Of File ===========================

Attached Files


Edited by Oh My, 01 July 2013 - 12:34 PM.
Logs attached


BC AdBot (Login to Remove)

 


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:31 AM

Posted 23 May 2013 - 05:04 PM

Hello and welcome to BleepingComputer! 
 
 
 
I am Elle and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are used to identify the possible threats present on your system so I will analyze the results they produce. 
 
 
As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that aspect. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us. 
 
If you will encounter a delay of over 2 days from me, please don't hesitate and private message me (link in the signature). 
Do not forget to check your topic periodically and subscribe to it so that you can receive notifications regarding my replies.
 
 
 
Please generate other DDS logs (download it from here if you haven't already) and post them in your next reply along with other changes that may have occured since you last posted.
Also download and run GMER from this link:http://www.gmer.net/gmer.zip
 
 
 
Thank you very much for your patience. 
 
 
 
 
Regards,
 
Elle

Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#3 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:31 AM

Posted 26 May 2013 - 04:42 PM

Hi there,

 

 

 

Do you still need help? Please let us know. :)

 

 

 

Elle


Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#4 cloud3213

cloud3213
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Albany NY
  • Local time:12:31 AM

Posted 26 May 2013 - 08:04 PM

Elle, Thank you so much for helping me I appreciate it!! . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 5/25/2013 6:12:42 PM System Uptime: 5/26/2013 6:27:52 PM (1 hours ago) . Motherboard: Hewlett-Packard | | 3662 Processor: Genuine Intel® CPU U7300 @ 1.30GHz | CPU | 1296/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 112 GiB total, 88.579 GiB free. G: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Security Processor Loader Driver Device ID: ROOT\LEGACY_SPLDR\0000 Manufacturer: Name: Security Processor Loader Driver PNP Device ID: ROOT\LEGACY_SPLDR\0000 Service: spldr . Class GUID: Description: Device ID: USB\VID_138A&PID_0005\0510CBBC2D00 Manufacturer: Name: PNP Device ID: USB\VID_138A&PID_0005\0510CBBC2D00 Service: . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.02) Advanced SystemCare 6 AIM for Windows AntiLogger CCleaner Download Updater (AOL Inc.) eReg HitmanPro.Alert (Beta 3b) Intel® Graphics Media Accelerator Driver Java 7 Update 21 (64-bit) Logitech SetPoint 6.52 Mozilla Firefox 21.0 (x86 en-US) Mozilla Maintenance Service Norton Internet Security Smart Defrag 2 SUPERAntiSpyware Synaptics Pointing Device Driver Windows 7 Manager WinPatrol . ==== Event Viewer Messages From Past Week ======== . 5/26/2013 6:29:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 5/26/2013 6:29:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 5/26/2013 6:29:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 5/26/2013 6:29:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 5/26/2013 6:29:01 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_NIS cdrom discache eeCtrl IDSVia64 SASDIFSV SASKUTIL spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6 5/26/2013 6:29:01 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 5/26/2013 6:08:15 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 5/26/2013 6:08:15 PM, Error: Service Control Manager [7031] - The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 5/26/2013 6:08:15 PM, Error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. 5/26/2013 6:07:09 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 5/26/2013 4:44:04 AM, Error: Service Control Manager [7030] - The Advanced SystemCare Service 6 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 5/26/2013 3:03:24 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 4 Client Profile for Windows 7 x64-based Systems (KB982670). 5/26/2013 1:38:06 AM, Error: Service Control Manager [7023] - 5/26/2013 1:26:26 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom 5/26/2013 1:25:36 PM, Error: volmgr [46] - Crash dump initialization failed! 5/26/2013 1:16:23 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 5/25/2013 8:59:13 PM, Error: Service Control Manager [7001] - The Background Intelligent Transfer Service service depends on the COM+ Event System service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 5/25/2013 8:59:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 5/25/2013 8:59:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845). 5/25/2013 8:56:03 PM, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 5/25/2013 8:55:26 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 5/25/2013 8:55:03 PM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Windows Audio Endpoint Builder service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 5/25/2013 8:49:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. 5/25/2013 8:49:26 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). 5/25/2013 8:49:19 PM, Error: Service Control Manager [7034] - The HitmanPro.Alert Service service terminated unexpectedly. It has done this 1 time(s). 5/25/2013 8:40:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2763523). 5/25/2013 8:40:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2718704). 5/25/2013 8:40:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2533552). 5/25/2013 8:40:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2515325). 5/25/2013 8:40:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2813347). 5/25/2013 8:40:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2658846). 5/25/2013 8:40:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2620704). 5/25/2013 8:40:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2820331). 5/25/2013 8:40:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2813956). 5/25/2013 8:40:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2798162). 5/25/2013 8:40:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2779562). 5/25/2013 8:40:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2547666). 5/25/2013 8:40:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2631813). 5/25/2013 8:40:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2585542). 5/25/2013 8:40:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2479943). 5/25/2013 8:40:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2618451). 5/25/2013 8:40:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Kernel-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685811). 5/25/2013 8:40:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2840149). 5/25/2013 8:40:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2676562). 5/25/2013 8:40:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2570947). 5/25/2013 8:40:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2847204). 5/25/2013 8:40:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2719857). 5/25/2013 8:40:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2603229). 5/25/2013 8:40:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2807986). 5/25/2013 8:40:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2691442). 5/25/2013 8:40:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2667402). 5/25/2013 8:40:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2655992). 5/25/2013 8:40:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2506212). 5/25/2013 8:18:43 PM, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration. 5/25/2013 7:58:12 PM, Error: Service Control Manager [7023] - The System Event Notification Service service terminated with the following error: Overlapped I/O operation is in progress. 5/25/2013 10:36:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070057: Synaptics - Input - Synaptics PS/2 Port TouchPad. . ==== End Of File ===========================

Attached Files

  • Attached File  Gmer.log   30.54KB   2 downloads


#5 cloud3213

cloud3213
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Albany NY
  • Local time:12:31 AM

Posted 26 May 2013 - 08:08 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16576
Run by Jared-TM2 at 19:40:36 on 2013-05-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6047.5448 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)SYMNIS13\Engine\20.3.1.22\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)SYMNIS13\Engine\20.3.1.22\ips\ipsbho.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)SYMNIS13\Engine\20.3.1.22\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)SYMNIS13\Engine\20.3.1.22\coieplg.dll
uRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
uRun: [AntiLogger] C:\Program Files (x86)\AntiLogger
uRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
mRun: [AntiLogger] "C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{73B2E404-044D-4A1C-82C9-46B6F8EB9234} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jared-TM2\AppData\Roaming\Mozilla\Firefox\Profiles\jdtbs3kf.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - ExtSQL: 2013-05-25 18:37; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFFPlgn
FF - ExtSQL: 2013-05-25 18:41; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn
FF - ExtSQL: 2013-05-25 19:01; {73a6fe31-595d-460b-a920-fcc0f8843232}; C:\Users\Jared-TM2\AppData\Roaming\Mozilla\Firefox\Profiles\jdtbs3kf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2013-05-25 19:01; {4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}; C:\Users\Jared-TM2\AppData\Roaming\Mozilla\Firefox\Profiles\jdtbs3kf.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF - ExtSQL: 2013-05-25 19:01; personas@christopher.beard; C:\Users\Jared-TM2\AppData\Roaming\Mozilla\Firefox\Profiles\jdtbs3kf.default\extensions\personas@christopher.beard.xpi
FF - ExtSQL: 2013-05-26 04:43; ascsurfingprotection@iobit.com; C:\Users\Jared-TM2\AppData\Roaming\Mozilla\Firefox\Profiles\jdtbs3kf.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2013-05-26 05:42; {F003DA68-8256-4b37-A6C4-350FA04494DF}; C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-5-26 17720]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1403010.016\symds64.sys [2013-5-25 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1403010.016\symefa64.sys [2013-5-25 1139800]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S1 AntiLog32;AntiLog32;C:\Windows\System32\drivers\AntiLog64.sys [2013-5-25 49240]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [2013-5-15 1390680]
S1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1403010.016\ccsetx64.sys [2013-5-25 168096]
S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130524.001\IDSviA64.sys [2013-5-24 513184]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1403010.016\ironx64.sys [2013-5-25 224416]
S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1403010.016\symnets.sys [2013-5-25 432800]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-5-26 574272]
S2 hmpalert;HitmanPro.Alert Service;C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2013-5-25 531304]
S2 NIS;Norton Internet Security;C:\Program Files (x86)SYMNIS13\Engine\20.3.1.22\ccsvchst.exe [2013-5-25 144520]
S3 EraserUtilDrv11220;EraserUtilDrv11220;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [2013-5-25 138912]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-9-22 139264]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-25 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-25 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-5-25 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-26 1255736]
S4 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
.
=============== Created Last 30 ================
.
2013-05-26 10:26:27 -------- d-----w- C:\Users\Jared-TM2\AppData\Roaming\SUPERAntiSpyware.com
2013-05-26 10:25:46 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-05-26 10:25:46 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-05-26 09:46:01 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2013-05-26 09:43:14 53248 ----a-r- C:\Users\Jared-TM2\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-26 09:38:22 -------- d-----w- C:\Users\Jared-TM2\AppData\Roaming\Logishrd
2013-05-26 09:10:53 -------- d-----w- C:\Users\Jared-TM2\AppData\Local\AOL
2013-05-26 09:10:52 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility
2013-05-26 08:56:10 96768 ----a-w- C:\Windows\System32\fsutil.exe
2013-05-26 08:56:10 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2013-05-26 08:56:10 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2013-05-26 08:56:10 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2013-05-26 08:56:10 2565632 ----a-w- C:\Windows\System32\esent.dll
2013-05-26 08:56:10 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2013-05-26 08:56:10 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2013-05-26 08:56:10 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2013-05-26 08:56:10 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2013-05-26 08:56:10 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2013-05-26 08:55:34 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-05-26 08:55:34 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-05-26 08:55:34 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-05-26 08:55:34 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-05-26 08:55:34 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-05-26 08:55:34 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-05-26 08:55:34 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-05-26 08:55:10 26432 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2013-05-26 08:49:26 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
2013-05-26 08:44:08 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2013-05-26 08:43:06 -------- d-----w- C:\Users\Jared-TM2\AppData\Roaming\IObit
2013-05-26 08:43:02 -------- d-----w- C:\ProgramData\IObit
2013-05-26 08:43:02 -------- d-----w- C:\Program Files (x86)\IObit
2013-05-26 05:50:52 1002008 ----a-w- C:\Windows\SysWow64\igxpun.exe
2013-05-26 05:50:52 -------- d-----w- C:\Windows\SysWow64\x64
2013-05-26 05:50:52 -------- d-----w- C:\Windows\SysWow64\Lang
2013-05-26 05:49:23 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-05-26 05:48:37 -------- d-----w- C:\swsetup
2013-05-26 05:16:48 -------- d-----w- C:\Windows\SysWow64\Wat
2013-05-26 05:16:48 -------- d-----w- C:\Windows\System32\Wat
2013-05-26 04:15:14 -------- d-----w- C:\Intel
2013-05-26 03:09:05 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-05-26 03:09:04 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-05-26 03:09:04 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-05-26 03:09:04 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-05-26 02:56:38 49240 ----a-w- C:\Windows\System32\drivers\AntiLog64.sys
2013-05-26 02:42:39 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2013-05-26 02:36:39 -------- d-----w- C:\Program Files\Synaptics
2013-05-26 02:32:15 -------- d-----w- C:\Users\Jared-TM2\AppData\Local\Zemana
2013-05-26 02:31:37 -------- d-----w- C:\Program Files (x86)\AntiLogger
2013-05-26 02:29:02 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-05-26 02:29:01 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-05-26 02:29:01 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-05-26 02:29:01 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-05-26 02:20:21 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2013-05-26 02:20:21 31232 ----a-w- C:\Windows\System32\prevhost.exe
2013-05-26 01:44:54 -------- d-----w- C:\Users\Jared-TM2\AppData\Local\CrashDumps
2013-05-26 01:29:33 971680 ----a-w- C:\Windows\System32\deployJava1.dll
2013-05-26 01:29:33 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-05-26 01:29:28 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-26 00:19:19 -------- d-----w- C:\Users\Jared-TM2\AppData\Local\Diagnostics
2013-05-25 23:55:28 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-05-25 23:55:28 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-05-25 23:55:28 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-05-25 23:55:28 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-05-25 23:55:27 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-05-25 23:55:27 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-05-25 23:53:52 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-05-25 23:53:51 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-05-25 23:53:51 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-05-25 23:53:51 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-05-25 23:53:50 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-05-25 23:53:50 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-05-25 23:53:50 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-05-25 23:52:27 -------- d-----w- C:\Users\Jared-TM2\AppData\Local\Macromedia
2013-05-25 23:45:27 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-05-25 23:45:27 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-05-25 23:45:27 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-05-25 23:45:27 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-05-25 23:45:27 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-05-25 23:34:37 45568 ----a-w- C:\Windows\SysWow64\oflc-nz.rs
2013-05-25 23:33:25 395776 ----a-w- C:\Windows\System32\webio.dll
2013-05-25 23:33:25 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2013-05-25 23:31:45 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2013-05-25 23:30:59 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-05-25 23:29:58 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-05-25 23:28:59 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-05-25 23:27:58 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2013-05-25 23:27:58 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2013-05-25 23:27:57 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2013-05-25 23:27:57 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2013-05-25 23:27:56 67072 ----a-w- C:\Windows\splwow64.exe
2013-05-25 23:27:56 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-05-25 23:27:55 331776 ----a-w- C:\Windows\System32\oleacc.dll
2013-05-25 23:27:54 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2013-05-25 23:27:54 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2013-05-25 23:27:54 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2013-05-25 23:27:53 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-05-25 23:27:51 956928 ----a-w- C:\Windows\System32\localspl.dll
2013-05-25 23:18:53 -------- d-----w- C:\Program Files\Yamicsoft
2013-05-25 22:59:32 43680 ----a-r- C:\Windows\System32\drivers\SymIMV.sys
2013-05-25 22:59:08 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-25 22:59:08 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-25 22:58:30 -------- d-sh--w- C:\Windows\Installer
2013-05-25 22:55:12 -------- d-----w- C:\ProgramData\Geek Squad
2013-05-25 22:49:27 77312 ----a-w- C:\Windows\System32\packager.dll
2013-05-25 22:49:27 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-05-25 22:47:10 -------- d-----w- C:\Users\Jared-TM2\AppData\Local\Mozilla
2013-05-25 22:39:22 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-05-25 22:35:24 796248 ----a-w- C:\Windows\System32\drivers\NISx64\1403010.016\srtsp64.sys
2013-05-25 22:35:24 493656 ----a-w- C:\Windows\System32\drivers\NISx64\1403010.016\symds64.sys
2013-05-25 22:35:24 432800 ----a-w- C:\Windows\System32\drivers\NISx64\1403010.016\symnets.sys
2013-05-25 22:35:24 36952 ----a-w- C:\Windows\System32\drivers\NISx64\1403010.016\srtspx64.sys
2013-05-25 22:35:24 23448 ----a-r- C:\Windows\System32\drivers\NISx64\1403010.016\symelam.sys
2013-05-25 22:35:24 224416 ----a-w- C:\Windows\System32\drivers\NISx64\1403010.016\ironx64.sys
2013-05-25 22:35:24 168096 ----a-w- C:\Windows\System32\drivers\NISx64\1403010.016\ccsetx64.sys
2013-05-25 22:35:24 1139800 ----a-w- C:\Windows\System32\drivers\NISx64\1403010.016\symefa64.sys
2013-05-25 22:35:13 -------- d-----w- C:\Windows\System32\drivers\NISx64\1403010.016
2013-05-25 22:31:03 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-05-25 22:31:02 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-05-25 22:31:02 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-05-25 22:29:19 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-05-25 22:29:19 -------- d-----w- C:\Program Files\Symantec
2013-05-25 22:29:19 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2013-05-25 22:28:18 -------- d-----w- C:\Windows\System32\drivers\NISx64
2013-05-25 22:28:14 -------- d-----w- C:\Program Files (x86)SYMNIS13
2013-05-25 22:27:39 -------- d-----w- C:\ProgramData\NortonInstaller
2013-05-25 22:27:39 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2013-05-25 22:23:33 -------- d-----w- C:\ProgramData\SparkTrust
2013-05-25 22:21:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-05-25 22:21:22 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-05-25 22:21:15 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-05-25 22:21:15 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-05-25 22:20:42 -------- d-----w- C:\Users\Jared-TM2\AppData\Roaming\WinPatrol
2013-05-25 22:20:21 -------- d-----w- C:\Program Files (x86)\BillP Studios
2013-05-25 22:20:20 -------- d-----w- C:\ProgramData\InstallMate
2013-05-25 22:18:09 -------- d-----w- C:\Users\Jared-TM2\AppData\Local\NPE
2013-05-25 22:18:09 -------- d-----w- C:\ProgramData\Norton
2013-05-25 22:17:59 -------- d-----w- C:\Program Files (x86)\HitmanPro.Alert
2013-05-25 22:17:48 -------- d-----w- C:\ProgramData\HitmanPro
2013-05-25 22:16:52 -------- d-----w- C:\Users\Jared-TM2\AppData\Local\Programs
2013-05-25 22:16:44 -------- d-----w- C:\Program Files\CCleaner
2013-05-25 22:13:07 -------- d-----w- C:\Users\Jared-TM2\AppData\Local\VirtualStore
2013-05-25 11:03:29 -------- d-----w- C:\Windows\Panther
.
==================== Find3M ====================
.
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-02-27 06:02:44 111448 ----a-w- C:\Windows\System32\consent.exe
2013-02-27 05:48:00 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-02-27 05:47:10 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-02-27 04:49:24 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
.
============= FINISH: 19:41:37.15 ===============

Edited by cloud3213, 26 May 2013 - 08:10 PM.


#6 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:31 AM

Posted 28 May 2013 - 10:12 AM

Hi there,

 

Thank you for posting the logs! :)

 

 

Now can you please tell me if the state of your PC has changed whatsoever? Describe it a bit if so.

 

 

 

 

 

Elle 


Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#7 cloud3213

cloud3213
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Albany NY
  • Local time:12:31 AM

Posted 28 May 2013 - 08:59 PM

The state of my computer?? It's infected lol I ran the norton bootable recovery disc, ran command prompt, opened notepad then opened GMER and it found 5 or 6 rootkits. CDROM.sys, cmbatt.sys, a couple other drivers and a hidden process. I was given the option to delete them, I did but they just keep coming back.

#8 cloud3213

cloud3213
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Albany NY
  • Local time:12:31 AM

Posted 28 May 2013 - 09:02 PM

Also if I run mccafe rootkit remover sandboxed or in a windows PE environment it says it deletes ZeroAccess registry keys..that doesn't go away either. I purchased regrun warrior from greatis and that finds AFX which that can't remove either..is there some Linux commands that I could run to completely wipe my HD out?? I lost all my stuff anyway so I don't care at this point.

Edited by cloud3213, 28 May 2013 - 09:07 PM.


#9 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:31 AM

Posted 29 May 2013 - 04:01 PM

Hi there,

 

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
  •  

     

     

    Elle


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #10 cloud3213

    cloud3213
    • Topic Starter

    • Members
    • 30 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Albany NY
    • Local time:12:31 AM

    Posted 30 May 2013 - 05:30 PM

    Hello,
     
    Here is my log.
     
    :thumbup2:

    08:32:52.0737 3920 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
    08:32:52.0752 3920 ============================================================
    08:32:52.0752 3920 Current date / time: 2013/05/30 08:32:52.0752
    08:32:52.0752 3920 SystemInfo:
    08:32:52.0752 3920
    08:32:52.0752 3920 OS Version: 6.1.7601 ServicePack: 1.0
    08:32:52.0752 3920 Product type: Workstation
    08:32:52.0752 3920 ComputerName: HP-TM2-PC
    08:32:52.0752 3920 UserName: Jared-TM2
    08:32:52.0752 3920 Windows directory: C:\Windows
    08:32:52.0752 3920 System windows directory: C:\Windows
    08:32:52.0752 3920 Running under WOW64
    08:32:52.0752 3920 Processor architecture: Intel x64
    08:32:52.0752 3920 Number of processors: 2
    08:32:52.0752 3920 Page size: 0x1000
    08:32:52.0752 3920 Boot type: Normal boot
    08:32:52.0752 3920 ============================================================
    08:32:54.0032 3920 Initialize success
    08:32:55.0092 3956 ============================================================
    08:32:55.0092 3956 Scan started
    08:32:55.0092 3956 Mode: Manual;
    08:32:55.0092 3956 ============================================================
    08:32:56.0777 3956 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    08:32:56.0793 3956 1394ohci - ok
    08:32:56.0855 3956 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
    08:32:56.0855 3956 Accelerometer - ok
    08:32:56.0918 3956 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    08:32:56.0918 3956 ACPI - ok
    08:32:56.0949 3956 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    08:32:56.0964 3956 AcpiPmi - ok
    08:32:57.0089 3956 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
    08:32:57.0089 3956 adp94xx - ok
    08:32:57.0183 3956 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
    08:32:57.0198 3956 adpahci - ok
    08:32:57.0230 3956 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
    08:32:57.0245 3956 adpu320 - ok
    08:32:57.0339 3956 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    08:32:57.0354 3956 AFD - ok
    08:32:57.0401 3956 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    08:32:57.0401 3956 agp440 - ok
    08:32:57.0448 3956 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    08:32:57.0448 3956 aliide - ok
    08:32:57.0464 3956 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    08:32:57.0464 3956 amdide - ok
    08:32:57.0495 3956 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
    08:32:57.0510 3956 AmdK8 - ok
    08:32:57.0542 3956 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
    08:32:57.0542 3956 AmdPPM - ok
    08:32:57.0604 3956 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    08:32:57.0604 3956 amdsata - ok
    08:32:57.0651 3956 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
    08:32:57.0666 3956 amdsbs - ok
    08:32:57.0698 3956 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    08:32:57.0698 3956 amdxata - ok
    08:32:57.0822 3956 AntiLog32 (75b3aab3c1feeebcfb62bf1359f568b6) C:\Windows\system32\drivers\AntiLog64.sys
    08:32:57.0822 3956 AntiLog32 - ok
    08:32:57.0869 3956 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    08:32:57.0869 3956 AppID - ok
    08:32:57.0932 3956 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
    08:32:57.0932 3956 arc - ok
    08:32:57.0963 3956 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
    08:32:57.0963 3956 arcsas - ok
    08:32:58.0103 3956 aswArKrn - ok
    08:32:58.0150 3956 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    08:32:58.0150 3956 AsyncMac - ok
    08:32:58.0181 3956 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    08:32:58.0181 3956 atapi - ok
    08:32:58.0275 3956 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
    08:32:58.0290 3956 b06bdrv - ok
    08:32:58.0337 3956 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    08:32:58.0353 3956 b57nd60a - ok
    08:32:58.0556 3956 BCM43XX (43ad3d3e7674833fca9a7c4e7180ad54) C:\Windows\system32\DRIVERS\bcmwl664.sys
    08:32:58.0602 3956 BCM43XX - ok
    08:32:58.0977 3956 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    08:32:58.0977 3956 Beep - ok
    08:32:59.0460 3956 BHDrvx64 (7b56a40eaaacf1867ff178501d3ea185) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130515.001\BHDrvx64.sys
    08:32:59.0476 3956 BHDrvx64 - ok
    08:32:59.0850 3956 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    08:32:59.0850 3956 blbdrive - ok
    08:32:59.0928 3956 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    08:32:59.0928 3956 bowser - ok
    08:32:59.0960 3956 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
    08:32:59.0975 3956 BrFiltLo - ok
    08:32:59.0991 3956 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
    08:32:59.0991 3956 BrFiltUp - ok
    08:33:00.0038 3956 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    08:33:00.0038 3956 Brserid - ok
    08:33:00.0069 3956 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    08:33:00.0069 3956 BrSerWdm - ok
    08:33:00.0084 3956 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    08:33:00.0100 3956 BrUsbMdm - ok
    08:33:00.0116 3956 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    08:33:00.0116 3956 BrUsbSer - ok
    08:33:00.0162 3956 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
    08:33:00.0162 3956 BTHMODEM - ok
    08:33:00.0303 3956 ccSet_NIS (248c952c82df1e23775432774cbb20f1) C:\Windows\system32\drivers\NISx64\1403010.016\ccSetx64.sys
    08:33:00.0318 3956 ccSet_NIS - ok
    08:33:00.0350 3956 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    08:33:00.0365 3956 cdfs - ok
    08:33:00.0412 3956 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    08:33:00.0412 3956 cdrom - ok
    08:33:00.0443 3956 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
    08:33:00.0443 3956 circlass - ok
    08:33:00.0490 3956 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    08:33:00.0506 3956 CLFS - ok
    08:33:00.0552 3956 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    08:33:00.0552 3956 CmBatt - ok
    08:33:00.0568 3956 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    08:33:00.0568 3956 cmdide - ok
    08:33:00.0646 3956 CNG (aafcb52fe0037207fb6fbea070d25efe) C:\Windows\system32\Drivers\cng.sys
    08:33:00.0646 3956 CNG - ok
    08:33:00.0708 3956 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    08:33:00.0708 3956 Compbatt - ok
    08:33:00.0740 3956 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
    08:33:00.0740 3956 CompositeBus - ok
    08:33:00.0771 3956 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
    08:33:00.0771 3956 crcdisk - ok
    08:33:00.0849 3956 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    08:33:00.0849 3956 DfsC - ok
    08:33:00.0880 3956 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    08:33:00.0880 3956 discache - ok
    08:33:00.0927 3956 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
    08:33:00.0927 3956 Disk - ok
    08:33:00.0974 3956 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    08:33:00.0974 3956 drmkaud - ok
    08:33:01.0052 3956 DXGKrnl (af2e16242aa723f68f461b6eae2ead3d) C:\Windows\System32\drivers\dxgkrnl.sys
    08:33:01.0067 3956 DXGKrnl - ok
    08:33:01.0192 3956 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
    08:33:01.0270 3956 ebdrv - ok
    08:33:01.0395 3956 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    08:33:01.0395 3956 eeCtrl - ok
    08:33:01.0738 3956 efavdrv - ok
    08:33:01.0832 3956 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
    08:33:01.0832 3956 elxstor - ok
    08:33:01.0878 3956 EraserUtilRebootDrv (c5bccb378d0a896304a3e71be7215983) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    08:33:01.0878 3956 EraserUtilRebootDrv - ok
    08:33:01.0910 3956 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    08:33:01.0910 3956 ErrDev - ok
    08:33:02.0034 3956 esihdrv - ok
    08:33:02.0081 3956 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    08:33:02.0081 3956 exfat - ok
    08:33:02.0112 3956 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    08:33:02.0128 3956 fastfat - ok
    08:33:02.0159 3956 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
    08:33:02.0159 3956 fdc - ok
    08:33:02.0190 3956 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    08:33:02.0190 3956 FileInfo - ok
    08:33:02.0206 3956 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    08:33:02.0206 3956 Filetrace - ok
    08:33:02.0237 3956 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
    08:33:02.0237 3956 flpydisk - ok
    08:33:02.0284 3956 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    08:33:02.0284 3956 FltMgr - ok
    08:33:02.0315 3956 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    08:33:02.0315 3956 FsDepends - ok
    08:33:02.0362 3956 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
    08:33:02.0362 3956 Fs_Rec - ok
    08:33:02.0456 3956 fvevol (8f6322049018354f45f05a2fd2d4e5e0) C:\Windows\system32\DRIVERS\fvevol.sys
    08:33:02.0456 3956 fvevol - ok
    08:33:02.0502 3956 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
    08:33:02.0502 3956 gagp30kx - ok
    08:33:02.0549 3956 GEARAspiWDM (8e98d21ee06192492a5671a6144d092f) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    08:33:02.0549 3956 GEARAspiWDM - ok
    08:33:02.0580 3956 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    08:33:02.0580 3956 hcw85cir - ok
    08:33:02.0643 3956 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    08:33:02.0658 3956 HdAudAddService - ok
    08:33:02.0705 3956 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    08:33:02.0705 3956 HDAudBus - ok
    08:33:02.0736 3956 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
    08:33:02.0736 3956 HidBatt - ok
    08:33:02.0768 3956 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
    08:33:02.0768 3956 HidBth - ok
    08:33:02.0799 3956 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
    08:33:02.0799 3956 HidIr - ok
    08:33:02.0877 3956 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    08:33:02.0877 3956 HidUsb - ok
    08:33:02.0970 3956 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
    08:33:02.0970 3956 hpdskflt - ok
    08:33:03.0002 3956 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    08:33:03.0002 3956 HpSAMD - ok
    08:33:03.0064 3956 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    08:33:03.0080 3956 HTTP - ok
    08:33:03.0095 3956 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    08:33:03.0095 3956 hwpolicy - ok
    08:33:03.0173 3956 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
    08:33:03.0173 3956 i8042prt - ok
    08:33:03.0282 3956 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    08:33:03.0298 3956 iaStorV - ok
    08:33:03.0610 3956 IDSVia64 (a48928d4cca6f8b731989db08cf2c0ab) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130527.001\IDSvia64.sys
    08:33:03.0610 3956 IDSVia64 - ok
    08:33:04.0125 3956 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
    08:33:04.0328 3956 igfx - ok
    08:33:04.0671 3956 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
    08:33:04.0671 3956 iirsp - ok
    08:33:04.0749 3956 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
    08:33:04.0749 3956 IntcHdmiAddService - ok
    08:33:04.0764 3956 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    08:33:04.0764 3956 intelide - ok
    08:33:04.0811 3956 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    08:33:04.0811 3956 intelppm - ok
    08:33:04.0858 3956 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    08:33:04.0858 3956 IpFilterDriver - ok
    08:33:04.0874 3956 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    08:33:04.0874 3956 IPMIDRV - ok
    08:33:04.0905 3956 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    08:33:04.0905 3956 IPNAT - ok
    08:33:04.0952 3956 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    08:33:04.0952 3956 IRENUM - ok
    08:33:04.0967 3956 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    08:33:04.0967 3956 isapnp - ok
    08:33:05.0014 3956 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    08:33:05.0014 3956 iScsiPrt - ok
    08:33:05.0076 3956 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    08:33:05.0076 3956 kbdclass - ok
    08:33:05.0108 3956 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
    08:33:05.0108 3956 kbdhid - ok
    08:33:05.0170 3956 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
    08:33:05.0170 3956 KSecDD - ok
    08:33:05.0232 3956 KSecPkg (7efb9333e4ecce6ae4ae9d777d9e553e) C:\Windows\system32\Drivers\ksecpkg.sys
    08:33:05.0232 3956 KSecPkg - ok
    08:33:05.0279 3956 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    08:33:05.0279 3956 ksthunk - ok
    08:33:05.0404 3956 LHidFilt (1470ef17e02e82e4f43346df9e9f11e1) C:\Windows\system32\DRIVERS\LHidFilt.Sys
    08:33:05.0404 3956 LHidFilt - ok
    08:33:05.0451 3956 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    08:33:05.0451 3956 lltdio - ok
    08:33:05.0529 3956 LMouFilt (12814ae119e959437bea3110f81bd188) C:\Windows\system32\DRIVERS\LMouFilt.Sys
    08:33:05.0529 3956 LMouFilt - ok
    08:33:05.0576 3956 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
    08:33:05.0576 3956 LSI_FC - ok
    08:33:05.0607 3956 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
    08:33:05.0607 3956 LSI_SAS - ok
    08:33:05.0638 3956 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
    08:33:05.0638 3956 LSI_SAS2 - ok
    08:33:05.0669 3956 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
    08:33:05.0669 3956 LSI_SCSI - ok
    08:33:05.0716 3956 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    08:33:05.0716 3956 luafv - ok
    08:33:05.0763 3956 LUsbFilt (67dc00f1ea2743a9ca4cda5ca89ad2cb) C:\Windows\system32\Drivers\LUsbFilt.Sys
    08:33:05.0763 3956 LUsbFilt - ok
    08:33:05.0794 3956 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
    08:33:05.0794 3956 megasas - ok
    08:33:05.0841 3956 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
    08:33:05.0841 3956 MegaSR - ok
    08:33:05.0872 3956 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    08:33:05.0872 3956 Modem - ok
    08:33:05.0903 3956 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    08:33:05.0903 3956 monitor - ok
    08:33:05.0934 3956 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    08:33:05.0934 3956 mouclass - ok
    08:33:05.0950 3956 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    08:33:05.0950 3956 mouhid - ok
    08:33:05.0997 3956 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    08:33:05.0997 3956 mountmgr - ok
    08:33:06.0044 3956 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    08:33:06.0044 3956 mpio - ok
    08:33:06.0075 3956 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    08:33:06.0075 3956 mpsdrv - ok
    08:33:06.0106 3956 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    08:33:06.0106 3956 MRxDAV - ok
    08:33:06.0168 3956 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    08:33:06.0168 3956 mrxsmb - ok
    08:33:06.0200 3956 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    08:33:06.0215 3956 mrxsmb10 - ok
    08:33:06.0262 3956 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    08:33:06.0262 3956 mrxsmb20 - ok
    08:33:06.0293 3956 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    08:33:06.0293 3956 msahci - ok
    08:33:06.0324 3956 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    08:33:06.0324 3956 msdsm - ok
    08:33:06.0356 3956 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    08:33:06.0356 3956 Msfs - ok
    08:33:06.0402 3956 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    08:33:06.0402 3956 mshidkmdf - ok
    08:33:06.0418 3956 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    08:33:06.0418 3956 msisadrv - ok
    08:33:06.0465 3956 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    08:33:06.0465 3956 MSKSSRV - ok
    08:33:06.0480 3956 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    08:33:06.0496 3956 MSPCLOCK - ok
    08:33:06.0512 3956 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    08:33:06.0512 3956 MSPQM - ok
    08:33:06.0558 3956 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    08:33:06.0558 3956 MsRPC - ok
    08:33:06.0590 3956 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
    08:33:06.0590 3956 mssmbios - ok
    08:33:06.0621 3956 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    08:33:06.0621 3956 MSTEE - ok
    08:33:06.0652 3956 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    08:33:06.0652 3956 MTConfig - ok
    08:33:06.0683 3956 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    08:33:06.0683 3956 Mup - ok
    08:33:06.0777 3956 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    08:33:06.0777 3956 NativeWifiP - ok
    08:33:07.0042 3956 NAVENG (56540e526b46e379a476fb5bc381b290) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130527.032\ENG64.SYS
    08:33:07.0042 3956 NAVENG - ok
    08:33:07.0214 3956 NAVEX15 (8a19d3991f9f14b885cde8bc640f6b68) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130527.032\EX64.SYS
    08:33:07.0229 3956 NAVEX15 - ok
    08:33:07.0619 3956 NDIS (760e38053bf56e501d562b70ad796b88) C:\Windows\system32\drivers\ndis.sys
    08:33:07.0635 3956 NDIS - ok
    08:33:07.0697 3956 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    08:33:07.0697 3956 NdisCap - ok
    08:33:07.0728 3956 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    08:33:07.0728 3956 NdisTapi - ok
    08:33:07.0760 3956 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    08:33:07.0760 3956 Ndisuio - ok
    08:33:07.0806 3956 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    08:33:07.0806 3956 NdisWan - ok
    08:33:07.0838 3956 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    08:33:07.0838 3956 NDProxy - ok
    08:33:07.0884 3956 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
    08:33:07.0884 3956 Netaapl - ok
    08:33:07.0916 3956 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    08:33:07.0916 3956 NetBIOS - ok
    08:33:07.0962 3956 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    08:33:07.0978 3956 NetBT - ok
    08:33:08.0025 3956 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
    08:33:08.0025 3956 nfrd960 - ok
    08:33:08.0072 3956 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    08:33:08.0072 3956 Npfs - ok
    08:33:08.0103 3956 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    08:33:08.0103 3956 nsiproxy - ok
    08:33:08.0196 3956 Ntfs (b98f8c6e31cd07b2e6f71f7f648e38c0) C:\Windows\system32\drivers\Ntfs.sys
    08:33:08.0212 3956 Ntfs - ok
    08:33:08.0243 3956 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    08:33:08.0243 3956 Null - ok
    08:33:08.0306 3956 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    08:33:08.0306 3956 nvraid - ok
    08:33:08.0384 3956 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    08:33:08.0384 3956 nvstor - ok
    08:33:08.0430 3956 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    08:33:08.0430 3956 nv_agp - ok
    08:33:08.0462 3956 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    08:33:08.0462 3956 ohci1394 - ok
    08:33:08.0493 3956 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
    08:33:08.0508 3956 Parport - ok
    08:33:08.0540 3956 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
    08:33:08.0540 3956 partmgr - ok
    08:33:08.0586 3956 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    08:33:08.0586 3956 pci - ok
    08:33:08.0602 3956 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    08:33:08.0602 3956 pciide - ok
    08:33:08.0649 3956 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
    08:33:08.0649 3956 pcmcia - ok
    08:33:08.0680 3956 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    08:33:08.0680 3956 pcw - ok
    08:33:08.0727 3956 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    08:33:08.0727 3956 PEAUTH - ok
    08:33:08.0836 3956 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    08:33:08.0836 3956 PptpMiniport - ok
    08:33:08.0867 3956 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
    08:33:08.0867 3956 Processor - ok
    08:33:08.0945 3956 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    08:33:08.0945 3956 Psched - ok
    08:33:09.0039 3956 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
    08:33:09.0054 3956 ql2300 - ok
    08:33:09.0086 3956 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
    08:33:09.0086 3956 ql40xx - ok
    08:33:09.0117 3956 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    08:33:09.0117 3956 QWAVEdrv - ok
    08:33:09.0148 3956 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    08:33:09.0148 3956 RasAcd - ok
    08:33:09.0210 3956 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    08:33:09.0210 3956 RasAgileVpn - ok
    08:33:09.0226 3956 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    08:33:09.0242 3956 Rasl2tp - ok
    08:33:09.0257 3956 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    08:33:09.0273 3956 RasPppoe - ok
    08:33:09.0320 3956 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    08:33:09.0320 3956 RasSstp - ok
    08:33:09.0366 3956 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    08:33:09.0366 3956 rdbss - ok
    08:33:09.0382 3956 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
    08:33:09.0382 3956 rdpbus - ok
    08:33:09.0413 3956 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    08:33:09.0413 3956 RDPCDD - ok
    08:33:09.0460 3956 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    08:33:09.0460 3956 RDPENCDD - ok
    08:33:09.0491 3956 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    08:33:09.0491 3956 RDPREFMP - ok
    08:33:09.0554 3956 RdpVideoMiniport (313f68e1a3e6345a4f47a36b07062f34) C:\Windows\system32\drivers\rdpvideominiport.sys
    08:33:09.0554 3956 RdpVideoMiniport - ok
    08:33:09.0632 3956 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
    08:33:09.0632 3956 RDPWD - ok
    08:33:09.0678 3956 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    08:33:09.0678 3956 rdyboost - ok
    08:33:09.0756 3956 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    08:33:09.0756 3956 rspndr - ok
    08:33:09.0803 3956 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
    08:33:09.0803 3956 RTL8167 - ok
    08:33:09.0912 3956 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    08:33:09.0912 3956 SASDIFSV - ok
    08:33:09.0944 3956 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    08:33:09.0944 3956 SASKUTIL - ok
    08:33:10.0084 3956 SbieDrv (979d61544fe988026f672b033b01b2d8) C:\Program Files\Sandboxie\SbieDrv.sys
    08:33:10.0084 3956 SbieDrv - ok
    08:33:10.0115 3956 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    08:33:10.0115 3956 sbp2port - ok
    08:33:10.0146 3956 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    08:33:10.0146 3956 scfilter - ok
    08:33:10.0209 3956 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    08:33:10.0209 3956 secdrv - ok
    08:33:10.0240 3956 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
    08:33:10.0256 3956 Serenum - ok
    08:33:10.0302 3956 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
    08:33:10.0302 3956 Serial - ok
    08:33:10.0334 3956 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
    08:33:10.0334 3956 sermouse - ok
    08:33:10.0365 3956 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    08:33:10.0365 3956 sffdisk - ok
    08:33:10.0396 3956 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    08:33:10.0396 3956 sffp_mmc - ok
    08:33:10.0412 3956 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    08:33:10.0412 3956 sffp_sd - ok
    08:33:10.0443 3956 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
    08:33:10.0443 3956 sfloppy - ok
    08:33:10.0474 3956 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
    08:33:10.0474 3956 SiSRaid2 - ok
    08:33:10.0505 3956 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
    08:33:10.0521 3956 SiSRaid4 - ok
    08:33:10.0568 3956 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
    08:33:10.0568 3956 SmartDefragDriver - ok
    08:33:10.0599 3956 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    08:33:10.0614 3956 Smb - ok
    08:33:10.0692 3956 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    08:33:10.0692 3956 spldr - ok
    08:33:10.0864 3956 SRTSP (378a0748de5adf90bf9db897da8564e6) C:\Windows\System32\Drivers\NISx64\1403010.016\SRTSP64.SYS
    08:33:10.0864 3956 SRTSP - ok
    08:33:10.0895 3956 SRTSPX (0e76cef892c45734f7aed09fddf35d4d) C:\Windows\system32\drivers\NISx64\1403010.016\SRTSPX64.SYS
    08:33:10.0895 3956 SRTSPX - ok
    08:33:10.0973 3956 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    08:33:10.0973 3956 srv - ok
    08:33:11.0020 3956 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    08:33:11.0020 3956 srv2 - ok
    08:33:11.0098 3956 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    08:33:11.0114 3956 srvnet - ok
    08:33:11.0192 3956 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
    08:33:11.0192 3956 stexstor - ok
    08:33:11.0238 3956 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
    08:33:11.0238 3956 swenum - ok
    08:33:11.0394 3956 SymDS (e174c8bc572e93aeee1036dedac5f225) C:\Windows\system32\drivers\NISx64\1403010.016\SYMDS64.SYS
    08:33:11.0410 3956 SymDS - ok
    08:33:11.0488 3956 SymEFA (599872bad7cfb45c7ce47cded4b726d8) C:\Windows\system32\drivers\NISx64\1403010.016\SYMEFA64.SYS
    08:33:11.0504 3956 SymEFA - ok
    08:33:11.0582 3956 SymEvent (f5d6d3b7468c46ea2ddc1d19d2a6da0f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    08:33:11.0582 3956 SymEvent - ok
    08:33:11.0644 3956 SymIRON (adf37f1a715d6c56c8e065fd8569a9a4) C:\Windows\system32\drivers\NISx64\1403010.016\Ironx64.SYS
    08:33:11.0660 3956 SymIRON - ok
    08:33:11.0691 3956 SymNetS (1605ebd8cb86afc4430116065995279a) C:\Windows\System32\Drivers\NISx64\1403010.016\SYMNETS.SYS
    08:33:11.0691 3956 SymNetS - ok
    08:33:11.0753 3956 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
    08:33:11.0753 3956 SynTP - ok
    08:33:11.0878 3956 Tcpip (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\drivers\tcpip.sys
    08:33:11.0894 3956 Tcpip - ok
    08:33:11.0956 3956 TCPIP6 (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\DRIVERS\tcpip.sys
    08:33:11.0972 3956 TCPIP6 - ok
    08:33:12.0034 3956 tcpipreg (1b16d0bd9841794a6e0cde0cef744abc) C:\Windows\system32\drivers\tcpipreg.sys
    08:33:12.0034 3956 tcpipreg - ok
    08:33:12.0081 3956 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    08:33:12.0081 3956 TDPIPE - ok
    08:33:12.0128 3956 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
    08:33:12.0128 3956 TDTCP - ok
    08:33:12.0174 3956 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    08:33:12.0174 3956 tdx - ok
    08:33:12.0206 3956 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
    08:33:12.0206 3956 TermDD - ok
    08:33:12.0252 3956 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    08:33:12.0252 3956 tssecsrv - ok
    08:33:12.0299 3956 TsUsbFlt (17c6b51cbccded95b3cc14e22791f85e) C:\Windows\system32\drivers\tsusbflt.sys
    08:33:12.0299 3956 TsUsbFlt - ok
    08:33:12.0346 3956 TsUsbGD (ad64450a4abe076f5cb34cc08eeacb07) C:\Windows\system32\drivers\TsUsbGD.sys
    08:33:12.0362 3956 TsUsbGD - ok
    08:33:12.0393 3956 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    08:33:12.0393 3956 tunnel - ok
    08:33:12.0424 3956 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
    08:33:12.0424 3956 uagp35 - ok
    08:33:12.0471 3956 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    08:33:12.0471 3956 udfs - ok
    08:33:12.0502 3956 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    08:33:12.0502 3956 uliagpkx - ok
    08:33:12.0533 3956 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
    08:33:12.0533 3956 umbus - ok
    08:33:12.0564 3956 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
    08:33:12.0564 3956 UmPass - ok
    08:33:12.0642 3956 USBAAPL64 (c9e9d59c0099a9ff51697e9306a44240) C:\Windows\system32\Drivers\usbaapl64.sys
    08:33:12.0642 3956 USBAAPL64 - ok
    08:33:12.0689 3956 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    08:33:12.0689 3956 usbccgp - ok
    08:33:12.0736 3956 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    08:33:12.0736 3956 usbcir - ok
    08:33:12.0767 3956 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    08:33:12.0783 3956 usbehci - ok
    08:33:12.0814 3956 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    08:33:12.0830 3956 usbhub - ok
    08:33:12.0861 3956 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    08:33:12.0861 3956 usbohci - ok
    08:33:12.0892 3956 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
    08:33:12.0892 3956 usbprint - ok
    08:33:12.0939 3956 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    08:33:12.0939 3956 USBSTOR - ok
    08:33:12.0986 3956 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    08:33:12.0986 3956 usbuhci - ok
    08:33:13.0048 3956 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
    08:33:13.0048 3956 usbvideo - ok
    08:33:13.0110 3956 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    08:33:13.0126 3956 vdrvroot - ok
    08:33:13.0204 3956 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    08:33:13.0204 3956 vga - ok
    08:33:13.0235 3956 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    08:33:13.0235 3956 VgaSave - ok
    08:33:13.0266 3956 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    08:33:13.0266 3956 vhdmp - ok
    08:33:13.0298 3956 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    08:33:13.0298 3956 viaide - ok
    08:33:13.0329 3956 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    08:33:13.0329 3956 volmgr - ok
    08:33:13.0360 3956 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    08:33:13.0360 3956 volmgrx - ok
    08:33:13.0407 3956 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    08:33:13.0407 3956 volsnap - ok
    08:33:13.0438 3956 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
    08:33:13.0438 3956 vsmraid - ok
    08:33:13.0469 3956 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    08:33:13.0469 3956 vwifibus - ok
    08:33:13.0500 3956 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    08:33:13.0500 3956 vwififlt - ok
    08:33:13.0532 3956 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
    08:33:13.0532 3956 WacomPen - ok
    08:33:13.0594 3956 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    08:33:13.0594 3956 WANARP - ok
    08:33:13.0610 3956 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    08:33:13.0610 3956 Wanarpv6 - ok
    08:33:13.0656 3956 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
    08:33:13.0672 3956 Wd - ok
    08:33:13.0734 3956 Wdf01000 (442783e2cb0da19873b7a63833ff4cb4) C:\Windows\system32\drivers\Wdf01000.sys
    08:33:13.0750 3956 Wdf01000 - ok
    08:33:13.0812 3956 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    08:33:13.0812 3956 WfpLwf - ok
    08:33:13.0828 3956 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    08:33:13.0844 3956 WIMMount - ok
    08:33:13.0937 3956 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    08:33:13.0937 3956 WinUsb - ok
    08:33:13.0984 3956 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
    08:33:13.0984 3956 WmiAcpi - ok
    08:33:14.0031 3956 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    08:33:14.0031 3956 ws2ifsl - ok
    08:33:14.0093 3956 WudfPf (ab886378eeb55c6c75b4f2d14b6c869f) C:\Windows\system32\drivers\WudfPf.sys
    08:33:14.0109 3956 WudfPf - ok
    08:33:14.0156 3956 WUDFRd (dda4caf29d8c0a297f886bfe561e6659) C:\Windows\system32\DRIVERS\WUDFRd.sys
    08:33:14.0171 3956 WUDFRd - ok
    08:33:14.0218 3956 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    08:33:14.0234 3956 \Device\Harddisk0\DR0 - ok
    08:33:14.0234 3956 Boot (0x1200) (8e265e2d21a0488809d9fa3981cfac99) \Device\Harddisk0\DR0\Partition0
    08:33:14.0249 3956 \Device\Harddisk0\DR0\Partition0 - ok
    08:33:14.0265 3956 Boot (0x1200) (97aa442d8741bc4bcd13210187f8d5b4) \Device\Harddisk0\DR0\Partition1
    08:33:14.0265 3956 \Device\Harddisk0\DR0\Partition1 - ok
    08:33:14.0265 3956 ============================================================
    08:33:14.0265 3956 Scan finished
    08:33:14.0265 3956 ============================================================
    08:33:14.0280 2052 Detected object count: 0
    08:33:14.0280 2052 Actual detected object count: 0
    08:33:19.0116 3948 ============================================================
    08:33:19.0116 3948 Scan started
    08:33:19.0116 3948 Mode: Manual;
    08:33:19.0116 3948 ============================================================
    08:33:20.0708 3948 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    08:33:20.0708 3948 1394ohci - ok
    08:33:20.0739 3948 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
    08:33:20.0739 3948 Accelerometer - ok
    08:33:20.0786 3948 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    08:33:20.0801 3948 ACPI - ok
    08:33:20.0817 3948 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    08:33:20.0817 3948 AcpiPmi - ok
    08:33:20.0864 3948 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
    08:33:20.0864 3948 adp94xx - ok
    08:33:20.0910 3948 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
    08:33:20.0910 3948 adpahci - ok
    08:33:20.0942 3948 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
    08:33:20.0942 3948 adpu320 - ok
    08:33:21.0004 3948 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    08:33:21.0020 3948 AFD - ok
    08:33:21.0051 3948 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    08:33:21.0051 3948 agp440 - ok
    08:33:21.0082 3948 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    08:33:21.0082 3948 aliide - ok
    08:33:21.0098 3948 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    08:33:21.0098 3948 amdide - ok
    08:33:21.0129 3948 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
    08:33:21.0129 3948 AmdK8 - ok
    08:33:21.0160 3948 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
    08:33:21.0160 3948 AmdPPM - ok
    08:33:21.0207 3948 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    08:33:21.0207 3948 amdsata - ok
    08:33:21.0238 3948 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
    08:33:21.0238 3948 amdsbs - ok
    08:33:21.0269 3948 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    08:33:21.0269 3948 amdxata - ok
    08:33:21.0332 3948 AntiLog32 (75b3aab3c1feeebcfb62bf1359f568b6) C:\Windows\system32\drivers\AntiLog64.sys
    08:33:21.0332 3948 AntiLog32 - ok
    08:33:21.0347 3948 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    08:33:21.0347 3948 AppID - ok
    08:33:21.0410 3948 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
    08:33:21.0410 3948 arc - ok
    08:33:21.0425 3948 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
    08:33:21.0425 3948 arcsas - ok
    08:33:21.0550 3948 aswArKrn - ok
    08:33:21.0581 3948 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    08:33:21.0581 3948 AsyncMac - ok
    08:33:21.0612 3948 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    08:33:21.0612 3948 atapi - ok
    08:33:21.0659 3948 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
    08:33:21.0659 3948 b06bdrv - ok
    08:33:21.0706 3948 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    08:33:21.0706 3948 b57nd60a - ok
    08:33:21.0878 3948 BCM43XX (43ad3d3e7674833fca9a7c4e7180ad54) C:\Windows\system32\DRIVERS\bcmwl664.sys
    08:33:21.0924 3948 BCM43XX - ok
    08:33:22.0268 3948 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    08:33:22.0268 3948 Beep - ok
    08:33:22.0720 3948 BHDrvx64 (7b56a40eaaacf1867ff178501d3ea185) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130515.001\BHDrvx64.sys
    08:33:22.0720 3948 BHDrvx64 - ok
    08:33:22.0767 3948 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    08:33:22.0767 3948 blbdrive - ok
    08:33:22.0814 3948 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    08:33:22.0814 3948 bowser - ok
    08:33:22.0845 3948 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
    08:33:22.0845 3948 BrFiltLo - ok
    08:33:22.0860 3948 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
    08:33:22.0860 3948 BrFiltUp - ok
    08:33:22.0923 3948 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    08:33:22.0923 3948 Brserid - ok
    08:33:22.0938 3948 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    08:33:22.0938 3948 BrSerWdm - ok
    08:33:22.0970 3948 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    08:33:22.0970 3948 BrUsbMdm - ok
    08:33:22.0985 3948 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    08:33:22.0985 3948 BrUsbSer - ok
    08:33:23.0016 3948 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
    08:33:23.0016 3948 BTHMODEM - ok
    08:33:23.0157 3948 ccSet_NIS (248c952c82df1e23775432774cbb20f1) C:\Windows\system32\drivers\NISx64\1403010.016\ccSetx64.sys
    08:33:23.0157 3948 ccSet_NIS - ok
    08:33:23.0204 3948 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    08:33:23.0204 3948 cdfs - ok
    08:33:23.0235 3948 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    08:33:23.0235 3948 cdrom - ok
    08:33:23.0266 3948 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
    08:33:23.0266 3948 circlass - ok
    08:33:23.0313 3948 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    08:33:23.0313 3948 CLFS - ok
    08:33:23.0360 3948 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    08:33:23.0360 3948 CmBatt - ok
    08:33:23.0375 3948 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    08:33:23.0375 3948 cmdide - ok
    08:33:23.0453 3948 CNG (aafcb52fe0037207fb6fbea070d25efe) C:\Windows\system32\Drivers\cng.sys
    08:33:23.0453 3948 CNG - ok
    08:33:23.0484 3948 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    08:33:23.0484 3948 Compbatt - ok
    08:33:23.0516 3948 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
    08:33:23.0516 3948 CompositeBus - ok
    08:33:23.0531 3948 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
    08:33:23.0531 3948 crcdisk - ok
    08:33:23.0594 3948 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    08:33:23.0594 3948 DfsC - ok
    08:33:23.0640 3948 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    08:33:23.0640 3948 discache - ok
    08:33:23.0656 3948 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
    08:33:23.0656 3948 Disk - ok
    08:33:23.0718 3948 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    08:33:23.0718 3948 drmkaud - ok
    08:33:23.0796 3948 DXGKrnl (af2e16242aa723f68f461b6eae2ead3d) C:\Windows\System32\drivers\dxgkrnl.sys
    08:33:23.0812 3948 DXGKrnl - ok
    08:33:23.0937 3948 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
    08:33:23.0952 3948 ebdrv - ok
    08:33:24.0077 3948 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    08:33:24.0077 3948 eeCtrl - ok
    08:33:24.0405 3948 efavdrv - ok
    08:33:24.0483 3948 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
    08:33:24.0483 3948 elxstor - ok
    08:33:24.0514 3948 EraserUtilRebootDrv (c5bccb378d0a896304a3e71be7215983) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    08:33:24.0514 3948 EraserUtilRebootDrv - ok
    08:33:24.0530 3948 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    08:33:24.0530 3948 ErrDev - ok
    08:33:24.0670 3948 esihdrv - ok
    08:33:24.0717 3948 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    08:33:24.0717 3948 exfat - ok
    08:33:24.0764 3948 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    08:33:24.0764 3948 fastfat - ok
    08:33:24.0779 3948 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
    08:33:24.0779 3948 fdc - ok
    08:33:24.0810 3948 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    08:33:24.0810 3948 FileInfo - ok
    08:33:24.0842 3948 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    08:33:24.0842 3948 Filetrace - ok
    08:33:24.0873 3948 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
    08:33:24.0873 3948 flpydisk - ok
    08:33:24.0904 3948 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    08:33:24.0904 3948 FltMgr - ok
    08:33:24.0935 3948 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    08:33:24.0935 3948 FsDepends - ok
    08:33:24.0982 3948 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
    08:33:24.0982 3948 Fs_Rec - ok
    08:33:25.0060 3948 fvevol (8f6322049018354f45f05a2fd2d4e5e0) C:\Windows\system32\DRIVERS\fvevol.sys
    08:33:25.0060 3948 fvevol - ok
    08:33:25.0091 3948 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
    08:33:25.0107 3948 gagp30kx - ok
    08:33:25.0154 3948 GEARAspiWDM (8e98d21ee06192492a5671a6144d092f) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    08:33:25.0154 3948 GEARAspiWDM - ok
    08:33:25.0185 3948 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    08:33:25.0185 3948 hcw85cir - ok
    08:33:25.0247 3948 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    08:33:25.0247 3948 HdAudAddService - ok
    08:33:25.0278 3948 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    08:33:25.0278 3948 HDAudBus - ok
    08:33:25.0310 3948 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
    08:33:25.0310 3948 HidBatt - ok
    08:33:25.0341 3948 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
    08:33:25.0341 3948 HidBth - ok
    08:33:25.0356 3948 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
    08:33:25.0356 3948 HidIr - ok
    08:33:25.0403 3948 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    08:33:25.0403 3948 HidUsb - ok
    08:33:25.0466 3948 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
    08:33:25.0466 3948 hpdskflt - ok
    08:33:25.0481 3948 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    08:33:25.0481 3948 HpSAMD - ok
    08:33:25.0544 3948 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    08:33:25.0544 3948 HTTP - ok
    08:33:25.0575 3948 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    08:33:25.0575 3948 hwpolicy - ok
    08:33:25.0590 3948 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
    08:33:25.0606 3948 i8042prt - ok
    08:33:25.0653 3948 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    08:33:25.0653 3948 iaStorV - ok
    08:33:25.0934 3948 IDSVia64 (a48928d4cca6f8b731989db08cf2c0ab) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130527.001\IDSvia64.sys
    08:33:25.0934 3948 IDSVia64 - ok
    08:33:26.0168 3948 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
    08:33:26.0230 3948 igfx - ok
    08:33:26.0589 3948 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
    08:33:26.0589 3948 iirsp - ok
    08:33:26.0636 3948 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
    08:33:26.0636 3948 IntcHdmiAddService - ok
    08:33:26.0651 3948 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    08:33:26.0651 3948 intelide - ok
    08:33:26.0682 3948 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    08:33:26.0682 3948 intelppm - ok
    08:33:26.0729 3948 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    08:33:26.0729 3948 IpFilterDriver - ok
    08:33:26.0760 3948 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    08:33:26.0760 3948 IPMIDRV - ok
    08:33:26.0792 3948 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    08:33:26.0792 3948 IPNAT - ok
    08:33:26.0823 3948 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    08:33:26.0823 3948 IRENUM - ok
    08:33:26.0838 3948 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    08:33:26.0838 3948 isapnp - ok
    08:33:26.0885 3948 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    08:33:26.0885 3948 iScsiPrt - ok
    08:33:26.0916 3948 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    08:33:26.0916 3948 kbdclass - ok
    08:33:26.0932 3948 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
    08:33:26.0932 3948 kbdhid - ok
    08:33:26.0994 3948 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
    08:33:27.0010 3948 KSecDD - ok
    08:33:27.0057 3948 KSecPkg (7efb9333e4ecce6ae4ae9d777d9e553e) C:\Windows\system32\Drivers\ksecpkg.sys
    08:33:27.0072 3948 KSecPkg - ok
    08:33:27.0104 3948 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    08:33:27.0119 3948 ksthunk - ok
    08:33:27.0197 3948 LHidFilt (1470ef17e02e82e4f43346df9e9f11e1) C:\Windows\system32\DRIVERS\LHidFilt.Sys
    08:33:27.0197 3948 LHidFilt - ok
    08:33:27.0228 3948 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    08:33:27.0228 3948 lltdio - ok
    08:33:27.0275 3948 LMouFilt (12814ae119e959437bea3110f81bd188) C:\Windows\system32\DRIVERS\LMouFilt.Sys
    08:33:27.0291 3948 LMouFilt - ok
    08:33:27.0306 3948 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
    08:33:27.0306 3948 LSI_FC - ok
    08:33:27.0353 3948 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
    08:33:27.0353 3948 LSI_SAS - ok
    08:33:27.0369 3948 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
    08:33:27.0369 3948 LSI_SAS2 - ok
    08:33:27.0416 3948 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
    08:33:27.0416 3948 LSI_SCSI - ok
    08:33:27.0431 3948 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    08:33:27.0431 3948 luafv - ok
    08:33:27.0478 3948 LUsbFilt (67dc00f1ea2743a9ca4cda5ca89ad2cb) C:\Windows\system32\Drivers\LUsbFilt.Sys
    08:33:27.0478 3948 LUsbFilt - ok
    08:33:27.0525 3948 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
    08:33:27.0525 3948 megasas - ok
    08:33:27.0556 3948 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
    08:33:27.0556 3948 MegaSR - ok
    08:33:27.0587 3948 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    08:33:27.0587 3948 Modem - ok
    08:33:27.0618 3948 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    08:33:27.0618 3948 monitor - ok
    08:33:27.0634 3948 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    08:33:27.0634 3948 mouclass - ok
    08:33:27.0665 3948 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    08:33:27.0665 3948 mouhid - ok
    08:33:27.0696 3948 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    08:33:27.0696 3948 mountmgr - ok
    08:33:27.0743 3948 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    08:33:27.0743 3948 mpio - ok
    08:33:27.0759 3948 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    08:33:27.0759 3948 mpsdrv - ok
    08:33:27.0790 3948 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    08:33:27.0790 3948 MRxDAV - ok
    08:33:27.0852 3948 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    08:33:27.0852 3948 mrxsmb - ok
    08:33:27.0884 3948 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    08:33:27.0884 3948 mrxsmb10 - ok
    08:33:27.0946 3948 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    08:33:27.0946 3948 mrxsmb20 - ok
    08:33:27.0977 3948 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    08:33:27.0977 3948 msahci - ok
    08:33:28.0008 3948 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    08:33:28.0008 3948 msdsm - ok
    08:33:28.0040 3948 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    08:33:28.0040 3948 Msfs - ok
    08:33:28.0055 3948 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    08:33:28.0055 3948 mshidkmdf - ok
    08:33:28.0086 3948 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    08:33:28.0086 3948 msisadrv - ok
    08:33:28.0118 3948 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    08:33:28.0118 3948 MSKSSRV - ok
    08:33:28.0149 3948 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    08:33:28.0149 3948 MSPCLOCK - ok
    08:33:28.0164 3948 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    08:33:28.0164 3948 MSPQM - ok
    08:33:28.0211 3948 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    08:33:28.0211 3948 MsRPC - ok
    08:33:28.0242 3948 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
    08:33:28.0242 3948 mssmbios - ok
    08:33:28.0258 3948 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    08:33:28.0258 3948 MSTEE - ok
    08:33:28.0289 3948 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    08:33:28.0289 3948 MTConfig - ok
    08:33:28.0305 3948 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    08:33:28.0305 3948 Mup - ok
    08:33:28.0352 3948 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    08:33:28.0352 3948 NativeWifiP - ok
    08:33:28.0586 3948 NAVENG (56540e526b46e379a476fb5bc381b290) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130527.032\ENG64.SYS
    08:33:28.0586 3948 NAVENG - ok
    08:33:28.0679 3948 NAVEX15 (8a19d3991f9f14b885cde8bc640f6b68) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130527.032\EX64.SYS
    08:33:28.0695 3948 NAVEX15 - ok
    08:33:29.0085 3948 NDIS (760e38053bf56e501d562b70ad796b88) C:\Windows\system32\drivers\ndis.sys
    08:33:29.0085 3948 NDIS - ok
    08:33:29.0147 3948 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    08:33:29.0163 3948 NdisCap - ok
    08:33:29.0178 3948 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    08:33:29.0178 3948 NdisTapi - ok
    08:33:29.0210 3948 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    08:33:29.0210 3948 Ndisuio - ok
    08:33:29.0241 3948 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    08:33:29.0241 3948 NdisWan - ok
    08:33:29.0256 3948 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    08:33:29.0272 3948 NDProxy - ok
    08:33:29.0319 3948 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
    08:33:29.0319 3948 Netaapl - ok
    08:33:29.0334 3948 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    08:33:29.0334 3948 NetBIOS - ok
    08:33:29.0381 3948 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    08:33:29.0381 3948 NetBT - ok
    08:33:29.0428 3948 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
    08:33:29.0428 3948 nfrd960 - ok
    08:33:29.0459 3948 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    08:33:29.0459 3948 Npfs - ok
    08:33:29.0490 3948 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    08:33:29.0490 3948 nsiproxy - ok
    08:33:29.0584 3948 Ntfs (b98f8c6e31cd07b2e6f71f7f648e38c0) C:\Windows\system32\drivers\Ntfs.sys
    08:33:29.0600 3948 Ntfs - ok
    08:33:29.0631 3948 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    08:33:29.0631 3948 Null - ok
    08:33:29.0678 3948 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    08:33:29.0693 3948 nvraid - ok
    08:33:29.0740 3948 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    08:33:29.0740 3948 nvstor - ok
    08:33:29.0787 3948 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    08:33:29.0787 3948 nv_agp - ok
    08:33:29.0818 3948 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    08:33:29.0818 3948 ohci1394 - ok
    08:33:29.0865 3948 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
    08:33:29.0865 3948 Parport - ok
    08:33:29.0912 3948 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
    08:33:29.0912 3948 partmgr - ok
    08:33:29.0943 3948 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    08:33:29.0943 3948 pci - ok
    08:33:29.0974 3948 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    08:33:29.0974 3948 pciide - ok
    08:33:30.0005 3948 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
    08:33:30.0021 3948 pcmcia - ok
    08:33:30.0036 3948 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    08:33:30.0036 3948 pcw - ok
    08:33:30.0083 3948 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    08:33:30.0083 3948 PEAUTH - ok
    08:33:30.0177 3948 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    08:33:30.0177 3948 PptpMiniport - ok
    08:33:30.0192 3948 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
    08:33:30.0192 3948 Processor - ok
    08:33:30.0239 3948 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    08:33:30.0239 3948 Psched - ok
    08:33:30.0317 3948 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
    08:33:30.0317 3948 ql2300 - ok
    08:33:30.0348 3948 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
    08:33:30.0348 3948 ql40xx - ok
    08:33:30.0380 3948 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    08:33:30.0380 3948 QWAVEdrv - ok
    08:33:30.0395 3948 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    08:33:30.0395 3948 RasAcd - ok
    08:33:30.0442 3948 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    08:33:30.0442 3948 RasAgileVpn - ok
    08:33:30.0473 3948 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    08:33:30.0473 3948 Rasl2tp - ok
    08:33:30.0504 3948 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    08:33:30.0504 3948 RasPppoe - ok
    08:33:30.0520 3948 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    08:33:30.0536 3948 RasSstp - ok
    08:33:30.0567 3948 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    08:33:30.0567 3948 rdbss - ok
    08:33:30.0598 3948 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
    08:33:30.0598 3948 rdpbus - ok
    08:33:30.0614 3948 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    08:33:30.0614 3948 RDPCDD - ok
    08:33:30.0645 3948 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    08:33:30.0645 3948 RDPENCDD - ok
    08:33:30.0676 3948 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    08:33:30.0676 3948 RDPREFMP - ok
    08:33:30.0738 3948 RdpVideoMiniport (313f68e1a3e6345a4f47a36b07062f34) C:\Windows\system32\drivers\rdpvideominiport.sys
    08:33:30.0738 3948 RdpVideoMiniport - ok
    08:33:30.0785 3948 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
    08:33:30.0785 3948 RDPWD - ok
    08:33:30.0816 3948 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    08:33:30.0816 3948 rdyboost - ok
    08:33:30.0863 3948 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    08:33:30.0863 3948 rspndr - ok
    08:33:30.0926 3948 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
    08:33:30.0926 3948 RTL8167 - ok
    08:33:31.0035 3948 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    08:33:31.0035 3948 SASDIFSV - ok
    08:33:31.0050 3948 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    08:33:31.0050 3948 SASKUTIL - ok
    08:33:31.0144 3948 SbieDrv (979d61544fe988026f672b033b01b2d8) C:\Program Files\Sandboxie\SbieDrv.sys
    08:33:31.0144 3948 SbieDrv - ok
    08:33:31.0175 3948 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    08:33:31.0175 3948 sbp2port - ok
    08:33:31.0222 3948 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    08:33:31.0222 3948 scfilter - ok
    08:33:31.0253 3948 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    08:33:31.0253 3948 secdrv - ok
    08:33:31.0284 3948 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
    08:33:31.0284 3948 Serenum - ok
    08:33:31.0316 3948 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
    08:33:31.0316 3948 Serial - ok
    08:33:31.0347 3948 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
    08:33:31.0347 3948 sermouse - ok
    08:33:31.0394 3948 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    08:33:31.0394 3948 sffdisk - ok
    08:33:31.0425 3948 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    08:33:31.0425 3948 sffp_mmc - ok
    08:33:31.0456 3948 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    08:33:31.0456 3948 sffp_sd - ok
    08:33:31.0472 3948 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
    08:33:31.0472 3948 sfloppy - ok
    08:33:31.0503 3948 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
    08:33:31.0503 3948 SiSRaid2 - ok
    08:33:31.0550 3948 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
    08:33:31.0550 3948 SiSRaid4 - ok
    08:33:31.0596 3948 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
    08:33:31.0596 3948 SmartDefragDriver - ok
    08:33:31.0628 3948 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    08:33:31.0628 3948 Smb - ok
    08:33:31.0659 3948 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    08:33:31.0659 3948 spldr - ok
    08:33:31.0815 3948 SRTSP (378a0748de5adf90bf9db897da8564e6) C:\Windows\System32\Drivers\NISx64\1403010.016\SRTSP64.SYS
    08:33:31.0830 3948 SRTSP - ok
    08:33:31.0862 3948 SRTSPX (0e76cef892c45734f7aed09fddf35d4d) C:\Windows\system32\drivers\NISx64\1403010.016\SRTSPX64.SYS
    08:33:31.0862 3948 SRTSPX - ok
    08:33:31.0924 3948 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    08:33:31.0924 3948 srv - ok
    08:33:31.0971 3948 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    08:33:31.0971 3948 srv2 - ok
    08:33:32.0018 3948 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    08:33:32.0033 3948 srvnet - ok
    08:33:32.0080 3948 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
    08:33:32.0080 3948 stexstor - ok
    08:33:32.0127 3948 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
    08:33:32.0127 3948 swenum - ok
    08:33:32.0267 3948 SymDS (e174c8bc572e93aeee1036dedac5f225) C:\Windows\system32\drivers\NISx64\1403010.016\SYMDS64.SYS
    08:33:32.0267 3948 SymDS - ok
    08:33:32.0314 3948 SymEFA (599872bad7cfb45c7ce47cded4b726d8) C:\Windows\system32\drivers\NISx64\1403010.016\SYMEFA64.SYS
    08:33:32.0330 3948 SymEFA - ok
    08:33:32.0408 3948 SymEvent (f5d6d3b7468c46ea2ddc1d19d2a6da0f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    08:33:32.0408 3948 SymEvent - ok
    08:33:32.0470 3948 SymIRON (adf37f1a715d6c56c8e065fd8569a9a4) C:\Windows\system32\drivers\NISx64\1403010.016\Ironx64.SYS
    08:33:32.0470 3948 SymIRON - ok
    08:33:32.0501 3948 SymNetS (1605ebd8cb86afc4430116065995279a) C:\Windows\System32\Drivers\NISx64\1403010.016\SYMNETS.SYS
    08:33:32.0517 3948 SymNetS - ok
    08:33:32.0564 3948 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
    08:33:32.0564 3948 SynTP - ok
    08:33:32.0673 3948 Tcpip (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\drivers\tcpip.sys
    08:33:32.0688 3948 Tcpip - ok
    08:33:32.0751 3948 TCPIP6 (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\DRIVERS\tcpip.sys
    08:33:32.0766 3948 TCPIP6 - ok
    08:33:32.0829 3948 tcpipreg (1b16d0bd9841794a6e0cde0cef744abc) C:\Windows\system32\drivers\tcpipreg.sys
    08:33:32.0829 3948 tcpipreg - ok
    08:33:32.0876 3948 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    08:33:32.0876 3948 TDPIPE - ok
    08:33:32.0938 3948 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
    08:33:32.0938 3948 TDTCP - ok
    08:33:32.0969 3948 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    08:33:32.0969 3948 tdx - ok
    08:33:32.0985 3948 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
    08:33:33.0000 3948 TermDD - ok
    08:33:33.0032 3948 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    08:33:33.0032 3948 tssecsrv - ok
    08:33:33.0078 3948 TsUsbFlt (17c6b51cbccded95b3cc14e22791f85e) C:\Windows\system32\drivers\tsusbflt.sys
    08:33:33.0078 3948 TsUsbFlt - ok
    08:33:33.0141 3948 TsUsbGD (ad64450a4abe076f5cb34cc08eeacb07) C:\Windows\system32\drivers\TsUsbGD.sys
    08:33:33.0141 3948 TsUsbGD - ok
    08:33:33.0172 3948 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    08:33:33.0172 3948 tunnel - ok
    08:33:33.0203 3948 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
    08:33:33.0203 3948 uagp35 - ok
    08:33:33.0250 3948 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    08:33:33.0250 3948 udfs - ok
    08:33:33.0281 3948 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    08:33:33.0281 3948 uliagpkx - ok
    08:33:33.0312 3948 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
    08:33:33.0312 3948 umbus - ok
    08:33:33.0328 3948 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
    08:33:33.0328 3948 UmPass - ok
    08:33:33.0390 3948 USBAAPL64 (c9e9d59c0099a9ff51697e9306a44240) C:\Windows\system32\Drivers\usbaapl64.sys
    08:33:33.0390 3948 USBAAPL64 - ok
    08:33:33.0437 3948 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    08:33:33.0437 3948 usbccgp - ok
    08:33:33.0484 3948 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    08:33:33.0484 3948 usbcir - ok
    08:33:33.0546 3948 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    08:33:33.0546 3948 usbehci - ok
    08:33:33.0578 3948 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    08:33:33.0593 3948 usbhub - ok
    08:33:33.0624 3948 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    08:33:33.0624 3948 usbohci - ok
    08:33:33.0671 3948 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
    08:33:33.0671 3948 usbprint - ok
    08:33:33.0718 3948 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    08:33:33.0718 3948 USBSTOR - ok
    08:33:33.0749 3948 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    08:33:33.0765 3948 usbuhci - ok
    08:33:33.0796 3948 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
    08:33:33.0796 3948 usbvideo - ok
    08:33:33.0843 3948 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    08:33:33.0843 3948 vdrvroot - ok
    08:33:33.0874 3948 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    08:33:33.0874 3948 vga - ok
    08:33:33.0890 3948 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    08:33:33.0905 3948 VgaSave - ok
    08:33:33.0936 3948 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    08:33:33.0936 3948 vhdmp - ok
    08:33:33.0952 3948 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    08:33:33.0952 3948 viaide - ok
    08:33:33.0983 3948 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    08:33:33.0999 3948 volmgr - ok
    08:33:34.0030 3948 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    08:33:34.0030 3948 volmgrx - ok
    08:33:34.0077 3948 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    08:33:34.0077 3948 volsnap - ok
    08:33:34.0124 3948 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
    08:33:34.0124 3948 vsmraid - ok
    08:33:34.0155 3948 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    08:33:34.0155 3948 vwifibus - ok
    08:33:34.0186 3948 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    08:33:34.0186 3948 vwififlt - ok
    08:33:34.0217 3948 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
    08:33:34.0217 3948 WacomPen - ok
    08:33:34.0248 3948 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    08:33:34.0264 3948 WANARP - ok
    08:33:34.0264 3948 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    08:33:34.0264 3948 Wanarpv6 - ok
    08:33:34.0326 3948 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
    08:33:34.0326 3948 Wd - ok
    08:33:34.0389 3948 Wdf01000 (442783e2cb0da19873b7a63833ff4cb4) C:\Windows\system32\drivers\Wdf01000.sys
    08:33:34.0404 3948 Wdf01000 - ok
    08:33:34.0451 3948 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    08:33:34.0451 3948 WfpLwf - ok
    08:33:34.0482 3948 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    08:33:34.0482 3948 WIMMount - ok
    08:33:34.0560 3948 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    08:33:34.0560 3948 WinUsb - ok
    08:33:34.0592 3948 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
    08:33:34.0592 3948 WmiAcpi - ok
    08:33:34.0638 3948 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    08:33:34.0638 3948 ws2ifsl - ok
    08:33:34.0716 3948 WudfPf (ab886378eeb55c6c75b4f2d14b6c869f) C:\Windows\system32\drivers\WudfPf.sys
    08:33:34.0716 3948 WudfPf - ok
    08:33:34.0748 3948 WUDFRd (dda4caf29d8c0a297f886bfe561e6659) C:\Windows\system32\DRIVERS\WUDFRd.sys
    08:33:34.0748 3948 WUDFRd - ok
    08:33:34.0794 3948 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    08:33:34.0810 3948 \Device\Harddisk0\DR0 - ok
    08:33:34.0810 3948 Boot (0x1200) (8e265e2d21a0488809d9fa3981cfac99) \Device\Harddisk0\DR0\Partition0
    08:33:34.0826 3948 \Device\Harddisk0\DR0\Partition0 - ok
    08:33:34.0841 3948 Boot (0x1200) (97aa442d8741bc4bcd13210187f8d5b4) \Device\Harddisk0\DR0\Partition1
    08:33:34.0841 3948 \Device\Harddisk0\DR0\Partition1 - ok
    08:33:34.0841 3948 ============================================================
    08:33:34.0841 3948 Scan finished
    08:33:34.0841 3948 ============================================================
    08:33:34.0857 4092 Detected object count: 0
    08:33:34.0857 4092 Actual detected object count: 0
    08:34:13.0261 1376 ============================================================
    08:34:13.0261 1376 Scan started
    08:34:13.0261 1376 Mode: Manual; SigCheck; TDLFS;
    08:34:13.0261 1376 ============================================================
    08:34:14.0540 1376 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    08:34:14.0649 1376 1394ohci - ok
    08:34:14.0696 1376 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
    08:34:14.0727 1376 Accelerometer - ok
    08:34:14.0758 1376 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    08:34:14.0789 1376 ACPI - ok
    08:34:14.0805 1376 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    08:34:14.0852 1376 AcpiPmi - ok
    08:34:14.0914 1376 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
    08:34:14.0945 1376 adp94xx - ok
    08:34:14.0977 1376 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
    08:34:15.0008 1376 adpahci - ok
    08:34:15.0023 1376 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
    08:34:15.0055 1376 adpu320 - ok
    08:34:15.0148 1376 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    08:34:15.0179 1376 AFD - ok
    08:34:15.0211 1376 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    08:34:15.0226 1376 agp440 - ok
    08:34:15.0257 1376 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    08:34:15.0273 1376 aliide - ok
    08:34:15.0304 1376 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    08:34:15.0320 1376 amdide - ok
    08:34:15.0351 1376 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
    08:34:15.0382 1376 AmdK8 - ok
    08:34:15.0413 1376 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
    08:34:15.0445 1376 AmdPPM - ok
    08:34:15.0491 1376 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    08:34:15.0523 1376 amdsata - ok
    08:34:15.0554 1376 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
    08:34:15.0585 1376 amdsbs - ok
    08:34:15.0616 1376 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    08:34:15.0632 1376 amdxata - ok
    08:34:15.0679 1376 AntiLog32 (75b3aab3c1feeebcfb62bf1359f568b6) C:\Windows\system32\drivers\AntiLog64.sys
    08:34:15.0710 1376 AntiLog32 - ok
    08:34:15.0725 1376 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    08:34:15.0788 1376 AppID - ok
    08:34:15.0835 1376 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
    08:34:15.0866 1376 arc - ok
    08:34:15.0881 1376 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
    08:34:15.0913 1376 arcsas - ok
    08:34:16.0037 1376 aswArKrn - ok
    08:34:16.0053 1376 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    08:34:16.0115 1376 AsyncMac - ok
    08:34:16.0147 1376 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    08:34:16.0178 1376 atapi - ok
    08:34:16.0225 1376 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
    08:34:16.0271 1376 b06bdrv - ok
    08:34:16.0303 1376 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    08:34:16.0334 1376 b57nd60a - ok
    08:34:16.0505 1376 BCM43XX (43ad3d3e7674833fca9a7c4e7180ad54) C:\Windows\system32\DRIVERS\bcmwl664.sys
    08:34:16.0630 1376 BCM43XX - ok
    08:34:16.0989 1376 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    08:34:17.0036 1376 Beep - ok
    08:34:17.0519 1376 BHDrvx64 (7b56a40eaaacf1867ff178501d3ea185) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130515.001\BHDrvx64.sys
    08:34:17.0566 1376 BHDrvx64 - ok
    08:34:17.0894 1376 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    08:34:17.0941 1376 blbdrive - ok
    08:34:17.0987 1376 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    08:34:18.0034 1376 bowser - ok
    08:34:18.0065 1376 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
    08:34:18.0097 1376 BrFiltLo - ok
    08:34:18.0112 1376 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
    08:34:18.0159 1376 BrFiltUp - ok
    08:34:18.0206 1376 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    08:34:18.0237 1376 Brserid - ok
    08:34:18.0253 1376 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    08:34:18.0299 1376 BrSerWdm - ok
    08:34:18.0315 1376 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    08:34:18.0362 1376 BrUsbMdm - ok
    08:34:18.0377 1376 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    08:34:18.0409 1376 BrUsbSer - ok
    08:34:18.0424 1376 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
    08:34:18.0455 1376 BTHMODEM - ok
    08:34:18.0580 1376 ccSet_NIS (248c952c82df1e23775432774cbb20f1) C:\Windows\system32\drivers\NISx64\1403010.016\ccSetx64.sys
    08:34:18.0596 1376 ccSet_NIS - ok
    08:34:18.0627 1376 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    08:34:18.0689 1376 cdfs - ok
    08:34:18.0721 1376 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    08:34:18.0752 1376 cdrom - ok
    08:34:18.0783 1376 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
    08:34:18.0814 1376 circlass - ok
    08:34:18.0877 1376 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    08:34:18.0908 1376 CLFS - ok
    08:34:18.0955 1376 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    08:34:18.0970 1376 CmBatt - ok
    08:34:19.0001 1376 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    08:34:19.0033 1376 cmdide - ok
    08:34:19.0095 1376 CNG (aafcb52fe0037207fb6fbea070d25efe) C:\Windows\system32\Drivers\cng.sys
    08:34:19.0173 1376 CNG - ok
    08:34:19.0204 1376 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    08:34:19.0235 1376 Compbatt - ok
    08:34:19.0251 1376 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
    08:34:19.0282 1376 CompositeBus - ok
    08:34:19.0313 1376 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
    08:34:19.0329 1376 crcdisk - ok
    08:34:19.0376 1376 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    08:34:19.0438 1376 DfsC - ok
    08:34:19.0469 1376 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    08:34:19.0547 1376 discache - ok
    08:34:19.0579 1376 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
    08:34:19.0594 1376 Disk - ok
    08:34:19.0657 1376 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    08:34:19.0672 1376 drmkaud - ok
    08:34:19.0750 1376 DXGKrnl (af2e16242aa723f68f461b6eae2ead3d) C:\Windows\System32\drivers\dxgkrnl.sys
    08:34:19.0797 1376 DXGKrnl - ok
    08:34:19.0922 1376 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
    08:34:20.0000 1376 ebdrv - ok
    08:34:20.0125 1376 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    08:34:20.0156 1376 eeCtrl - ok
    08:34:20.0483 1376 efavdrv - ok
    08:34:20.0546 1376 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
    08:34:20.0577 1376 elxstor - ok
    08:34:20.0608 1376 EraserUtilRebootDrv (c5bccb378d0a896304a3e71be7215983) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    08:34:20.0624 1376 EraserUtilRebootDrv - ok
    08:34:20.0639 1376 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    08:34:20.0686 1376 ErrDev - ok
    08:34:20.0811 1376 esihdrv - ok
    08:34:20.0858 1376 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    08:34:20.0920 1376 exfat - ok
    08:34:20.0967 1376 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    08:34:21.0029 1376 fastfat - ok
    08:34:21.0061 1376 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
    08:34:21.0092 1376 fdc - ok
    08:34:21.0123 1376 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    08:34:21.0154 1376 FileInfo - ok
    08:34:21.0170 1376 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    08:34:21.0232 1376 Filetrace - ok
    08:34:21.0248 1376 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
    08:34:21.0279 1376 flpydisk - ok
    08:34:21.0310 1376 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    08:34:21.0341 1376 FltMgr - ok
    08:34:21.0373 1376 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    08:34:21.0388 1376 FsDepends - ok
    08:34:21.0435 1376 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
    08:34:21.0466 1376 Fs_Rec - ok
    08:34:21.0529 1376 fvevol (8f6322049018354f45f05a2fd2d4e5e0) C:\Windows\system32\DRIVERS\fvevol.sys
    08:34:21.0560 1376 fvevol - ok
    08:34:21.0607 1376 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
    08:34:21.0622 1376 gagp30kx - ok
    08:34:21.0669 1376 GEARAspiWDM (8e98d21ee06192492a5671a6144d092f) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    08:34:21.0685 1376 GEARAspiWDM - ok
    08:34:21.0716 1376 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    08:34:21.0747 1376 hcw85cir - ok
    08:34:21.0809 1376 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    08:34:21.0841 1376 HdAudAddService - ok
    08:34:21.0872 1376 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    08:34:21.0919 1376 HDAudBus - ok
    08:34:21.0934 1376 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
    08:34:21.0965 1376 HidBatt - ok
    08:34:21.0997 1376 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
    08:34:22.0028 1376 HidBth - ok
    08:34:22.0043 1376 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
    08:34:22.0090 1376 HidIr - ok
    08:34:22.0121 1376 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    08:34:22.0137 1376 HidUsb - ok
    08:34:22.0199 1376 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
    08:34:22.0215 1376 hpdskflt - ok
    08:34:22.0246 1376 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    08:34:22.0262 1376 HpSAMD - ok
    08:34:22.0309 1376 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    08:34:22.0387 1376 HTTP - ok
    08:34:22.0402 1376 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    08:34:22.0433 1376 hwpolicy - ok
    08:34:22.0449 1376 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
    08:34:22.0480 1376 i8042prt - ok
    08:34:22.0527 1376 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    08:34:22.0558 1376 iaStorV - ok
    08:34:22.0886 1376 IDSVia64 (a48928d4cca6f8b731989db08cf2c0ab) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130527.001\IDSvia64.sys
    08:34:22.0917 1376 IDSVia64 - ok
    08:34:25.0107 1376 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
    08:34:25.0404 1376 igfx - ok
    08:34:26.0215 1376 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
    08:34:26.0246 1376 iirsp - ok
    08:34:26.0371 1376 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
    08:34:26.0418 1376 IntcHdmiAddService - ok
    08:34:26.0433 1376 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    08:34:26.0465 1376 intelide - ok
    08:34:26.0480 1376 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    08:34:26.0511 1376 intelppm - ok
    08:34:26.0621 1376 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    08:34:26.0683 1376 IpFilterDriver - ok
    08:34:26.0777 1376 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    08:34:26.0792 1376 IPMIDRV - ok
    08:34:26.0823 1376 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    08:34:26.0886 1376 IPNAT - ok
    08:34:26.0948 1376 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    08:34:26.0979 1376 IRENUM - ok
    08:34:27.0120 1376 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    08:34:27.0167 1376 isapnp - ok
    08:34:27.0213 1376 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    08:34:27.0245 1376 iScsiPrt - ok
    08:34:27.0323 1376 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    08:34:27.0338 1376 kbdclass - ok
    08:34:27.0401 1376 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
    08:34:27.0447 1376 kbdhid - ok
    08:34:27.0510 1376 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
    08:34:27.0541 1376 KSecDD - ok
    08:34:27.0666 1376 KSecPkg (7efb9333e4ecce6ae4ae9d777d9e553e) C:\Windows\system32\Drivers\ksecpkg.sys
    08:34:27.0697 1376 KSecPkg - ok
    08:34:27.0775 1376 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    08:34:27.0853 1376 ksthunk - ok
    08:34:27.0962 1376 LHidFilt (1470ef17e02e82e4f43346df9e9f11e1) C:\Windows\system32\DRIVERS\LHidFilt.Sys
    08:34:27.0978 1376 LHidFilt - ok
    08:34:28.0025 1376 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    08:34:28.0087 1376 lltdio - ok
    08:34:28.0149 1376 LMouFilt (12814ae119e959437bea3110f81bd188) C:\Windows\system32\DRIVERS\LMouFilt.Sys
    08:34:28.0181 1376 LMouFilt - ok
    08:34:28.0212 1376 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
    08:34:28.0227 1376 LSI_FC - ok
    08:34:28.0274 1376 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
    08:34:28.0290 1376 LSI_SAS - ok
    08:34:28.0321 1376 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
    08:34:28.0337 1376 LSI_SAS2 - ok
    08:34:28.0368 1376 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
    08:34:28.0399 1376 LSI_SCSI - ok
    08:34:28.0415 1376 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    08:34:28.0493 1376 luafv - ok
    08:34:28.0555 1376 LUsbFilt (67dc00f1ea2743a9ca4cda5ca89ad2cb) C:\Windows\system32\Drivers\LUsbFilt.Sys
    08:34:28.0571 1376 LUsbFilt - ok
    08:34:28.0617 1376 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
    08:34:28.0633 1376 megasas - ok
    08:34:28.0680 1376 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
    08:34:28.0711 1376 MegaSR - ok
    08:34:28.0727 1376 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    08:34:28.0789 1376 Modem - ok
    08:34:28.0820 1376 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    08:34:28.0851 1376 monitor - ok
    08:34:28.0883 1376 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    08:34:28.0898 1376 mouclass - ok
    08:34:28.0929 1376 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    08:34:28.0945 1376 mouhid - ok
    08:34:28.0976 1376 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    08:34:29.0007 1376 mountmgr - ok
    08:34:29.0039 1376 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    08:34:29.0070 1376 mpio - ok
    08:34:29.0085 1376 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    08:34:29.0195 1376 mpsdrv - ok
    08:34:29.0319 1376 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    08:34:29.0366 1376 MRxDAV - ok
    08:34:29.0928 1376 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    08:34:29.0959 1376 mrxsmb - ok
    08:34:31.0191 1376 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    08:34:31.0238 1376 mrxsmb10 - ok
    08:34:32.0034 1376 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    08:34:32.0065 1376 mrxsmb20 - ok
    08:34:32.0221 1376 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    08:34:32.0252 1376 msahci - ok
    08:34:32.0455 1376 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    08:34:32.0486 1376 msdsm - ok
    08:34:32.0580 1376 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    08:34:32.0658 1376 Msfs - ok
    08:34:32.0783 1376 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    08:34:32.0861 1376 mshidkmdf - ok
    08:34:33.0063 1376 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    08:34:33.0079 1376 msisadrv - ok
    08:34:33.0173 1376 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    08:34:33.0235 1376 MSKSSRV - ok
    08:34:33.0547 1376 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    08:34:33.0609 1376 MSPCLOCK - ok
    08:34:33.0750 1376 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    08:34:33.0812 1376 MSPQM - ok
    08:34:33.0984 1376 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    08:34:34.0015 1376 MsRPC - ok
    08:34:34.0155 1376 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
    08:34:34.0171 1376 mssmbios - ok
    08:34:34.0311 1376 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    08:34:34.0405 1376 MSTEE - ok
    08:34:34.0421 1376 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    08:34:34.0452 1376 MTConfig - ok
    08:34:34.0483 1376 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    08:34:34.0499 1376 Mup - ok
    08:34:34.0592 1376 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    08:34:34.0670 1376 NativeWifiP - ok
    08:34:35.0076 1376 NAVENG (56540e526b46e379a476fb5bc381b290) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130527.032\ENG64.SYS
    08:34:35.0091 1376 NAVENG - ok
    08:34:36.0495 1376 NAVEX15 (8a19d3991f9f14b885cde8bc640f6b68) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130527.032\EX64.SYS
    08:34:36.0573 1376 NAVEX15 - ok
    08:34:37.0899 1376 NDIS (760e38053bf56e501d562b70ad796b88) C:\Windows\system32\drivers\ndis.sys
    08:34:37.0946 1376 NDIS - ok
    08:34:38.0945 1376 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    08:34:39.0007 1376 NdisCap - ok
    08:34:39.0990 1376 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    08:34:40.0068 1376 NdisTapi - ok
    08:34:41.0262 1376 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    08:34:41.0324 1376 Ndisuio - ok
    08:34:42.0260 1376 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    08:34:42.0323 1376 NdisWan - ok
    08:34:42.0510 1376 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    08:34:42.0572 1376 NDProxy - ok
    08:34:42.0775 1376 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
    08:34:42.0806 1376 Netaapl - ok
    08:34:43.0149 1376 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    08:34:43.0212 1376 NetBIOS - ok
    08:34:43.0399 1376 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    08:34:43.0477 1376 NetBT - ok
    08:34:43.0633 1376 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
    08:34:43.0649 1376 nfrd960 - ok
    08:34:43.0789 1376 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    08:34:43.0851 1376 Npfs - ok
    08:34:43.0898 1376 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    08:34:43.0976 1376 nsiproxy - ok
    08:34:45.0365 1376 Ntfs (b98f8c6e31cd07b2e6f71f7f648e38c0) C:\Windows\system32\drivers\Ntfs.sys
    08:34:45.0411 1376 Ntfs - ok
    08:34:46.0847 1376 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    08:34:46.0909 1376 Null - ok
    08:34:48.0095 1376 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    08:34:48.0110 1376 nvraid - ok
    08:34:48.0656 1376 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    08:34:48.0687 1376 nvstor - ok
    08:34:50.0154 1376 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    08:34:50.0169 1376 nv_agp - ok
    08:34:51.0480 1376 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    08:34:51.0511 1376 ohci1394 - ok
    08:34:51.0823 1376 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
    08:34:51.0839 1376 Parport - ok
    08:34:51.0917 1376 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
    08:34:51.0932 1376 partmgr - ok
    08:34:52.0307 1376 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    08:34:52.0322 1376 pci - ok
    08:34:52.0385 1376 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    08:34:52.0400 1376 pciide - ok
    08:34:52.0619 1376 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
    08:34:52.0650 1376 pcmcia - ok
    08:34:52.0712 1376 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    08:34:52.0728 1376 pcw - ok
    08:34:53.0180 1376 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    08:34:53.0258 1376 PEAUTH - ok
    08:34:54.0475 1376 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    08:34:54.0537 1376 PptpMiniport - ok
    08:34:56.0035 1376 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
    08:34:56.0066 1376 Processor - ok
    08:34:57.0314 1376 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    08:34:57.0423 1376 Psched - ok
    08:34:57.0735 1376 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
    08:34:57.0798 1376 ql2300 - ok
    08:34:58.0422 1376 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
    08:34:58.0437 1376 ql40xx - ok
    08:34:59.0217 1376 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    08:34:59.0264 1376 QWAVEdrv - ok
    08:34:59.0327 1376 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    08:34:59.0373 1376 RasAcd - ok
    08:34:59.0592 1376 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    08:34:59.0654 1376 RasAgileVpn - ok
    08:34:59.0826 1376 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    08:34:59.0888 1376 Rasl2tp - ok
    08:35:00.0122 1376 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    08:35:00.0185 1376 RasPppoe - ok
    08:35:00.0450 1376 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    08:35:00.0543 1376 RasSstp - ok
    08:35:00.0575 1376 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    08:35:00.0637 1376 rdbss - ok
    08:35:00.0777 1376 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
    08:35:00.0824 1376 rdpbus - ok
    08:35:00.0840 1376 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    08:35:00.0902 1376 RDPCDD - ok
    08:35:01.0105 1376 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    08:35:01.0199 1376 RDPENCDD - ok
    08:35:01.0323 1376 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    08:35:01.0386 1376 RDPREFMP - ok
    08:35:01.0620 1376 RdpVideoMiniport (313f68e1a3e6345a4f47a36b07062f34) C:\Windows\system32\drivers\rdpvideominiport.sys
    08:35:01.0651 1376 RdpVideoMiniport - ok
    08:35:01.0807 1376 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
    08:35:01.0838 1376 RDPWD - ok
    08:35:02.0025 1376 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    08:35:02.0041 1376 rdyboost - ok
    08:35:02.0181 1376 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    08:35:02.0291 1376 rspndr - ok
    08:35:02.0415 1376 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
    08:35:02.0618 1376 RTL8167 - ok
    08:35:02.0946 1376 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    08:35:02.0961 1376 SASDIFSV - ok
    08:35:03.0008 1376 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    08:35:03.0024 1376 SASKUTIL - ok
    08:35:03.0211 1376 SbieDrv (979d61544fe988026f672b033b01b2d8) C:\Program Files\Sandboxie\SbieDrv.sys
    08:35:03.0242 1376 SbieDrv - ok
    08:35:04.0615 1376 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    08:35:04.0631 1376 sbp2port - ok
    08:35:04.0958 1376 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    08:35:05.0052 1376 scfilter - ok
    08:35:05.0099 1376 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    08:35:05.0192 1376 secdrv - ok
    08:35:05.0317 1376 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
    08:35:05.0348 1376 Serenum - ok
    08:35:05.0520 1376 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
    08:35:05.0535 1376 Serial - ok
    08:35:05.0676 1376 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
    08:35:05.0707 1376 sermouse - ok
    08:35:05.0769 1376 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    08:35:05.0801 1376 sffdisk - ok
    08:35:05.0894 1376 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    08:35:05.0925 1376 sffp_mmc - ok
    08:35:05.0957 1376 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    08:35:05.0972 1376 sffp_sd - ok
    08:35:06.0003 1376 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
    08:35:06.0035 1376 sfloppy - ok
    08:35:06.0144 1376 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
    08:35:06.0175 1376 SiSRaid2 - ok
    08:35:06.0924 1376 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
    08:35:06.0955 1376 SiSRaid4 - ok
    08:35:07.0142 1376 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
    08:35:07.0173 1376 SmartDefragDriver - ok
    08:35:07.0439 1376 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    08:35:07.0501 1376 Smb - ok
    08:35:07.0626 1376 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    08:35:07.0641 1376 spldr - ok
    08:35:08.0125 1376 SRTSP (378a0748de5adf90bf9db897da8564e6) C:\Windows\System32\Drivers\NISx64\1403010.016\SRTSP64.SYS
    08:35:08.0156 1376 SRTSP - ok
    08:35:10.0091 1376 SRTSPX (0e76cef892c45734f7aed09fddf35d4d) C:\Windows\system32\drivers\NISx64\1403010.016\SRTSPX64.SYS
    08:35:10.0122 1376 SRTSPX - ok
    08:35:11.0073 1376 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    08:35:11.0105 1376 srv - ok
    08:35:11.0245 1376 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    08:35:11.0276 1376 srv2 - ok
    08:35:11.0432 1376 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    08:35:11.0479 1376 srvnet - ok
    08:35:11.0666 1376 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
    08:35:11.0697 1376 stexstor - ok
    08:35:11.0744 1376 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
    08:35:11.0760 1376 swenum - ok
    08:35:12.0197 1376 SymDS (e174c8bc572e93aeee1036dedac5f225) C:\Windows\system32\drivers\NISx64\1403010.016\SYMDS64.SYS
    08:35:12.0228 1376 SymDS - ok
    08:35:12.0384 1376 SymEFA (599872bad7cfb45c7ce47cded4b726d8) C:\Windows\system32\drivers\NISx64\1403010.016\SYMEFA64.SYS
    08:35:12.0431 1376 SymEFA - ok
    08:35:13.0335 1376 SymEvent (f5d6d3b7468c46ea2ddc1d19d2a6da0f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    08:35:13.0367 1376 SymEvent - ok
    08:35:13.0725 1376 SymIRON (adf37f1a715d6c56c8e065fd8569a9a4) C:\Windows\system32\drivers\NISx64\1403010.016\Ironx64.SYS
    08:35:13.0741 1376 SymIRON - ok
    08:35:13.0881 1376 SymNetS (1605ebd8cb86afc4430116065995279a) C:\Windows\System32\Drivers\NISx64\1403010.016\SYMNETS.SYS
    08:35:13.0913 1376 SymNetS - ok
    08:35:14.0006 1376 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
    08:35:14.0037 1376 SynTP - ok
    08:35:14.0568 1376 Tcpip (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\drivers\tcpip.sys
    08:35:14.0630 1376 Tcpip - ok
    08:35:16.0175 1376 TCPIP6 (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\DRIVERS\tcpip.sys
    08:35:16.0237 1376 TCPIP6 - ok
    08:35:19.0029 1376 tcpipreg (1b16d0bd9841794a6e0cde0cef744abc) C:\Windows\system32\drivers\tcpipreg.sys
    08:35:19.0310 1376 tcpipreg - ok
    08:35:19.0575 1376 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    08:35:19.0607 1376 TDPIPE - ok
    08:35:19.0685 1376 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
    08:35:19.0747 1376 TDTCP - ok
    08:35:19.0809 1376 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    08:35:19.0903 1376 tdx - ok
    08:35:20.0137 1376 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
    08:35:20.0168 1376 TermDD - ok
    08:35:20.0246 1376 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    08:35:20.0355 1376 tssecsrv - ok
    08:35:20.0465 1376 TsUsbFlt (17c6b51cbccded95b3cc14e22791f85e) C:\Windows\system32\drivers\tsusbflt.sys
    08:35:20.0511 1376 TsUsbFlt - ok
    08:35:20.0605 1376 TsUsbGD (ad64450a4abe076f5cb34cc08eeacb07) C:\Windows\system32\drivers\TsUsbGD.sys
    08:35:20.0636 1376 TsUsbGD - ok
    08:35:20.0714 1376 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    08:35:20.0808 1376 tunnel - ok
    08:35:20.0870 1376 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
    08:35:20.0886 1376 uagp35 - ok
    08:35:21.0104 1376 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    08:35:21.0182 1376 udfs - ok
    08:35:21.0369 1376 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    08:35:21.0385 1376 uliagpkx - ok
    08:35:21.0525 1376 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
    08:35:21.0619 1376 umbus - ok
    08:35:21.0846 1376 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
    08:35:21.0895 1376 UmPass - ok
    08:35:22.0088 1376 USBAAPL64 (c9e9d59c0099a9ff51697e9306a44240) C:\Windows\system32\Drivers\usbaapl64.sys
    08:35:22.0158 1376 USBAAPL64 - ok
    08:35:22.0315 1376 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    08:35:22.0377 1376 usbccgp - ok
    08:35:22.0658 1376 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    08:35:22.0783 1376 usbcir - ok
    08:35:22.0861 1376 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    08:35:23.0048 1376 usbehci - ok
    08:35:23.0173 1376 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    08:35:23.0219 1376 usbhub - ok
    08:35:23.0282 1376 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    08:35:23.0313 1376 usbohci - ok
    08:35:23.0360 1376 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
    08:35:23.0407 1376 usbprint - ok
    08:35:23.0453 1376 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    08:35:23.0485 1376 USBSTOR - ok
    08:35:23.0656 1376 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    08:35:23.0687 1376 usbuhci - ok
    08:35:24.0062 1376 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
    08:35:24.0093 1376 usbvideo - ok
    08:35:24.0280 1376 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    08:35:24.0296 1376 vdrvroot - ok
    08:35:24.0514 1376 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    08:35:24.0545 1376 vga - ok
    08:35:24.0733 1376 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    08:35:24.0795 1376 VgaSave - ok
    08:35:25.0481 1376 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    08:35:25.0513 1376 vhdmp - ok
    08:35:26.0339 1376 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    08:35:26.0355 1376 viaide - ok
    08:35:26.0449 1376 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    08:35:26.0480 1376 volmgr - ok
    08:35:27.0338 1376 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    08:35:27.0369 1376 volmgrx - ok
    08:35:27.0868 1376 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    08:35:27.0899 1376 volsnap - ok
    08:35:27.0993 1376 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
    08:35:28.0024 1376 vsmraid - ok
    08:35:28.0055 1376 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    08:35:28.0102 1376 vwifibus - ok
    08:35:28.0310 1376 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    08:35:28.0360 1376 vwififlt - ok
    08:35:28.0406 1376 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
    08:35:28.0432 1376 WacomPen - ok
    08:35:28.0684 1376 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    08:35:28.0744 1376 WANARP - ok
    08:35:28.0744 1376 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    08:35:28.0807 1376 Wanarpv6 - ok
    08:35:29.0540 1376 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
    08:35:29.0555 1376 Wd - ok
    08:35:30.0569 1376 Wdf01000 (442783e2cb0da19873b7a63833ff4cb4) C:\Windows\system32\drivers\Wdf01000.sys
    08:35:30.0616 1376 Wdf01000 - ok
    08:35:31.0817 1376 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    08:35:31.0880 1376 WfpLwf - ok
    08:35:32.0894 1376 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    08:35:32.0925 1376 WIMMount - ok
    08:35:33.0689 1376 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    08:35:33.0721 1376 WinUsb - ok
    08:35:33.0986 1376 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
    08:35:34.0048 1376 WmiAcpi - ok
    08:35:34.0189 1376 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    08:35:34.0251 1376 ws2ifsl - ok
    08:35:34.0501 1376 WudfPf (ab886378eeb55c6c75b4f2d14b6c869f) C:\Windows\system32\drivers\WudfPf.sys
    08:35:34.0532 1376 WudfPf - ok
    08:35:34.0641 1376 WUDFRd (dda4caf29d8c0a297f886bfe561e6659) C:\Windows\system32\DRIVERS\WUDFRd.sys
    08:35:34.0672 1376 WUDFRd - ok
    08:35:34.0735 1376 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    08:35:43.0767 1376 \Device\Harddisk0\DR0 - ok
    08:35:43.0814 1376 Boot (0x1200) (8e265e2d21a0488809d9fa3981cfac99) \Device\Harddisk0\DR0\Partition0
    08:35:43.0814 1376 \Device\Harddisk0\DR0\Partition0 - ok
    08:35:43.0861 1376 Boot (0x1200) (97aa442d8741bc4bcd13210187f8d5b4) \Device\Harddisk0\DR0\Partition1
    08:35:43.0876 1376 \Device\Harddisk0\DR0\Partition1 - ok
    08:35:43.0892 1376 ============================================================
    08:35:43.0892 1376 Scan finished
    08:35:43.0892 1376 ============================================================
    08:35:43.0907 3260 Detected object count: 0
    08:35:43.0907 3260 Actual detected object count: 0

    Attached Files


    Edited by Oh My, 01 July 2013 - 12:37 PM.
    Posted log


    #11 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:07:31 AM

    Posted 01 June 2013 - 01:43 PM

    Hi there,

     

    I apologize for the delay, I had my graduation festivity yesterday and I had no access to the Internet.

     

     

    However, it does sound like a pretty nasty infection so I must warn you.

     

    One or more of the identified infections is a backdoor trojan.

    This allows hackers to remotely control your computer, [b]steal critical system information[/b] and [b]download and execute files[/b].

    I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

    Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

    How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
    When Should I Format, How Should I Reinstall

    We can still clean this machine but I can'
    t guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

     

     

     

    Elle


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #12 cloud3213

    cloud3213
    • Topic Starter

    • Members
    • 30 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Albany NY
    • Local time:12:31 AM

    Posted 02 June 2013 - 12:17 PM

    Congrats!! Mine is next month! But wow now I'm kinda freaking out. I haven't purchased or banked online in quite sometime because I knew something was wrong with my computer right away because I do help desk support at a college in Albany so I'm pretty technical with computers. Not as much as you I should add But like I said before I have literally tried everything!! You said you can't be 100% certain my computer can be trusted again? That scares me! I don't care about reformatting and reinstalling windows I've done that so many times..as for my desktop that I built which is only 6 months old what do you recommend? A new HD, bios chip and motherboard? Obviously a new router right? I have so many questions for you, I really appreciate you taking time to help me with this. What if I took out all my HD's and hooked them up to an external reader and scanned or formatted that way? I read somewhere that the viruses aren't compatible with windows 95. It sounds like a stretch but its worth a shot right? Sorry for not putting this in the PM before, I've been using my iphone.

    #13 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:07:31 AM

    Posted 03 June 2013 - 12:33 PM

    It is necessary for us to at least make you aware of the worse case scenario.  This is because of the potential Backdoor Trojans bring with them, but it is not a determination on our part that your situation currently falls withing this worse case scenario.
    Ultimately it is a personal decision whether to reformat or not.  What decision should you make to let you sleep well at night.  It is different for different people.  I will say whether rightly or wrongly most people decide to clean and not reformat, at least initially.

    The only insight I can offer is how I evaluate the issue personally even though I have never had a Backdoor Trojan on my computer.  One of the primary purposes for malicious software is to somehow separate you from your money.  It seems reasonable to assume that a thief trying to take your money via a Backdoor Trojan will hit you hard, and quickly.  Once your computer starts to act up and you become suspicious, you have the opportunity to eliminate access to your computer and change the information taken, namely account and password information.  The key to this, in my opinion, is whether or not you have noticed any irregularities in your banking or other financial institutions, or things like email and social network accounts (i.e. Facebook).  If you have not seen any evidence of that then you may question whether your information has truly been stolen.  If it seems it hasn't, and your critical information has been changed, it is reasonable to be more confident you are safe but you must stop short of claiming an absolute guarantee.

    If, after careful consideration you decide not to reformat your computer it would be wise to continue monitoring your sensitive data and don't wait to address future symptoms on your computer which seem to be malware related.

    The bottom line, the ONLY way to be absolutely sure to be rid of a Backdoor Trojan is to reformat.  The decision is yours.

     

     

     

    Elle


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #14 cloud3213

    cloud3213
    • Topic Starter

    • Members
    • 30 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Albany NY
    • Local time:12:31 AM

    Posted 03 June 2013 - 12:43 PM

    I have reformatted. It keeps coming back, and I have tried everything.



    #15 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:07:31 AM

    Posted 03 June 2013 - 02:12 PM

    Hi there,

     

     

    I am afraid that as long as the other infected computers (laptop for example) are connected to the router it will get reinfected. Also, please check on how to restore your router to the initial settings:

     

    http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

     

    It needs to be done before trying to connect the freshly reformated computer to it.

     

    Elle 


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image




    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users