Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems with Trojan Alureon. J


  • Please log in to reply
14 replies to this topic

#1 01juanjose01

01juanjose01

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 01 September 2013 - 05:27 PM

I just figured out  that I have this Trojan in my laptop, an I am looking the way to rid off this problem, I hope somebody could help me with it here, thanks.

 

Moderator edit: Moved from Windows 7 to a more appropriate forum

Roger


Edited by rotor123, 01 September 2013 - 05:38 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 01 September 2013 - 08:26 PM

Hello 01
 
Let's do these next and see how it is after.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
 
 
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
Do not change the default options on scan results.
 
 
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • >>>
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 01juanjose01

01juanjose01
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 01 September 2013 - 11:16 PM

Attached File  Result.txt   19.53KB   5 downloads
Attached File  Result.txt   19.53KB   5 downloadsAttached File  TDSSKiller.2.9.2.0_01.09.2013_22.57.41_log.txt   127.68KB   3 downloads

Edited by Orange Blossom, 01 September 2013 - 11:20 PM.
Merged topics. ~ OB


#4 01juanjose01

01juanjose01
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 01 September 2013 - 11:43 PM

# AdwCleaner v3.002 - Report created 01/09/2013 at 23:19:21
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Morales - MORALES-PC
# Running from : C:\Users\Morales\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

*************************

AdwCleaner[R0].txt - [670 octets] - [01/09/2013 23:19:21]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [729 octets] ##########

This is the Log Report

 

 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 02 September 2013 - 06:50 PM

Hello,, I did not see an Antivirus installed,did I miss it?


Your TDSS log is cut off at
2:59:25.0602 0x14e4 Detected object count: 2
22:59:25.0602 0x14e4 Actual detected object count: 2

I need to see he lines after that.

Did you run ESET?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 01juanjose01

01juanjose01
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 02 September 2013 - 09:51 PM

C:\Windows.old\ProgramData\Start Menu\Programs\Jeaks Music\Jeaks Music on the Web.lnk LNK/URL.B trojan
C:\Windows.old\Users\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Jeaks Music\Jeaks Music on the Web.lnk LNK/URL.B trojan
C:\Windows.old\Users\All Users\Application Data\Start Menu\Programs\Jeaks Music\Jeaks Music on the Web.lnk LNK/URL.B trojan
C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\Jeaks Music\Jeaks Music on the Web.lnk LNK/URL.B trojan
C:\Windows.old\Users\All Users\Start Menu\Programs\Jeaks Music\Jeaks Music on the Web.lnk LNK/URL.B trojan
C:\$Recycle.Bin\S-1-5-21-1356421458-965840875-922038761-1000\$R2W85ZF.zip multiple threats deleted - quarantined
C:\tmp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\tmp\SetupDataMngr_Searchqu.exe multiple threats cleaned by deleting - quarantined
C:\tmp\Low\abcdefg.bat BAT/DelMe.A.Gen trojan cleaned by deleting - quarantined
C:\tmp\NERO02000179\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.A application cleaned by deleting - quarantined
C:\tmp\NERO1005442\unit_app_75\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.A application cleaned by deleting - quarantined
C:\tmp\NERO1005568\unit_app_75\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.A application cleaned by deleting - quarantined
C:\tmp\NERO1006079\unit_app_75\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.A application cleaned by deleting - quarantined
C:\tmp\NERO20100326140711923\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.A application cleaned by deleting - quarantined
C:\tmp\NeroInstallFiles\NERO20110421130503368\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe probably a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\tmp\Temp1_SopCast.zip\Setup-SopCast-3.2.8-2010-2-26.exe multiple threats cleaned by deleting - quarantined
C:\Users\Morales\Downloads\Norton\1BOX_NTR2011.exe Win32/RiskWare.HackAV.HF application cleaned by deleting - quarantined
C:\Windows.old\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeaks Music\Jeaks Music on the Web.lnk LNK/URL.B trojan cleaned by deleting - quarantined

 

This is the report of ESET

 



#7 01juanjose01

01juanjose01
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 02 September 2013 - 09:55 PM

I have an antivirus (Norton), but something is not letting work, is not running.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 02 September 2013 - 10:07 PM

OK, we will get to that as malware may be blocking it.

Would you repost the bottom of the TDSS log that is missing or rerun it and post the new log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 01juanjose01

01juanjose01
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 02 September 2013 - 10:12 PM

Ok, I'm going to run it again (TDSS) and post the new report, thanks



#10 01juanjose01

01juanjose01
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 02 September 2013 - 10:30 PM

22:13:09.0499 0x0870  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
22:13:09.0898 0x0870  ============================================================
22:13:09.0899 0x0870  Current date / time: 2013/09/02 22:13:09.0898
22:13:09.0899 0x0870  SystemInfo:
22:13:09.0899 0x0870 
22:13:09.0899 0x0870  OS Version: 6.1.7601 ServicePack: 1.0
22:13:09.0899 0x0870  Product type: Workstation
22:13:09.0899 0x0870  ComputerName: MORALES-PC
22:13:09.0899 0x0870  UserName: Morales
22:13:09.0899 0x0870  Windows directory: C:\Windows
22:13:09.0899 0x0870  System windows directory: C:\Windows
22:13:09.0899 0x0870  Running under WOW64
22:13:09.0899 0x0870  Processor architecture: Intel x64
22:13:09.0899 0x0870  Number of processors: 1
22:13:09.0899 0x0870  Page size: 0x1000
22:13:09.0899 0x0870  Boot type: Normal boot
22:13:09.0899 0x0870  ============================================================
22:13:11.0847 0x0870  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:13:11.0857 0x0870  ============================================================
22:13:11.0857 0x0870  \Device\Harddisk0\DR0:
22:13:11.0857 0x0870  MBR partitions:
22:13:11.0857 0x0870  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
22:13:11.0857 0x0870  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x107B96A8
22:13:11.0907 0x0870  ============================================================
22:13:11.0977 0x0870  C: <-> \Device\Harddisk0\DR0\Partition2
22:13:12.0057 0x0870  D: <-> \Device\Harddisk0\DR0\Partition1
22:13:12.0057 0x0870  ============================================================
22:13:12.0057 0x0870  Initialize success
22:13:12.0057 0x0870  ============================================================
22:15:38.0578 0x0a4c  ============================================================
22:15:38.0578 0x0a4c  Scan started
22:15:38.0578 0x0a4c  Mode: Manual; TDLFS;
22:15:38.0578 0x0a4c  ============================================================
22:15:40.0621 0x0a4c  ================ Scan system memory ========================
22:15:40.0621 0x0a4c  System memory - ok
22:15:40.0621 0x0a4c  ================ Scan services =============================
22:15:40.0808 0x0a4c  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
22:15:40.0808 0x0a4c  1394ohci - ok
22:15:40.0855 0x0a4c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:15:40.0886 0x0a4c  ACPI - ok
22:15:40.0933 0x0a4c  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:15:40.0933 0x0a4c  AcpiPmi - ok
22:15:41.0058 0x0a4c  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:15:41.0058 0x0a4c  AdobeARMservice - ok
22:15:41.0183 0x0a4c  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:15:41.0198 0x0a4c  AdobeFlashPlayerUpdateSvc - ok
22:15:41.0261 0x0a4c  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:15:41.0261 0x0a4c  adp94xx - ok
22:15:41.0323 0x0a4c  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:15:41.0323 0x0a4c  adpahci - ok
22:15:41.0354 0x0a4c  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:15:41.0370 0x0a4c  adpu320 - ok
22:15:41.0417 0x0a4c  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:15:41.0417 0x0a4c  AeLookupSvc - ok
22:15:41.0495 0x0a4c  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
22:15:41.0510 0x0a4c  AFD - ok
22:15:41.0542 0x0a4c  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:15:41.0542 0x0a4c  agp440 - ok
22:15:41.0588 0x0a4c  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:15:41.0588 0x0a4c  ALG - ok
22:15:41.0635 0x0a4c  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:15:41.0635 0x0a4c  aliide - ok
22:15:41.0651 0x0a4c  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
22:15:41.0651 0x0a4c  amdide - ok
22:15:41.0698 0x0a4c  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:15:41.0698 0x0a4c  AmdK8 - ok
22:15:41.0729 0x0a4c  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:15:41.0744 0x0a4c  AmdPPM - ok
22:15:41.0791 0x0a4c  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:15:41.0807 0x0a4c  amdsata - ok
22:15:41.0838 0x0a4c  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:15:41.0838 0x0a4c  amdsbs - ok
22:15:41.0885 0x0a4c  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:15:41.0885 0x0a4c  amdxata - ok
22:15:41.0900 0x0a4c  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
22:15:41.0916 0x0a4c  AppID - ok
22:15:41.0947 0x0a4c  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:15:41.0947 0x0a4c  AppIDSvc - ok
22:15:42.0010 0x0a4c  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
22:15:42.0056 0x0a4c  Appinfo - ok
22:15:42.0103 0x0a4c  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
22:15:42.0119 0x0a4c  arc - ok
22:15:42.0181 0x0a4c  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:15:42.0181 0x0a4c  arcsas - ok
22:15:42.0228 0x0a4c  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:15:42.0244 0x0a4c  AsyncMac - ok
22:15:42.0259 0x0a4c  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
22:15:42.0259 0x0a4c  atapi - ok
22:15:42.0322 0x0a4c  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:15:42.0337 0x0a4c  AudioEndpointBuilder - ok
22:15:42.0384 0x0a4c  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:15:42.0384 0x0a4c  AudioSrv - ok
22:15:42.0431 0x0a4c  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:15:42.0431 0x0a4c  AxInstSV - ok
22:15:42.0524 0x0a4c  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:15:42.0540 0x0a4c  b06bdrv - ok
22:15:42.0634 0x0a4c  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:15:42.0634 0x0a4c  b57nd60a - ok
22:15:42.0774 0x0a4c  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
22:15:42.0805 0x0a4c  BCM43XX - ok
22:15:42.0836 0x0a4c  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:15:42.0852 0x0a4c  BDESVC - ok
22:15:42.0883 0x0a4c  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:15:42.0883 0x0a4c  Beep - ok
22:15:42.0961 0x0a4c  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
22:15:42.0977 0x0a4c  BFE - ok
22:15:43.0226 0x0a4c  [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130715.001\BHDrvx64.sys
22:15:43.0242 0x0a4c  BHDrvx64 - ok
22:15:43.0289 0x0a4c  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
22:15:43.0320 0x0a4c  BITS - ok
22:15:43.0367 0x0a4c  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:15:43.0367 0x0a4c  blbdrive - ok
22:15:43.0414 0x0a4c  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:15:43.0414 0x0a4c  bowser - ok
22:15:43.0445 0x0a4c  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:15:43.0460 0x0a4c  BrFiltLo - ok
22:15:43.0476 0x0a4c  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:15:43.0476 0x0a4c  BrFiltUp - ok
22:15:43.0538 0x0a4c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
22:15:43.0538 0x0a4c  Browser - ok
22:15:43.0570 0x0a4c  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:15:43.0570 0x0a4c  Brserid - ok
22:15:43.0601 0x0a4c  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:15:43.0601 0x0a4c  BrSerWdm - ok
22:15:43.0632 0x0a4c  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:15:43.0648 0x0a4c  BrUsbMdm - ok
22:15:43.0679 0x0a4c  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:15:43.0679 0x0a4c  BrUsbSer - ok
22:15:43.0694 0x0a4c  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:15:43.0694 0x0a4c  BTHMODEM - ok
22:15:43.0757 0x0a4c  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:15:43.0757 0x0a4c  bthserv - ok
22:15:43.0788 0x0a4c  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:15:43.0804 0x0a4c  cdfs - ok
22:15:43.0850 0x0a4c  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:15:43.0866 0x0a4c  cdrom - ok
22:15:43.0897 0x0a4c  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:15:43.0897 0x0a4c  CertPropSvc - ok
22:15:43.0944 0x0a4c  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
22:15:43.0944 0x0a4c  circlass - ok
22:15:43.0975 0x0a4c  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:15:43.0991 0x0a4c  CLFS - ok
22:15:44.0100 0x0a4c  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:15:44.0116 0x0a4c  clr_optimization_v2.0.50727_32 - ok
22:15:44.0178 0x0a4c  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:15:44.0178 0x0a4c  clr_optimization_v2.0.50727_64 - ok
22:15:44.0272 0x0a4c  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:15:44.0272 0x0a4c  clr_optimization_v4.0.30319_32 - ok
22:15:44.0350 0x0a4c  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:15:44.0350 0x0a4c  clr_optimization_v4.0.30319_64 - ok
22:15:44.0396 0x0a4c  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:15:44.0396 0x0a4c  CmBatt - ok
22:15:44.0443 0x0a4c  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:15:44.0443 0x0a4c  cmdide - ok
22:15:44.0506 0x0a4c  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
22:15:44.0506 0x0a4c  CNG - ok
22:15:44.0537 0x0a4c  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:15:44.0537 0x0a4c  Compbatt - ok
22:15:44.0568 0x0a4c  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:15:44.0584 0x0a4c  CompositeBus - ok
22:15:44.0599 0x0a4c  COMSysApp - ok
22:15:44.0646 0x0a4c  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:15:44.0646 0x0a4c  crcdisk - ok
22:15:44.0724 0x0a4c  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:15:44.0724 0x0a4c  CryptSvc - ok
22:15:44.0786 0x0a4c  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:15:44.0786 0x0a4c  DcomLaunch - ok
22:15:44.0849 0x0a4c  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:15:44.0849 0x0a4c  defragsvc - ok
22:15:44.0896 0x0a4c  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:15:44.0896 0x0a4c  DfsC - ok
22:15:44.0942 0x0a4c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:15:44.0942 0x0a4c  Dhcp - ok
22:15:44.0974 0x0a4c  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:15:44.0974 0x0a4c  discache - ok
22:15:45.0067 0x0a4c  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
22:15:45.0067 0x0a4c  Disk - ok
22:15:45.0130 0x0a4c  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:15:45.0145 0x0a4c  Dnscache - ok
22:15:45.0192 0x0a4c  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:15:45.0192 0x0a4c  dot3svc - ok
22:15:45.0223 0x0a4c  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
22:15:45.0223 0x0a4c  DPS - ok
22:15:45.0286 0x0a4c  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:15:45.0286 0x0a4c  drmkaud - ok
22:15:45.0348 0x0a4c  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:15:45.0348 0x0a4c  DXGKrnl - ok
22:15:45.0379 0x0a4c  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:15:45.0379 0x0a4c  EapHost - ok
22:15:45.0520 0x0a4c  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:15:45.0613 0x0a4c  ebdrv - ok
22:15:45.0722 0x0a4c  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
22:15:45.0722 0x0a4c  eeCtrl - ok
22:15:45.0769 0x0a4c  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
22:15:45.0769 0x0a4c  EFS - ok
22:15:45.0878 0x0a4c  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:15:45.0894 0x0a4c  ehRecvr - ok
22:15:45.0910 0x0a4c  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
22:15:45.0925 0x0a4c  ehSched - ok
22:15:45.0988 0x0a4c  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:15:45.0988 0x0a4c  elxstor - ok
22:15:46.0097 0x0a4c  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:15:46.0097 0x0a4c  EraserUtilRebootDrv - ok
22:15:46.0128 0x0a4c  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:15:46.0128 0x0a4c  ErrDev - ok
22:15:46.0206 0x0a4c  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:15:46.0222 0x0a4c  EventSystem - ok
22:15:46.0253 0x0a4c  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:15:46.0253 0x0a4c  exfat - ok
22:15:46.0300 0x0a4c  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:15:46.0300 0x0a4c  fastfat - ok
22:15:46.0346 0x0a4c  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
22:15:46.0362 0x0a4c  Fax - ok
22:15:46.0393 0x0a4c  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
22:15:46.0393 0x0a4c  fdc - ok
22:15:46.0440 0x0a4c  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:15:46.0440 0x0a4c  fdPHost - ok
22:15:46.0456 0x0a4c  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:15:46.0471 0x0a4c  FDResPub - ok
22:15:46.0487 0x0a4c  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:15:46.0487 0x0a4c  FileInfo - ok
22:15:46.0502 0x0a4c  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:15:46.0518 0x0a4c  Filetrace - ok
22:15:46.0549 0x0a4c  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:15:46.0549 0x0a4c  flpydisk - ok
22:15:46.0612 0x0a4c  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:15:46.0627 0x0a4c  FltMgr - ok
22:15:46.0690 0x0a4c  [ 5F3982B51A5DF6F7FF5FD3A4CE0BFF5D ] FLxHCIc         C:\Windows\system32\DRIVERS\FLxHCIc.sys
22:15:46.0705 0x0a4c  FLxHCIc - ok
22:15:46.0736 0x0a4c  [ 1ACB3F124140A2EAB5A1E36286E37C0D ] FLxHCIh         C:\Windows\system32\DRIVERS\FLxHCIh.sys
22:15:46.0736 0x0a4c  FLxHCIh - ok
22:15:46.0830 0x0a4c  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
22:15:46.0861 0x0a4c  FontCache - ok
22:15:46.0924 0x0a4c  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:15:46.0924 0x0a4c  FontCache3.0.0.0 - ok
22:15:46.0970 0x0a4c  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:15:46.0970 0x0a4c  FsDepends - ok
22:15:47.0033 0x0a4c  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:15:47.0033 0x0a4c  Fs_Rec - ok
22:15:47.0095 0x0a4c  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:15:47.0095 0x0a4c  fvevol - ok
22:15:47.0158 0x0a4c  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:15:47.0158 0x0a4c  gagp30kx - ok
22:15:47.0220 0x0a4c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
22:15:47.0251 0x0a4c  gpsvc - ok
22:15:47.0282 0x0a4c  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:15:47.0282 0x0a4c  hcw85cir - ok
22:15:47.0360 0x0a4c  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:15:47.0360 0x0a4c  HdAudAddService - ok
22:15:47.0392 0x0a4c  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:15:47.0392 0x0a4c  HDAudBus - ok
22:15:47.0423 0x0a4c  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:15:47.0438 0x0a4c  HidBatt - ok
22:15:47.0454 0x0a4c  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:15:47.0454 0x0a4c  HidBth - ok
22:15:47.0470 0x0a4c  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:15:47.0470 0x0a4c  HidIr - ok
22:15:47.0501 0x0a4c  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
22:15:47.0501 0x0a4c  hidserv - ok
22:15:47.0548 0x0a4c  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
22:15:47.0548 0x0a4c  HidUsb - ok
22:15:47.0594 0x0a4c  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:15:47.0610 0x0a4c  hkmsvc - ok
22:15:47.0626 0x0a4c  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:15:47.0641 0x0a4c  HomeGroupListener - ok
22:15:47.0672 0x0a4c  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:15:47.0688 0x0a4c  HomeGroupProvider - ok
22:15:47.0735 0x0a4c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:15:47.0735 0x0a4c  HpSAMD - ok
22:15:47.0782 0x0a4c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:15:47.0813 0x0a4c  HTTP - ok
22:15:47.0828 0x0a4c  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:15:47.0844 0x0a4c  hwpolicy - ok
22:15:47.0860 0x0a4c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:15:47.0860 0x0a4c  i8042prt - ok
22:15:47.0953 0x0a4c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:15:47.0969 0x0a4c  iaStorV - ok
22:15:48.0047 0x0a4c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:15:48.0094 0x0a4c  idsvc - ok
22:15:48.0234 0x0a4c  [ A1258065E8B16E23E2AFDE72FB5559BC ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130823.001\IDSvia64.sys
22:15:48.0234 0x0a4c  IDSVia64 - ok
22:15:48.0421 0x0a4c  [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:15:48.0577 0x0a4c  igfx - ok
22:15:48.0640 0x0a4c  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:15:48.0640 0x0a4c  iirsp - ok
22:15:48.0686 0x0a4c  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:15:48.0718 0x0a4c  IKEEXT - ok
22:15:48.0749 0x0a4c  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
22:15:48.0749 0x0a4c  intelide - ok
22:15:48.0780 0x0a4c  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:15:48.0780 0x0a4c  intelppm - ok
22:15:48.0811 0x0a4c  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:15:48.0811 0x0a4c  IPBusEnum - ok
22:15:48.0842 0x0a4c  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:15:48.0842 0x0a4c  IpFilterDriver - ok
22:15:48.0905 0x0a4c  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:15:48.0905 0x0a4c  iphlpsvc - ok
22:15:48.0952 0x0a4c  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:15:48.0952 0x0a4c  IPMIDRV - ok
22:15:48.0967 0x0a4c  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:15:48.0967 0x0a4c  IPNAT - ok
22:15:48.0998 0x0a4c  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:15:48.0998 0x0a4c  IRENUM - ok
22:15:49.0030 0x0a4c  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:15:49.0030 0x0a4c  isapnp - ok
22:15:49.0076 0x0a4c  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:15:49.0092 0x0a4c  iScsiPrt - ok
22:15:49.0139 0x0a4c  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:15:49.0139 0x0a4c  kbdclass - ok
22:15:49.0170 0x0a4c  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
22:15:49.0170 0x0a4c  kbdhid - ok
22:15:49.0201 0x0a4c  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
22:15:49.0217 0x0a4c  KeyIso - ok
22:15:49.0264 0x0a4c  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:15:49.0264 0x0a4c  KSecDD - ok
22:15:49.0279 0x0a4c  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:15:49.0295 0x0a4c  KSecPkg - ok
22:15:49.0310 0x0a4c  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:15:49.0310 0x0a4c  ksthunk - ok
22:15:49.0373 0x0a4c  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:15:49.0388 0x0a4c  KtmRm - ok
22:15:49.0451 0x0a4c  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:15:49.0451 0x0a4c  LanmanServer - ok
22:15:49.0498 0x0a4c  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:15:49.0498 0x0a4c  LanmanWorkstation - ok
22:15:49.0576 0x0a4c  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:15:49.0576 0x0a4c  lltdio - ok
22:15:49.0622 0x0a4c  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:15:49.0638 0x0a4c  lltdsvc - ok
22:15:49.0669 0x0a4c  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:15:49.0669 0x0a4c  lmhosts - ok
22:15:49.0732 0x0a4c  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:15:49.0732 0x0a4c  LSI_FC - ok
22:15:49.0747 0x0a4c  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:15:49.0763 0x0a4c  LSI_SAS - ok
22:15:49.0778 0x0a4c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:15:49.0794 0x0a4c  LSI_SAS2 - ok
22:15:49.0825 0x0a4c  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:15:49.0825 0x0a4c  LSI_SCSI - ok
22:15:49.0856 0x0a4c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:15:49.0856 0x0a4c  luafv - ok
22:15:49.0903 0x0a4c  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:15:49.0903 0x0a4c  Mcx2Svc - ok
22:15:49.0934 0x0a4c  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:15:49.0950 0x0a4c  megasas - ok
22:15:49.0997 0x0a4c  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:15:49.0997 0x0a4c  MegaSR - ok
22:15:50.0184 0x0a4c  [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:15:50.0184 0x0a4c  Microsoft Office Groove Audit Service - ok
22:15:50.0262 0x0a4c  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:15:50.0262 0x0a4c  MMCSS - ok
22:15:50.0293 0x0a4c  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:15:50.0293 0x0a4c  Modem - ok
22:15:50.0340 0x0a4c  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:15:50.0340 0x0a4c  monitor - ok
22:15:50.0371 0x0a4c  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:15:50.0371 0x0a4c  mouclass - ok
22:15:50.0418 0x0a4c  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
22:15:50.0418 0x0a4c  mouhid - ok
22:15:50.0449 0x0a4c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:15:50.0449 0x0a4c  mountmgr - ok
22:15:50.0496 0x0a4c  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:15:50.0496 0x0a4c  mpio - ok
22:15:50.0543 0x0a4c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:15:50.0543 0x0a4c  mpsdrv - ok
22:15:50.0605 0x0a4c  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:15:50.0621 0x0a4c  MpsSvc - ok
22:15:50.0652 0x0a4c  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:15:50.0668 0x0a4c  MRxDAV - ok
22:15:50.0714 0x0a4c  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:15:50.0714 0x0a4c  mrxsmb - ok
22:15:50.0746 0x0a4c  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:15:50.0746 0x0a4c  mrxsmb10 - ok
22:15:50.0777 0x0a4c  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:15:50.0777 0x0a4c  mrxsmb20 - ok
22:15:50.0792 0x0a4c  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:15:50.0792 0x0a4c  msahci - ok
22:15:50.0824 0x0a4c  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:15:50.0824 0x0a4c  msdsm - ok
22:15:50.0870 0x0a4c  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:15:50.0870 0x0a4c  MSDTC - ok
22:15:50.0933 0x0a4c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:15:50.0933 0x0a4c  Msfs - ok
22:15:50.0964 0x0a4c  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:15:50.0964 0x0a4c  mshidkmdf - ok
22:15:50.0995 0x0a4c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:15:50.0995 0x0a4c  msisadrv - ok
22:15:51.0026 0x0a4c  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:15:51.0042 0x0a4c  MSiSCSI - ok
22:15:51.0058 0x0a4c  msiserver - ok
22:15:51.0089 0x0a4c  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:15:51.0104 0x0a4c  MSKSSRV - ok
22:15:51.0104 0x0a4c  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:15:51.0104 0x0a4c  MSPCLOCK - ok
22:15:51.0136 0x0a4c  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:15:51.0136 0x0a4c  MSPQM - ok
22:15:51.0182 0x0a4c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:15:51.0182 0x0a4c  MsRPC - ok
22:15:51.0214 0x0a4c  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:15:51.0214 0x0a4c  mssmbios - ok
22:15:51.0245 0x0a4c  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:15:51.0245 0x0a4c  MSTEE - ok
22:15:51.0276 0x0a4c  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:15:51.0276 0x0a4c  MTConfig - ok
22:15:51.0307 0x0a4c  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:15:51.0307 0x0a4c  Mup - ok
22:15:51.0354 0x0a4c  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
22:15:51.0370 0x0a4c  napagent - ok
22:15:51.0416 0x0a4c  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:15:51.0416 0x0a4c  NativeWifiP - ok
22:15:51.0557 0x0a4c  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130826.001\ENG64.SYS
22:15:51.0557 0x0a4c  NAVENG - ok
22:15:51.0635 0x0a4c  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130826.001\EX64.SYS
22:15:51.0697 0x0a4c  NAVEX15 - ok
22:15:51.0806 0x0a4c  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:15:51.0822 0x0a4c  NDIS - ok
22:15:51.0884 0x0a4c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:15:51.0884 0x0a4c  NdisCap - ok
22:15:51.0931 0x0a4c  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:15:51.0931 0x0a4c  NdisTapi - ok
22:15:51.0978 0x0a4c  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:15:51.0978 0x0a4c  Ndisuio - ok
22:15:52.0009 0x0a4c  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:15:52.0009 0x0a4c  NdisWan - ok
22:15:52.0025 0x0a4c  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:15:52.0025 0x0a4c  NDProxy - ok
22:15:52.0243 0x0a4c  [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
22:15:52.0274 0x0a4c  Nero BackItUp Scheduler 4.0 - ok
22:15:52.0321 0x0a4c  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:15:52.0321 0x0a4c  NetBIOS - ok
22:15:52.0368 0x0a4c  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:15:52.0368 0x0a4c  NetBT - ok
22:15:52.0399 0x0a4c  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:15:52.0399 0x0a4c  Netlogon - ok
22:15:52.0446 0x0a4c  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:15:52.0462 0x0a4c  Netman - ok
22:15:52.0493 0x0a4c  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:15:52.0493 0x0a4c  netprofm - ok
22:15:52.0540 0x0a4c  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:15:52.0540 0x0a4c  NetTcpPortSharing - ok
22:15:52.0602 0x0a4c  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:15:52.0602 0x0a4c  nfrd960 - ok
22:15:52.0727 0x0a4c  [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
22:15:52.0742 0x0a4c  NIS - ok
22:15:52.0820 0x0a4c  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:15:52.0820 0x0a4c  NlaSvc - ok
22:15:52.0852 0x0a4c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:15:52.0852 0x0a4c  Npfs - ok
22:15:52.0883 0x0a4c  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:15:52.0883 0x0a4c  nsi - ok
22:15:52.0914 0x0a4c  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:15:52.0914 0x0a4c  nsiproxy - ok
22:15:53.0008 0x0a4c  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:15:53.0054 0x0a4c  Ntfs - ok
22:15:53.0070 0x0a4c  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:15:53.0070 0x0a4c  Null - ok
22:15:53.0132 0x0a4c  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:15:53.0132 0x0a4c  nvraid - ok
22:15:53.0195 0x0a4c  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:15:53.0195 0x0a4c  nvstor - ok
22:15:53.0257 0x0a4c  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:15:53.0257 0x0a4c  nv_agp - ok
22:15:53.0429 0x0a4c  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:15:53.0444 0x0a4c  odserv - ok
22:15:53.0507 0x0a4c  [ 44A9473D72983DD484B4F1BF0D946571 ] OEM02Dev        C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:15:53.0507 0x0a4c  OEM02Dev - ok
22:15:53.0538 0x0a4c  [ 766F689564BC30E5A91F8621CE65AD68 ] OEM02Vfx        C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:15:53.0538 0x0a4c  OEM02Vfx - ok
22:15:53.0600 0x0a4c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:15:53.0616 0x0a4c  ohci1394 - ok
22:15:53.0647 0x0a4c  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:15:53.0647 0x0a4c  ose - ok
22:15:53.0710 0x0a4c  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:15:53.0725 0x0a4c  p2pimsvc - ok
22:15:53.0756 0x0a4c  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:15:53.0772 0x0a4c  p2psvc - ok
22:15:53.0803 0x0a4c  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
22:15:53.0803 0x0a4c  Parport - ok
22:15:53.0834 0x0a4c  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:15:53.0834 0x0a4c  partmgr - ok
22:15:53.0866 0x0a4c  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:15:53.0866 0x0a4c  PcaSvc - ok
22:15:53.0897 0x0a4c  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
22:15:53.0897 0x0a4c  pci - ok
22:15:53.0928 0x0a4c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:15:53.0928 0x0a4c  pciide - ok
22:15:53.0959 0x0a4c  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:15:53.0959 0x0a4c  pcmcia - ok
22:15:53.0990 0x0a4c  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:15:53.0990 0x0a4c  pcw - ok
22:15:54.0037 0x0a4c  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:15:54.0068 0x0a4c  PEAUTH - ok
22:15:54.0162 0x0a4c  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:15:54.0178 0x0a4c  PerfHost - ok
22:15:54.0256 0x0a4c  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
22:15:54.0302 0x0a4c  pla - ok
22:15:54.0365 0x0a4c  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:15:54.0380 0x0a4c  PlugPlay - ok
22:15:54.0412 0x0a4c  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:15:54.0412 0x0a4c  PNRPAutoReg - ok
22:15:54.0427 0x0a4c  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:15:54.0443 0x0a4c  PNRPsvc - ok
22:15:54.0490 0x0a4c  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:15:54.0505 0x0a4c  PolicyAgent - ok
22:15:54.0552 0x0a4c  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:15:54.0568 0x0a4c  Power - ok
22:15:54.0614 0x0a4c  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:15:54.0614 0x0a4c  PptpMiniport - ok
22:15:54.0646 0x0a4c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
22:15:54.0646 0x0a4c  Processor - ok
22:15:54.0724 0x0a4c  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:15:54.0739 0x0a4c  ProfSvc - ok
22:15:54.0755 0x0a4c  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:15:54.0755 0x0a4c  ProtectedStorage - ok
22:15:54.0802 0x0a4c  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:15:54.0802 0x0a4c  Psched - ok
22:15:54.0864 0x0a4c  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:15:54.0911 0x0a4c  ql2300 - ok
22:15:54.0942 0x0a4c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:15:54.0942 0x0a4c  ql40xx - ok
22:15:54.0989 0x0a4c  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:15:55.0004 0x0a4c  QWAVE - ok
22:15:55.0036 0x0a4c  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:15:55.0036 0x0a4c  QWAVEdrv - ok
22:15:55.0067 0x0a4c  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:15:55.0067 0x0a4c  RasAcd - ok
22:15:55.0129 0x0a4c  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:15:55.0129 0x0a4c  RasAgileVpn - ok
22:15:55.0145 0x0a4c  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:15:55.0160 0x0a4c  RasAuto - ok
22:15:55.0176 0x0a4c  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:15:55.0176 0x0a4c  Rasl2tp - ok
22:15:55.0207 0x0a4c  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:15:55.0223 0x0a4c  RasMan - ok
22:15:55.0238 0x0a4c  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:15:55.0238 0x0a4c  RasPppoe - ok
22:15:55.0254 0x0a4c  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:15:55.0270 0x0a4c  RasSstp - ok
22:15:55.0285 0x0a4c  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:15:55.0285 0x0a4c  rdbss - ok
22:15:55.0332 0x0a4c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:15:55.0332 0x0a4c  rdpbus - ok
22:15:55.0348 0x0a4c  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:15:55.0348 0x0a4c  RDPCDD - ok
22:15:55.0394 0x0a4c  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:15:55.0410 0x0a4c  RDPENCDD - ok
22:15:55.0426 0x0a4c  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:15:55.0426 0x0a4c  RDPREFMP - ok
22:15:55.0472 0x0a4c  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:15:55.0472 0x0a4c  RDPWD - ok
22:15:55.0504 0x0a4c  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:15:55.0535 0x0a4c  rdyboost - ok
22:15:55.0566 0x0a4c  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:15:55.0566 0x0a4c  RemoteAccess - ok
22:15:55.0613 0x0a4c  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:15:55.0613 0x0a4c  RemoteRegistry - ok
22:15:55.0691 0x0a4c  [ E31960692CBB3A8BCDF300BC1D889E1F ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
22:15:55.0691 0x0a4c  rimmptsk - ok
22:15:55.0722 0x0a4c  [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
22:15:55.0722 0x0a4c  rimsptsk - ok
22:15:55.0784 0x0a4c  [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
22:15:55.0784 0x0a4c  rismxdp - ok
22:15:55.0831 0x0a4c  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:15:55.0831 0x0a4c  RpcEptMapper - ok
22:15:55.0878 0x0a4c  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:15:55.0878 0x0a4c  RpcLocator - ok
22:15:55.0909 0x0a4c  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
22:15:55.0909 0x0a4c  RpcSs - ok
22:15:55.0972 0x0a4c  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:15:55.0972 0x0a4c  rspndr - ok
22:15:55.0987 0x0a4c  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
22:15:55.0987 0x0a4c  SamSs - ok
22:15:56.0050 0x0a4c  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:15:56.0065 0x0a4c  sbp2port - ok
22:15:56.0096 0x0a4c  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:15:56.0096 0x0a4c  SCardSvr - ok
22:15:56.0128 0x0a4c  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:15:56.0128 0x0a4c  scfilter - ok
22:15:56.0174 0x0a4c  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
22:15:56.0206 0x0a4c  Schedule - ok
22:15:56.0252 0x0a4c  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:15:56.0252 0x0a4c  SCPolicySvc - ok
22:15:56.0315 0x0a4c  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:15:56.0315 0x0a4c  sdbus - ok
22:15:56.0346 0x0a4c  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:15:56.0346 0x0a4c  SDRSVC - ok
22:15:56.0393 0x0a4c  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:15:56.0393 0x0a4c  secdrv - ok
22:15:56.0440 0x0a4c  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:15:56.0440 0x0a4c  seclogon - ok
22:15:56.0471 0x0a4c  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:15:56.0471 0x0a4c  SENS - ok
22:15:56.0502 0x0a4c  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:15:56.0502 0x0a4c  SensrSvc - ok
22:15:56.0533 0x0a4c  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:15:56.0533 0x0a4c  Serenum - ok
22:15:56.0596 0x0a4c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
22:15:56.0596 0x0a4c  Serial - ok
22:15:56.0642 0x0a4c  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:15:56.0642 0x0a4c  sermouse - ok
22:15:56.0720 0x0a4c  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:15:56.0720 0x0a4c  SessionEnv - ok
22:15:56.0752 0x0a4c  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:15:56.0752 0x0a4c  sffdisk - ok
22:15:56.0767 0x0a4c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:15:56.0783 0x0a4c  sffp_mmc - ok
22:15:56.0845 0x0a4c  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:15:56.0845 0x0a4c  sffp_sd - ok
22:15:56.0876 0x0a4c  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:15:56.0876 0x0a4c  sfloppy - ok
22:15:56.0923 0x0a4c  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:15:56.0923 0x0a4c  SharedAccess - ok
22:15:56.0954 0x0a4c  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:15:56.0970 0x0a4c  ShellHWDetection - ok
22:15:57.0017 0x0a4c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:15:57.0017 0x0a4c  SiSRaid2 - ok
22:15:57.0048 0x0a4c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:15:57.0048 0x0a4c  SiSRaid4 - ok
22:15:57.0110 0x0a4c  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:15:57.0110 0x0a4c  Smb - ok
22:15:57.0188 0x0a4c  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:15:57.0204 0x0a4c  SNMPTRAP - ok
22:15:57.0220 0x0a4c  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:15:57.0220 0x0a4c  spldr - ok
22:15:57.0266 0x0a4c  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
22:15:57.0282 0x0a4c  Spooler - ok
22:15:57.0376 0x0a4c  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:15:57.0454 0x0a4c  sppsvc - ok
22:15:57.0485 0x0a4c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:15:57.0485 0x0a4c  sppuinotify - ok
22:15:57.0578 0x0a4c  [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP           C:\Windows\System32\Drivers\NISx64\1207010.003\SRTSP64.SYS
22:15:57.0594 0x0a4c  SRTSP - ok
22:15:57.0641 0x0a4c  [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX          C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS
22:15:57.0641 0x0a4c  SRTSPX - ok
22:15:57.0703 0x0a4c  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:15:57.0703 0x0a4c  srv - ok
22:15:57.0734 0x0a4c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:15:57.0766 0x0a4c  srv2 - ok
22:15:57.0844 0x0a4c  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:15:57.0844 0x0a4c  SrvHsfHDA - ok
22:15:57.0906 0x0a4c  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:15:57.0953 0x0a4c  SrvHsfV92 - ok
22:15:57.0984 0x0a4c  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:15:58.0015 0x0a4c  SrvHsfWinac - ok
22:15:58.0062 0x0a4c  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:15:58.0078 0x0a4c  srvnet - ok
22:15:58.0140 0x0a4c  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:15:58.0140 0x0a4c  SSDPSRV - ok
22:15:58.0156 0x0a4c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:15:58.0171 0x0a4c  SstpSvc - ok
22:15:58.0202 0x0a4c  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:15:58.0218 0x0a4c  stexstor - ok
22:15:58.0280 0x0a4c  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:15:58.0327 0x0a4c  stisvc - ok
22:15:58.0343 0x0a4c  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:15:58.0358 0x0a4c  swenum - ok
22:15:58.0390 0x0a4c  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:15:58.0390 0x0a4c  swprv - ok
22:15:58.0452 0x0a4c  [ 6160145C7A87FC7672E8E3B886888176 ] SymDS           C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS
22:15:58.0468 0x0a4c  SymDS - ok
22:15:58.0514 0x0a4c  [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA          C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS
22:15:58.0546 0x0a4c  SymEFA - ok
22:15:58.0592 0x0a4c  [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
22:15:58.0592 0x0a4c  SymEvent - ok
22:15:58.0655 0x0a4c  [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON         C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS
22:15:58.0655 0x0a4c  SymIRON - ok
22:15:58.0670 0x0a4c  [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS         C:\Windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS
22:15:58.0686 0x0a4c  SymNetS - ok
22:15:58.0748 0x0a4c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
22:15:58.0795 0x0a4c  SysMain - ok
22:15:58.0826 0x0a4c  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:15:58.0826 0x0a4c  TabletInputService - ok
22:15:58.0858 0x0a4c  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:15:58.0858 0x0a4c  TapiSrv - ok
22:15:58.0889 0x0a4c  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:15:58.0889 0x0a4c  TBS - ok
22:15:59.0014 0x0a4c  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:15:59.0060 0x0a4c  Tcpip - ok
22:15:59.0138 0x0a4c  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:15:59.0138 0x0a4c  TCPIP6 - ok
22:15:59.0201 0x0a4c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:15:59.0201 0x0a4c  tcpipreg - ok
22:15:59.0263 0x0a4c  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:15:59.0263 0x0a4c  TDPIPE - ok
22:15:59.0326 0x0a4c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:15:59.0326 0x0a4c  TDTCP - ok
22:15:59.0372 0x0a4c  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:15:59.0372 0x0a4c  tdx - ok
22:15:59.0404 0x0a4c  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:15:59.0404 0x0a4c  TermDD - ok
22:15:59.0450 0x0a4c  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
22:15:59.0466 0x0a4c  TermService - ok
22:15:59.0482 0x0a4c  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:15:59.0482 0x0a4c  Themes - ok
22:15:59.0528 0x0a4c  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:15:59.0528 0x0a4c  THREADORDER - ok
22:15:59.0544 0x0a4c  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:15:59.0560 0x0a4c  TrkWks - ok
22:15:59.0622 0x0a4c  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:15:59.0622 0x0a4c  TrustedInstaller - ok
22:15:59.0684 0x0a4c  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:15:59.0684 0x0a4c  tssecsrv - ok
22:15:59.0747 0x0a4c  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:15:59.0747 0x0a4c  TsUsbFlt - ok
22:15:59.0778 0x0a4c  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:15:59.0778 0x0a4c  TsUsbGD - ok
22:15:59.0840 0x0a4c  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:15:59.0840 0x0a4c  tunnel - ok
22:15:59.0872 0x0a4c  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:15:59.0872 0x0a4c  uagp35 - ok
22:15:59.0918 0x0a4c  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:15:59.0918 0x0a4c  udfs - ok
22:15:59.0965 0x0a4c  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:15:59.0965 0x0a4c  UI0Detect - ok
22:16:00.0028 0x0a4c  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:16:00.0074 0x0a4c  uliagpkx - ok
22:16:00.0121 0x0a4c  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:16:00.0137 0x0a4c  umbus - ok
22:16:00.0168 0x0a4c  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:16:00.0168 0x0a4c  UmPass - ok
22:16:00.0215 0x0a4c  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:16:00.0215 0x0a4c  upnphost - ok
22:16:00.0262 0x0a4c  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:16:00.0262 0x0a4c  usbccgp - ok
22:16:00.0308 0x0a4c  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:16:00.0308 0x0a4c  usbcir - ok
22:16:00.0371 0x0a4c  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:16:00.0371 0x0a4c  usbehci - ok
22:16:00.0433 0x0a4c  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:16:00.0433 0x0a4c  usbhub - ok
22:16:00.0480 0x0a4c  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:16:00.0480 0x0a4c  usbohci - ok
22:16:00.0542 0x0a4c  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:16:00.0542 0x0a4c  usbprint - ok
22:16:00.0589 0x0a4c  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:16:00.0589 0x0a4c  USBSTOR - ok
22:16:00.0636 0x0a4c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:16:00.0636 0x0a4c  usbuhci - ok
22:16:00.0683 0x0a4c  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:16:00.0683 0x0a4c  usbvideo - ok
22:16:00.0745 0x0a4c  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:16:00.0745 0x0a4c  UxSms - ok
22:16:00.0761 0x0a4c  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:16:00.0776 0x0a4c  VaultSvc - ok
22:16:00.0808 0x0a4c  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:16:00.0808 0x0a4c  vdrvroot - ok
22:16:00.0839 0x0a4c  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
22:16:00.0839 0x0a4c  vds - ok
22:16:00.0886 0x0a4c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:16:00.0886 0x0a4c  vga - ok
22:16:00.0932 0x0a4c  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:16:00.0932 0x0a4c  VgaSave - ok
22:16:00.0964 0x0a4c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:16:00.0979 0x0a4c  vhdmp - ok
22:16:00.0995 0x0a4c  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:16:01.0010 0x0a4c  viaide - ok
22:16:01.0026 0x0a4c  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:16:01.0026 0x0a4c  volmgr - ok
22:16:01.0057 0x0a4c  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:16:01.0057 0x0a4c  volmgrx - ok
22:16:01.0088 0x0a4c  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:16:01.0104 0x0a4c  volsnap - ok
22:16:01.0166 0x0a4c  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:16:01.0166 0x0a4c  vsmraid - ok
22:16:01.0244 0x0a4c  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
22:16:01.0291 0x0a4c  VSS - ok
22:16:01.0322 0x0a4c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:16:01.0322 0x0a4c  vwifibus - ok
22:16:01.0354 0x0a4c  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:16:01.0354 0x0a4c  vwififlt - ok
22:16:01.0385 0x0a4c  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:16:01.0385 0x0a4c  W32Time - ok
22:16:01.0447 0x0a4c  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:16:01.0447 0x0a4c  WacomPen - ok
22:16:01.0510 0x0a4c  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:16:01.0510 0x0a4c  WANARP - ok
22:16:01.0541 0x0a4c  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:16:01.0541 0x0a4c  Wanarpv6 - ok
22:16:01.0666 0x0a4c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:16:01.0712 0x0a4c  WatAdminSvc - ok
22:16:01.0775 0x0a4c  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:16:01.0822 0x0a4c  wbengine - ok
22:16:01.0853 0x0a4c  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:16:01.0853 0x0a4c  WbioSrvc - ok
22:16:01.0884 0x0a4c  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:16:01.0915 0x0a4c  wcncsvc - ok
22:16:01.0946 0x0a4c  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:16:01.0946 0x0a4c  WcsPlugInService - ok
22:16:01.0993 0x0a4c  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
22:16:01.0993 0x0a4c  Wd - ok
22:16:02.0118 0x0a4c  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:16:02.0134 0x0a4c  Wdf01000 - ok
22:16:02.0149 0x0a4c  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:16:02.0149 0x0a4c  WdiServiceHost - ok
22:16:02.0165 0x0a4c  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:16:02.0165 0x0a4c  WdiSystemHost - ok
22:16:02.0196 0x0a4c  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
22:16:02.0212 0x0a4c  WebClient - ok
22:16:02.0243 0x0a4c  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:16:02.0258 0x0a4c  Wecsvc - ok
22:16:02.0274 0x0a4c  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:16:02.0290 0x0a4c  wercplsupport - ok
22:16:02.0321 0x0a4c  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:16:02.0321 0x0a4c  WerSvc - ok
22:16:02.0368 0x0a4c  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:16:02.0368 0x0a4c  WfpLwf - ok
22:16:02.0414 0x0a4c  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:16:02.0414 0x0a4c  WIMMount - ok
22:16:02.0446 0x0a4c  WinDefend - ok
22:16:02.0477 0x0a4c  WinHttpAutoProxySvc - ok
22:16:02.0555 0x0a4c  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:16:02.0555 0x0a4c  Winmgmt - ok
22:16:02.0633 0x0a4c  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
22:16:02.0680 0x0a4c  WinRM - ok
22:16:02.0758 0x0a4c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:16:02.0789 0x0a4c  Wlansvc - ok
22:16:02.0836 0x0a4c  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:16:02.0836 0x0a4c  WmiAcpi - ok
22:16:02.0882 0x0a4c  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:16:02.0882 0x0a4c  wmiApSrv - ok
22:16:02.0914 0x0a4c  WMPNetworkSvc - ok
22:16:02.0960 0x0a4c  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:16:02.0960 0x0a4c  WPCSvc - ok
22:16:02.0976 0x0a4c  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:16:02.0992 0x0a4c  WPDBusEnum - ok
22:16:03.0007 0x0a4c  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:16:03.0007 0x0a4c  ws2ifsl - ok
22:16:03.0038 0x0a4c  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
22:16:03.0038 0x0a4c  wscsvc - ok
22:16:03.0054 0x0a4c  WSearch - ok
22:16:03.0148 0x0a4c  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:16:03.0210 0x0a4c  wuauserv - ok
22:16:03.0288 0x0a4c  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:16:03.0288 0x0a4c  WudfPf - ok
22:16:03.0382 0x0a4c  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:16:03.0382 0x0a4c  WUDFRd - ok
22:16:03.0444 0x0a4c  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:16:03.0444 0x0a4c  wudfsvc - ok
22:16:03.0506 0x0a4c  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:16:03.0506 0x0a4c  WwanSvc - ok
22:16:03.0600 0x0a4c  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
22:16:03.0600 0x0a4c  yukonw7 - ok
22:16:03.0616 0x0a4c  ================ Scan global ===============================
22:16:03.0662 0x0a4c  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:16:03.0725 0x0a4c  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:16:03.0740 0x0a4c  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:16:03.0772 0x0a4c  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:16:03.0818 0x0a4c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:16:03.0834 0x0a4c  [Global] - ok
22:16:03.0834 0x0a4c  ================ Scan MBR ==================================
22:16:03.0850 0x0a4c  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
22:16:04.0208 0x0a4c  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:16:04.0208 0x0a4c  \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:16:04.0208 0x0a4c  ================ Scan VBR ==================================
22:16:04.0255 0x0a4c  [ C65EBB53AD6AB8CE1915D4348CCE8AEE ] \Device\Harddisk0\DR0\Partition1
22:16:04.0255 0x0a4c  \Device\Harddisk0\DR0\Partition1 - ok
22:16:04.0271 0x0a4c  [ 1A22DD193EE51383DF4D20A87C2BF6F3 ] \Device\Harddisk0\DR0\Partition2
22:16:04.0271 0x0a4c  \Device\Harddisk0\DR0\Partition2 - ok
22:16:04.0271 0x0a4c  ============================================================
22:16:04.0271 0x0a4c  Scan finished
22:16:04.0271 0x0a4c  ============================================================
22:16:04.0286 0x0950  Detected object count: 1
22:16:04.0286 0x0950  Actual detected object count: 1
22:17:09.0588 0x0950  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
22:17:09.0604 0x0950  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
22:17:09.0604 0x0950  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
22:17:09.0604 0x0950  \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
22:17:09.0619 0x0950  \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
22:17:09.0651 0x0950  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
22:17:09.0651 0x0950  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
22:17:09.0666 0x0950  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
22:17:09.0666 0x0950  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
22:17:09.0666 0x0950  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
22:17:09.0666 0x0950  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
22:17:09.0666 0x0950  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
22:17:09.0666 0x0950  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
22:17:09.0666 0x0950  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
22:17:09.0697 0x0950  \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
22:17:09.0697 0x0950  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
22:19:11.0534 0x0a38  Deinitialize success

 

This is the TDSS report, when ask about what action to do I chose copy to quarantine



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 03 September 2013 - 09:45 AM

Good choice

that is a lot of bad guys.. Your Norton May work now.

How is it running?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 01juanjose01

01juanjose01
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 03 September 2013 - 06:26 PM

It doesn't run, I tried to uninstall it from Control Panel and I couldn't.

When I tried to run it appeared a window "The analysis couldn't run due to Norton Internet Security found an internal program error".

What I can do to remove or run Norton?

Thanks



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 03 September 2013 - 07:27 PM

Reinstall it.

We need to run the Norton Removal Tool:

Note: This tool uninstalls all Norton 2003 and later products, including Norton 360, Norton SystemWorks, Norton Internet Security, and others. If you use ACT! or WinFAX, back up this data before you proceed. If you plan to reinstall your Norton products please be sure you have safely stored your product key.
  • Download the Norton Removal tool to your Desktop
  • Double click the Norton Removal Tool icon
  • Allow any security warnings and type your administrator password if required
  • Follow the instructions given
  • Restart your PC

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 01juanjose01

01juanjose01
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 04 September 2013 - 09:29 PM

I really appreciate your help, yesterday I reinstalled Norton, and ran full system, after that, log showed no viruses, right now I'm running Windows Defender Offline, just to make sure. Thank you very much.



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 04 September 2013 - 09:46 PM

You're welcome from all of us!!


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users