Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.Dropper.BCMiner


  • Please log in to reply
3 replies to this topic

#1 okmzaq1234

okmzaq1234

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:43 AM

Posted 20 July 2012 - 03:47 PM

Malwarebytes finds this trojan, says it quarantined and deleted, but it comes back. Very annoying virus I think I picked up from a bogus adobe update. Any Ideas how to get rid of it?

Edited by hamluis, 20 July 2012 - 03:55 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:43 AM

Posted 20 July 2012 - 04:29 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 20 July 2012 - 04:29 PM.


#3 okmzaq1234

okmzaq1234
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:43 AM

Posted 21 July 2012 - 01:39 AM

TDSSkiller
02:33:33.0053 4592 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
02:33:33.0453 4592 ============================================================
02:33:33.0453 4592 Current date / time: 2012/07/21 02:33:33.0453
02:33:33.0453 4592 SystemInfo:
02:33:33.0453 4592
02:33:33.0453 4592 OS Version: 6.1.7601 ServicePack: 1.0
02:33:33.0453 4592 Product type: Workstation
02:33:33.0453 4592 ComputerName: BEN-THINK
02:33:33.0453 4592 UserName: Ben
02:33:33.0453 4592 Windows directory: C:\Windows
02:33:33.0453 4592 System windows directory: C:\Windows
02:33:33.0453 4592 Running under WOW64
02:33:33.0453 4592 Processor architecture: Intel x64
02:33:33.0453 4592 Number of processors: 4
02:33:33.0453 4592 Page size: 0x1000
02:33:33.0453 4592 Boot type: Normal boot
02:33:33.0453 4592 ============================================================
02:33:33.0873 4592 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
02:33:33.0883 4592 ============================================================
02:33:33.0883 4592 \Device\Harddisk0\DR0:
02:33:33.0883 4592 MBR partitions:
02:33:33.0883 4592 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
02:33:33.0883 4592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x38DA5000
02:33:33.0883 4592 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38FFD800, BlocksNum 0x1388000
02:33:33.0883 4592 ============================================================
02:33:33.0923 4592 C: <-> \Device\Harddisk0\DR0\Partition1
02:33:33.0973 4592 Q: <-> \Device\Harddisk0\DR0\Partition2
02:33:33.0973 4592 ============================================================
02:33:33.0973 4592 Initialize success
02:33:33.0973 4592 ============================================================
02:34:38.0843 2988 ============================================================
02:34:38.0843 2988 Scan started
02:34:38.0843 2988 Mode: Manual; TDLFS;
02:34:38.0843 2988 ============================================================
02:34:40.0083 2988 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
02:34:40.0093 2988 1394ohci - ok
02:34:40.0153 2988 5U877 (0839005949ea2da7e9420a66614c6649) C:\Windows\system32\DRIVERS\5U877.sys
02:34:40.0153 2988 5U877 - ok
02:34:40.0193 2988 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
02:34:40.0203 2988 ACPI - ok
02:34:40.0233 2988 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
02:34:40.0233 2988 AcpiPmi - ok
02:34:40.0373 2988 AcPrfMgrSvc (deeccadbd25f65d65293a09721b3a447) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
02:34:40.0373 2988 AcPrfMgrSvc - ok
02:34:40.0423 2988 AcSvc (a7753804c6c66c9c80f4e29659fd721c) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
02:34:40.0423 2988 AcSvc - ok
02:34:40.0493 2988 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:34:40.0493 2988 AdobeARMservice - ok
02:34:40.0633 2988 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:34:40.0633 2988 AdobeFlashPlayerUpdateSvc - ok
02:34:40.0813 2988 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
02:34:40.0823 2988 adp94xx - ok
02:34:40.0893 2988 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
02:34:40.0903 2988 adpahci - ok
02:34:40.0933 2988 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
02:34:40.0943 2988 adpu320 - ok
02:34:40.0993 2988 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
02:34:40.0993 2988 AeLookupSvc - ok
02:34:41.0063 2988 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
02:34:41.0073 2988 AFD - ok
02:34:41.0113 2988 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
02:34:41.0113 2988 agp440 - ok
02:34:41.0163 2988 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
02:34:41.0163 2988 ALG - ok
02:34:41.0193 2988 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
02:34:41.0193 2988 aliide - ok
02:34:41.0203 2988 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
02:34:41.0203 2988 amdide - ok
02:34:41.0213 2988 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
02:34:41.0213 2988 AmdK8 - ok
02:34:41.0213 2988 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
02:34:41.0223 2988 AmdPPM - ok
02:34:41.0273 2988 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
02:34:41.0273 2988 amdsata - ok
02:34:41.0313 2988 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
02:34:41.0313 2988 amdsbs - ok
02:34:41.0333 2988 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
02:34:41.0333 2988 amdxata - ok
02:34:41.0363 2988 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
02:34:41.0363 2988 AppID - ok
02:34:41.0393 2988 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
02:34:41.0403 2988 AppIDSvc - ok
02:34:41.0433 2988 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
02:34:41.0433 2988 Appinfo - ok
02:34:41.0433 2988 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
02:34:41.0433 2988 arc - ok
02:34:41.0483 2988 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
02:34:41.0483 2988 arcsas - ok
02:34:41.0513 2988 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:34:41.0513 2988 AsyncMac - ok
02:34:41.0533 2988 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
02:34:41.0533 2988 atapi - ok
02:34:41.0623 2988 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:34:41.0623 2988 AudioEndpointBuilder - ok
02:34:41.0633 2988 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:34:41.0633 2988 AudioSrv - ok
02:34:41.0683 2988 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
02:34:41.0683 2988 AxInstSV - ok
02:34:41.0763 2988 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
02:34:41.0763 2988 b06bdrv - ok
02:34:41.0793 2988 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:34:41.0803 2988 b57nd60a - ok
02:34:41.0883 2988 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
02:34:41.0893 2988 BBSvc - ok
02:34:41.0923 2988 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
02:34:41.0923 2988 BDESVC - ok
02:34:41.0943 2988 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:34:41.0943 2988 Beep - ok
02:34:42.0153 2988 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
02:34:42.0163 2988 BHDrvx64 - ok
02:34:42.0293 2988 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
02:34:42.0323 2988 BITS - ok
02:34:42.0373 2988 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:34:42.0373 2988 blbdrive - ok
02:34:42.0423 2988 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
02:34:42.0423 2988 bowser - ok
02:34:42.0453 2988 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
02:34:42.0453 2988 BrFiltLo - ok
02:34:42.0463 2988 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
02:34:42.0473 2988 BrFiltUp - ok
02:34:42.0513 2988 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
02:34:42.0513 2988 Browser - ok
02:34:42.0543 2988 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:34:42.0543 2988 Brserid - ok
02:34:42.0543 2988 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:34:42.0553 2988 BrSerWdm - ok
02:34:42.0553 2988 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:34:42.0553 2988 BrUsbMdm - ok
02:34:42.0573 2988 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:34:42.0573 2988 BrUsbSer - ok
02:34:42.0593 2988 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
02:34:42.0603 2988 BTHMODEM - ok
02:34:42.0633 2988 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
02:34:42.0633 2988 bthserv - ok
02:34:42.0703 2988 CAXHWAZL (48360b88c4bf45850653bb7c86888ed4) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
02:34:42.0713 2988 CAXHWAZL - ok
02:34:42.0803 2988 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
02:34:42.0803 2988 ccSet_N360 - ok
02:34:42.0833 2988 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:34:42.0833 2988 cdfs - ok
02:34:42.0863 2988 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
02:34:42.0863 2988 cdrom - ok
02:34:42.0923 2988 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:34:42.0923 2988 CertPropSvc - ok
02:34:42.0973 2988 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
02:34:42.0973 2988 circlass - ok
02:34:43.0003 2988 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:34:43.0013 2988 CLFS - ok
02:34:43.0073 2988 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:34:43.0073 2988 clr_optimization_v2.0.50727_32 - ok
02:34:43.0143 2988 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:34:43.0143 2988 clr_optimization_v2.0.50727_64 - ok
02:34:43.0213 2988 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:34:43.0233 2988 clr_optimization_v4.0.30319_32 - ok
02:34:43.0273 2988 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:34:43.0273 2988 clr_optimization_v4.0.30319_64 - ok
02:34:43.0303 2988 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:34:43.0313 2988 CmBatt - ok
02:34:43.0323 2988 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
02:34:43.0323 2988 cmdide - ok
02:34:43.0383 2988 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
02:34:43.0393 2988 CNG - ok
02:34:43.0473 2988 CnxtHdAudService (22bc1c27274d1cb1c3a8c14cdba0cdf2) C:\Windows\system32\drivers\CHDRT64.sys
02:34:43.0483 2988 CnxtHdAudService - ok
02:34:43.0513 2988 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
02:34:43.0513 2988 Compbatt - ok
02:34:43.0543 2988 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
02:34:43.0543 2988 CompositeBus - ok
02:34:43.0543 2988 COMSysApp - ok
02:34:43.0563 2988 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
02:34:43.0563 2988 crcdisk - ok
02:34:43.0583 2988 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
02:34:43.0583 2988 CryptSvc - ok
02:34:43.0723 2988 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
02:34:43.0733 2988 cvhsvc - ok
02:34:43.0793 2988 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:34:43.0793 2988 DcomLaunch - ok
02:34:43.0833 2988 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
02:34:43.0833 2988 defragsvc - ok
02:34:43.0883 2988 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
02:34:43.0883 2988 DfsC - ok
02:34:43.0923 2988 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
02:34:43.0933 2988 Dhcp - ok
02:34:43.0973 2988 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:34:43.0973 2988 discache - ok
02:34:44.0013 2988 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
02:34:44.0013 2988 Disk - ok
02:34:44.0053 2988 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
02:34:44.0063 2988 Dnscache - ok
02:34:44.0093 2988 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
02:34:44.0093 2988 dot3svc - ok
02:34:44.0183 2988 DozeSvc (0467853bb18e2f6b0c02e5e991a6f087) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
02:34:44.0183 2988 DozeSvc - ok
02:34:44.0193 2988 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
02:34:44.0193 2988 DPS - ok
02:34:44.0233 2988 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:34:44.0233 2988 drmkaud - ok
02:34:44.0293 2988 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
02:34:44.0303 2988 DXGKrnl - ok
02:34:44.0333 2988 DzHDD64 (5bdef3faa1bfd9c9c5d3dc972049f0fa) C:\Windows\system32\DRIVERS\DzHDD64.sys
02:34:44.0333 2988 DzHDD64 - ok
02:34:44.0393 2988 e1kexpress (d2325d1ae61335e2ebadeb1b7c39cb13) C:\Windows\system32\DRIVERS\e1k62x64.sys
02:34:44.0393 2988 e1kexpress - ok
02:34:44.0453 2988 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
02:34:44.0453 2988 EapHost - ok
02:34:44.0643 2988 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
02:34:44.0673 2988 ebdrv - ok
02:34:44.0783 2988 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
02:34:44.0793 2988 eeCtrl - ok
02:34:44.0893 2988 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
02:34:44.0893 2988 EFS - ok
02:34:44.0973 2988 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
02:34:44.0983 2988 ehRecvr - ok
02:34:44.0993 2988 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
02:34:44.0993 2988 ehSched - ok
02:34:45.0063 2988 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
02:34:45.0063 2988 elxstor - ok
02:34:45.0173 2988 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
02:34:45.0173 2988 EraserUtilRebootDrv - ok
02:34:45.0193 2988 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
02:34:45.0193 2988 ErrDev - ok
02:34:45.0223 2988 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
02:34:45.0233 2988 EventSystem - ok
02:34:45.0383 2988 EvtEng (bdfcb7e8c108d042b213957d2b044e7e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
02:34:45.0393 2988 EvtEng - ok
02:34:45.0533 2988 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:34:45.0533 2988 exfat - ok
02:34:45.0553 2988 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:34:45.0553 2988 fastfat - ok
02:34:45.0623 2988 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
02:34:45.0633 2988 Fax - ok
02:34:45.0643 2988 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
02:34:45.0643 2988 fdc - ok
02:34:45.0673 2988 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
02:34:45.0683 2988 fdPHost - ok
02:34:45.0693 2988 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
02:34:45.0693 2988 FDResPub - ok
02:34:45.0703 2988 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:34:45.0703 2988 FileInfo - ok
02:34:45.0723 2988 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:34:45.0723 2988 Filetrace - ok
02:34:45.0733 2988 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
02:34:45.0733 2988 flpydisk - ok
02:34:45.0763 2988 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
02:34:45.0763 2988 FltMgr - ok
02:34:45.0843 2988 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
02:34:45.0853 2988 FontCache - ok
02:34:45.0923 2988 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:34:45.0923 2988 FontCache3.0.0.0 - ok
02:34:45.0943 2988 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:34:45.0943 2988 FsDepends - ok
02:34:45.0983 2988 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
02:34:45.0983 2988 Fs_Rec - ok
02:34:46.0023 2988 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:34:46.0023 2988 fvevol - ok
02:34:46.0053 2988 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
02:34:46.0053 2988 gagp30kx - ok
02:34:46.0113 2988 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
02:34:46.0123 2988 gpsvc - ok
02:34:46.0193 2988 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:34:46.0193 2988 gupdate - ok
02:34:46.0203 2988 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:34:46.0213 2988 gupdatem - ok
02:34:46.0233 2988 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:34:46.0233 2988 hcw85cir - ok
02:34:46.0283 2988 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
02:34:46.0283 2988 HdAudAddService - ok
02:34:46.0313 2988 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
02:34:46.0313 2988 HDAudBus - ok
02:34:46.0363 2988 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
02:34:46.0363 2988 HECIx64 - ok
02:34:46.0363 2988 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
02:34:46.0363 2988 HidBatt - ok
02:34:46.0373 2988 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
02:34:46.0373 2988 HidBth - ok
02:34:46.0383 2988 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
02:34:46.0383 2988 HidIr - ok
02:34:46.0413 2988 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
02:34:46.0413 2988 hidserv - ok
02:34:46.0453 2988 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
02:34:46.0453 2988 HidUsb - ok
02:34:46.0483 2988 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
02:34:46.0483 2988 hkmsvc - ok
02:34:46.0503 2988 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
02:34:46.0503 2988 HomeGroupListener - ok
02:34:46.0543 2988 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
02:34:46.0543 2988 HomeGroupProvider - ok
02:34:46.0553 2988 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
02:34:46.0553 2988 HpSAMD - ok
02:34:46.0663 2988 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
02:34:46.0693 2988 HsfXAudioService - ok
02:34:46.0773 2988 HSF_DPV (f6ac1087a131fbb385400667bea64fbe) C:\Windows\system32\DRIVERS\CAX_DPV.sys
02:34:46.0793 2988 HSF_DPV - ok
02:34:46.0943 2988 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
02:34:46.0953 2988 HTTP - ok
02:34:46.0983 2988 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
02:34:46.0983 2988 hwpolicy - ok
02:34:47.0013 2988 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
02:34:47.0013 2988 i8042prt - ok
02:34:47.0053 2988 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
02:34:47.0063 2988 iaStor - ok
02:34:47.0123 2988 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
02:34:47.0133 2988 iaStorV - ok
02:34:47.0163 2988 IBMPMDRV (3761fab385f1c2f51b2fad48cfabbe9d) C:\Windows\system32\DRIVERS\ibmpmdrv.sys
02:34:47.0163 2988 IBMPMDRV - ok
02:34:47.0173 2988 IBMPMSVC (fc22310f3862e2c7c8722ef4778d5cc3) C:\Windows\system32\ibmpmsvc.exe
02:34:47.0173 2988 IBMPMSVC - ok
02:34:47.0283 2988 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:34:47.0293 2988 idsvc - ok
02:34:47.0473 2988 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120715.001\IDSvia64.sys
02:34:47.0473 2988 IDSVia64 - ok
02:34:48.0103 2988 igfx (cca0460f3871d3753a881abc81141cd5) C:\Windows\system32\DRIVERS\igdkmd64.sys
02:34:48.0193 2988 igfx - ok
02:34:48.0333 2988 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
02:34:48.0333 2988 iirsp - ok
02:34:48.0423 2988 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
02:34:48.0423 2988 IKEEXT - ok
02:34:48.0483 2988 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
02:34:48.0493 2988 Impcd - ok
02:34:48.0533 2988 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
02:34:48.0543 2988 IntcDAud - ok
02:34:48.0563 2988 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
02:34:48.0563 2988 intelide - ok
02:34:48.0613 2988 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:34:48.0613 2988 intelppm - ok
02:34:48.0653 2988 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
02:34:48.0653 2988 IPBusEnum - ok
02:34:48.0663 2988 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:34:48.0663 2988 IpFilterDriver - ok
02:34:48.0673 2988 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
02:34:48.0673 2988 IPMIDRV - ok
02:34:48.0713 2988 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:34:48.0713 2988 IPNAT - ok
02:34:48.0753 2988 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:34:48.0753 2988 IRENUM - ok
02:34:48.0753 2988 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
02:34:48.0753 2988 isapnp - ok
02:34:48.0783 2988 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
02:34:48.0783 2988 iScsiPrt - ok
02:34:48.0853 2988 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
02:34:48.0853 2988 IviRegMgr - ok
02:34:48.0873 2988 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:34:48.0873 2988 kbdclass - ok
02:34:48.0883 2988 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
02:34:48.0883 2988 kbdhid - ok
02:34:48.0903 2988 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:34:48.0903 2988 KeyIso - ok
02:34:48.0933 2988 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
02:34:48.0933 2988 KSecDD - ok
02:34:48.0953 2988 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
02:34:48.0953 2988 KSecPkg - ok
02:34:48.0963 2988 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:34:48.0963 2988 ksthunk - ok
02:34:49.0023 2988 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
02:34:49.0023 2988 KtmRm - ok
02:34:49.0083 2988 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
02:34:49.0103 2988 LanmanServer - ok
02:34:49.0123 2988 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
02:34:49.0133 2988 LanmanWorkstation - ok
02:34:49.0213 2988 LENOVO.CAMMUTE (8b5eb24fce3926128138b769d50cee1b) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
02:34:49.0223 2988 LENOVO.CAMMUTE - ok
02:34:49.0273 2988 LENOVO.MICMUTE (c88eb33793420a79f601fb5e33e2edd9) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
02:34:49.0273 2988 LENOVO.MICMUTE - ok
02:34:49.0283 2988 lenovo.smi (5acff5823634bc2c4ebf559c3b33e18e) C:\Windows\system32\DRIVERS\smiifx64.sys
02:34:49.0283 2988 lenovo.smi - ok
02:34:49.0303 2988 LENOVO.TPKNRSVC (f1a055e1381528e947cdb959117b67d0) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
02:34:49.0303 2988 LENOVO.TPKNRSVC - ok
02:34:49.0313 2988 Lenovo.VIRTSCRLSVC (6f2cc57eb5836d2ac9bd37f3554d55f8) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
02:34:49.0313 2988 Lenovo.VIRTSCRLSVC - ok
02:34:49.0353 2988 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:34:49.0353 2988 lltdio - ok
02:34:49.0403 2988 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
02:34:49.0403 2988 lltdsvc - ok
02:34:49.0423 2988 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
02:34:49.0423 2988 lmhosts - ok
02:34:49.0513 2988 LMS (25884ca77f8d926b69167bc231d3726e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
02:34:49.0513 2988 LMS - ok
02:34:49.0553 2988 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
02:34:49.0563 2988 LSI_FC - ok
02:34:49.0573 2988 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
02:34:49.0573 2988 LSI_SAS - ok
02:34:49.0583 2988 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
02:34:49.0583 2988 LSI_SAS2 - ok
02:34:49.0603 2988 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
02:34:49.0603 2988 LSI_SCSI - ok
02:34:49.0623 2988 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:34:49.0623 2988 luafv - ok
02:34:49.0683 2988 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
02:34:49.0693 2988 MBAMProtector - ok
02:34:49.0753 2988 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
02:34:49.0763 2988 MBAMService - ok
02:34:49.0783 2988 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
02:34:49.0783 2988 Mcx2Svc - ok
02:34:49.0813 2988 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
02:34:49.0813 2988 mdmxsdk - ok
02:34:49.0813 2988 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
02:34:49.0813 2988 megasas - ok
02:34:49.0853 2988 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
02:34:49.0853 2988 MegaSR - ok
02:34:49.0923 2988 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
02:34:49.0923 2988 Microsoft Office Groove Audit Service - ok
02:34:49.0943 2988 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:34:49.0943 2988 MMCSS - ok
02:34:49.0953 2988 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:34:49.0953 2988 Modem - ok
02:34:49.0973 2988 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:34:49.0973 2988 monitor - ok
02:34:49.0993 2988 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:34:49.0993 2988 mouclass - ok
02:34:50.0013 2988 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:34:50.0013 2988 mouhid - ok
02:34:50.0043 2988 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
02:34:50.0053 2988 mountmgr - ok
02:34:50.0063 2988 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
02:34:50.0063 2988 mpio - ok
02:34:50.0083 2988 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:34:50.0083 2988 mpsdrv - ok
02:34:50.0103 2988 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
02:34:50.0103 2988 MRxDAV - ok
02:34:50.0133 2988 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:34:50.0133 2988 mrxsmb - ok
02:34:50.0173 2988 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:34:50.0173 2988 mrxsmb10 - ok
02:34:50.0183 2988 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:34:50.0183 2988 mrxsmb20 - ok
02:34:50.0203 2988 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
02:34:50.0203 2988 msahci - ok
02:34:50.0213 2988 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
02:34:50.0213 2988 msdsm - ok
02:34:50.0253 2988 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
02:34:50.0253 2988 MSDTC - ok
02:34:50.0273 2988 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:34:50.0273 2988 Msfs - ok
02:34:50.0283 2988 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:34:50.0283 2988 mshidkmdf - ok
02:34:50.0293 2988 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
02:34:50.0303 2988 msisadrv - ok
02:34:50.0343 2988 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
02:34:50.0353 2988 MSiSCSI - ok
02:34:50.0353 2988 msiserver - ok
02:34:50.0373 2988 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:34:50.0383 2988 MSKSSRV - ok
02:34:50.0393 2988 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:34:50.0393 2988 MSPCLOCK - ok
02:34:50.0403 2988 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:34:50.0403 2988 MSPQM - ok
02:34:50.0423 2988 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
02:34:50.0433 2988 MsRPC - ok
02:34:50.0443 2988 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
02:34:50.0443 2988 mssmbios - ok
02:34:50.0453 2988 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:34:50.0453 2988 MSTEE - ok
02:34:50.0453 2988 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
02:34:50.0453 2988 MTConfig - ok
02:34:50.0473 2988 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:34:50.0473 2988 Mup - ok
02:34:50.0693 2988 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
02:34:50.0693 2988 N360 - ok
02:34:50.0733 2988 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
02:34:50.0743 2988 napagent - ok
02:34:50.0803 2988 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:34:50.0813 2988 NativeWifiP - ok
02:34:50.0923 2988 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120717.004\ENG64.SYS
02:34:50.0923 2988 NAVENG - ok
02:34:51.0063 2988 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120717.004\EX64.SYS
02:34:51.0083 2988 NAVEX15 - ok
02:34:51.0253 2988 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
02:34:51.0263 2988 NDIS - ok
02:34:51.0293 2988 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:34:51.0293 2988 NdisCap - ok
02:34:51.0323 2988 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:34:51.0323 2988 NdisTapi - ok
02:34:51.0333 2988 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
02:34:51.0333 2988 Ndisuio - ok
02:34:51.0353 2988 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
02:34:51.0353 2988 NdisWan - ok
02:34:51.0363 2988 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
02:34:51.0363 2988 NDProxy - ok
02:34:51.0383 2988 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:34:51.0383 2988 NetBIOS - ok
02:34:51.0403 2988 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
02:34:51.0403 2988 NetBT - ok
02:34:51.0443 2988 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:34:51.0443 2988 Netlogon - ok
02:34:51.0483 2988 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
02:34:51.0493 2988 Netman - ok
02:34:51.0513 2988 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
02:34:51.0523 2988 netprofm - ok
02:34:51.0593 2988 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:34:51.0593 2988 NetTcpPortSharing - ok
02:34:52.0023 2988 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\Windows\system32\DRIVERS\NETwNs64.sys
02:34:52.0083 2988 NETwNs64 - ok
02:34:52.0223 2988 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
02:34:52.0223 2988 nfrd960 - ok
02:34:52.0273 2988 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
02:34:52.0283 2988 NlaSvc - ok
02:34:52.0293 2988 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:34:52.0293 2988 Npfs - ok
02:34:52.0303 2988 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
02:34:52.0303 2988 nsi - ok
02:34:52.0323 2988 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:34:52.0323 2988 nsiproxy - ok
02:34:52.0423 2988 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
02:34:52.0433 2988 Ntfs - ok
02:34:52.0563 2988 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:34:52.0563 2988 Null - ok
02:34:52.0593 2988 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
02:34:52.0593 2988 nvraid - ok
02:34:52.0623 2988 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
02:34:52.0623 2988 nvstor - ok
02:34:52.0663 2988 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
02:34:52.0663 2988 nv_agp - ok
02:34:52.0763 2988 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
02:34:52.0773 2988 odserv - ok
02:34:52.0783 2988 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
02:34:52.0783 2988 ohci1394 - ok
02:34:52.0823 2988 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:34:52.0833 2988 ose - ok
02:34:53.0153 2988 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
02:34:53.0193 2988 osppsvc - ok
02:34:53.0323 2988 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:34:53.0333 2988 p2pimsvc - ok
02:34:53.0363 2988 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
02:34:53.0363 2988 p2psvc - ok
02:34:53.0403 2988 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
02:34:53.0403 2988 Parport - ok
02:34:53.0433 2988 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
02:34:53.0433 2988 partmgr - ok
02:34:53.0443 2988 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
02:34:53.0443 2988 PcaSvc - ok
02:34:53.0463 2988 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
02:34:53.0463 2988 pci - ok
02:34:53.0473 2988 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
02:34:53.0483 2988 pciide - ok
02:34:53.0493 2988 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
02:34:53.0493 2988 pcmcia - ok
02:34:53.0503 2988 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:34:53.0503 2988 pcw - ok
02:34:53.0543 2988 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:34:53.0553 2988 PEAUTH - ok
02:34:53.0623 2988 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
02:34:53.0623 2988 PerfHost - ok
02:34:53.0723 2988 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
02:34:53.0733 2988 pla - ok
02:34:53.0803 2988 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
02:34:53.0803 2988 PlugPlay - ok
02:34:53.0843 2988 pmxdrv (0bee791c7c7ace453c134e73633c497d) C:\Windows\system32\drivers\pmxdrv.sys
02:34:53.0843 2988 pmxdrv - ok
02:34:53.0853 2988 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
02:34:53.0863 2988 PNRPAutoReg - ok
02:34:53.0903 2988 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:34:53.0903 2988 PNRPsvc - ok
02:34:53.0953 2988 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
02:34:53.0953 2988 PolicyAgent - ok
02:34:53.0983 2988 Power (a2cca4fb273e6050f17a0a416cff2fcd) C:\Windows\system32\umpo.dll
02:34:53.0983 2988 Power - ok
02:34:54.0063 2988 Power Manager DBC Service (bac02775cf629e5fe80bea952f4448ef) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
02:34:54.0063 2988 Power Manager DBC Service - ok
02:34:54.0103 2988 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
02:34:54.0103 2988 PptpMiniport - ok
02:34:54.0123 2988 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
02:34:54.0123 2988 Processor - ok
02:34:54.0153 2988 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
02:34:54.0153 2988 ProfSvc - ok
02:34:54.0173 2988 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:34:54.0173 2988 ProtectedStorage - ok
02:34:54.0203 2988 psadd (515a7c5a0886fcc60901916785efd549) C:\Windows\system32\DRIVERS\psadd.sys
02:34:54.0203 2988 psadd - ok
02:34:54.0233 2988 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
02:34:54.0233 2988 Psched - ok
02:34:54.0333 2988 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
02:34:54.0343 2988 ql2300 - ok
02:34:54.0463 2988 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
02:34:54.0463 2988 ql40xx - ok
02:34:54.0483 2988 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
02:34:54.0493 2988 QWAVE - ok
02:34:54.0503 2988 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:34:54.0503 2988 QWAVEdrv - ok
02:34:54.0503 2988 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:34:54.0503 2988 RasAcd - ok
02:34:54.0543 2988 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:34:54.0553 2988 RasAgileVpn - ok
02:34:54.0563 2988 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
02:34:54.0563 2988 RasAuto - ok
02:34:54.0583 2988 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:34:54.0583 2988 Rasl2tp - ok
02:34:54.0613 2988 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
02:34:54.0613 2988 RasMan - ok
02:34:54.0633 2988 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:34:54.0633 2988 RasPppoe - ok
02:34:54.0653 2988 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:34:54.0653 2988 RasSstp - ok
02:34:54.0673 2988 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
02:34:54.0683 2988 rdbss - ok
02:34:54.0693 2988 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
02:34:54.0693 2988 rdpbus - ok
02:34:54.0703 2988 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:34:54.0703 2988 RDPCDD - ok
02:34:54.0733 2988 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:34:54.0743 2988 RDPENCDD - ok
02:34:54.0753 2988 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:34:54.0753 2988 RDPREFMP - ok
02:34:54.0783 2988 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
02:34:54.0793 2988 RDPWD - ok
02:34:54.0833 2988 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
02:34:54.0843 2988 rdyboost - ok
02:34:54.0973 2988 RegSrvc (a6baea839cc888d4961ab5fe16bb8c4a) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
02:34:54.0983 2988 RegSrvc - ok
02:34:55.0013 2988 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
02:34:55.0023 2988 RemoteAccess - ok
02:34:55.0053 2988 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
02:34:55.0063 2988 RemoteRegistry - ok
02:34:55.0123 2988 rimspci (3dca561aaf776aa2e356fb5b142aa5f8) C:\Windows\system32\DRIVERS\rimspe64.sys
02:34:55.0123 2988 rimspci - ok
02:34:55.0143 2988 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
02:34:55.0143 2988 RpcEptMapper - ok
02:34:55.0153 2988 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
02:34:55.0153 2988 RpcLocator - ok
02:34:55.0183 2988 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:34:55.0193 2988 RpcSs - ok
02:34:55.0223 2988 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:34:55.0223 2988 rspndr - ok
02:34:55.0243 2988 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:34:55.0243 2988 SamSs - ok
02:34:55.0263 2988 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
02:34:55.0263 2988 sbp2port - ok
02:34:55.0283 2988 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
02:34:55.0283 2988 SCardSvr - ok
02:34:55.0293 2988 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
02:34:55.0293 2988 scfilter - ok
02:34:55.0363 2988 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
02:34:55.0373 2988 Schedule - ok
02:34:55.0413 2988 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:34:55.0413 2988 SCPolicySvc - ok
02:34:55.0453 2988 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
02:34:55.0453 2988 sdbus - ok
02:34:55.0473 2988 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
02:34:55.0473 2988 SDRSVC - ok
02:34:55.0563 2988 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
02:34:55.0563 2988 SeaPort - ok
02:34:55.0603 2988 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:34:55.0603 2988 secdrv - ok
02:34:55.0623 2988 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
02:34:55.0623 2988 seclogon - ok
02:34:55.0643 2988 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
02:34:55.0643 2988 SENS - ok
02:34:55.0653 2988 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
02:34:55.0653 2988 SensrSvc - ok
02:34:55.0683 2988 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:34:55.0683 2988 Serenum - ok
02:34:55.0713 2988 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:34:55.0713 2988 Serial - ok
02:34:55.0753 2988 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
02:34:55.0753 2988 sermouse - ok
02:34:55.0773 2988 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
02:34:55.0773 2988 SessionEnv - ok
02:34:55.0773 2988 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
02:34:55.0773 2988 sffdisk - ok
02:34:55.0783 2988 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
02:34:55.0783 2988 sffp_mmc - ok
02:34:55.0783 2988 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
02:34:55.0783 2988 sffp_sd - ok
02:34:55.0793 2988 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
02:34:55.0793 2988 sfloppy - ok
02:34:55.0863 2988 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
02:34:55.0863 2988 Sftfs - ok
02:34:55.0963 2988 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
02:34:55.0963 2988 sftlist - ok
02:34:55.0993 2988 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
02:34:55.0993 2988 Sftplay - ok
02:34:56.0033 2988 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
02:34:56.0033 2988 Sftredir - ok
02:34:56.0033 2988 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
02:34:56.0043 2988 Sftvol - ok
02:34:56.0073 2988 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
02:34:56.0073 2988 sftvsa - ok
02:34:56.0113 2988 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
02:34:56.0123 2988 ShellHWDetection - ok
02:34:56.0143 2988 Shockprf (29e316de2c0261c30c08f872032c53a2) C:\Windows\system32\DRIVERS\Apsx64.sys
02:34:56.0143 2988 Shockprf - ok
02:34:56.0173 2988 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
02:34:56.0183 2988 SiSRaid2 - ok
02:34:56.0183 2988 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
02:34:56.0183 2988 SiSRaid4 - ok
02:34:56.0203 2988 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:34:56.0203 2988 Smb - ok
02:34:56.0273 2988 smihlp (c5b1a19b14f19b08ae72fcb20a3075b6) C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
02:34:56.0273 2988 smihlp - ok
02:34:56.0303 2988 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
02:34:56.0313 2988 SNMPTRAP - ok
02:34:56.0313 2988 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:34:56.0313 2988 spldr - ok
02:34:56.0363 2988 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
02:34:56.0373 2988 Spooler - ok
02:34:56.0553 2988 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
02:34:56.0583 2988 sppsvc - ok
02:34:56.0673 2988 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
02:34:56.0683 2988 sppuinotify - ok
02:34:56.0793 2988 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\N360x64\0602010.005\SRTSP64.SYS
02:34:56.0793 2988 SRTSP - ok
02:34:56.0823 2988 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
02:34:56.0823 2988 SRTSPX - ok
02:34:56.0863 2988 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
02:34:56.0873 2988 srv - ok
02:34:56.0893 2988 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
02:34:56.0903 2988 srv2 - ok
02:34:56.0953 2988 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
02:34:56.0963 2988 SrvHsfHDA - ok
02:34:57.0043 2988 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
02:34:57.0063 2988 SrvHsfV92 - ok
02:34:57.0193 2988 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
02:34:57.0203 2988 SrvHsfWinac - ok
02:34:57.0233 2988 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
02:34:57.0233 2988 srvnet - ok
02:34:57.0263 2988 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
02:34:57.0273 2988 SSDPSRV - ok
02:34:57.0273 2988 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
02:34:57.0283 2988 SstpSvc - ok
02:34:57.0303 2988 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
02:34:57.0303 2988 stexstor - ok
02:34:57.0353 2988 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
02:34:57.0363 2988 stisvc - ok
02:34:57.0463 2988 SUService (6ea2f517373771cac5188e82617c9c0b) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
02:34:57.0463 2988 SUService - ok
02:34:57.0473 2988 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
02:34:57.0473 2988 swenum - ok
02:34:57.0513 2988 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
02:34:57.0513 2988 swprv - ok
02:34:57.0583 2988 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
02:34:57.0593 2988 SymDS - ok
02:34:57.0653 2988 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
02:34:57.0663 2988 SymEFA - ok
02:34:57.0703 2988 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
02:34:57.0713 2988 SymEvent - ok
02:34:57.0743 2988 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
02:34:57.0743 2988 SymIRON - ok
02:34:57.0773 2988 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS
02:34:57.0783 2988 SymNetS - ok
02:34:57.0883 2988 SynTP (06d602a637e171e151853f1d8ecd34f1) C:\Windows\system32\DRIVERS\SynTP.sys
02:34:57.0903 2988 SynTP - ok
02:34:58.0093 2988 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
02:34:58.0113 2988 SysMain - ok
02:34:58.0153 2988 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
02:34:58.0153 2988 TabletInputService - ok
02:34:58.0173 2988 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
02:34:58.0173 2988 TapiSrv - ok
02:34:58.0193 2988 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
02:34:58.0193 2988 TBS - ok
02:34:58.0363 2988 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
02:34:58.0373 2988 Tcpip - ok
02:34:58.0563 2988 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
02:34:58.0563 2988 TCPIP6 - ok
02:34:58.0623 2988 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
02:34:58.0623 2988 tcpipreg - ok
02:34:58.0633 2988 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:34:58.0643 2988 TDPIPE - ok
02:34:58.0663 2988 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
02:34:58.0663 2988 TDTCP - ok
02:34:58.0683 2988 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
02:34:58.0683 2988 tdx - ok
02:34:58.0703 2988 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
02:34:58.0703 2988 TermDD - ok
02:34:58.0763 2988 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
02:34:58.0763 2988 TermService - ok
02:34:58.0773 2988 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
02:34:58.0783 2988 Themes - ok
02:34:58.0923 2988 ThinkVantage Registry Monitor Service (39ac444e07fdbd8c2e8e291a65d515d3) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
02:34:58.0923 2988 ThinkVantage Registry Monitor Service - ok
02:34:58.0943 2988 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:34:58.0943 2988 THREADORDER - ok
02:34:59.0013 2988 TPDIGIMN (8b359a7f4c715b84c76de3c5167797c5) C:\Windows\system32\DRIVERS\ApsHM64.sys
02:34:59.0013 2988 TPDIGIMN - ok
02:34:59.0033 2988 TPHDEXLGSVC (0c1c7753a5539c898adaffde835df7a8) C:\Windows\system32\TPHDEXLG64.exe
02:34:59.0033 2988 TPHDEXLGSVC - ok
02:34:59.0103 2988 TPHKSVC (2cf225e19490f499528b926263fe4554) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
02:34:59.0103 2988 TPHKSVC - ok
02:34:59.0143 2988 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
02:34:59.0143 2988 TPM - ok
02:34:59.0163 2988 TPPWRIF (2c067e01d6bbccc88b233b868e210907) C:\Windows\system32\drivers\Tppwr64v.sys
02:34:59.0163 2988 TPPWRIF - ok
02:34:59.0193 2988 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
02:34:59.0193 2988 TrkWks - ok
02:34:59.0233 2988 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
02:34:59.0233 2988 TrustedInstaller - ok
02:34:59.0253 2988 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:34:59.0253 2988 tssecsrv - ok
02:34:59.0263 2988 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
02:34:59.0263 2988 TsUsbFlt - ok
02:34:59.0263 2988 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
02:34:59.0263 2988 TsUsbGD - ok
02:34:59.0303 2988 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
02:34:59.0303 2988 tunnel - ok
02:34:59.0343 2988 TurboB (53ff5f00eab07e329abe48ae3de4f5d7) C:\Windows\system32\DRIVERS\TurboB.sys
02:34:59.0343 2988 TurboB - ok
02:34:59.0373 2988 TurboBoost (b670df651f00194434adc6b326743709) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
02:34:59.0373 2988 TurboBoost - ok
02:34:59.0513 2988 TVT Backup Service (003afb1490828615b041849abb40eaa1) C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
02:34:59.0533 2988 TVT Backup Service - ok
02:34:59.0643 2988 TVTI2C (4daae0413cd4e816258838e2fafb3147) C:\Windows\system32\DRIVERS\Tvti2c.sys
02:34:59.0643 2988 TVTI2C - ok
02:34:59.0673 2988 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
02:34:59.0673 2988 uagp35 - ok
02:34:59.0693 2988 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
02:34:59.0703 2988 udfs - ok
02:34:59.0723 2988 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
02:34:59.0733 2988 UI0Detect - ok
02:34:59.0823 2988 UleadBurningHelper (be788a747457e6916586c410ec0111e7) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
02:34:59.0823 2988 UleadBurningHelper - ok
02:34:59.0843 2988 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
02:34:59.0843 2988 uliagpkx - ok
02:34:59.0863 2988 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
02:34:59.0863 2988 umbus - ok
02:34:59.0883 2988 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
02:34:59.0883 2988 UmPass - ok
02:35:00.0063 2988 UNS (2b971a72c0d6bd8a710e2748353773dd) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
02:35:00.0083 2988 UNS - ok
02:35:00.0193 2988 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
02:35:00.0193 2988 upnphost - ok
02:35:00.0233 2988 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
02:35:00.0233 2988 usbccgp - ok
02:35:00.0263 2988 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
02:35:00.0263 2988 usbcir - ok
02:35:00.0273 2988 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
02:35:00.0273 2988 usbehci - ok
02:35:00.0323 2988 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
02:35:00.0323 2988 usbhub - ok
02:35:00.0343 2988 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
02:35:00.0343 2988 usbohci - ok
02:35:00.0373 2988 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:35:00.0373 2988 usbprint - ok
02:35:00.0393 2988 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:35:00.0393 2988 USBSTOR - ok
02:35:00.0413 2988 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
02:35:00.0413 2988 usbuhci - ok
02:35:00.0443 2988 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
02:35:00.0443 2988 usbvideo - ok
02:35:00.0473 2988 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
02:35:00.0473 2988 UxSms - ok
02:35:00.0503 2988 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:35:00.0503 2988 VaultSvc - ok
02:35:00.0523 2988 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
02:35:00.0523 2988 vdrvroot - ok
02:35:00.0563 2988 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
02:35:00.0573 2988 vds - ok
02:35:00.0593 2988 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:35:00.0593 2988 vga - ok
02:35:00.0603 2988 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:35:00.0603 2988 VgaSave - ok
02:35:00.0623 2988 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
02:35:00.0633 2988 vhdmp - ok
02:35:00.0633 2988 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
02:35:00.0633 2988 viaide - ok
02:35:00.0643 2988 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
02:35:00.0643 2988 volmgr - ok
02:35:00.0673 2988 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
02:35:00.0673 2988 volmgrx - ok
02:35:00.0703 2988 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
02:35:00.0703 2988 volsnap - ok
02:35:00.0743 2988 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
02:35:00.0743 2988 vsmraid - ok
02:35:00.0903 2988 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
02:35:00.0923 2988 VSS - ok
02:35:01.0053 2988 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
02:35:01.0053 2988 vwifibus - ok
02:35:01.0083 2988 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
02:35:01.0083 2988 vwififlt - ok
02:35:01.0123 2988 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
02:35:01.0133 2988 W32Time - ok
02:35:01.0153 2988 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
02:35:01.0153 2988 WacomPen - ok
02:35:01.0163 2988 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:35:01.0163 2988 WANARP - ok
02:35:01.0183 2988 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:35:01.0183 2988 Wanarpv6 - ok
02:35:01.0273 2988 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
02:35:01.0283 2988 WatAdminSvc - ok
02:35:01.0383 2988 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
02:35:01.0393 2988 wbengine - ok
02:35:01.0513 2988 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
02:35:01.0513 2988 WbioSrvc - ok
02:35:01.0543 2988 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
02:35:01.0553 2988 wcncsvc - ok
02:35:01.0563 2988 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
02:35:01.0563 2988 WcsPlugInService - ok
02:35:01.0593 2988 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
02:35:01.0593 2988 Wd - ok
02:35:01.0643 2988 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:35:01.0643 2988 Wdf01000 - ok
02:35:01.0663 2988 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:35:01.0663 2988 WdiServiceHost - ok
02:35:01.0663 2988 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:35:01.0673 2988 WdiSystemHost - ok
02:35:01.0703 2988 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
02:35:01.0703 2988 WebClient - ok
02:35:01.0723 2988 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
02:35:01.0733 2988 Wecsvc - ok
02:35:01.0743 2988 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
02:35:01.0743 2988 wercplsupport - ok
02:35:01.0773 2988 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
02:35:01.0773 2988 WerSvc - ok
02:35:01.0813 2988 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:35:01.0813 2988 WfpLwf - ok
02:35:01.0833 2988 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:35:01.0833 2988 WIMMount - ok
02:35:01.0913 2988 winachsf (1edbbf412a382550af6eb35f5e46928e) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
02:35:01.0913 2988 winachsf - ok
02:35:01.0923 2988 WinHttpAutoProxySvc - ok
02:35:01.0973 2988 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
02:35:01.0973 2988 Winmgmt - ok
02:35:02.0083 2988 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
02:35:02.0103 2988 WinRM - ok
02:35:02.0233 2988 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
02:35:02.0233 2988 WinUsb - ok
02:35:02.0303 2988 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
02:35:02.0313 2988 Wlansvc - ok
02:35:02.0393 2988 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
02:35:02.0393 2988 wlcrasvc - ok
02:35:02.0523 2988 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:35:02.0543 2988 wlidsvc - ok
02:35:02.0683 2988 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
02:35:02.0683 2988 WmiAcpi - ok
02:35:02.0733 2988 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
02:35:02.0733 2988 wmiApSrv - ok
02:35:02.0783 2988 WMPNetworkSvc - ok
02:35:02.0843 2988 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
02:35:02.0843 2988 WPCSvc - ok
02:35:02.0863 2988 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
02:35:02.0863 2988 WPDBusEnum - ok
02:35:02.0903 2988 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:35:02.0903 2988 ws2ifsl - ok
02:35:02.0903 2988 WSearch - ok
02:35:03.0053 2988 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
02:35:03.0073 2988 wuauserv - ok
02:35:03.0193 2988 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
02:35:03.0193 2988 WudfPf - ok
02:35:03.0233 2988 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:35:03.0243 2988 WUDFRd - ok
02:35:03.0263 2988 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
02:35:03.0273 2988 wudfsvc - ok
02:35:03.0293 2988 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
02:35:03.0293 2988 WwanSvc - ok
02:35:03.0323 2988 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
02:35:03.0323 2988 XAudio - ok
02:35:03.0333 2988 MBR (0x1B8) (47f12fbbf39d2ff2d4af3a52d83c225d) \Device\Harddisk0\DR0
02:35:03.0603 2988 \Device\Harddisk0\DR0 - ok
02:35:03.0603 2988 Boot (0x1200) (a1563fc8affe29bdc5de1adfb401e6bb) \Device\Harddisk0\DR0\Partition0
02:35:03.0613 2988 \Device\Harddisk0\DR0\Partition0 - ok
02:35:03.0633 2988 Boot (0x1200) (41e1e7e9b47b7c980b0d687066d79acd) \Device\Harddisk0\DR0\Partition1
02:35:03.0633 2988 \Device\Harddisk0\DR0\Partition1 - ok
02:35:03.0663 2988 Boot (0x1200) (2e741f951d0c8f9f9bc746a098f57644) \Device\Harddisk0\DR0\Partition2
02:35:03.0663 2988 \Device\Harddisk0\DR0\Partition2 - ok
02:35:03.0663 2988 ============================================================
02:35:03.0663 2988 Scan finished
02:35:03.0663 2988 ============================================================
02:35:03.0673 3500 Detected object count: 0
02:35:03.0673 3500 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-21 01:18:16
-----------------------------
01:18:16.989 OS Version: Windows x64 6.1.7601 Service Pack 1
01:18:16.989 Number of processors: 4 586 0x2505
01:18:16.989 ComputerName: BEN-THINK UserName: Ben
01:18:18.974 Initialize success
01:20:23.733 AVAST engine defs: 12072001
01:20:35.597 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:20:35.599 Disk 0 Vendor: HITACHI_ PC4Z Size: 476940MB BusType: 3
01:20:35.613 Disk 0 MBR read successfully
01:20:35.615 Disk 0 MBR scan
01:20:35.618 Disk 0 unknown MBR code
01:20:35.622 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1200 MB offset 2048
01:20:35.632 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465738 MB offset 2459648
01:20:35.662 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10000 MB offset 956291072
01:20:35.705 Disk 0 scanning C:\Windows\system32\drivers
01:20:44.129 Service scanning
01:21:22.193 Modules scanning
01:21:22.204 Disk 0 trace - called modules:
01:21:22.456 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
01:21:22.839 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004be7060]
01:21:22.844 3 CLASSPNP.SYS[fffff88001db243f] -> nt!IofCallDriver -> [0xfffffa8004941ab0]
01:21:22.857 5 ACPI.sys[fffff88000e1a7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004944050]
01:21:29.215 AVAST engine scan C:\Windows
01:21:32.164 AVAST engine scan C:\Windows\system32
01:23:06.365 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
01:23:08.267 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
01:24:08.991 AVAST engine scan C:\Windows\system32\drivers
01:24:19.026 AVAST engine scan C:\Users\Ben
01:27:24.072 AVAST engine scan C:\ProgramData
01:27:59.709 Scan finished successfully
01:31:34.324 Disk 0 MBR has been saved successfully to "C:\Users\Ben\Documents\MBR.dat"
01:31:34.333 The log file has been saved successfully to "C:\Users\Ben\Documents\aswMBR.txt"

C:\Windows\Installer\{667eb042-151e-3064-dea8-db6e5881f041}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{667eb042-151e-3064-dea8-db6e5881f041}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{667eb042-151e-3064-dea8-db6e5881f041}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\Installer\{667eb042-151e-3064-dea8-db6e5881f041}\U\80000064.@ Win64/Sirefef.AN trojan cleaned by deleting - quarantined
Operating memory multiple threats

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:43 AM

Posted 21 July 2012 - 06:56 AM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users