Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I have the FBI Reveton Malware


  • Please log in to reply
12 replies to this topic

#1 Chris1348

Chris1348

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 AM

Posted 04 September 2012 - 07:02 PM

Hello,

I have a laptop with Windows 7, 32-bit, and I have the FBI virus, (I think it is from Reveton???). I have ran my computer in safe mode with networking and have been able to remove it using Malware Bytes. However, it seems to come back when the computer is restarted. I also have noticed that my Forefront protection endpoint is also not working. It says that the service needs to be started. Once it press Start, it says it can not for the file. This virus also has turned my Windows firewall off. I have though, installed the free version of COMODO to help while I try to fix the problems.

Can anybody help guide me to the correct forum and how to get started in cleaning my machine?

Thanks,

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:05 AM

Posted 04 September 2012 - 07:02 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Chris1348

Chris1348
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 AM

Posted 04 September 2012 - 08:00 PM

I have been running these scanners and am waiting fot the ESET to finish before I post the logs. Should I be selecting the FIX option that each of these scanners offer?

#4 Chris1348

Chris1348
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 AM

Posted 04 September 2012 - 08:13 PM

TDSSKILLER LOG

20:10:03.0627 9232 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:10:03.0957 9232 ============================================================
20:10:03.0957 9232 Current date / time: 2012/09/04 20:10:03.0957
20:10:03.0957 9232 SystemInfo:
20:10:03.0957 9232
20:10:03.0957 9232 OS Version: 6.1.7601 ServicePack: 1.0
20:10:03.0957 9232 Product type: Workstation
20:10:03.0957 9232 ComputerName: FE1297
20:10:03.0957 9232 UserName: ChrisZ
20:10:03.0957 9232 Windows directory: C:\Windows
20:10:03.0957 9232 System windows directory: C:\Windows
20:10:03.0957 9232 Processor architecture: Intel x86
20:10:03.0957 9232 Number of processors: 4
20:10:03.0957 9232 Page size: 0x1000
20:10:03.0957 9232 Boot type: Normal boot
20:10:03.0957 9232 ============================================================
20:10:04.0297 9232 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:10:04.0297 9232 ============================================================
20:10:04.0297 9232 \Device\Harddisk0\DR0:
20:10:04.0307 9232 MBR partitions:
20:10:04.0307 9232 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
20:10:04.0307 9232 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x226DD800
20:10:04.0307 9232 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22936000, BlocksNum 0x2AF82B0
20:10:04.0307 9232 ============================================================
20:10:04.0327 9232 C: <-> \Device\Harddisk0\DR0\Partition2
20:10:04.0377 9232 Q: <-> \Device\Harddisk0\DR0\Partition3
20:10:04.0377 9232 ============================================================
20:10:04.0377 9232 Initialize success
20:10:04.0377 9232 ============================================================
20:10:41.0238 10132 ============================================================
20:10:41.0238 10132 Scan started
20:10:41.0238 10132 Mode: Manual; TDLFS;
20:10:41.0238 10132 ============================================================
20:10:41.0648 10132 ================ Scan system memory ========================
20:10:41.0648 10132 System memory - ok
20:10:41.0648 10132 ================ Scan services =============================
20:10:41.0808 10132 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:10:41.0808 10132 1394ohci - ok
20:10:41.0858 10132 [ 1875F492C399DB858E77C1B29366D54B ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
20:10:41.0858 10132 5U877 - ok
20:10:41.0898 10132 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:10:41.0898 10132 ACPI - ok
20:10:41.0928 10132 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:10:41.0928 10132 AcpiPmi - ok
20:10:42.0038 10132 [ 1933DB4808793F3BD7AB34A39A809425 ] AcPrfMgrSvc C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
20:10:42.0038 10132 AcPrfMgrSvc - ok
20:10:42.0058 10132 [ E7AF543334B21D84124709061A9AE4D7 ] AcSvc C:\Program Files\Lenovo\Access Connections\AcSvc.exe
20:10:42.0058 10132 AcSvc - ok
20:10:42.0138 10132 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:10:42.0138 10132 AdobeARMservice - ok
20:10:42.0208 10132 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:10:42.0208 10132 AdobeFlashPlayerUpdateSvc - ok
20:10:42.0258 10132 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:10:42.0268 10132 adp94xx - ok
20:10:42.0288 10132 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:10:42.0288 10132 adpahci - ok
20:10:42.0318 10132 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:10:42.0318 10132 adpu320 - ok
20:10:42.0348 10132 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:10:42.0348 10132 AeLookupSvc - ok
20:10:42.0548 10132 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:10:42.0548 10132 AFD - ok
20:10:42.0588 10132 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:10:42.0588 10132 agp440 - ok
20:10:42.0618 10132 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:10:42.0618 10132 aic78xx - ok
20:10:42.0658 10132 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:10:42.0658 10132 ALG - ok
20:10:42.0688 10132 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:10:42.0688 10132 aliide - ok
20:10:42.0718 10132 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:10:42.0718 10132 amdagp - ok
20:10:42.0738 10132 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:10:42.0738 10132 amdide - ok
20:10:42.0768 10132 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:10:42.0768 10132 AmdK8 - ok
20:10:42.0778 10132 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:10:42.0778 10132 AmdPPM - ok
20:10:42.0818 10132 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:10:42.0818 10132 amdsata - ok
20:10:42.0838 10132 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:10:42.0838 10132 amdsbs - ok
20:10:42.0858 10132 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:10:42.0858 10132 amdxata - ok
20:10:42.0888 10132 [ 99BBEF4A68BF398ED647F4EEB8FF66D4 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
20:10:42.0888 10132 AMPPAL - ok
20:10:42.0898 10132 [ 99BBEF4A68BF398ED647F4EEB8FF66D4 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
20:10:42.0898 10132 AMPPALP - ok
20:10:42.0968 10132 [ EF4022E9C59B20438C1304424D9441F4 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
20:10:42.0978 10132 AMPPALR3 - ok
20:10:43.0018 10132 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:10:43.0018 10132 AppID - ok
20:10:43.0238 10132 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:10:43.0238 10132 AppIDSvc - ok
20:10:43.0258 10132 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:10:43.0268 10132 Appinfo - ok
20:10:43.0318 10132 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:10:43.0318 10132 Apple Mobile Device - ok
20:10:43.0358 10132 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:10:43.0358 10132 AppMgmt - ok
20:10:43.0388 10132 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:10:43.0388 10132 arc - ok
20:10:43.0398 10132 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:10:43.0398 10132 arcsas - ok
20:10:43.0498 10132 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:10:43.0498 10132 aspnet_state - ok
20:10:43.0528 10132 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:10:43.0528 10132 AsyncMac - ok
20:10:43.0568 10132 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:10:43.0568 10132 atapi - ok
20:10:43.0618 10132 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:10:43.0628 10132 AudioEndpointBuilder - ok
20:10:43.0628 10132 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:10:43.0638 10132 Audiosrv - ok
20:10:43.0668 10132 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:10:43.0678 10132 AxInstSV - ok
20:10:43.0718 10132 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:10:43.0718 10132 b06bdrv - ok
20:10:43.0738 10132 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:10:43.0738 10132 b57nd60x - ok
20:10:43.0768 10132 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:10:43.0768 10132 BDESVC - ok
20:10:43.0788 10132 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:10:43.0788 10132 Beep - ok
20:10:43.0828 10132 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:10:43.0838 10132 BFE - ok
20:10:43.0868 10132 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:10:43.0868 10132 blbdrive - ok
20:10:43.0928 10132 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:10:43.0928 10132 Bonjour Service - ok
20:10:43.0958 10132 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:10:43.0958 10132 bowser - ok
20:10:43.0968 10132 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:10:43.0968 10132 BrFiltLo - ok
20:10:43.0988 10132 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:10:43.0988 10132 BrFiltUp - ok
20:10:44.0018 10132 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:10:44.0018 10132 Browser - ok
20:10:44.0038 10132 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:10:44.0038 10132 Brserid - ok
20:10:44.0048 10132 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:10:44.0048 10132 BrSerWdm - ok
20:10:44.0088 10132 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:10:44.0088 10132 BrUsbMdm - ok
20:10:44.0088 10132 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:10:44.0088 10132 BrUsbSer - ok
20:10:44.0118 10132 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:10:44.0118 10132 BthEnum - ok
20:10:44.0128 10132 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:10:44.0128 10132 BTHMODEM - ok
20:10:44.0148 10132 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:10:44.0148 10132 BthPan - ok
20:10:44.0178 10132 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:10:44.0178 10132 BTHPORT - ok
20:10:44.0208 10132 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:10:44.0208 10132 bthserv - ok
20:10:44.0238 10132 [ 8893814133AFDD17431E2682EDE2DCE9 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
20:10:44.0238 10132 BTHSSecurityMgr - ok
20:10:44.0258 10132 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:10:44.0258 10132 BTHUSB - ok
20:10:44.0298 10132 [ 390946C125C045BD548CD66354607EB6 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
20:10:44.0308 10132 BTWAMPFL - ok
20:10:44.0328 10132 [ 8B9CF1270A03571A16087E6C5DFA14EF ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:10:44.0328 10132 btwaudio - ok
20:10:44.0338 10132 [ A795563474129CFEB3D64988E68F8607 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
20:10:44.0338 10132 btwavdt - ok
20:10:44.0418 10132 [ 432D888EEF8DE36D4ED7005136021CF7 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
20:10:44.0418 10132 btwdins - ok
20:10:44.0438 10132 [ 53F0EDC6FAF9CE6C5E53EE7EF8D411C0 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:10:44.0438 10132 btwl2cap - ok
20:10:44.0458 10132 [ 772F7672F4C0BCC6085B2AC511CDC335 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:10:44.0458 10132 btwrchid - ok
20:10:44.0518 10132 [ 8059475F9CA375BC8191F8FB72D329A6 ] c2wts C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe
20:10:44.0518 10132 c2wts - ok
20:10:44.0578 10132 [ A454A9BAA25B8C8E76735DD86BD4B017 ] CcmExec C:\Windows\system32\CCM\CcmExec.exe
20:10:44.0588 10132 CcmExec - ok
20:10:44.0608 10132 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:10:44.0608 10132 cdfs - ok
20:10:44.0658 10132 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:10:44.0658 10132 cdrom - ok
20:10:44.0688 10132 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:10:44.0698 10132 CertPropSvc - ok
20:10:44.0728 10132 [ 34B4DB818E86C2822C2AF43108D660F1 ] CFRMD C:\Windows\system32\DRIVERS\CFRMD.sys
20:10:44.0728 10132 CFRMD - ok
20:10:44.0768 10132 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:10:44.0768 10132 circlass - ok
20:10:44.0788 10132 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:10:44.0788 10132 CLFS - ok
20:10:44.0837 10132 [ 9A5E6527E49415D6ED1572719AFE2EF0 ] CLPSLauncher C:\Program Files\Common Files\Comodo\launcher_service.exe
20:10:44.0837 10132 CLPSLauncher - ok
20:10:44.0907 10132 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:10:44.0907 10132 clr_optimization_v2.0.50727_32 - ok
20:10:44.0937 10132 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:10:44.0937 10132 clr_optimization_v4.0.30319_32 - ok
20:10:44.0957 10132 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:10:44.0957 10132 CmBatt - ok
20:10:45.0057 10132 [ 907324001AE25AC5959C91EAA34CABAE ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
20:10:45.0087 10132 cmdAgent - ok
20:10:45.0127 10132 [ ED042DA80D9D6A087E83DF395CEEFD65 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
20:10:45.0127 10132 cmdGuard - ok
20:10:45.0157 10132 [ ED6B6A222CB9ADF6751E02AD478A89FB ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
20:10:45.0157 10132 cmdHlp - ok
20:10:45.0187 10132 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:10:45.0187 10132 cmdide - ok
20:10:45.0217 10132 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:10:45.0217 10132 CNG - ok
20:10:45.0277 10132 [ C8603C5C58C6A0C6FEDFF6DCEF7E1E47 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
20:10:45.0287 10132 CnxtHdAudService - ok
20:10:45.0317 10132 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:10:45.0317 10132 Compbatt - ok
20:10:45.0347 10132 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:10:45.0347 10132 CompositeBus - ok
20:10:45.0367 10132 COMSysApp - ok
20:10:45.0397 10132 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:10:45.0397 10132 crcdisk - ok
20:10:45.0447 10132 [ 02769C8EFF729AFEA7DB14AE04394741 ] CrmSqlStartupSvc C:\Program Files\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe
20:10:45.0447 10132 CrmSqlStartupSvc - ok
20:10:45.0487 10132 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:10:45.0487 10132 CryptSvc - ok
20:10:45.0517 10132 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:10:45.0517 10132 CSC - ok
20:10:45.0557 10132 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:10:45.0557 10132 CscService - ok
20:10:45.0607 10132 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys
20:10:45.0607 10132 CVirtA - ok
20:10:45.0667 10132 [ 30443EEF52F5FB043654859EAA8E5247 ] CVPND C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
20:10:45.0687 10132 CVPND - ok
20:10:45.0727 10132 [ CB90B2762B1A1D0B40496400C55B6ADE ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
20:10:45.0727 10132 CVPNDRVA - ok
20:10:45.0747 10132 [ A4E503CE89CD1287892CB6AB58BBE75C ] CxAudMsg C:\Windows\system32\CxAudMsg32.exe
20:10:45.0757 10132 CxAudMsg - ok
20:10:45.0787 10132 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:10:45.0787 10132 DcomLaunch - ok
20:10:45.0817 10132 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:10:45.0817 10132 defragsvc - ok
20:10:45.0847 10132 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:10:45.0847 10132 DfsC - ok
20:10:45.0887 10132 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:10:45.0887 10132 Dhcp - ok
20:10:45.0907 10132 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:10:45.0907 10132 discache - ok
20:10:45.0937 10132 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:10:45.0937 10132 Disk - ok
20:10:45.0967 10132 [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE C:\Windows\system32\DRIVERS\dne2000.sys
20:10:45.0967 10132 DNE - ok
20:10:45.0997 10132 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:10:45.0997 10132 Dnscache - ok
20:10:46.0027 10132 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:10:46.0037 10132 dot3svc - ok
20:10:46.0057 10132 [ 6D279BB0DE1D8E34F454E1B353F4D738 ] DozeHDD C:\Windows\system32\DRIVERS\DozeHDD.sys
20:10:46.0057 10132 DozeHDD - ok
20:10:46.0107 10132 [ 01E2180C3D72CB0ADCC43FB83D18942A ] DozeSvc C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
20:10:46.0107 10132 DozeSvc - ok
20:10:46.0137 10132 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:10:46.0137 10132 DPS - ok
20:10:46.0167 10132 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:10:46.0167 10132 drmkaud - ok
20:10:46.0197 10132 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:10:46.0197 10132 DXGKrnl - ok
20:10:46.0237 10132 [ 1BD726A72DF3EAB9CB0FD396304EC1FB ] e1cexpress C:\Windows\system32\DRIVERS\e1c6232.sys
20:10:46.0237 10132 e1cexpress - ok
20:10:46.0267 10132 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:10:46.0267 10132 EapHost - ok
20:10:46.0347 10132 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:10:46.0377 10132 ebdrv - ok
20:10:46.0387 10132 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:10:46.0387 10132 EFS - ok
20:10:46.0437 10132 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:10:46.0447 10132 ehRecvr - ok
20:10:46.0477 10132 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:10:46.0477 10132 ehSched - ok
20:10:46.0517 10132 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:10:46.0517 10132 elxstor - ok
20:10:46.0537 10132 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:10:46.0537 10132 ErrDev - ok
20:10:46.0587 10132 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:10:46.0587 10132 EventSystem - ok
20:10:46.0657 10132 [ B6C691D8CAE275ED9B2782E62626F36A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:10:46.0667 10132 EvtEng - ok
20:10:46.0697 10132 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:10:46.0697 10132 exfat - ok
20:10:46.0717 10132 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:10:46.0717 10132 fastfat - ok
20:10:46.0757 10132 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:10:46.0767 10132 Fax - ok
20:10:46.0787 10132 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:10:46.0787 10132 fdc - ok
20:10:46.0817 10132 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:10:46.0817 10132 fdPHost - ok
20:10:46.0837 10132 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:10:46.0837 10132 FDResPub - ok
20:10:46.0847 10132 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:10:46.0847 10132 FileInfo - ok
20:10:46.0877 10132 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:10:46.0877 10132 Filetrace - ok
20:10:46.0897 10132 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:10:46.0897 10132 flpydisk - ok
20:10:46.0907 10132 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:10:46.0907 10132 FltMgr - ok
20:10:46.0947 10132 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:10:46.0957 10132 FontCache - ok
20:10:47.0017 10132 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:10:47.0017 10132 FontCache3.0.0.0 - ok
20:10:47.0027 10132 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:10:47.0027 10132 FsDepends - ok
20:10:47.0057 10132 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:10:47.0057 10132 Fs_Rec - ok
20:10:47.0097 10132 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:10:47.0097 10132 fvevol - ok
20:10:47.0127 10132 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:10:47.0127 10132 gagp30kx - ok
20:10:47.0177 10132 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:10:47.0177 10132 GEARAspiWDM - ok
20:10:47.0207 10132 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:10:47.0207 10132 gpsvc - ok
20:10:47.0217 10132 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:10:47.0217 10132 hcw85cir - ok
20:10:47.0237 10132 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:10:47.0247 10132 HdAudAddService - ok
20:10:47.0257 10132 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:10:47.0257 10132 HDAudBus - ok
20:10:47.0277 10132 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:10:47.0277 10132 HidBatt - ok
20:10:47.0297 10132 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:10:47.0297 10132 HidBth - ok
20:10:47.0307 10132 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:10:47.0307 10132 HidIr - ok
20:10:47.0337 10132 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:10:47.0337 10132 hidserv - ok
20:10:47.0367 10132 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:10:47.0367 10132 HidUsb - ok
20:10:47.0387 10132 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:10:47.0397 10132 hkmsvc - ok
20:10:47.0407 10132 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:10:47.0407 10132 HomeGroupListener - ok
20:10:47.0437 10132 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:10:47.0447 10132 HomeGroupProvider - ok
20:10:47.0547 10132 [ D1E9CB573A9EDF7BE12E9C57F32E97F7 ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
20:10:47.0547 10132 HP LaserJet Service - ok
20:10:47.0577 10132 [ 6F98A555ACF3C1B68FCC1F50E0FD2091 ] HPFXBULKLEDM C:\Windows\system32\drivers\hppcbulkio.sys
20:10:47.0577 10132 HPFXBULKLEDM - ok
20:10:47.0637 10132 [ 7F854BD9C113B4569CE6579EA3847A2A ] HPFXFAX C:\Windows\system32\drivers\hppcfaxio.sys
20:10:47.0637 10132 HPFXFAX - ok
20:10:47.0677 10132 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:10:47.0677 10132 HpSAMD - ok
20:10:47.0717 10132 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:10:47.0717 10132 HTTP - ok
20:10:47.0747 10132 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:10:47.0747 10132 hwpolicy - ok
20:10:47.0807 10132 [ 2659C0471671CB689AA0C5ECDC0BC8F1 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc.exe
20:10:47.0807 10132 HyperW7Svc - ok
20:10:47.0857 10132 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:10:47.0857 10132 i8042prt - ok
20:10:47.0877 10132 [ DB81F413FA4E3F328CAD7B5D59EF3F21 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:10:47.0887 10132 iaStor - ok
20:10:47.0907 10132 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:10:47.0907 10132 iaStorV - ok
20:10:47.0937 10132 [ E3FFC8CB45B3F55264EE10F084B2731B ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
20:10:47.0937 10132 IBMPMDRV - ok
20:10:47.0947 10132 [ 5565982522EE9D4E8921FEB304D4226F ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
20:10:47.0947 10132 IBMPMSVC - ok
20:10:47.0987 10132 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:10:47.0987 10132 idsvc - ok
20:10:48.0177 10132 [ 40F8A0F85BCE94F766808AEEE8F96FA8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:10:48.0307 10132 igfx - ok
20:10:48.0357 10132 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:10:48.0357 10132 iirsp - ok
20:10:48.0387 10132 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:10:48.0387 10132 IKEEXT - ok
20:10:48.0427 10132 [ 2EE3DB2C1760171C6F72F2F1792A47B5 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
20:10:48.0427 10132 inspect - ok
20:10:48.0477 10132 [ C4FA261B9B5C9822D26020949605AC43 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:10:48.0487 10132 IntcDAud - ok
20:10:48.0507 10132 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:10:48.0507 10132 intelide - ok
20:10:48.0547 10132 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:10:48.0547 10132 intelppm - ok
20:10:48.0567 10132 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:10:48.0567 10132 IPBusEnum - ok
20:10:48.0577 10132 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:10:48.0587 10132 IpFilterDriver - ok
20:10:48.0597 10132 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:10:48.0597 10132 IPMIDRV - ok
20:10:48.0617 10132 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:10:48.0617 10132 IPNAT - ok
20:10:48.0657 10132 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:10:48.0657 10132 iPod Service - ok
20:10:48.0687 10132 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:10:48.0687 10132 IRENUM - ok
20:10:48.0707 10132 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:10:48.0707 10132 isapnp - ok
20:10:48.0727 10132 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:10:48.0727 10132 iScsiPrt - ok
20:10:48.0787 10132 [ 6FAF199FDFFDD2376973143C3E012765 ] jhi_service C:\Program Files\Intel\Services\IPT\jhi_service.exe
20:10:48.0787 10132 jhi_service - ok
20:10:48.0807 10132 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:10:48.0817 10132 kbdclass - ok
20:10:48.0837 10132 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:10:48.0837 10132 kbdhid - ok
20:10:48.0857 10132 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:10:48.0857 10132 KeyIso - ok
20:10:48.0877 10132 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:10:48.0877 10132 KSecDD - ok
20:10:48.0887 10132 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:10:48.0887 10132 KSecPkg - ok
20:10:48.0917 10132 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:10:48.0917 10132 KtmRm - ok
20:10:48.0947 10132 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:10:48.0947 10132 LanmanServer - ok
20:10:48.0967 10132 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:10:48.0967 10132 LanmanWorkstation - ok
20:10:49.0027 10132 [ A4973DF3264791952D6D7AB56565DD55 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
20:10:49.0027 10132 LENOVO.CAMMUTE - ok
20:10:49.0077 10132 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
20:10:49.0077 10132 LENOVO.MICMUTE - ok
20:10:49.0097 10132 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\Windows\system32\DRIVERS\smiif32.sys
20:10:49.0097 10132 lenovo.smi - ok
20:10:49.0117 10132 [ 05D72DE005BE625CE60CE3BE4FAB9714 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
20:10:49.0127 10132 LENOVO.TPKNRSVC - ok
20:10:49.0147 10132 [ 158B67696EC8602CE71F9AA4F14AA96F ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
20:10:49.0157 10132 Lenovo.VIRTSCRLSVC - ok
20:10:49.0197 10132 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:10:49.0197 10132 lltdio - ok
20:10:49.0217 10132 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:10:49.0227 10132 lltdsvc - ok
20:10:49.0237 10132 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:10:49.0237 10132 lmhosts - ok
20:10:49.0277 10132 [ DB083F1D27BA8A59CABB00F0A0FB6F84 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:10:49.0277 10132 LMS - ok
20:10:49.0317 10132 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:10:49.0317 10132 LSI_FC - ok
20:10:49.0327 10132 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:10:49.0327 10132 LSI_SAS - ok
20:10:49.0337 10132 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:10:49.0337 10132 LSI_SAS2 - ok
20:10:49.0347 10132 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:10:49.0347 10132 LSI_SCSI - ok
20:10:49.0387 10132 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:10:49.0387 10132 luafv - ok
20:10:49.0407 10132 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:10:49.0407 10132 Mcx2Svc - ok
20:10:49.0477 10132 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
20:10:49.0477 10132 MDM - ok
20:10:49.0497 10132 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:10:49.0507 10132 megasas - ok
20:10:49.0517 10132 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:10:49.0517 10132 MegaSR - ok
20:10:49.0567 10132 [ D86AC00883B9C98B570E7643AAF8E554 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
20:10:49.0567 10132 MEI - ok
20:10:49.0617 10132 Microsoft SharePoint Workspace Audit Service - ok
20:10:49.0647 10132 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:10:49.0647 10132 MMCSS - ok
20:10:49.0657 10132 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:10:49.0657 10132 Modem - ok
20:10:49.0687 10132 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:10:49.0687 10132 monitor - ok
20:10:49.0717 10132 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:10:49.0717 10132 mouclass - ok
20:10:49.0757 10132 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:10:49.0757 10132 mouhid - ok
20:10:49.0777 10132 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:10:49.0777 10132 mountmgr - ok
20:10:49.0817 10132 [ 7E34BFA1A7B60BBA1DA03D677F16CD63 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:10:49.0817 10132 MpFilter - ok
20:10:49.0827 10132 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:10:49.0827 10132 mpio - ok
20:10:49.0837 10132 [ F32E2D6A1640A469A9ED4F1929A4A861 ] MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys
20:10:49.0847 10132 MpNWMon - ok
20:10:49.0867 10132 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:10:49.0867 10132 mpsdrv - ok
20:10:49.0907 10132 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:10:49.0917 10132 MpsSvc - ok
20:10:49.0937 10132 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:10:49.0937 10132 MRxDAV - ok
20:10:49.0967 10132 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:10:49.0967 10132 mrxsmb - ok
20:10:49.0987 10132 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:10:49.0987 10132 mrxsmb10 - ok
20:10:49.0997 10132 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:10:49.0997 10132 mrxsmb20 - ok
20:10:50.0017 10132 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:10:50.0017 10132 msahci - ok
20:10:50.0037 10132 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:10:50.0037 10132 msdsm - ok
20:10:50.0057 10132 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:10:50.0057 10132 MSDTC - ok
20:10:50.0097 10132 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:10:50.0097 10132 Msfs - ok
20:10:50.0107 10132 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:10:50.0107 10132 mshidkmdf - ok
20:10:50.0137 10132 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:10:50.0137 10132 msisadrv - ok
20:10:50.0167 10132 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:10:50.0167 10132 MSiSCSI - ok
20:10:50.0167 10132 msiserver - ok
20:10:50.0187 10132 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:10:50.0187 10132 MSKSSRV - ok
20:10:50.0257 10132 [ 49AAB9D55319DB55A7D36167656D412A ] msoidsvc C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
20:10:50.0267 10132 msoidsvc - ok
20:10:50.0307 10132 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:10:50.0307 10132 MSPCLOCK - ok
20:10:50.0317 10132 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:10:50.0317 10132 MSPQM - ok
20:10:50.0337 10132 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:10:50.0337 10132 MsRPC - ok
20:10:50.0357 10132 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:10:50.0357 10132 mssmbios - ok
20:10:50.0367 10132 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:10:50.0367 10132 MSTEE - ok
20:10:50.0387 10132 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:10:50.0387 10132 MTConfig - ok
20:10:50.0397 10132 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:10:50.0397 10132 Mup - ok
20:10:50.0417 10132 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:10:50.0427 10132 napagent - ok
20:10:50.0457 10132 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:10:50.0457 10132 NativeWifiP - ok
20:10:50.0487 10132 [ 3723262737D90F58059CEDA7373B0387 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:10:50.0497 10132 NDIS - ok
20:10:50.0507 10132 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:10:50.0507 10132 NdisCap - ok
20:10:50.0527 10132 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:10:50.0527 10132 NdisTapi - ok
20:10:50.0557 10132 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:10:50.0557 10132 Ndisuio - ok
20:10:50.0577 10132 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:10:50.0577 10132 NdisWan - ok
20:10:50.0607 10132 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:10:50.0617 10132 NDProxy - ok
20:10:50.0657 10132 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:10:50.0667 10132 Net Driver HPZ12 - ok
20:10:50.0697 10132 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:10:50.0697 10132 NetBIOS - ok
20:10:50.0727 10132 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:10:50.0727 10132 NetBT - ok
20:10:50.0737 10132 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:10:50.0737 10132 Netlogon - ok
20:10:50.0777 10132 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:10:50.0777 10132 Netman - ok
20:10:50.0807 10132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:10:50.0807 10132 NetMsmqActivator - ok
20:10:50.0807 10132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:10:50.0807 10132 NetPipeActivator - ok
20:10:50.0817 10132 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:10:50.0817 10132 netprofm - ok
20:10:50.0827 10132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:10:50.0827 10132 NetTcpActivator - ok
20:10:50.0827 10132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:10:50.0827 10132 NetTcpPortSharing - ok
20:10:50.0907 10132 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
20:10:50.0967 10132 netw5v32 - ok
20:10:51.0097 10132 [ 5C979C481981E04919ECBB3B88D54B34 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
20:10:51.0167 10132 NETwNs32 - ok
20:10:51.0237 10132 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:10:51.0237 10132 nfrd960 - ok
20:10:51.0247 10132 [ 17E2C08C5ECFBE94A7C67B1C275EE9D9 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:10:51.0247 10132 NisDrv - ok
20:10:51.0287 10132 [ C73DE53197AC0C4DB60B80588F0D54DF ] NisSrv c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
20:10:51.0287 10132 NisSrv - ok
20:10:51.0317 10132 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:10:51.0317 10132 NlaSvc - ok
20:10:51.0327 10132 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:10:51.0337 10132 Npfs - ok
20:10:51.0357 10132 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:10:51.0357 10132 nsi - ok
20:10:51.0377 10132 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:10:51.0377 10132 nsiproxy - ok
20:10:51.0417 10132 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:10:51.0447 10132 Ntfs - ok
20:10:51.0487 10132 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:10:51.0487 10132 Null - ok
20:10:51.0527 10132 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:10:51.0527 10132 nvraid - ok
20:10:51.0537 10132 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:10:51.0537 10132 nvstor - ok
20:10:51.0557 10132 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:10:51.0557 10132 nv_agp - ok
20:10:51.0587 10132 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:10:51.0587 10132 ohci1394 - ok
20:10:51.0647 10132 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:10:51.0647 10132 ose - ok
20:10:51.0757 10132 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:10:51.0847 10132 osppsvc - ok
20:10:51.0887 10132 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:10:51.0887 10132 p2pimsvc - ok
20:10:51.0927 10132 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:10:51.0937 10132 p2psvc - ok
20:10:51.0957 10132 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:10:51.0957 10132 Parport - ok
20:10:51.0977 10132 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:10:51.0977 10132 partmgr - ok
20:10:51.0987 10132 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:10:51.0987 10132 Parvdm - ok
20:10:52.0007 10132 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:10:52.0007 10132 PcaSvc - ok
20:10:52.0027 10132 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:10:52.0027 10132 pci - ok
20:10:52.0057 10132 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:10:52.0057 10132 pciide - ok
20:10:52.0077 10132 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:10:52.0077 10132 pcmcia - ok
20:10:52.0087 10132 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:10:52.0087 10132 pcw - ok
20:10:52.0107 10132 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:10:52.0107 10132 PEAUTH - ok
20:10:52.0147 10132 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:10:52.0147 10132 PeerDistSvc - ok
20:10:52.0177 10132 [ D9689E676B1FC3DBB47B04958A66B7BC ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE.SYS
20:10:52.0177 10132 PHCORE - ok
20:10:52.0227 10132 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:10:52.0237 10132 pla - ok
20:10:52.0277 10132 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:10:52.0277 10132 PlugPlay - ok
20:10:52.0297 10132 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:10:52.0297 10132 Pml Driver HPZ12 - ok
20:10:52.0337 10132 [ B4079D61B5C6B4919BDE17C38202E236 ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
20:10:52.0337 10132 pmxdrv - ok
20:10:52.0367 10132 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:10:52.0367 10132 PNRPAutoReg - ok
20:10:52.0377 10132 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:10:52.0387 10132 PNRPsvc - ok
20:10:52.0417 10132 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:10:52.0417 10132 PolicyAgent - ok
20:10:52.0447 10132 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:10:52.0447 10132 Power - ok
20:10:52.0497 10132 [ 6F51482ADCED13CEBFE0F1054F2116F2 ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
20:10:52.0497 10132 Power Manager DBC Service - ok
20:10:52.0517 10132 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:10:52.0517 10132 PptpMiniport - ok
20:10:52.0597 10132 [ 2A4514A9233D35A355F569FF8B8F6240 ] prepdrvr C:\Windows\system32\CCM\prepdrv.sys
20:10:52.0597 10132 prepdrvr - ok
20:10:52.0597 10132 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:10:52.0607 10132 Processor - ok
20:10:52.0647 10132 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:10:52.0647 10132 ProfSvc - ok
20:10:52.0657 10132 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:10:52.0657 10132 ProtectedStorage - ok
20:10:52.0677 10132 [ 80DDC44934305224AEBFC37A264803C2 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
20:10:52.0677 10132 psadd - ok
20:10:52.0697 10132 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:10:52.0697 10132 Psched - ok
20:10:52.0727 10132 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:10:52.0727 10132 PSI_SVC_2 - ok
20:10:52.0767 10132 [ AF8B60D65F8B39C4FAC6BE8641923F37 ] PwmEWSvc C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
20:10:52.0767 10132 PwmEWSvc - ok
20:10:52.0797 10132 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:10:52.0807 10132 ql2300 - ok
20:10:52.0827 10132 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:10:52.0827 10132 ql40xx - ok
20:10:52.0867 10132 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:10:52.0867 10132 QWAVE - ok
20:10:52.0887 10132 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:10:52.0887 10132 QWAVEdrv - ok
20:10:52.0897 10132 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:10:52.0897 10132 RasAcd - ok
20:10:52.0937 10132 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:10:52.0937 10132 RasAgileVpn - ok
20:10:52.0937 10132 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:10:52.0937 10132 RasAuto - ok
20:10:52.0977 10132 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:10:52.0977 10132 Rasl2tp - ok
20:10:52.0997 10132 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:10:53.0007 10132 RasMan - ok
20:10:53.0017 10132 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:10:53.0017 10132 RasPppoe - ok
20:10:53.0017 10132 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:10:53.0027 10132 RasSstp - ok
20:10:53.0047 10132 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:10:53.0047 10132 rdbss - ok
20:10:53.0087 10132 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:10:53.0087 10132 rdpbus - ok
20:10:53.0107 10132 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:10:53.0107 10132 RDPCDD - ok
20:10:53.0127 10132 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:10:53.0127 10132 RDPDR - ok
20:10:53.0157 10132 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:10:53.0157 10132 RDPENCDD - ok
20:10:53.0167 10132 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:10:53.0167 10132 RDPREFMP - ok
20:10:53.0187 10132 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:10:53.0197 10132 RDPWD - ok
20:10:53.0227 10132 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:10:53.0227 10132 rdyboost - ok
20:10:53.0257 10132 [ 24D3B49DAB660A8B8AFA40240E735E24 ] regi C:\Windows\system32\drivers\regi.sys
20:10:53.0257 10132 regi - ok
20:10:53.0287 10132 [ 6C47AC711F5FB55C5387A85D50AB4703 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:10:53.0287 10132 RegSrvc - ok
20:10:53.0317 10132 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:10:53.0317 10132 RemoteAccess - ok
20:10:53.0337 10132 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:10:53.0337 10132 RemoteRegistry - ok
20:10:53.0357 10132 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:10:53.0357 10132 RFCOMM - ok
20:10:53.0387 10132 [ FDFF8787DADE93EB7A9D636692B679DE ] risdxc C:\Windows\system32\DRIVERS\risdxc86.sys
20:10:53.0387 10132 risdxc - ok
20:10:53.0407 10132 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:10:53.0407 10132 RpcEptMapper - ok
20:10:53.0427 10132 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:10:53.0427 10132 RpcLocator - ok
20:10:53.0457 10132 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:10:53.0457 10132 RpcSs - ok
20:10:53.0487 10132 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:10:53.0487 10132 rspndr - ok
20:10:53.0507 10132 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:10:53.0507 10132 s3cap - ok
20:10:53.0517 10132 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:10:53.0517 10132 SamSs - ok
20:10:53.0547 10132 [ 1E5D06F915260E9270287A1839A98671 ] SAService C:\Windows\system32\SAsrv.exe
20:10:53.0547 10132 SAService - ok
20:10:53.0567 10132 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:10:53.0567 10132 sbp2port - ok
20:10:53.0597 10132 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:10:53.0597 10132 SCardSvr - ok
20:10:53.0617 10132 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:10:53.0617 10132 scfilter - ok
20:10:53.0657 10132 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:10:53.0657 10132 Schedule - ok
20:10:53.0687 10132 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:10:53.0687 10132 SCPolicySvc - ok
20:10:53.0737 10132 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:10:53.0737 10132 sdbus - ok
20:10:53.0767 10132 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:10:53.0767 10132 SDRSVC - ok
20:10:53.0797 10132 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:10:53.0797 10132 secdrv - ok
20:10:53.0817 10132 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:10:53.0817 10132 seclogon - ok
20:10:53.0827 10132 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:10:53.0837 10132 SENS - ok
20:10:53.0837 10132 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:10:53.0837 10132 SensrSvc - ok
20:10:53.0857 10132 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:10:53.0857 10132 Serenum - ok
20:10:53.0867 10132 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:10:53.0867 10132 Serial - ok
20:10:53.0877 10132 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:10:53.0887 10132 sermouse - ok
20:10:53.0917 10132 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:10:53.0917 10132 SessionEnv - ok
20:10:53.0947 10132 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:10:53.0947 10132 sffdisk - ok
20:10:53.0957 10132 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:10:53.0957 10132 sffp_mmc - ok
20:10:53.0997 10132 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:10:53.0997 10132 sffp_sd - ok
20:10:54.0037 10132 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:10:54.0047 10132 sfloppy - ok
20:10:54.0067 10132 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:10:54.0077 10132 ShellHWDetection - ok
20:10:54.0117 10132 [ 1624530D05155F4E5A4736531523BFF5 ] Shockprf C:\Windows\system32\DRIVERS\Apsx86.sys
20:10:54.0117 10132 Shockprf - ok
20:10:54.0147 10132 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:10:54.0147 10132 sisagp - ok
20:10:54.0197 10132 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:10:54.0197 10132 SiSRaid2 - ok
20:10:54.0217 10132 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:10:54.0217 10132 SiSRaid4 - ok
20:10:54.0247 10132 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:10:54.0247 10132 Smb - ok
20:10:54.0257 10132 smstsmgr - ok
20:10:54.0297 10132 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:10:54.0297 10132 SNMPTRAP - ok
20:10:54.0307 10132 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:10:54.0307 10132 spldr - ok
20:10:54.0347 10132 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:10:54.0347 10132 Spooler - ok
20:10:54.0797 10132 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:10:54.0837 10132 sppsvc - ok
20:10:54.0877 10132 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:10:54.0877 10132 sppuinotify - ok
20:10:54.0927 10132 [ D2AEEB5C15B4B256DC4EC2CE8219B090 ] SROSVC C:\Program Files\Lenovo\Screen Reading Optimizer\SROSVC.exe
20:10:54.0937 10132 SROSVC - ok
20:10:54.0957 10132 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:10:54.0957 10132 srv - ok
20:10:54.0967 10132 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:10:54.0967 10132 srv2 - ok
20:10:55.0027 10132 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:10:55.0027 10132 SrvHsfHDA - ok
20:10:55.0057 10132 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
20:10:55.0057 10132 SrvHsfV92 - ok
20:10:55.0077 10132 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
20:10:55.0077 10132 SrvHsfWinac - ok
20:10:55.0097 10132 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:10:55.0107 10132 srvnet - ok
20:10:55.0117 10132 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:10:55.0127 10132 SSDPSRV - ok
20:10:55.0137 10132 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:10:55.0147 10132 SstpSvc - ok
20:10:55.0187 10132 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:10:55.0187 10132 stexstor - ok
20:10:55.0257 10132 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:10:55.0267 10132 StiSvc - ok
20:10:55.0287 10132 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:10:55.0287 10132 storflt - ok
20:10:55.0307 10132 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
20:10:55.0317 10132 StorSvc - ok
20:10:55.0337 10132 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:10:55.0337 10132 storvsc - ok
20:10:55.0387 10132 [ 59B5A060A31BD4BAB030C4FCD1048292 ] SUService C:\Program Files\Lenovo\System Update\SUService.exe
20:10:55.0387 10132 SUService - ok
20:10:55.0397 10132 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:10:55.0397 10132 swenum - ok
20:10:55.0427 10132 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:10:55.0427 10132 swprv - ok
20:10:55.0467 10132 [ B41404EE2AACFB08DD1B3A6AFA0B62EB ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:10:55.0467 10132 SynTP - ok
20:10:55.0637 10132 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:10:55.0637 10132 SysMain - ok
20:10:55.0687 10132 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:10:55.0687 10132 TabletInputService - ok
20:10:55.0737 10132 [ 98A1E6BC9F766B0B0A5BF00AF847EF20 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
20:10:55.0737 10132 tap0901 - ok
20:10:55.0767 10132 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:10:55.0767 10132 TapiSrv - ok
20:10:55.0787 10132 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:10:55.0787 10132 TBS - ok
20:10:55.0847 10132 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:10:55.0847 10132 Tcpip - ok
20:10:55.0867 10132 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:10:55.0877 10132 TCPIP6 - ok
20:10:55.0917 10132 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:10:55.0917 10132 tcpipreg - ok
20:10:55.0947 10132 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:10:55.0947 10132 TDPIPE - ok
20:10:55.0977 10132 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:10:55.0977 10132 TDTCP - ok
20:10:56.0007 10132 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:10:56.0007 10132 tdx - ok
20:10:56.0027 10132 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:10:56.0037 10132 TermDD - ok
20:10:56.0067 10132 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:10:56.0067 10132 TermService - ok
20:10:56.0097 10132 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:10:56.0097 10132 Themes - ok
20:10:56.0107 10132 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:10:56.0107 10132 THREADORDER - ok
20:10:56.0117 10132 [ D2378FBBD668D9FE9B6B5E3139D506D3 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM86.sys
20:10:56.0117 10132 TPDIGIMN - ok
20:10:56.0137 10132 [ A34A1E6B5461273846D30F5898602A72 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG.exe
20:10:56.0137 10132 TPHDEXLGSVC - ok
20:10:56.0197 10132 [ 9CD364ECB3A10B24C7CAC8FF89993A67 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
20:10:56.0197 10132 TPHKLOAD - ok
20:10:56.0217 10132 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
20:10:56.0217 10132 TPHKSVC - ok
20:10:56.0257 10132 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
20:10:56.0257 10132 TPM - ok
20:10:56.0307 10132 [ C16EC6A5390904D3971179553852025B ] TPPWRIF C:\Windows\system32\drivers\Tppwr32v.sys
20:10:56.0307 10132 TPPWRIF - ok
20:10:56.0347 10132 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:10:56.0347 10132 TrkWks - ok
20:10:56.0387 10132 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:10:56.0387 10132 TrustedInstaller - ok
20:10:56.0397 10132 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:10:56.0397 10132 tssecsrv - ok
20:10:56.0437 10132 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:10:56.0437 10132 TsUsbFlt - ok
20:10:56.0467 10132 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:10:56.0467 10132 tunnel - ok
20:10:56.0538 10132 [ AAF458CC200326BEF602B5339400BF86 ] tvnserver C:\Program Files\Common Files\Comodo\tvnserver.exe
20:10:56.0538 10132 tvnserver - ok
20:10:56.0588 10132 [ 3078906E991F29305E8066911153717E ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
20:10:56.0588 10132 TVTI2C - ok
20:10:56.0618 10132 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:10:56.0618 10132 uagp35 - ok
20:10:56.0648 10132 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:10:56.0648 10132 udfs - ok
20:10:56.0668 10132 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:10:56.0668 10132 UI0Detect - ok
20:10:56.0738 10132 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
20:10:56.0738 10132 UleadBurningHelper - ok
20:10:56.0768 10132 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:10:56.0768 10132 uliagpkx - ok
20:10:56.0778 10132 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:10:56.0778 10132 umbus - ok
20:10:56.0808 10132 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:10:56.0808 10132 UmPass - ok
20:10:56.0828 10132 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:10:56.0838 10132 UmRdpService - ok
20:10:56.0938 10132 [ 07AE0C9F64C4D83ABAA816EE23548D6D ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:10:56.0978 10132 UNS - ok
20:10:57.0028 10132 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:10:57.0028 10132 upnphost - ok
20:10:57.0068 10132 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:10:57.0068 10132 USBAAPL - ok
20:10:57.0088 10132 [ 399D1015FCCC3FCB438A59CB9567E266 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:10:57.0088 10132 usbccgp - ok
20:10:57.0118 10132 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:10:57.0118 10132 usbcir - ok
20:10:57.0148 10132 [ 600B15106C0AE72D8583C5B710315AC6 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:10:57.0148 10132 usbehci - ok
20:10:57.0168 10132 [ E5110252BE0B1D03CCCDF41ED31D02C1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:10:57.0168 10132 usbhub - ok
20:10:57.0188 10132 [ E82967C733660A90F0248100D157BE67 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:10:57.0188 10132 usbohci - ok
20:10:57.0208 10132 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:10:57.0208 10132 usbprint - ok
20:10:57.0238 10132 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:10:57.0238 10132 usbscan - ok
20:10:57.0268 10132 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:10:57.0268 10132 USBSTOR - ok
20:10:57.0288 10132 [ BC5421344CE62C0394D93157D5FE5EF3 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:10:57.0288 10132 usbuhci - ok
20:10:57.0338 10132 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:10:57.0338 10132 usbvideo - ok
20:10:57.0358 10132 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:10:57.0368 10132 UxSms - ok
20:10:57.0368 10132 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:10:57.0368 10132 VaultSvc - ok
20:10:57.0398 10132 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:10:57.0398 10132 vdrvroot - ok
20:10:57.0428 10132 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:10:57.0438 10132 vds - ok
20:10:57.0448 10132 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:10:57.0448 10132 vga - ok
20:10:57.0458 10132 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:10:57.0458 10132 VgaSave - ok
20:10:57.0478 10132 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:10:57.0478 10132 vhdmp - ok
20:10:57.0498 10132 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:10:57.0498 10132 viaagp - ok
20:10:57.0508 10132 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:10:57.0508 10132 ViaC7 - ok
20:10:57.0528 10132 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:10:57.0528 10132 viaide - ok
20:10:57.0538 10132 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:10:57.0548 10132 vmbus - ok
20:10:57.0548 10132 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:10:57.0548 10132 VMBusHID - ok
20:10:57.0558 10132 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:10:57.0568 10132 volmgr - ok
20:10:57.0578 10132 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:10:57.0578 10132 volmgrx - ok
20:10:57.0598 10132 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:10:57.0598 10132 volsnap - ok
20:10:57.0628 10132 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:10:57.0628 10132 vsmraid - ok
20:10:57.0658 10132 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:10:57.0668 10132 VSS - ok
20:10:57.0678 10132 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:10:57.0678 10132 vwifibus - ok
20:10:57.0688 10132 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:10:57.0688 10132 vwififlt - ok
20:10:57.0718 10132 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:10:57.0718 10132 W32Time - ok
20:10:57.0728 10132 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:10:57.0728 10132 WacomPen - ok
20:10:57.0748 10132 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:10:57.0748 10132 WANARP - ok
20:10:57.0748 10132 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:10:57.0748 10132 Wanarpv6 - ok
20:10:57.0798 10132 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:10:57.0818 10132 WatAdminSvc - ok
20:10:57.0898 10132 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:10:57.0898 10132 wbengine - ok
20:10:57.0928 10132 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:10:57.0928 10132 WbioSrvc - ok
20:10:57.0948 10132 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:10:57.0958 10132 wcncsvc - ok
20:10:57.0968 10132 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:10:57.0968 10132 WcsPlugInService - ok
20:10:57.0998 10132 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:10:57.0998 10132 Wd - ok
20:10:58.0028 10132 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
20:10:58.0028 10132 WDC_SAM - ok
20:10:58.0048 10132 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:10:58.0048 10132 Wdf01000 - ok
20:10:58.0058 10132 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:10:58.0068 10132 WdiServiceHost - ok
20:10:58.0068 10132 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:10:58.0068 10132 WdiSystemHost - ok
20:10:58.0098 10132 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:10:58.0098 10132 WebClient - ok
20:10:58.0108 10132 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:10:58.0108 10132 Wecsvc - ok
20:10:58.0128 10132 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:10:58.0128 10132 wercplsupport - ok
20:10:58.0158 10132 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:10:58.0158 10132 WerSvc - ok
20:10:58.0198 10132 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:10:58.0198 10132 WfpLwf - ok
20:10:58.0208 10132 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:10:58.0208 10132 WIMMount - ok
20:10:58.0208 10132 WinHttpAutoProxySvc - ok
20:10:58.0258 10132 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:10:58.0258 10132 Winmgmt - ok
20:10:58.0288 10132 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:10:58.0298 10132 WinRM - ok
20:10:58.0358 10132 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:10:58.0358 10132 WinUsb - ok
20:10:58.0398 10132 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:10:58.0398 10132 Wlansvc - ok
20:10:58.0448 10132 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:10:58.0448 10132 wlcrasvc - ok
20:10:58.0488 10132 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:10:58.0508 10132 wlidsvc - ok
20:10:58.0559 10132 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:10:58.0559 10132 WmiAcpi - ok
20:10:58.0589 10132 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:10:58.0589 10132 wmiApSrv - ok
20:10:58.0639 10132 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:10:58.0649 10132 WMPNetworkSvc - ok
20:10:58.0709 10132 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:10:58.0709 10132 WPCSvc - ok
20:10:58.0729 10132 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:10:58.0729 10132 WPDBusEnum - ok
20:10:58.0759 10132 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:10:58.0759 10132 ws2ifsl - ok
20:10:58.0839 10132 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:10:58.0839 10132 wscsvc - ok
20:10:58.0839 10132 WSearch - ok
20:10:58.0899 10132 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:10:58.0909 10132 wuauserv - ok
20:10:58.0949 10132 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:10:58.0949 10132 WudfPf - ok
20:10:58.0989 10132 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:10:58.0989 10132 WUDFRd - ok
20:10:59.0009 10132 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:10:59.0009 10132 wudfsvc - ok
20:10:59.0039 10132 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:10:59.0039 10132 WwanSvc - ok
20:10:59.0079 10132 ================ Scan global ===============================
20:10:59.0099 10132 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:10:59.0119 10132 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
20:10:59.0129 10132 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
20:10:59.0149 10132 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:10:59.0179 10132 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:10:59.0179 10132 [Global] - ok
20:10:59.0179 10132 ================ Scan MBR ==================================
20:10:59.0189 10132 [ 5E90B58B7245A32C6D0544261A862EC5 ] \Device\Harddisk0\DR0
20:10:59.0589 10132 \Device\Harddisk0\DR0 - ok
20:10:59.0589 10132 ================ Scan VBR ==================================
20:10:59.0589 10132 [ B02DEF2CB77AF661B513F833995FF69A ] \Device\Harddisk0\DR0\Partition1
20:10:59.0589 10132 \Device\Harddisk0\DR0\Partition1 - ok
20:10:59.0619 10132 [ BB725BE8B9F2CF05135B18AD212F5EB1 ] \Device\Harddisk0\DR0\Partition2
20:10:59.0619 10132 \Device\Harddisk0\DR0\Partition2 - ok
20:10:59.0649 10132 [ F724C8FE6B2EDA99631B6C15B4F08468 ] \Device\Harddisk0\DR0\Partition3
20:10:59.0649 10132 \Device\Harddisk0\DR0\Partition3 - ok
20:10:59.0649 10132 ============================================================
20:10:59.0649 10132 Scan finished
20:10:59.0649 10132 ============================================================
20:10:59.0659 5452 Detected object count: 0
20:10:59.0659 5452 Actual detected object count: 0
________________________________________________________________________________________________________________________

ASWMBR LOG:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-04 20:11:40
-----------------------------
20:11:40.370 OS Version: Windows 6.1.7601 Service Pack 1
20:11:40.370 Number of processors: 4 586 0x2A07
20:11:40.370 ComputerName: FE1297 UserName: ChrisZ
20:11:41.369 Initialize success
20:14:53.419 AVAST engine defs: 12090401
20:15:11.718 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:15:11.718 Disk 0 Vendor: WDC_WD32 02.0 Size: 305245MB BusType: 3
20:15:11.728 Disk 0 MBR read successfully
20:15:11.738 Disk 0 MBR scan
20:15:11.738 Disk 0 unknown MBR code
20:15:11.738 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1200 MB offset 2048
20:15:11.748 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 282043 MB offset 2459648
20:15:11.788 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 22000 MB offset 580083712
20:15:11.788 Disk 0 scanning sectors +625140400
20:15:11.848 Disk 0 scanning C:\Windows\system32\drivers
20:15:19.990 Service scanning
20:15:47.723 Modules scanning
20:15:58.461 Disk 0 trace - called modules:
20:15:58.481 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
20:15:58.491 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88959030]
20:15:58.491 3 CLASSPNP.SYS[8ce0459e] -> nt!IofCallDriver -> [0x86658cb8]
20:15:58.491 5 ACPI.sys[8c6af3d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8662d028]
20:15:59.491 AVAST engine scan C:\Windows
20:16:02.231 AVAST engine scan C:\Windows\system32
20:18:04.234 AVAST engine scan C:\Windows\system32\drivers
20:18:16.245 AVAST engine scan C:\Users\ChrisZ
20:19:41.130 File: C:\Users\ChrisZ\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\39d6f8c8-7f95ca8b **INFECTED** Win32:Karagany-LG [Trj]
20:19:46.650 File: C:\Users\ChrisZ\AppData\Roaming\E78873.exe **INFECTED** Win32:Malware-gen
20:19:58.990 AVAST engine scan C:\ProgramData
20:21:15.855 Scan finished successfully
20:21:35.715 Disk 0 MBR has been saved successfully to "C:\Users\ChrisZ\Desktop\MBR.dat"
20:21:35.725 The log file has been saved successfully to "C:\Users\ChrisZ\Desktop\aswMBR.txt"

_______________________________________________________________________________________________________________________________________

ESET LOG:

It said it found 4 infections and that it cleaned the four infections, but it did give me an option to list the infections so I could copy and post.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:05 AM

Posted 04 September 2012 - 08:31 PM

Reboot to normal mode

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 Chris1348

Chris1348
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 AM

Posted 04 September 2012 - 10:54 PM

Mini Toolbox Log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by ChrisZ (administrator) on 04-09-2012 at 23:49:12
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82579LM Gigabit Network Connection = Local Area Connection (Connected)
Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
Cisco Systems VPN Adapter = Local Area Connection 2 (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Bluetooth Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set subinterface interface=?) subinterface=ethernet_12 mtu=1477
set subinterface interface=?) subinterface=ethernet_18 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : FE1297
Primary Dns Suffix . . . . . . . : flanderselectric.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : flanderselectric.com
gateway.2wire.net

Ethernet adapter Bluetooth Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2
Physical Address. . . . . . . . . : 40-2C-F4-B8-CE-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : 10-0B-A9-E6-79-70
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f80a:2598:4318:2710%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.70(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, September 04, 2012 11:33:49 PM
Lease Expires . . . . . . . . . . : Wednesday, September 05, 2012 11:33:49 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 312510644
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A6-5C-A6-F0-DE-F1-6C-70-F9
DNS Servers . . . . . . . . . . . : 8.26.56.26
156.154.70.22
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : F0-DE-F1-DA-DF-D3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7c03:ff90:d515:ab99%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.76(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, September 04, 2012 11:33:41 PM
Lease Expires . . . . . . . . . . : Wednesday, September 05, 2012 11:33:41 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 250666737
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A6-5C-A6-F0-DE-F1-6C-70-F9
DNS Servers . . . . . . . . . . . : 8.26.56.26
156.154.70.22
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ns1.recursive.dns.com
Address: 8.26.56.26

Name: google.com.flanderselectric.com
Addresses: fe80:1::225:90ff:fe19:4b12
92.242.144.50


Pinging google.com [173.194.34.136] with 32 bytes of data:
Reply from 173.194.34.136: bytes=32 time=124ms TTL=48
Reply from 173.194.34.136: bytes=32 time=123ms TTL=48

Ping statistics for 173.194.34.136:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 123ms, Maximum = 124ms, Average = 123ms
Server: ns1.recursive.dns.com
Address: 8.26.56.26

Name: yahoo.com.flanderselectric.com
Addresses: fe80:1::225:90ff:fe19:4b12
92.242.144.50


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=110ms TTL=49
Reply from 72.30.38.140: bytes=32 time=211ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 110ms, Maximum = 211ms, Average = 160ms
Server: ns1.recursive.dns.com
Address: 8.26.56.26

Name: bleepingcomputer.com.flanderselectric.com
Addresses: fe80:1::225:90ff:fe19:4b12
92.242.144.50


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
22...40 2c f4 b8 ce 80 ......Bluetooth Device (Personal Area Network) #2
11...10 0b a9 e6 79 70 ......Intel® Centrino® Advanced-N 6205
10...f0 de f1 da df d3 ......Intel® 82579LM Gigabit Network Connection
1...........................Software Loopback Interface 1
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
23...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.76 20
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.70 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.76 276
192.168.1.0 255.255.255.0 On-link 192.168.1.70 281
192.168.1.70 255.255.255.255 On-link 192.168.1.70 281
192.168.1.76 255.255.255.255 On-link 192.168.1.76 276
192.168.1.255 255.255.255.255 On-link 192.168.1.76 276
192.168.1.255 255.255.255.255 On-link 192.168.1.70 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.76 276
224.0.0.0 240.0.0.0 On-link 192.168.1.70 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.76 276
255.255.255.255 255.255.255.255 On-link 192.168.1.70 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
11 281 fe80::/64 On-link
10 276 fe80::7c03:ff90:d515:ab99/128
On-link
11 281 fe80::f80a:2598:4318:2710/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 P:\Windows\system32\NLAapi.dll [File Not found] ()
Catalog5 02 P:\Windows\system32\napinsp.dll [File Not found] ()
Catalog5 03 P:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 04 P:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 05 P:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 06 P:\Windows\System32\winrnr.dll [File Not found] ()
Catalog5 07 P:\Windows\system32\wshbth.dll [File Not found] ()
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 02 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 03 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 04 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 05 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 06 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 07 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 08 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 09 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 10 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 11 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 12 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 13 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 14 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 15 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 16 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 17 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 18 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 19 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 20 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 21 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 22 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 23 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 24 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 25 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 26 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 27 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 28 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 29 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 30 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 31 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 32 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 33 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 34 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 35 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 36 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 37 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 38 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 39 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 40 P:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 41 P:\Windows\system32\mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/04/2012 11:35:58 PM) (Source: AutoEnrollment) (User: )
Description: FEMSI\ChrisZ0x8007003aThe specified server cannot perform the requested operation.

Error: (09/04/2012 11:34:50 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (09/04/2012 11:34:50 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/04/2012 09:10:08 PM) (Source: AutoEnrollment) (User: )
Description: FEMSI\ChrisZ0x8007003aThe specified server cannot perform the requested operation.

Error: (09/04/2012 05:31:52 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1f6c

Start Time: 01cd8ae3f61d1979

Termination Time: 50

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (09/04/2012 02:58:11 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(b8:ff:61:11:a2:49@fe80::baff:61ff:fe11:a249._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/04/2012 02:58:11 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(b8:ff:61:11:a2:49@fe80::baff:61ff:fe11:a249._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/04/2012 02:39:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/04/2012 01:10:06 PM) (Source: AutoEnrollment) (User: )
Description: FEMSI\ChrisZ0x8007003aThe specified server cannot perform the requested operation.

Error: (09/04/2012 01:06:08 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (09/04/2012 11:39:11 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/04/2012 11:37:41 PM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (09/04/2012 11:36:17 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5

Error: (09/04/2012 11:36:17 PM) (Source: Service Control Manager) (User: )
Description: The Base Filtering Engine service terminated with the following error:
%%5

Error: (09/04/2012 11:36:14 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/04/2012 11:35:26 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/04/2012 11:35:26 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/04/2012 11:35:19 PM) (Source: Microsoft-Windows-GroupPolicy) (User: FEMSI)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (09/04/2012 11:34:34 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (09/04/2012 11:33:44 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (09/04/2012 11:35:58 PM) (Source: AutoEnrollment)(User: )
Description: FEMSI\ChrisZ0x8007003aThe specified server cannot perform the requested operation.

Error: (09/04/2012 11:34:50 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (09/04/2012 11:34:50 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000

Error: (09/04/2012 09:10:08 PM) (Source: AutoEnrollment)(User: )
Description: FEMSI\ChrisZ0x8007003aThe specified server cannot perform the requested operation.

Error: (09/04/2012 05:31:52 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164481f6c01cd8ae3f61d197950C:\Program Files\Internet Explorer\iexplore.exe

Error: (09/04/2012 02:58:11 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(b8:ff:61:11:a2:49@fe80::baff:61ff:fe11:a249._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/04/2012 02:58:11 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(b8:ff:61:11:a2:49@fe80::baff:61ff:fe11:a249._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/04/2012 02:39:05 PM) (Source: SideBySide)(User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0

Error: (09/04/2012 01:10:06 PM) (Source: AutoEnrollment)(User: )
Description: FEMSI\ChrisZ0x8007003aThe specified server cannot perform the requested operation.

Error: (09/04/2012 01:06:08 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 7.1.4)
32 Bit HP CIO Components Installer (Version: 7.1.8)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Auslogics Disk Defrag (Version: version 3.2)
Bonjour (Version: 3.0.0.10)
Burn.Now 4.5 (Version: 4.5.0)
Cisco Systems VPN Client 5.0.07.0410 (Version: 5.0.7)
COMODO Internet Security (Version: 5.10.31649.2253)
Conexant 20672 SmartAudio HD (Version: 8.32.23.2)
Configuration Manager Client (Version: 4.00.6487.2000)
Corel Burn.Now Lenovo Edition (Version: 4.5.0)
Corel DVD MovieFactory 7 (Version: 7.0.0)
Corel DVD MovieFactory Lenovo Edition (Version: 7.0.0)
Corel WinDVD (Version: 10.0.5.787)
Create Recovery Media (Version: 1.20.0.00)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Direct DiscRecorder (Version: 1.00.0000)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (Version: 1.00)
ESET Online Scanner v3
GeekBuddy (Version: 4.1.32)
HP FWUpdateEDO3 (Version: 1.0.0.0)
HP LaserJet Professional CM1410 Series
HP LJ CM1410 MFP Series HP Scan (Version: 1.0.302.0)
HP Update (Version: 5.003.001.001)
HPLaserJetHelp_LearnCenter (Version: 1.03.0000)
HPLJUT (Version: 1.00.0012)
hppCM1410LaserJetService (Version: 001.008.00477)
hppFaxDrvCM1410 (Version: 003.000.00001)
hppFaxUtilityCM1410 (Version: 000.002.00001)
hppLaserJetService (Version: 002.015.00599)
hppSendFaxCM1410 (Version: 003.000.00001)
hppTLBXFXCM1410 (Version: 001.012.00948)
hpzTLBXFX (Version: 006.015.01163)
I.R.I.S. OCR (Version: 12.3.4.0)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (Version: 1.1.0.1147)
Integrated Camera TWAIN (Version: 1.0.11.1223)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Identity Protection Technology 1.0.74.0 (Version: 1.0.74.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Network Connections Drivers (Version: 16.8)
Intel® Processor Graphics (Version: 8.15.10.2622)
Intel® PROSet/Wireless WiFi Software (Version: 14.2.0000)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 35 (Version: 6.0.350)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo Auto Scroll Utility (Version: 1.11)
Lenovo Patch Utility (Version: 1.0.1.1)
Lenovo Patch Utility (Version: 1.3.0.007)
Lenovo Screen Reading Optimizer (Version: 1.10)
Lenovo System Interface Driver (Version: 1.05)
Lenovo ThinkVantage Toolbox (Version: 6.0.5849.23)
Lenovo User Guide (Version: 1.0.0004.00)
Lenovo Warranty Information (Version: 1.0.0005.00)
Lenovo Welcome (Version: 2.02.003.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Marketsplash Shortcuts (Version: 1.0.0.9)
Mesh Runtime (Version: 15.4.5722.2)
Message Center Plus (Version: 2.0.0012.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8107.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Dynamics CRM 2011 English (United States) Language Pack (Version: 5.0.9690.2243)
Microsoft Dynamics CRM 2011 for Microsoft Office Outlook (Version: 5.0.9690.1992)
Microsoft Dynamics CRM 2011 for Microsoft Office Outlook (Version: 5.0.9690.2243)
Microsoft Forefront Endpoint Protection 2010 (Version: 2.0.657.0)
Microsoft Forefront Endpoint Protection 2010 Server Management (Version: 2.0.0657.0)
Microsoft Lync 2010 (Version: 4.0.7577.4103)
Microsoft Mouse and Keyboard Center (Version: 1.1.500.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Online Services Sign-in Assistant (Version: 7.250.4287.0)
Microsoft ReportViewer 2010 Redistributable (Version: 10.0.30319)
Microsoft Security Client (Version: 2.0.0657.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8082.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSDS Search (Version: 1.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
On Screen Display (Version: 6.60.03)
PowerTeacher Gradebook
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
RapidBoot (Version: 1.12)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00)
RICOH Media Driver v2.10.18.02 (Version: 2.10.18.02)
System Update (Version: 4.03.0012)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.2900)
ThinkPad FullScreen Magnifier (Version: 2.40)
ThinkPad Power Management Driver (Version: 1.64.00.00)
ThinkPad Power Manager (Version: 3.66)
ThinkPad UltraNav Driver (Version: 15.3.34.0)
ThinkPad UltraNav Utility (Version: 2.13.0)
ThinkVantage Access Connections (Version: 5.85)
ThinkVantage Active Protection System (Version: 1.75)
ThinkVantage AutoLock (Version: 1.05)
ThinkVantage Communications Utility (Version: 2.09)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Rollup 6 for Microsoft Dynamics CRM for Outlook (KB2600640) (Version: 5.0.9690.1992)
Update Rollup 8 for Microsoft Dynamics CRM for Outlook (KB2600644) (Version: 5.0.9690.2243)
Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (Version: 12/21/2010 11.8.84.0)
Windows Driver Package - Intel (MEI) System (10/19/2010 7.0.0.1144) (Version: 10/19/2010 7.0.0.1144)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (Version: 09/10/2010 9.2.0.1011)
Windows Driver Package - Intel System (10/04/2010 9.2.0.1015) (Version: 10/04/2010 9.2.0.1015)
Windows Driver Package - Intel USB (09/16/2010 9.2.0.1013) (Version: 09/16/2010 9.2.0.1013)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (Version: 11/11/2010 1.61.00.11)
Windows Driver Package - Synaptics (SynTP) Mouse (12/15/2010 15.2.5.2) (Version: 12/15/2010 15.2.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3493.23 MB
Available physical RAM: 1620.11 MB
Total Pagefile: 6984.75 MB
Available Pagefile: 4697.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.32 MB

========================= Partitions: =====================================

1 Drive c: (Windows7_OS) (Fixed) (Total:275.43 GB) (Free:196.16 GB) NTFS
3 Drive q: (Lenovo_Recovery) (Fixed) (Total:21.48 GB) (Free:15.24 GB) NTFS

========================= Users: ========================================

User accounts for \\FE1297

Admin Administrator Guest
LocalAdmin


**** End of log ****

______________________________________________________________________________________________________________________________

FSS Log:

Farbar Service Scanner Version: 06-08-2012
Ran by ChrisZ (administrator) on 04-09-2012 at 23:52:35
Running from "C:\Users\ChrisZ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKSM8N3G"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> P:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

_____________________________________________________________________________________________________________________________________

Tried to download Adware cleaner, however, Internet Explorer 9 keeps blocking the download.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:05 AM

Posted 04 September 2012 - 11:12 PM

Malwarebytes log?

Tried to download Adware cleaner, however, Internet Explorer 9 keeps blocking the download.


Use a different browser


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#8 Chris1348

Chris1348
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 AM

Posted 05 September 2012 - 12:49 PM

FSS Log

Farbar Service Scanner Version: 06-08-2012
Ran by ChrisZ (administrator) on 05-09-2012 at 08:19:31
Running from "C:\Users\ChrisZ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKSM8N3G"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> P:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

________________________________________________________________________________________________________________________________________

R-Kill Log

Rkill 2.3.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/05/2012 01:47:49 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Users\ChrisZ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKSM8N3G\FSS (1).exe (PID: 5800) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* BITS [Missing Service]
* iphlpsvc [Missing Service]
* WinDefend [Missing Service]

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/05/2012 01:47:59 PM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:05 AM

Posted 05 September 2012 - 12:51 PM

Adware cleaner log?

#10 Chris1348

Chris1348
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 AM

Posted 05 September 2012 - 01:14 PM

I installed a new browser, Firefox to download Adware Cleaner. But after it downloads and I press "search" to start the Adware Cleaner, it goes about half way, stops and post an "Autolt Error" saying "Error: Sbscript used with Non-Array variable"

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:05 AM

Posted 05 September 2012 - 01:22 PM

Click on startmenu and type

cmd

Right click on it,run as administrator and run this command

sfc /scanfile=c:\windows\system32\MpSvc.dll

After scan finishes

Download

defender
BITS

Launch them,click YES


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 Chris1348

Chris1348
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 AM

Posted 05 September 2012 - 02:02 PM

Thank you for your help!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:05 AM

Posted 05 September 2012 - 02:04 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users